Jump to content United States-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP
More options
HP.com home
Software Distributor Administration Guide: HP-UX 11i v1, 11i v2, and 11i v3 > Chapter 12 Nonprivileged SD

Overview

» 

Technical documentation

Complete book in PDF
» Feedback
Content starts here

 » Table of Contents

 » Glossary

 » Index

The nonprivileged mode of SD-UX lets users access application software based on their file system permissions rather than super-user privilege implemented by SD-UX ACLs. Nonprivileged mode is honored by almost all SD commands. You can use nonprivileged mode for all aspects of developing, distributing, and managing applications.

Who Can Benefit?

Nonprivileged SD-UX is primarily intended for administrators of large data centers who must manage in-house applications without using super-user privilege. You might not benefit from this feature if you are a casual user wanting to manage your own applications—unless you are experienced enough at packaging software to take advantage of nonprivileged mode.

How Does It Work?

In nonprivileged mode, most SD-UX operations are done according to the invoking user’s uid, gid, and umask. In this mode, logfiles and the installed software catalog usually found in /var/adm/sw are stored by default in user-specific admin directories at /var/home/USER_NAME/sw (in which USER_NAME is the user’s log-in name). Location of the user’s admin directory and installed software catalog can be customized using default options.

While you are using nonprivileged mode, you can also package and copy applications that won’t be used for nonprivileged mode. However, you must use the normal mode of SD-UX (that is with run_as_superuser set to true and permissions granted by ACLs) to install such applications.

When packaging, file system access on the install target must be considered. See “Packaging Software for Use in Nonprivileged Mode”.

Limitations

  • Remote targets are not allowed with SD-UX remote operations, except for swlist access to remote systems and commands that can normally access remote depots. Access to such remote systems is determined by the SD ACLs on the remote system.

  • Nonprivileged mode cannot be used to manage HP-UX operating system software or patches to it.

  • A swinstall or swcopy in nonprivileged mode cannot read a source depot on a local writable file system that was created with super-user privileges (that is, created by a super-user, or created by a non super-user when the run_as_superuser option is set to true and using ACL permissions). This limitation does not apply to tape or CD-ROM source depots.

  • swinstall and swcopy in nonprivileged mode can read any remote source depot as allowed by ACLs, can read local source depots created by the invoking user in nonprivileged mode, and (depending on the umask of other users) can read local source depots created by other users in nonprivileged mode.

Printable version
Privacy statement Using this site means you accept its terms Feedback to webmaster
© 1997, 2000-2003, 2006, 2007, 2008 Hewlett-Packard Development Company, L.P.