Safeguard Reference Manual (G06.24+, H06.03+ )

ManualsBrandsHP ManualsServerHP Integrity NonStop H-Series

521

522

523

524

525

526

527

528

529

530

Safeguard Subsystem Commands

Safeguard Reference Manual—520618-013

16-12

ALTER SAFEGUARD Command

COMBINATION-DISKFILE { FIRST-RULE | FIRST-ACL | ALL }

defines the method by which overlapping ACLs are resolved for access to

volumes, subvolumes, and disk files. COMBINATION-DISKFILE is used in

conjunction with DIRECTION-DISKFILE to resolve access conflicts. The initial

value is ALL. (For more information about the evaluation of overlapping ACLs,

see Appendix B, Disk-File Access Rules.)

FIRST-RULE

specifies that the Safeguard software is to determine access by searching

the ACLs until it finds the user ID mentioned.

FIRST-ACL

specifies that the Safeguard software is to determine access based on the

first ACL it finds.

ALL

specifies that all consulted ACLs must grant the requested access for the

ultimate success of the operation.

ACL-REQUIRED-DISKFILE { ON | OFF }

defines whether the absence of an ACL for a volume, subvolume, or disk file

causes the denial of access to that volume, subvolume, or disk file. The initial

value is OFF. (The absence of a Safeguard protection record reverts operation

to Guardian rules.)

CLEARONPURGE-DISKFILE { ON | OFF }

defines whether all disk files act as if the CLEARONPURGE file attribute had

been set. The initial value is OFF. (Disk files are purged according to their

individual CLEARONPURGE file attributes.)

AUDIT-AUTHENTICATE-PASS [ LOCAL | REMOTE | ALL | NONE ]

defines additional auditing for successful authentication attempts for users and

aliases. This setting supplements the audit settings in user or alias

authentication records. The default value is NONE. (Auditing is selected by the

individual audit settings.)

The conditions specified for this attribute also apply to the systemwide auditing

of automatic logoffs described in the Safeguard Audit Service Manual.

AUDIT-AUTHENTICATE-FAIL [ LOCAL | REMOTE | ALL | NONE ]

defines additional auditing for unsuccessful authentication attempts for users

and aliases. This setting supplements the audit settings in user or alias

authentication records. The default value is NONE. (Auditing is selected by the

individual audit settings.)