Safeguard Reference Manual (G06.24+, H06.03+ )

ManualsBrandsHP ManualsServerHP Integrity NonStop H-Series

241

242

243

244

245

246

247

248

249

250

Disk-File Security Commands

Safeguard Reference Manual—520618-013

8-14

ADD DISKFILE-PATTERN Command

Examples

1. The owner of the disk file $DATA.KEEP.INFO uses these commands to add a

Safeguard authorization record for the file and give ownership of the file to a

member of group 86:

=SET DISKFILE ACCESS 86,2 (r,w,e,p); 86,* (r,e)

=SET DISKFILE CLEARONPURGE ON, AUDIT-ACCESS-PASS all,&

=AUDIT-MANAGE-PASS all

=ADD DISKFILE $data.keep.info, OWNER 86,2

The first SET command establishes an ACL that grants all four access privileges

(RWEP) to user ID 86,2 and allows every member of the PRS group to read and

execute the file. Next, the CLEARONPURGE attribute is set to ON, and the

Safeguard software is instructed to audit all successful attempts to access this file

or its authorization record. Finally, the ADD command adds a Safeguard record

and sets the OWNER attribute to user ID 86,2.

ADD DISKFILE-PATTERN Command

ADD DISKFILE-PATTERN creates a Safeguard authorization record for one or more

disk files. After a diskfile-pattern authorization record is created, all attempts to access

the disk files described by that pattern are subject to a Safeguard authorization check

and optionally to Safeguard auditing.

You can use SET DISKFILE-PATTERN to establish default disk-file attribute values

and then use ADD DISKFILE-PATTERN simply to name the disk files to which the

default attributes are to be applied. You can also specify values for the disk-file

attributes in your ADD DISKFILE-PATTERN command. The current default values are

used for any attributes not specified in your ADD DISKFILE-PATTERN command.

pattern-spec-list

shall be the same as the corresponding non-pattern object types. That is, a

PATTERN-SPEC-LIST is a comma separated list of one or more PATTERN-SPEC

attributes. ( pattern-spec [ , pattern-spec ] . . . )

LIKE pattern-spec

adopts the existing attribute values of pattern-spec as the pattern-

attribute values to be used for the authorization record or records being added.

pattern-spec

are the characters that define the pattern that describe a set of objects. The

PATTERN-SPEC for a diskfile pattern shall be a fully qualified diskfile name

ADD DISKFILE-PATTERN pattern-spec-list [ , ]

[ LIKE pattern-spec | pattern-attribute ]

[ , pattern-attribute ] ...