Safeguard Reference Manual (G06.29+, H06.08+, J06.03+)
Table Of Contents
- Safeguard Reference Manual
- Legal Notices
- Contents
- What is New in this Manual
- Manual Information
- New and Changed Information
- Changes to the 520618-030 manual
- Changes to the 520618-029 manual
- Changes to the 520618-028 manual
- Changes to the 520618-027 manual
- Changes to the 520618-026 manual
- Changes to the 520618-025 manual
- Changes to the H06.22/J06.11 manual
- Changes to the H06.21/J06.10 Manual
- Changes to the H06.20/J06.09 Manual
- Changes to the 520618-020 Manual
- Changes to the H06.19/J06.08 Manual
- About This Manual
- 1 Introduction
- 2 Common SAFECOM Language Elements
- 3 The Command to Run SAFECOM
- 4 SAFECOM Session-Control Commands
- 5 User Security Commands
- 6 User Alias Security Commands
- 7 Group Commands
- 8 Disk-File Security Commands
- Disk-File Ownership
- Disk-File Access Authorities
- Disk-File Access Authorization
- Disk-File Security Command Summary
- Syntax of Disk-File Security Commands
- ADD DISKFILE Command
- ADD DISKFILE-PATTERN Command
- ALTER DISKFILE Command
- ALTER DISKFILE-PATTERN Command
- DELETE DISKFILE Command
- DELETE DISKFILE-PATTERN Command
- FREEZE DISKFILE Command
- FREEZE DISKFILE-PATTERN Command
- INFO DISKFILE Command
- INFO DISKFILE-PATTERN Command
- RESET DISKFILE Command
- RESET DISKFILE-PATTERN Command
- SET DISKFILE Command
- SET DISKFILE-PATTERN Command
- SHOW DISKFILE Command
- SHOW DISKFILE-PATTERN Command
- THAW DISKFILE Command
- THAW DISKFILE-PATTERN Command
- SAFECOM Saved Diskfile Pattern Commands
- ADD SAVED-DISKFILE-PATTERN Command
- ALTER SAVED-DISKFILE-PATTERN Command
- DELETE SAVED-DISKFILE-PATTERN Command
- FREEZE SAVED-DISKFILE-PATTERN Command
- INFO SAVED-DISKFILE-PATTERN Command
- RESET SAVED-DISKFILE-PATTERN Command
- SET SAVED-DISKFILE-PATTERN Command
- SHOW SAVED-DISKFILE-PATTERN Command
- THAW SAVED-DISKFILE-PATTERN Command
- 9 Disk Volume and Subvolume Security Commands
- Volume Authorization Record Ownership
- Subvolume Authorization Record Ownership
- Volume and Subvolume Access Authorities
- Volume and Subvolume Access Authorization
- Volume and Subvolume Security Command Summary
- Syntax of Disk Volume and Subvolume Security Commands
- ADD VOLUME and SUBVOLUME Commands
- ALTER VOLUME and SUBVOLUME Commands
- DELETE VOLUME and SUBVOLUME Commands
- FREEZE VOLUME and SUBVOLUME Commands
- INFO VOLUME and SUBVOLUME Commands
- RESET VOLUME and SUBVOLUME Commands
- SET VOLUME and SUBVOLUME Commands
- SHOW VOLUME and SUBVOLUME Commands
- THAW VOLUME and SUBVOLUME Commands
- 10 Device and Subdevice Security Commands
- Device and Subdevice Authorization Record Ownership
- Device and Subdevice Access Authorities
- Device and Subdevice Access Authorization
- Device and Subdevice Security Command Summary
- Syntax of Device and Subdevice Security Commands
- ADD DEVICE and SUBDEVICE Commands
- ALTER DEVICE and SUBDEVICE Commands
- DELETE DEVICE and SUBDEVICE Commands
- FREEZE DEVICE and SUBDEVICE Commands
- INFO DEVICE and SUBDEVICE Commands
- RESET DEVICE and SUBDEVICE Commands
- SET DEVICE and SUBDEVICE Commands
- SHOW DEVICE and SUBDEVICE Commands
- THAW DEVICE and SUBDEVICE Commands
- 11 Process and Subprocess Security Commands
- Process and Subprocess Security
- Process and Subprocess Access Authorities
- Special NAMED and UNNAMED Process Protection Records
- Process and Subprocess Security Command Summary
- Syntax of the Process and Subprocess Security Commands
- ADD PROCESS and SUBPROCESS Commands
- ALTER PROCESS and SUBPROCESS Commands
- DELETE PROCESS and SUBPROCESS Commands
- FREEZE PROCESS and SUBPROCESS Commands
- INFO PROCESS and SUBPROCESS Commands
- RESET PROCESS and SUBPROCESS Commands
- SET PROCESS and SUBPROCESS Commands
- SHOW PROCESS and SUBPROCESS Commands
- THAW PROCESS and SUBPROCESS Commands
- 12 OBJECTTYPE Security Commands
- 13 Security Group Commands
- 14 Terminal Security Commands
- 15 Event-Exit-Process Commands
- 16 Safeguard Subsystem Commands
- 17 Running Other Programs From SAFECOM
- A SAFECOM Error and Warning Messages
- B Disk-File Access Rules
- Index
Safeguard Subsystem Commands
Safeguard Reference Manual — 520618-030
16 - 9
ALTER SAFEGUARD Command
n defines the maximum number of failed authentication attempts allowed
before the defined actions take place. The default value is 3. (Action is not
taken until after three consecutive invalid attempts have been made.) A value
of 0 specifies no limit to the number of failed logon attempts. A null entry for
this attribute resets the value to the default value.
AUTHENTICATE-FAIL-TIMEOUT [ n [ units ] ]
n defines the length of time to suspend the logon process at the terminal when
AUTHENTICATE-MAXIMUM-ATTEMPTS has been exceeded. The default
value is 60 seconds. (A process is suspended for one minute after exceeding
AUTHENTICATE-MAXIMUM-ATTEMPTS invalid attempts to log on.) units
can be one of the following: SECONDS, MINUTES, HOURS, DAYS, WEEKS,
MONTHS. A null entry for this attribute resets the value to the default value.
AUTHENTICATE-FAIL-FREEZE { ON | OFF }
defines whether to freeze a user ID automatically (as if FREEZE USER had
been invoked) if AUTHENTICATE-MAXIMUM-ATTEMPTS has been exceeded
against that user ID. The initial value is OFF. (User IDs are not automatically
frozen.)
PASSWORD-HISTORY n
n defines the number of previous p
asswords to retain in a per-user-ID
password database. Any new password must be different from all the
previously retained passwords to be acceptable. The initial value is 0.
(Passwords are not subject to a history.)
PASSWORD-MINIMUM-LENGTH n
n defines the minimum character length of a new p
assword. (Present
passwords are not affected.) The initial value is 0 and the maximum value is 8
for DES algorithm and 64 for HMAC256 algorithm.
PASSWORD-MAY-CHANGE [ n [ DAYS [ BEFORE-EXPIRATION ] ] ]
n defines the number of days before the p
assword expiration date in which the
users can change their own password. If no password expiration date is in
Caution. Because the command interpreter process at the terminal remains locked for the
duration of the AUTHENTICATE-FAIL-TIMEOUT period, avoid specifying an unreasonably
long period. The terminal is effectively not usable during this period. The only recovery is to
start a new process at the terminal.
Caution. If you set AUTHENTICATE-FAIL-FREEZE ON, a user can freeze the user IDs of
oth
ers by attempting to log on with those other user names or user IDs.
Note. A password can be any length, including a null password. The initial value of
P
ASSWORD-MINIMUM-LENGTH is six only on systems running G06.29 and later
G-series RVUs and H06.06 and later H-series RVUs.