swacl.1m (2012 03)
s
swacl(1M) swacl(1M)
• If remote system is 11.00, make sure SD patch PHCO_22526 or a superseding patch is installed
on remote system before running setaccess.
• If remote system is older than 11.00 or for some other reason does not have
setaccess in
place, copy
setaccess script from an 11.11 or higher system to the remote system.
2)
swinstall, swcopy, and swremove
have enhanced GUI interfaces for remote operations.
Enable the enhanced GUIs by creating the .sdkey file on the controller. Use this command:
touch /var/adm/sw/.sdkey
See sd(5), swinstall (1M), swcopy (1M), swjob(1M), swlist (1M) or swremove (1M) for more informa-
tion on interactive operations.
NOTE: You can also set up remote access by using
swacl directly on the remote machines to grant root
or non-root access to users from the controller system.
Options
If the
-D, -F,or
-M option is not specified, swacl prints the requested ACL(s) to the standard output.
The
swacl command supports the following options:
-D acl_entry Deletes an existing entry from the ACL associated with the specified object(s). For
this option, the permission field of the ACL entry is not required. You can specify
multiple -D options. See the ACL Entries heading for more information.
-f software_file
Read the list of software_selections from software_file instead of (or in addition to)
the command line.
-F acl_file Assigns the ACL contained in acl_file to the object. All existing entries are removed
and replaced by the entries in the file. Only the ACL’s entries are replaced; none of
the information contained in the comment portion (lines with the prefix #)ofan
ACL listing is modified with this option. The acl_file is usually the edited output of
a swacl list operation.
If the replacement ACL contains no syntax errors and the user has control permis-
sion on the ACL (or is the local superuser), the replacement succeeds.
-l level Defines which level of SD ACLs to view/modify.
The supported levels of depot, host, root, and product objects that can be protected
are:
depot View/modify the ACL protecting the software depot(s) identified by the
target_selections.
host View/modify the ACL protecting the host system(s) identified by the
target_selections.
root View/modify the ACL protecting the root filesystem(s) identified by the
target_selections.
product View/modify the ACL protecting the software product identified by the
software_selection. Applies only to products in depots, not installed
products in roots.
The supported levels of templates are:
global_soc_template
View/modify the template ACL used to initialize the ACL(s) of future software
depot(s) or root filesystem(s) added to the host(s) identified by the
target_selections. Additionally, swacl can create templates that you can re-
use to create new ACLs.
global_product_template
View/modify the template ACL used to initialize the product_template
ACL(s) of future software depot(s) added to the host(s) identified by the
target_selections.
product_template
View/modify the template ACL used to initialize the ACL(s) of future
product(s) added to the software depot(s) identified by the target_selections.
2 Hewlett-Packard Company − 2 − HP-UX 11i Version 3: March 2012