Software Distributor (SD-UX) Administration Guide HP-UX 11i v1, 11i v2, and 11i v3 (762797-001, March 2014)
Table Of Contents
- Software Distributor Administration Guide
- Contents
- HP secure development lifecycle
- About This Document
- 1 Introduction to Software Distributor
- SD-UX Overview
- SD-UX Concepts
- Using the GUI and TUI Commands
- The Terminal User Interface
- Starting the GUI/TUI Commands
- Window Components
- Opening and closing items in the object list
- Marking Items in the Object List
- Preselecting Host Files
- Software Selection Window
- Session and File Management—The File Menu
- Changing Software Views—The View Menu
- Changing Options and Refreshing the Object List—The Options Menu
- Performing Actions—The Actions Menu
- Getting Help—The Help Menu
- XToolkit Options and Changing Display Fonts
- Working from the Command Line
- 2 Installing Software
- Installation with swinstall
- Features and Limitations
- Installing with the GUI
- Installing from the Command Line
- Installation Tasks and Examples
- Updating to HP-UX 11i
- Installing Patches
- Recovering Updated Files
- Installing Software That Requires a System Reboot
- Using Software Codewords and Customer IDs
- Re-installing Software Distributor
- Installing Multiple Versions
- Installing to an Alternate Root
- Compatibility Filtering and Checking
- Software Selection Checking
- Configuring Your Installation (swconfig)
- Verifying Your Installation (swverify)
- Installation with swinstall
- 3 Managing Installed Software
- 4 Managing Software Depots
- Depot Management Commands and Concepts
- Copying Software Depots
- Registering and Unregistering Depots (swreg)
- Verifying Signed Software Signatures
- Additional Depot Management Tasks and Examples
- Combining Patch Depots
- Creating a Tape Depot for Distribution
- Setting Depot Attributes
- Creating a Network Depot
- Managing Multiple Versions of HP-UX
- Listing Registered Depots
- Listing the Contents of a Depot (swlist -d)
- Source Depot Auditing
- Verifying a Depot (swverify -d)
- Removing Software from Depots
- Removing a Depot
- 5 HP-UX Patching and Patch Management
- 6 Using Jobs and the Job Browser
- 7 Remote Operations Overview
- 8 Reliability and Performance
- 9 SD-UX Security
- 10 Creating Software Packages
- Overview of the Packaging Process
- Identifying the Products to Package
- Adding Control Scripts
- Creating a Product Specification File (PSF)
- Product Specification File Examples
- PSF Syntax
- PSF Object Syntax
- Selecting the PSF Layout Version
- PSF Value Types
- Product Specification File Semantics
- Re-Specifying Files
- Packaging the Software (swpackage)
- Packaging Tasks and Examples
- Registering Depots Created by swpackage
- Creating and Mastering a CD-ROM Depot
- Compressing Files to Increase Performance
- Packaging Security
- Repackaging or Modifying a Software Package
- Packaging In Place
- Following Symbolic Links in the Source
- Generating File Revisions
- Depots on Remote File Systems
- Verifying the Software Package
- Packaging Patch Software
- Writing to Multiple Tapes
- Making Tapes from an Existing Depot
- 11 Using Control Scripts
- Introduction to Control Scripts
- General Script Guidelines
- Packaging Control Scripts
- Using Environment Variables
- Execution of Control Scripts
- Execution of Other Commands by Control Scripts
- Control Script Input and Output
- File Management by Control Scripts
- Testing Control Scripts
- Requesting User Responses (swask)
- Request Script Tasks and Examples
- 12 Nonprivileged SD
- A Command Options
- B Troubleshooting
- Error Logging
- Common Problems
- Cannot Contact Target Host’s Daemon or Agent
- GUI Won’t Start or Missing Support Files
- Access To An Object Is Denied
- Slow Network Performance
- Connection Timeouts and Other WAN Problems
- Disk Space Analysis Is Incorrect
- Packager Fails
- Command Logfile Grows Too Large
- Daemon Logfile Is Too Long
- Cannot Read a Tape Depot
- Installation Fails
- swinstall or swremove Fails With a Lock Error
- Use of Square Brackets ([ and ]) Around an IPv6 Address Causes an Error
- Some SD commands do not work after network configuration changes
- C Replacing or Updating SD-UX
- D Software Distributor Files and File System Structure
- Glossary
- Index
12 Nonprivileged SD
This chapter provides general guidelines on how to set up Software Distributor to run in
nonprivileged mode.
Table 53 Chapter Topics
Topics:
“Overview” (page 224)
“Setting Up Nonprivileged Mode” (page 225)
“Default Configuration” (page 226)
“Alternative Configuration” (page 226)
Overview
The nonprivileged mode of SD-UX lets users access application software based on their file system
permissions rather than super-user privilege implemented by SD-UX ACLs. Nonprivileged mode is
honored by almost all SD commands. You can use nonprivileged mode for all aspects of developing,
distributing, and managing applications.
Who Can Benefit?
Nonprivileged SD-UX is primarily intended for administrators of large data centers who must
manage in-house applications without using super-user privilege. You might not benefit from this
feature if you are a casual user wanting to manage your own applications—unless you are
experienced enough at packaging software to take advantage of nonprivileged mode.
How Does It Work?
In nonprivileged mode, most SD-UX operations are done according to the invoking user’s uid, gid,
and umask. In this mode, logfiles and the installed software catalog usually found in /var/adm/sw
are stored by default in user-specific admin directories at /var/home/USER_NAME/sw (in which
USER_NAME is the user’s log-in name). Location of the user’s admin directory and installed software
catalog can be customized using default options.
While you are using nonprivileged mode, you can also package and copy applications that won’t
be used for nonprivileged mode. However, you must use the normal mode of SD-UX (that is with
run_as_superuser set to true and permissions granted by ACLs) to install such applications.
When packaging, file system access on the install target must be considered. See “Packaging
Software for Use in Nonprivileged Mode” (page 225).
Limitations
• Remote targets are not allowed with SD-UX remote operations, except for swlist access to
remote systems and commands that can normally access remote depots. Access to such remote
systems is determined by the SD ACLs on the remote system.
• Nonprivileged mode cannot be used to manage HP-UX operating system software or patches
to it.
• A swinstall or swcopy in nonprivileged mode cannot read a source depot on a local
writable file system that was created with super-user privileges (that is, created by a super-user,
or created by a non super-user when the run_as_superuser option is set to true and using
ACL permissions). This limitation does not apply to tape or CD-ROM source depots.
• swinstall and swcopy in nonprivileged mode can read any remote source depot as
allowed by ACLs, can read local source depots created by the invoking user in nonprivileged
224 Nonprivileged SD