Jump to content United States-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP
More options
HP.com home
 SmartSetup Scripting Toolkit Deployment Guide: HP Integrity Servers with Linux > Chapter 4 Setting Up the Toolkit Environment

Setting Repository Access Permissions
» 

Technical documentation

Complete book in PDF
» Feedback
Content starts here

 » Table of Contents

spacerspacerspacer
spacer
spacer
  		 
 

There is no reason to allow write permission to the entire SSTK repository. If you restrict the directories to which users have write access, you increase security. Also, you guarantee the integrity of the files which should remain read-only permission. SSTK allows this secure configuration through two NFS mounts: one for the repository root and other for the data_files directory. It is up to the system administrator to configure the NFS repository as to support your environment.

The following is the recommended visibility of the SSTK repository over NFS:

DirectoryPermissions
SSTKLnx3.1R
|-- boot_filesR
|-- data_filesRW
|-- osR
|-- scriptsR
|-- softwareR
`-- utilitiesR

NOTE: In the following examples, the “*” means that “any host” is allowed to mount this shared directory. The security can be improved even more by specifying only the target hosts rather than “any host”.

An example of secure permissions set for an NFS repository is as follows:

/etc/exports:

      /repository/SSTKLnx3.1 *(no_root_squash,async)
      /repository/SSTKLnx3.1/data_files *(rw,no_root_squash,async)

An example of simple (insecure) permissions set for NFS repository is as follows:

/etc/exports:
      /repository/SSTKLnx3.1 *(rw, no_root_squash,async)


Editing the linux-setup.sh Script
  		 


Chapter 5 Setting Up the Boot Mechanism  
Printable version
Privacy statement Using this site means you accept its terms Feedback to webmaster
© 2007–2008 Hewlett-Packard Development Company, L.P.