Software Distributor (SD-UX) Administration Guide HP-UX 11i v1, 11i v2, and 11i v3 (762797-001, March 2014)
Table Of Contents
- Software Distributor Administration Guide
- Contents
- HP secure development lifecycle
- About This Document
- 1 Introduction to Software Distributor
- SD-UX Overview
- SD-UX Concepts
- Using the GUI and TUI Commands
- The Terminal User Interface
- Starting the GUI/TUI Commands
- Window Components
- Opening and closing items in the object list
- Marking Items in the Object List
- Preselecting Host Files
- Software Selection Window
- Session and File Management—The File Menu
- Changing Software Views—The View Menu
- Changing Options and Refreshing the Object List—The Options Menu
- Performing Actions—The Actions Menu
- Getting Help—The Help Menu
- XToolkit Options and Changing Display Fonts
- Working from the Command Line
- 2 Installing Software
- Installation with swinstall
- Features and Limitations
- Installing with the GUI
- Installing from the Command Line
- Installation Tasks and Examples
- Updating to HP-UX 11i
- Installing Patches
- Recovering Updated Files
- Installing Software That Requires a System Reboot
- Using Software Codewords and Customer IDs
- Re-installing Software Distributor
- Installing Multiple Versions
- Installing to an Alternate Root
- Compatibility Filtering and Checking
- Software Selection Checking
- Configuring Your Installation (swconfig)
- Verifying Your Installation (swverify)
- Installation with swinstall
- 3 Managing Installed Software
- 4 Managing Software Depots
- Depot Management Commands and Concepts
- Copying Software Depots
- Registering and Unregistering Depots (swreg)
- Verifying Signed Software Signatures
- Additional Depot Management Tasks and Examples
- Combining Patch Depots
- Creating a Tape Depot for Distribution
- Setting Depot Attributes
- Creating a Network Depot
- Managing Multiple Versions of HP-UX
- Listing Registered Depots
- Listing the Contents of a Depot (swlist -d)
- Source Depot Auditing
- Verifying a Depot (swverify -d)
- Removing Software from Depots
- Removing a Depot
- 5 HP-UX Patching and Patch Management
- 6 Using Jobs and the Job Browser
- 7 Remote Operations Overview
- 8 Reliability and Performance
- 9 SD-UX Security
- 10 Creating Software Packages
- Overview of the Packaging Process
- Identifying the Products to Package
- Adding Control Scripts
- Creating a Product Specification File (PSF)
- Product Specification File Examples
- PSF Syntax
- PSF Object Syntax
- Selecting the PSF Layout Version
- PSF Value Types
- Product Specification File Semantics
- Re-Specifying Files
- Packaging the Software (swpackage)
- Packaging Tasks and Examples
- Registering Depots Created by swpackage
- Creating and Mastering a CD-ROM Depot
- Compressing Files to Increase Performance
- Packaging Security
- Repackaging or Modifying a Software Package
- Packaging In Place
- Following Symbolic Links in the Source
- Generating File Revisions
- Depots on Remote File Systems
- Verifying the Software Package
- Packaging Patch Software
- Writing to Multiple Tapes
- Making Tapes from an Existing Depot
- 11 Using Control Scripts
- Introduction to Control Scripts
- General Script Guidelines
- Packaging Control Scripts
- Using Environment Variables
- Execution of Control Scripts
- Execution of Other Commands by Control Scripts
- Control Script Input and Output
- File Management by Control Scripts
- Testing Control Scripts
- Requesting User Responses (swask)
- Request Script Tasks and Examples
- 12 Nonprivileged SD
- A Command Options
- B Troubleshooting
- Error Logging
- Common Problems
- Cannot Contact Target Host’s Daemon or Agent
- GUI Won’t Start or Missing Support Files
- Access To An Object Is Denied
- Slow Network Performance
- Connection Timeouts and Other WAN Problems
- Disk Space Analysis Is Incorrect
- Packager Fails
- Command Logfile Grows Too Large
- Daemon Logfile Is Too Long
- Cannot Read a Tape Depot
- Installation Fails
- swinstall or swremove Fails With a Lock Error
- Use of Square Brackets ([ and ]) Around an IPv6 Address Causes an Error
- Some SD commands do not work after network configuration changes
- C Replacing or Updating SD-UX
- D Software Distributor Files and File System Structure
- Glossary
- Index
Xlib: connection to <display> refused by server
Xlib: Client is not authorized to connect to Server
Error: Can’t Open display.
Check that you have set the $DISPLAY environment variable correctly on the remote system to
identify your display. If it is correct, you may have to enable the remote host to make connections
to your X server via the xhost(1) command or by modifying your /etc/X*.hosts file.
If you see the error message:
swinstall: Error: cannot read file:
/usr/lib/sw/ui/smc_install_copy.ui
— or —
swremove: Error: cannot read file:
/usr/lib/sw/ui/smc_remove.ui
the system is telling you that the file /usr/lib/sw/ui/smc_install_copy.ui must be installed
on the system to run either swinstall or swcopy interactively or that the
/usr/lib/sw/ui/smc_remove.ui file must be installed to run swremove. Make sure that the
directory /usr/lib/sw/ui exists and includes the requested file. If the file does not exist, you
must reinstall the SD-CMDS fileset from your OS media.
Access To An Object Is Denied
Denial of access to SD-UX objects may have a number of causes, including:
• ACL permissions
• Inter-host secrets
• Working with image copies of depots
Resolution
Generally, when SD-UX denies access to an object, a message tells you that you do not have the
required access permission. Yet, it may be unclear which object is not accessible. For example,
when you use swcopy to copy a product from system A to a depot, SD-UX checks these ACLs:
1. If the destination depot does NOT exist, the host ACL is checked to verify that the user has
“insert” permission.
2. If the destination depot does exist, the depot ACL is checked to verify that the user has write
permission.
3. The source depot’s ACL is checked to make sure the user has read permission on the source
depot.
4. The source product’s ACL is also checked to make sure that the user and the destination system
both have read access to the product.
If any of these access permissions is absent, the whole operation is disallowed, and you must read
the error message carefully to understanding the exact cause. To see more about what type of
security or access problems exist, see the daemon log file on the target system: /var/adm/sw/
swagentd.log
The Effects of ACL Modifications
The default ACLs make it fairly easy to administer ACLs, but do not always give the desired level
of access control. When you change an ACL to restrict access, especially by removing the
any_other read permission, you may restrict access in unexpected ways. Host entries are required
for any destination systems for swcopy and swinstall operations.
See Chapter 9: “SD-UX Security ” (page 141) for a full discussion of the access tests performed or
each operation.
Do Not Modify ACL Files Without swacl
Since SD-UX stores ACLs in the file system as plain text files, you may try to edit them with a
conventional editor. This can lead to unexpected corruption of the ACL. Most cases of this corruption
simply result in a message indicating the corruption, but inserting additions to the ACL file without
256 Troubleshooting