Safeguard Reference Manual (G06.24+, H06.03+ )
OBJECTTYPE Security Commands
Safeguard Reference Manual—520618-013
12-8
ADD OBJECTTYPE Command
For a description of the audit-specs, see the SET OBJECTTYPE Command on
page 12-20. Omitting audit-spec specifies NONE.
AUDIT-MANAGE-PASS [audit-spec]
changes the audit-spec for successful attempts to manage this authorization
record. The form of audit-spec is:
{ ALL | LOCAL | REMOTE | NONE }
For a description of the audit-specs, see the SET OBJECTTYPE Command on
page 12-20. Omitting audit-spec specifies NONE.
AUDIT-MANAGE-FAIL [audit-spec]
changes the audit-spec for unsuccessful attempts to manage this authorization
record. The form of audit-spec is:
{ ALL | LOCAL | REMOTE | NONE }
For a description of the audit-specs, see the SET OBJECTTYPE Command on
page 12-20. Omitting audit-spec specifies NONE.
For a complete description of the objecttype-attributes, see the SET
OBJECTTYPE Command on page 12-20.
Considerations
•
Additional owners can modify the authorization record.
In addition to the primary owner, the primary owner’s group manager, and the local
super ID, any user ID that has an ACL entry granting OWNER authority can also
modify the OBJECTTYPE authorization record.
•
Attributes in an ADD command affect only the record added.
Any attribute specifications in an ADD OBJECTTYPE command affect only the
authorization record being created and do not change the current default
OBJECTTYPE attribute values. This condition is also true for a LIKE clause in an
ADD OBJECTTYPE command.
Example
You can use a LIKE objecttype-name clause to copy all attribute values for one
class of objects from another class of objects. Then you can specify in the same
command line that one or more attribute values will be different.
This sample command adds an authorization record for DEVICE that has the same
OBJECTTYPE attribute values (and ACL) as PROCESS, except for the OWNER
attribute:
=ADD OBJECTTYPE device, LIKE process, OWNER super.bob