Safeguard Reference Manual (G06.29+, H06.08+, J06.03+)
Table Of Contents
- Safeguard Reference Manual
- Legal Notices
- Contents
- What is New in this Manual
- Manual Information
- New and Changed Information
- Changes to the 520618-030 manual
- Changes to the 520618-029 manual
- Changes to the 520618-028 manual
- Changes to the 520618-027 manual
- Changes to the 520618-026 manual
- Changes to the 520618-025 manual
- Changes to the H06.22/J06.11 manual
- Changes to the H06.21/J06.10 Manual
- Changes to the H06.20/J06.09 Manual
- Changes to the 520618-020 Manual
- Changes to the H06.19/J06.08 Manual
- About This Manual
- 1 Introduction
- 2 Common SAFECOM Language Elements
- 3 The Command to Run SAFECOM
- 4 SAFECOM Session-Control Commands
- 5 User Security Commands
- 6 User Alias Security Commands
- 7 Group Commands
- 8 Disk-File Security Commands
- Disk-File Ownership
- Disk-File Access Authorities
- Disk-File Access Authorization
- Disk-File Security Command Summary
- Syntax of Disk-File Security Commands
- ADD DISKFILE Command
- ADD DISKFILE-PATTERN Command
- ALTER DISKFILE Command
- ALTER DISKFILE-PATTERN Command
- DELETE DISKFILE Command
- DELETE DISKFILE-PATTERN Command
- FREEZE DISKFILE Command
- FREEZE DISKFILE-PATTERN Command
- INFO DISKFILE Command
- INFO DISKFILE-PATTERN Command
- RESET DISKFILE Command
- RESET DISKFILE-PATTERN Command
- SET DISKFILE Command
- SET DISKFILE-PATTERN Command
- SHOW DISKFILE Command
- SHOW DISKFILE-PATTERN Command
- THAW DISKFILE Command
- THAW DISKFILE-PATTERN Command
- SAFECOM Saved Diskfile Pattern Commands
- ADD SAVED-DISKFILE-PATTERN Command
- ALTER SAVED-DISKFILE-PATTERN Command
- DELETE SAVED-DISKFILE-PATTERN Command
- FREEZE SAVED-DISKFILE-PATTERN Command
- INFO SAVED-DISKFILE-PATTERN Command
- RESET SAVED-DISKFILE-PATTERN Command
- SET SAVED-DISKFILE-PATTERN Command
- SHOW SAVED-DISKFILE-PATTERN Command
- THAW SAVED-DISKFILE-PATTERN Command
- 9 Disk Volume and Subvolume Security Commands
- Volume Authorization Record Ownership
- Subvolume Authorization Record Ownership
- Volume and Subvolume Access Authorities
- Volume and Subvolume Access Authorization
- Volume and Subvolume Security Command Summary
- Syntax of Disk Volume and Subvolume Security Commands
- ADD VOLUME and SUBVOLUME Commands
- ALTER VOLUME and SUBVOLUME Commands
- DELETE VOLUME and SUBVOLUME Commands
- FREEZE VOLUME and SUBVOLUME Commands
- INFO VOLUME and SUBVOLUME Commands
- RESET VOLUME and SUBVOLUME Commands
- SET VOLUME and SUBVOLUME Commands
- SHOW VOLUME and SUBVOLUME Commands
- THAW VOLUME and SUBVOLUME Commands
- 10 Device and Subdevice Security Commands
- Device and Subdevice Authorization Record Ownership
- Device and Subdevice Access Authorities
- Device and Subdevice Access Authorization
- Device and Subdevice Security Command Summary
- Syntax of Device and Subdevice Security Commands
- ADD DEVICE and SUBDEVICE Commands
- ALTER DEVICE and SUBDEVICE Commands
- DELETE DEVICE and SUBDEVICE Commands
- FREEZE DEVICE and SUBDEVICE Commands
- INFO DEVICE and SUBDEVICE Commands
- RESET DEVICE and SUBDEVICE Commands
- SET DEVICE and SUBDEVICE Commands
- SHOW DEVICE and SUBDEVICE Commands
- THAW DEVICE and SUBDEVICE Commands
- 11 Process and Subprocess Security Commands
- Process and Subprocess Security
- Process and Subprocess Access Authorities
- Special NAMED and UNNAMED Process Protection Records
- Process and Subprocess Security Command Summary
- Syntax of the Process and Subprocess Security Commands
- ADD PROCESS and SUBPROCESS Commands
- ALTER PROCESS and SUBPROCESS Commands
- DELETE PROCESS and SUBPROCESS Commands
- FREEZE PROCESS and SUBPROCESS Commands
- INFO PROCESS and SUBPROCESS Commands
- RESET PROCESS and SUBPROCESS Commands
- SET PROCESS and SUBPROCESS Commands
- SHOW PROCESS and SUBPROCESS Commands
- THAW PROCESS and SUBPROCESS Commands
- 12 OBJECTTYPE Security Commands
- 13 Security Group Commands
- 14 Terminal Security Commands
- 15 Event-Exit-Process Commands
- 16 Safeguard Subsystem Commands
- 17 Running Other Programs From SAFECOM
- A SAFECOM Error and Warning Messages
- B Disk-File Access Rules
- Index
Disk Volume and Subvolume Security Commands
Safeguard Reference Manual — 520618-030
9 - 4
Volume and Subvolume Security Command
Summary
Table 9-1. Disk Volume and Subvolume Security Command Summary
Command Description
ADD [SUB]VOLUME
* Adds a volume or subvolume authorization record with the
specified attribute values. The current default volume or
subvolume attribute values are used for any attributes not
specified in the ADD VOLUME or ADD SUBVOLUME
command. Only a local super group user can add a record for
a disk volume unless the default action is overridden with an
ACL for OBJECTTYPE VOLUME or SUBVOLUME.
ALTER [SUB]VOLUME
* Changes one or more attribute values in a volume or
subvolume authorization record. For all attributes except
ACCESS, ALTER replaces the current value with the specified
value. For ACCESS, ALTER changes the existing ACL to
incorporate access-spec.
DELETE [SUB]VOLUME
* Deletes an authorization record for a volume or subvolume.
After a volume authorization record is deleted, only attempts to
create disk files on protected subvolumes on the volume are
subject to Safeguard security checks or auditing. After a
subvolume authorization record is deleted, attempts to create
disk files on the subvolume are subject to Safeguard security
checks and auditing only if the volume on which the subvolume
resides is protected. In addition, in either case, disk files with
persistent protection are subject to Safeguard security checks
and auditing.
FREEZE [SUB]VOLUME
* Temporarily suspends the file-creation authority granted to
users with a volume or subvolume ACL. On any frozen volume
or subvolume, file creation and access authority is granted only
to an owner, the primary owner’s group manager, and the
super ID.
INFO [SUB]VOLUME
* Displays the existing attribute values in a disk volume or
subvolume authorization record
RESET [SUB]VOLUME Sets one or more default volume or subvolume attribute values
to p
redefined values
SET [SUB]VOLUME Sets one or more default volume or subvolume attribute values
to specified va
lues. When a volume or subvolume
authorization record is added, the current default attribute
values are used for any attributes not specified in the ADD
command.
SHOW [SUB]VOLUME
Displays the current default values of the volume or subvolume
attribute
THAW [SUB]VOLUME
* For frozen volumes or subvolumes, restores the file-creation
authority granted to users on that volume or subvolume ACL
* The ADD, ALTER, DELETE, FREEZE,THAW, and INFO commands used with VOLUME or SUBVOLUME,
when there is no existing VOLUME or SUBVOLUME matching the given pattern, will display the "Record not
found" error.