Safeguard Reference Manual (G06.24+, H06.03+ )

ManualsBrandsHP ManualsServerHP Integrity NonStop H-Series

231

232

233

234

235

236

237

238

239

240

Disk-File Security Commands

Safeguard Reference Manual—520618-013

8-4

Disk-File Security Command Summary

An open request that passes the Safeguard authorization check can nevertheless fail.

For example, if a process attempts to open a file that is already open with exclusive

access, the open attempt fails with file error 12 (file in use). (For more information, see

the Guardian Procedure Calls Reference Manual.)

Disk-File Security Command Summary

Table 8-2 gives a brief description of the disk-file security commands. The remainder of

this section describes these commands in detail.

Note. If a persistent protection record exists for the new file name, the renamed file assumes

that persistent ACL. If the current file has a Safeguard ACL and the new file name does not

have a persistent protection record, the renamed file assumes the ACL of the current file.

However, if the PERSISTENT flag is ON in the current file’s protection record, that ACL is not

transferred to the renamed file.

Table 8-2. Disk-File Security Command Summary (page 1 of 2)

Command Description

ADD DISKFILE Adds a disk-file authorization record with the specified attributes.

Current default disk-file attribute values are used for any attributes

not specified in the ADD DISKFILE command.

ADD DISKFILE-

PATTERN

Adds a diskfile pattern for files in specified location. Current default

diskfile-pattern attribute values are used for any attributes not

specified in the ADD DISKFILE command.

ALTER DISKFILE Changes one or more attribute values in an authorization record. For

all disk-file attributes except ACCESS, ALTER DISKFILE replaces

the current attribute value with the specified value. For the ACCESS

attribute, ALTER DISKFILE changes the existing ACL to incorporate

access-spec.

ALTER DISKFILE-

PATTERN

Changes one or more of the security attributes in the diskfile-pattern

authorization record.

DELETE DISKFILE Deletes a disk-file authorization record. After deletion, all accesses to

the file are subject to standard Guardian security checking. The

original security is restored for the deleted file.

DELETE DISKFILE-

PATTERN

Removes a diskfile pattern from the Safeguard database by deleting

the disk-file authorization record.

FREEZE DISKFILE Temporarily suspends access to a disk file. (Only the file owner, the

owner’s group manager, and the super ID can access a frozen disk

file.)

FREEZE DISKFILE-

PATTERN

Suspends access authority to a diskfile pattern. No one except an

owner, the primary owner's group manager, and the super ID can

gain access to the frozen pattern.

INFO DISKFILE Displays current values for the specified disk file.

INFO DISKFILE-

PATTERN

Displays current values for the specified diskfile pattern.