1
/*___INFO__MARK_BEGIN__*/
2
/*************************************************************************
4
* The Contents of this file are made available subject to the terms of
5
* the Sun Industry Standards Source License Version 1.2
7
* Sun Microsystems Inc., March, 2001
10
* Sun Industry Standards Source License Version 1.2
11
* =================================================
12
* The contents of this file are subject to the Sun Industry Standards
13
* Source License Version 1.2 (the "License"); You may not use this file
14
* except in compliance with the License. You may obtain a copy of the
15
* License at http://gridengine.sunsource.net/Gridengine_SISSL_license.html
17
* Software provided under this License is provided on an "AS IS" basis,
18
* WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING,
19
* WITHOUT LIMITATION, WARRANTIES THAT THE SOFTWARE IS FREE OF DEFECTS,
20
* MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE, OR NON-INFRINGING.
21
* See the License for the specific provisions governing your rights and
22
* obligations concerning the Software.
24
* The Initial Developer of the Original Code is: Sun Microsystems, Inc.
26
* Copyright: 2001 by Sun Microsystems, Inc.
28
* All Rights Reserved.
30
************************************************************************/
31
/*___INFO__MARK_END__*/
35
** with LdapLoginModule
36
** grant principal com.sun.security.auth.UserPrincipal "controlRole"
38
** with jmxremote.password
39
** grant principal javax.management.remote.JMXPrincipal "controlRole"
42
grant codeBase "file:${com.sun.grid.jgdi.sgeRoot}/lib/jgdi.jar" {
43
permission java.net.SocketPermission "*:1024-", "accept,connect";
44
permission java.net.SocketPermission "localhost:1024-", "listen,resolve";
45
permission java.lang.RuntimePermission "loadLibrary.jgdi";
46
permission java.lang.RuntimePermission "shutdownHooks";
47
permission java.lang.RuntimePermission "setContextClassLoader";
48
permission javax.security.auth.AuthPermission "createLoginContext.jgdi";
49
permission javax.security.auth.AuthPermission "doAs";
50
permission javax.security.auth.AuthPermission "getSubject";
51
permission java.util.PropertyPermission "*", "read";
52
permission java.util.logging.LoggingPermission "control";
54
permission java.lang.FilePermission "${com.sun.grid.jgdi.sgeRoot}/${com.sun.grid.jgdi.sgeCell}/common/jmx/-", "read";
55
permission java.io.FilePermission "${com.sun.grid.jgdi.sgeRoot}/util/-", "execute";
56
permission java.io.FilePermission "${com.sun.grid.jgdi.sgeRoot}/utilbin/-", "execute";
57
permission javax.management.MBeanServerPermission "createMBeanServer";
58
permission javax.management.MBeanPermission "*", "*";
59
permission javax.management.MBeanTrustPermission "register";
60
permission java.lang.management.ManagementPermission "monitor";
61
permission java.lang.management.ManagementPermission "control";
63
permission java.lang.RuntimePermission "setIO";
64
permission java.io.FilePermission "jgdi.stdout", "write";
65
permission java.io.FilePermission "jgdi.stderr", "write";
66
permission java.io.FilePermission "jgdi0.log.lck", "delete";
67
permission java.io.FilePermission "${com.sun.grid.jgdi.sgeRoot}/${com.sun.grid.jgdi.sgeCell}/common/jmx/*", "read";
68
permission java.io.FilePermission "${com.sun.grid.jgdi.sgeRoot}/lib/-", "read";
69
permission java.lang.RuntimePermission "accessClassInPackage.sun.management.jmxremote";
70
permission java.lang.RuntimePermission "accessClassInPackage.sun.management.resources";
71
permission java.lang.RuntimePermission "accessClassInPackage.sun.management";
72
permission java.lang.RuntimePermission "accessClassInPackage.sun.rmi.server";
73
permission java.lang.RuntimePermission "accessClassInPackage.sun.management.snmp.util";
74
permission java.lang.RuntimePermission "accessClassInPackage.sun.rmi.registry";
76
permission java.util.PropertyPermission "java.rmi.server.randomIDs", "write";
78
permission javax.security.auth.AuthPermission "modifyPrincipals";
79
permission javax.security.auth.AuthPermission "createLoginContext.*";
80
permission javax.security.auth.AuthPermission "createLoginContext.JMXPluggableAuthenticator";
81
permission java.security.SecurityPermission "createAccessControlContext";
83
permission javax.management.remote.SubjectDelegationPermission "javax.management.remote.JMXPrincipal.controlRole";
86
grant principal javax.management.remote.JMXPrincipal "controlRole" {
87
permission javax.management.MBeanPermission "com.sun.grid.jgdi.management.mbeans.JGDIJMX#*", "*";
88
permission javax.management.MBeanPermission "sun.management.*#*", "*";
89
permission javax.security.auth.AuthPermission "createLoginContext.jgdi";
90
permission javax.security.auth.AuthPermission "doAs";
91
permission javax.security.auth.AuthPermission "getSubject";
92
permission java.util.PropertyPermission "*", "read";
93
permission java.util.PropertyPermission "user.timezone", "read,write";
94
permission java.util.logging.LoggingPermission "control";
95
permission java.io.FilePermission "${com.sun.grid.jgdi.sgeRoot}/lib/-", "read";
96
permission java.lang.management.ManagementPermission "monitor";
97
permission java.net.SocketPermission "*", "resolve";
99
permission javax.management.MBeanPermission "com.sun.management.UnixOperatingSystem#-[java.lang:type=OperatingSystem]", "isInstanceOf";
100
permission javax.management.MBeanPermission "com.sun.management.UnixOperatingSystem#-[java.lang:type=OperatingSystem]", "getAttribute";
101
permission javax.management.MBeanPermission "com.sun.management.UnixOperatingSystem#ProcessCpuTime[java.lang:type=OperatingSystem]", "getAttribute";
102
permission javax.management.MBeanPermission "com.sun.management.UnixOperatingSystem#Name[java.lang:type=OperatingSystem]", "getAttribute";
103
permission javax.management.MBeanPermission "com.sun.management.UnixOperatingSystem#Version[java.lang:type=OperatingSystem]", "getAttribute";
104
permission javax.management.MBeanPermission "com.sun.management.UnixOperatingSystem#Arch[java.lang:type=OperatingSystem]", "getAttribute";
105
permission javax.management.MBeanPermission "com.sun.management.UnixOperatingSystem#AvailableProcessors[java.lang:type=OperatingSystem]", "getAttribute";
106
permission javax.management.MBeanPermission "com.sun.management.UnixOperatingSystem#CommittedVirtualMemorySize[java.lang:type=OperatingSystem]", "getAttribute";
107
permission javax.management.MBeanPermission "com.sun.management.UnixOperatingSystem#TotalPhysicalMemorySize[java.lang:type=OperatingSystem]", "getAttribute";
108
permission javax.management.MBeanPermission "com.sun.management.UnixOperatingSystem#FreePhysicalMemorySize[java.lang:type=OperatingSystem]", "getAttribute";
109
permission javax.management.MBeanPermission "com.sun.management.UnixOperatingSystem#TotalSwapSpaceSize[java.lang:type=OperatingSystem]", "getAttribute";
110
permission javax.management.MBeanPermission "com.sun.management.UnixOperatingSystem#FreeSwapSpaceSize[java.lang:type=OperatingSystem]", "getAttribute";
111
permission javax.management.MBeanPermission "javax.management.MBeanServerDelegate#-[JMImplementation:type=MBeanServerDelegate]", "addNotificationListener";
112
permission javax.management.MBeanPermission "javax.management.MBeanServerDelegate#-[JMImplementation:type=MBeanServerDelegate]", "isInstanceOf";
113
permission javax.management.MBeanPermission "javax.management.MBeanServerDelegate#-[JMImplementation:type=MBeanServerDelegate]", "getMBeanInfo";
114
permission javax.management.MBeanPermission "com.sun.management.UnixOperatingSystem#-[java.lang:type=OperatingSystem]", "queryNames";
115
permission javax.management.MBeanPermission "java.util.logging.Logging#-[java.util.logging:type=Logging]", "queryNames";
116
permission javax.management.MBeanPermission "javax.management.MBeanServerDelegate#-[JMImplementation:type=MBeanServerDelegate]", "queryNames";
117
permission javax.management.MBeanPermission "java.util.logging.Logging#-[java.util.logging:type=Logging]", "isInstanceOf";
118
permission javax.management.MBeanPermission "java.util.logging.Logging#-[java.util.logging:type=Logging]", "getMBeanInfo";
119
permission javax.management.MBeanPermission "com.sun.management.UnixOperatingSystem#-[java.lang:type=OperatingSystem]", "getMBeanInfo";
124
permission java.util.logging.LoggingPermission "control";
125
permission java.util.PropertyPermission "*", "read";
126
permission java.util.PropertyPermission "user.timezone", "write";
127
permission java.lang.RuntimePermission "setIO";
128
permission java.lang.RuntimePermission "loadLibrary.jgdi";
129
permission java.io.FilePermission "jgdi.stdout", "write";
130
permission java.io.FilePermission "jgdi.stderr", "write";
131
permission java.io.FilePermission "${com.sun.grid.jgdi.sgeRoot}/lib/-", "read";
132
permission java.io.FilePermission "${com.sun.grid.jgdi.sgeRoot}/util/arch", "execute";
133
permission java.io.FilePermission "${com.sun.grid.jgdi.sgeRoot}/utilbin/-", "execute";
134
permission javax.security.auth.AuthPermission "modifyPrincipals";
135
permission java.io.FilePermission "${com.sun.grid.jgdi.caTop}", "read";
136
permission java.io.FilePermission "${com.sun.grid.jgdi.caTop}/cacert.pem", "read";
137
permission java.io.FilePermission "${com.sun.grid.jgdi.caTop}/ca-crl.pem", "read";
138
permission java.io.FilePermission "${com.sun.grid.jgdi.caTop}/usercerts/-", "read";
139
permission java.io.FilePermission "${com.sun.grid.jgdi.serverKeystore}", "read";
144
permission java.security.AllPermission;