Manualshelf

Software Distributor Administrator Guide (September 2010)

ManualsBrandsHP ManualsSoftwareHP-UX Software Distributor
301302303304305306307308309310
12.2.2 Turning On Nonprivileged Mode
SD functions in nonprivileged mode only when the run_as_superuser option is set
to false and the invoking user is not super-user.
This option applies to all SD-UX commands except swagent, swagentd, swjob, and
install-sd. When you set this option to false, any command to which it applies will run
in nonprivileged mode. For example:
Including -x run_as_superuser=false on the command line invokes
nonprivileged mode for that command only.
Including -x run_as_superuser=false in your $HOME/.swdefaults
directory invokes nonprivileged mode for any or all SD-UX commands that you
run.
Including -x run_as_superuser=false in /var/adm/sw/defaults invokes
nonprivileged mode for all SD-UX commands on the system.
See Appendix A (page 303) for complete information on using these options.
NOTE: This option is ignored (treated as true) when the invoking user is super-user.
12.2.3 How Nonprivileged Mode Changes SD-UX Behavior
When the run_as_superuser option is set to the default value of true, SD-UX
operations are performed normally, with permissions for operations either granted to
a local super-user or set by SD ACLs. (See Chapter 9: “SD-UX Security (page 187) for
details on ACLs.)
When run_as_superuser is set to false and the invoking user is local and is not
super-user, nonprivileged mode is invoked:
Permissions for operations are based on the users file system permissions.
SD ACLs are ignored.
Files created by SD have the uid and gid of the invoking user, and the mode of
created files is set according to the invoking users umask.
12.3 Default Configuration
The default configuration of nonprivileged mode is to have a central location for
user-installed software catalogs.
When the run_as_superuser option is false and the admin_directory option is
not set, SD-UX logfiles and installed software catalogs are stored in user-specific
directories at /var/home/USER_NAME/sw (where USER_NAME is replaced by the
invoking user name).
Putting logfiles and installed software catalog in a central location avoids problems
when users install software on the system outside of their home directories and user
home directories are NFS mounted across many systems.
12.3 Default Configuration 301