XYGATE Access Control Reference Manual
XYGATE
®
Access Control Reference Manual
Appendix C: The ACACL File
XYPRO Technology Corporation 139 Proprietary and Confidential
<optional-keywords> One or more of the optional keywords listed in
Appendix C4: starting on page 146.
<userid-list> A list of valid userids that will be able to execute the
ACACL Command Entry. Note that for security reasons
XYGATEAC will declare this ACACL command invalid with
a syntax error if any non-valid userid is used or if a userid
is deleted which is part of an ACL keyword of an ACACL
Command Entry.
Note: The exclamation point ( ! ) starts a comment anywhere in a line; the comment
will continue for the remainder of the line. Exclamation points within quoted
strings are not considered comments for XAC; they are processed as part of the
quoted string.
Example:
COMMAND SPOOLCOM-255
DESCRIPTION "SPOOLCOM AS SUPER.SUPER"
USER 255,255
OBJECT $SYSTEM.SJUESP.SPOOLCOM ! Use XYGATE SP Spoolcom
ACL SUPER.OPMGR OPER.* PROG.MGR
AUDITUSER OPER.* PROG.MGR NOT OPER.MGR
The above COMMAND will execute SPOOLCOM as SUPER.SUPER. The commands
executed within this SPOOLCOM-255 will be audited if they were executed by
PROG.MGR or any OPER.* user except OPER.MGR. The commands will not be
audited for the users.
Example: COMMAND for use with Visual Inspect
COMMAND TACL-VISUAL-INSPECT
DESCRIPTION "Audited TACL for use with Visual Inspect"
USER GROUP,USER
ACL $EVERYONE
OBJECT $SYSTEM.SYSNN.TACL
START_LOGGED_OFF
! The following line is needed for Visual Inspect
INPUT "RUN $SYSTEM.XYGATEAC.SETVIIP"
! The following line is needed for OSS users
INPUT "LOAD/KEEP 1/$SYSTEM.XYGATEAC.LOADXOA"
ALIAS_ALL_PROCESSES
ALIAS "O$" "<<OBEY $"
ALIAS "O\" "<<OBEY \"
NULLNULLSTOP
EXECUTEHANGUP
CHECKCONNECTION 1000 250
STOPONERROR 60,66,140,190,191
BLANKPASSWORD
TRACKVOLUME
TRACKUSERID
FC
FCPROMPT "> "
OPENSBYOBJECTS \*.$*.*.*
TIMEOUT 1800