Safeguard Reference Manual (G06.24+, H06.03+ )

ManualsBrandsHP ManualsServerHP Integrity NonStop H-Series

241

242

243

244

245

246

247

248

249

250

Disk-File Security Commands

Safeguard Reference Manual—520618-013

8-19

ADD DISKFILE-PATTERN Command

ON enables warning mode for the specified diskfile pattern. The initial value is

OFF, which disables warning mode for the specified diskfile pattern.

Considerations

•

Attributes in an ADD command affect only the record added.

Any attribute specifications in an ADD DISKFILE command affect only the

authorization record being created and do not change the current default disk-file

attribute values. This condition is also true for a LIKE clause in an ADD DISKFILE

command.

•

Disk-file security can be managed from a remote node.

An authorization record for a disk file can be added by only the local owner of the

file, the owner’s group manager, or the super ID. However, if a disk-file

authorization record is added that specifies a network user ID for the OWNER

attribute, the authorization record can be altered, frozen, thawed, and deleted by

that network user from a remote or local node.

•

Relationship between ADD DISKFILE and the FUP GIVE, SECURE, LICENSE,

and REVOKE commands

After you create an authorization record for a disk file, the FUP GIVE, SECURE,

LICENSE, and REVOKE commands no longer work for the disk file. You must use

the ALTER DISKFILE command to perform the equivalent operations. (For a list of

equivalent FUP and SAFECOM commands, see the Considerations for ALTER

DISKFILE Command on page 8-20.)

However, the super ID can use the FUP SECURE, LICENSE, and REVOKE

commands on a disk file that has a Safeguard protection record. Even though this

usage is allowed, restrict it to emergency situations. It can result in access

mediation problems and inconsistencies in Safeguard protection records.

•

Using LIKE disk-file-name

You can use the LIKE disk-file-name clause to define all the disk-file attribute

values for a disk file, and then change one or more of the attribute values by

specifying new values after the LIKE keyword. For example, this command adds

an authorization record for MEMO1 that has the same disk-file attribute values as

MEMO2 except for the OWNER attribute:

=ADD DISKFILE memo1, LIKE memo2, OWNER sales.kidd

Using the LIKE clause with an ADD DISKFILE command does not change any of

the current default disk-file attribute values.

•

Securing partitioned files

To secure a partitioned disk file completely, add a separate disk-file authorization

record for each partition. Adding an authorization record for only the primary

partition protects the partitioned file from any accesses made by opening the