Safeguard Administrator's Manual (G06.29+, H06.08+, J06.03+)

OBJECTTYPE Control

Safeguard Administrator’s Manual—523317-029

5-4

super-group members can add user groups. However, by creating OBJECTTYPE

USER, you can give any designated list of users the authority to add users, aliases,

and groups. For more information, see Controlling Users as an Object Type on

page 5-8.

An OBJECTTYPE authorization record has these attributes:

ACCESS

OWNER

OBJECT-TEXT-DESCRIPTION

AUDIT-ACCESS-PASS

AUDIT-MANAGE-PASS

AUDIT-ACCESS-FAIL

AUDIT-MANAGE-FAIL

You specify these attributes with the commands listed in Table 5-1.

The OBJECTTYPE commands must be followed by a valid object type. For example, if

you want to add an authorization record for the object type VOLUME, use the ADD

OBJECTTYPE VOLUME command. The valid object types are:

DISKFILE

DISKFILE-PATTERN

SUBVOLUME

VOLUME

DEVICE

SUBDEVICE

PROCESS

SUBPROCESS

OBJECTTYPE

USER

OBJECTTYPE DISKFILE has no effect on default protection for a user disk files. It only

controls who can execute the ADD DISKFILE command.

Initially, only super-group users can create an OBJECTTYPE authorization record.

However, you can transfer this authority to designated users with OBJECTTYPE

OBJECTTYPE. For more information, see Controlling Who Can Add an Object Type

page 5-9.

Note. The OBJECT-TEXT-DESCRIPTION attribute is supported only on systems running

J06.05 and later J-series RVUs, H06.16 and later H-series RVUs, and G06.32 and later G-

series RVUs. For more information, see the Safeguard Reference Manual.

Note. OBJECTTYPE USER also controls who can use the ADD ALIAS and ADD GROUP

commands.