beautypg.com

Specifying access with the add diskfile command – HP Integrity NonStop J-Series User Manual

Page 42

background image

Securing Disk Files

Safeguard User’s Guide — 422089-020

3 - 8

Specifying Access With the ADD DISKFILE

Command

Parentheses enclose multiple access authorities in three of the commands. You can
include more than one access specification in a single SET command, as in the last
command, by separating the specifications with a semicolon.

There are two ways to specify users—by name or by number. In the last command, the
user name admin.bill corresponds to user ID 8,4. The DENY keyword in the last
command specifically denies admin.bill a certain access, in this case R, which is READ
access. A specific denial such as this takes precedence over the access granted to
admin.bill as a group member. All other members of the admin group retain READ
access.

Next, use the SHOW command to make sure that the default access list is correct:

=SHOW DISKFILE

The display shows:

If you add files to the Safeguard database without specifying an access control list, the
files acquire the default access control list. The default access control list stays in
effect for the current SAFECOM session unless you change it.

Specifying Access With the ADD DISKFILE Command

If you specify access control list entries with the ADD DISKFILE command, those
entries plus the default entries make up the access control list for the added file.

Assume you want to use the default access control list for a file named quarter1 and
you also want to add user 4,12 with only READ access. If you have not exited
SAFECOM since the defaults were defined:

=ADD DISKFILE quarter1, ACCESS 4,12 R

TYPE OWNER WARNING-MODE

DISCFILE 2,1 OFF

OBJECT-TEXT-DESCRIPTION =

AUDIT-ACCESS-PASS = NONE AUDIT-MANAGE-PASS = NONE

AUDIT-ACCESS-FAIL = NONE AUDIT-MANAGE-FAIL = NONE

AUDIT-PRIV-LOGON = OFF

LICENSE = OFF PROGID = OFF CLEARONPURGE = OFF PERSISTENT = OFF

TRUST = OFF PRIV-LOGON = OFF

002,001 R,W,E,P

002,018 R,W,E,P

008,004 DENY R

002,* R,W

008,* R

Note. The attributes, AUDIT-PRIV-LOGON and PRIV-LOGON, are supported only on systems
running H06.11 and later H-series RVUs and G06.32 and later G-series RVUs. The OBJECT-
TEXT-DESCRIPTION attribute is supported only on systems running J06.05 and later J-series
RVUs and H06.16 and later H-series RVUs.

This manual is related to the following products:
See also other documents in the category HP Computer hardware: