HPE Community
Operating System - HP-UX
1833187 Members
2912 Online
110051 Solutions
New Discussion

swlist command

 
SOLVED
Go to solution
mukkala_1
Occasional Advisor

‎01-03-2008 09:31 PM

‎01-03-2008 09:31 PM

swlist command

normal user required swlist command access
0 Kudos
Reply
8 REPLIES 8
Torsten.
Acclaimed Contributor

‎01-03-2008 10:33 PM

‎01-03-2008 10:33 PM

Re: swlist command

Should work by default:

#/usr/sbin/swlist

Hope this helps!
Regards
Torsten.

__________________________________________________
There are only 10 types of people in the world -
those who understand binary, and those who don't.
__________________________________________________
No support by private messages. Please ask the forum!

If you feel this was helpful please click the KUDOS! thumb below!   
0 Kudos
Reply
Dennis Handly
Acclaimed Contributor

‎01-03-2008 10:49 PM

‎01-03-2008 10:49 PM

Re: swlist command

You can configure it so swlist can't be used. I.e. remove SUID bit.
Or use swacl(1m) to prevent it.
0 Kudos
Reply
mukkala_1
Occasional Advisor

‎01-04-2008 12:46 AM

‎01-04-2008 12:46 AM

Re: swlist command

swlist command permission info

-r-sr-xr-x 11 root bin 247800 Feb 17 2007 /usr/sbin/swlist

below error i am getting while executing swlist command user level

xx1@test1[/home/test1]$ swlist
#Initializing...
#Contacting target "test1"....
WARNING: Security access denied to file " //var/adm/sw/products/INDEX".
ERROR: "test1:/": you do not have permission for this operation.
The depot owner, system administrator, or alternate root owner may need to use the "swreg" or "swacl" command to give you permission. OR, to manage applications designed and packed for nonprivileged mode, see the "run_as_superuser" option in the "sd" manpage.

0 Kudos
Reply
Ivan Krastev
Honored Contributor

‎01-04-2008 01:02 AM

‎01-04-2008 01:02 AM

Solution

Re: swlist command

Use swacl to check what access perms are set:
# swacl -l root

And modify it:
# swacl -l root -M any_other:r

regards,
ivan
Reply
mukkala_1
Occasional Advisor

‎01-04-2008 01:18 AM

‎01-04-2008 01:18 AM

Re: swlist command

swac -l root output as follows

swacl -l rot
#
#swacl Installed software access control list
#
#For host: test1:/
#
#Date Fri jan 4 17:16:13 2008

# Object Ownership: User=root
Group=sys
Realm=test1
#
#default_realm=test1
object_owner:crwit
0 Kudos
Reply
mukkala_1
Occasional Advisor

‎01-04-2008 01:18 AM

‎01-04-2008 01:18 AM

Re: swlist command

swac -l root output as follows

swacl -l root
#
#swacl Installed software access control list
#
#For host: test1:/
#
#Date Fri jan 4 17:16:13 2008

# Object Ownership: User=root
Group=sys
Realm=test1
#
#default_realm=test1
object_owner:crwit
0 Kudos
Reply
mukkala_1
Occasional Advisor

‎01-04-2008 01:30 AM

‎01-04-2008 01:30 AM

Re: swlist command

is there any impact to execute this command

# swacl -l root -M any_other:r

0 Kudos
Reply
Torsten.
Acclaimed Contributor

‎01-04-2008 01:40 AM

‎01-04-2008 01:40 AM

Re: swlist command

This will give read access to any other user, that means you can do swlist with any other account.

the swacl -l root

output will show this with

any_other:-r---

in the last line.

Hope this helps!
Regards
Torsten.

__________________________________________________
There are only 10 types of people in the world -
those who understand binary, and those who don't.
__________________________________________________
No support by private messages. Please ask the forum!

If you feel this was helpful please click the KUDOS! thumb below!   
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.