Accessing Files Programmer's Guide (32650-90885)
Chapter 13 167
Maintaining File Security
Access Control Definition Security (ACD)
ALTSEC FILEA.XX.DESIGN;DELPAIR(NONE:@.DESIGN)
To deny OPERATOR.SYS any access to LDEV 7, enter this:
ALTSEC 7,LDEV;DELPAIR=(R,W:OPERATOR.SYS)
Only an owner can delete an ACD associated with a file. Only the system manager can
delete an ACD associated with a device..
Migrating ACDs
Device ACDs should not be migrated, because they are tied to their system's configuration.
You can move file ACDs between MPE V/E and MPE/iX by using the STORE and RESTORE
commands, where COPYACD is the default.
These are the steps CM RESTORE takes during forward migration:
1. reads the MPE V/E store format.
2. calls a routine to convert it to MPE/iX internal format.
3. calls the file label extension write routine, which puts the ACD into effect.
These are the steps CM STORE takes during backward migration:
1. reads the ACD from the security file label extension.
2. calls a routine to convert it into MPE V/E format.
3. writes it out to the STORE tape.
Be aware that MPE/iX allows more
user-mode
pairs than MPE V/E does.
You must have authorization to use the ;COPYACD parameter of the STORE and RESTORE
commands. If you are not an owner of the file or do not have RACD permission, you get an
error. The STORE command checks the ACD on disk for permission. RESTORE checks the
ACD from the tape.
For more details, refer to the MPE/iX Commands Reference Manualand the MPE/iX
Intrinsics Reference Manual.
Logging system events
The following list shows the types of logs that you can request.
Table 13-1. SYSGEN System Logging
System Log Events Event Type
System logging enabled 100
System up record 101
Job initiation record 102
Job termination record 103
Process termination record 104