Manualshelf

Owner's manual

ManualsBrandsHP ManualsComputer HardwareIntegrity NonStop J-Series
51525354555657585960
Safeguard User’s Guide 422089-020
4 - 1
4 Securing Subvolumes
The Safeguard subsystem allows you to secure disk subvolumes in generally the same
manner as you secure disk files. The same principles apply when you add, change, or
delete authorization records for subvolumes. You use the same basic set of
commands—ADD, ALTER, DELETE, FREEZE, INFO, RESET, SET, SHOW, and
THAW. For example, to add a subvolume to the Safeguard database, use the ADD
SUBVOLUME command.
You can also use the same security attributes to specify auditing for subvolumes.
Additionally, you can freeze and thaw an access control list for a subvolume.
Any user can add a subvolume authorization record. However, to manage the record,
the user must be the owner of the record, or the owner’s group manager, or have a
super ID. The authority to add and manage subvolumes can be restricted with the
appropriate OBJECTTYPE authorization, as described in the Safeguard
Administrator's Manual.
The security attributes and access authorities for subvolumes are the same as those
for disk files. You can also use LIKE, DENY, and the minus sign (-) to control attributes
of subvolumes in the same manner you use them with disk files.
As with disk files, you can transfer ownership of a subvolume by changing the OWNER
attribute. You can also designate additional owners by specifying OWNER authority in
an access control list. Both forms of ownership allow you to modify the authorization
record for the subvolume.
You can also use diskfile patterns to secure subvolumes. For more information, see
Section 9, Working with Patterns.
General Procedure for Protecting a Subvolume
As with other objects, the general procedure for protecting a subvolume with the
Safeguard software is:
1. Establish default attributes using the SET SUBVOLUME or RESET SUBVOLUME
commands.
2. Verify the default settings with the SHOW SUBVOLUME command.
3. Add the subvolume to the Safeguard database with the ADD SUBVOLUME
command. Doing this creates an authorization record for the subvolume.
4. Verify the attributes in the authorization record with the INFO SUBVOLUME
command.
5. Make any necessary changes to the authorization record with the AL
TER
SUBVOLUME command.