Software Distributor Administrator Guide (September 2010)

9.10.5 Installing (swinstall)

• Any list operations required to facilitate this function must be checked as described

in the swlist section above.

• The target agent verifies that the controller user has insert permission on the target

root.

• The target agent verifies that the controller user has write permission on the target

root, if the product already exists.

• The source (depot) agent verifies that the target agent system has read permission

on the source product.

9.10.6 Removal (swremove)

• If the object is a product on a depot, the target agent verifies that the controller

user has write permission on the target product.

• If the object is a product on a root, the target agent verifies that the controller user

has write permission on the target root.

• If the object is a depot or root, or the last product contained in one of these, before

removing the container the target agent must verify that the controller user has

delete permission on the target root or depot.

9.10.7 Configuration (swconfig)

• The same permission checks are made as for the swremove operation above, except

that this command does not apply to depots.

9.10.8 Verify (swverify)

• If the object is a product on a depot, the target agent verifies that the controller

user has read permission on the target product.

• If the object is a product on a root, the target agent verifies that the controller user

has write permission on the target root (since scripts are executed).

9.10.9 Registering Depots (swreg)

• To register a new depot, the target daemon verifies read permission on the depot

to be registered and insert permission on the host.

9.10.10 Changing ACLs (swacl)

• To change an ACL, write permission is required.

• To list an ACL, list permission is required.

218 SD-UX Security