Manualshelf

RDF System Management Manual for J-series and H-series RVUs (RDF 1.10)

ManualsBrandsHP ManualsServerHP Integrity NonStop J-Series
61626364656667686970
Table 4 RDF Process and Program Security Attributes (continued)
LICENSE Required for Object File?Run Under a Specific Logon ?Program Name
NONOMD5SRVO
YESYES; 255,nnn +RDFCOM
YESYES ++RDFEXTO
YESYES ++RDFMONO
YESYES ++RDFNETO
YESYES ++RDFPRGO
YESYES ++RDFRCVO
NONO++++RDFSCAN
YESYES +++RDFSNOOP
YESYES ++RDFUPDO
NONOREADLIST
YESYES ++RDIMAGE
+ RDFCOM operational commands require super ID group access; however, INFO and STATUS commands can be
issued by all users.
++ The RDF processes run under the user ID of the user who set the PROGID attribute, or the RDF OWNER.
+++ RDFSNOOP requires super ID group access to read image files.
++++ Depends upon security of entry-sequenced file being accessed.
The following summarizes the reasons for the various security requirements of each RDF program:
RDFAFXO. The RDFAFXO process uses privileged TMF procedures to fix the audit trail files
and reset the CRASHOPEN flag in the audit trail file label and must be licensed with FUP or
by running the RDFINST macro. RDFAFXO can be owned by any user ID.
RDFCOM. The RDFCOM program communicates with the TMP in privileged mode and must
be licensed with FUP or by running the RDFINST macro. RDFCOM can be owned by any user
ID; however, it must be run by a member of the super ID group (user ID 255,nnn) to change
the running state of RDF.
Alternatively, RDFCOM supports the use of the SAFEGUARD PROGID attribute to enable any
user to start, stop, and manage RDF. Once the PROGID attribute is set, you must limit EXECUTE
access to the RDFCOM object so that only those persons authorized to manage RDF can run
RDFCOM.
RDFEXTO. The RDF extractor program communicates with the TMP in privileged mode and
must be licensed with FUP or by running the RDFINST macro. RDFEXTO can be owned by any
user ID.
RDFMONO. The RDF monitor program communicates with the TMP in privileged mode and
must be licensed with FUP or by running the RDFINST macro. RDFMONO can be owned by
any user ID.
RDFNETO. The RDFNETO program opens and writes to the network synchronization file on
each of the primary systems participating in the RDF network in privileged mode and must be
licensed with FUP or by running the RDFINST macro. RDFNETO can be owned by any user
ID.
RDFPRGO. The RDF purger program purges image files in privileged mode and must be
licensed with FUP or by running the RDFINST macro. RDFPRGO can be owned by any user
ID.
70 Installing and Configuring RDF