The command line utility requires operating system privileges in order to operate. So as to control who can or cannot use the utility, the utility requires that the operator either have the necessary operating system privileges or that they have a popstore account which has the MANAGE flag set. (The manage flag is also required to use the web-based management interface.) Thus, a user lacking operating system privileges may use the utility to manage the popstore provided that a privileged user first creates them an account and grants that account the MANAGE flag:
popstore> ADD OPER/PASSWORD=secret/OWNER="popstore operator"/FLAG=MANAGEIn the above command, a privileged popstore account named
oper with password secret is created. The account's
privileges may then be used to manage the popstore via the LOGIN
command:
popstore> LOGIN OPER Password: secret Login succeeded; management capabilities enabled popstore>
Once logged in, the utility will allow the user to perform management
functions on any account within the same management group as the user.
If the user's account is in no management group --- that is has a zero
length group name --- then the account can manage all accounts in the
popstore. If the user's account is in no management group and
is in the default user domain, then the user may manage
all accounts in all groups and all user domains.