XYGATE Access Control Reference Manual

ManualsBrandsHP ManualsServerHP NonStop G-Series

171

172

173

174

175

176

177

178

179

180

XYGATE

Access Control Reference Manual

Appendix C: The ACACL File

XYPRO Technology Corporation 143 Proprietary and Confidential

The Example below starts a TACL with a PAID equal to the userid that the Safeguard

Alias MailMgr is assigned to. It can be used by any user logged on using a Safeguard

Alias that begins with Oper.

Example:

COMMAND MAIL-UP

USER ALIAS:"MailMgr"

OBJECT $SYSTEM.SYSNN.TACL

ACL ALIAS:"Oper*"

OBJECT

OBJECT specifies the name of a HP NonStop object file to be executed. It may be a

network filename and must be executable by the userid specified for USER.

Note: Some HP NonStop utilities and other programs execute as client-server pairs,

some with multiple servers. Examples are SQLCI, which uses SQLCI2 , and

SCF, which uses SCFLIB.

Note: The OBJECT keyword argument in the ACACL Command Entry is the client,

such as SQLCI.

It is necessary to use the OPENSBYOBJECTS keyword and associated

parameters set to allow the necessary servers to open XYGATEAC because

only the client is specified in the OBJECT keyword. The OPENSBYOBJECTS

entry for SQLCI, for example, would explicitly permit SQLCI2. Refer to the

discussion of OPENSBYOBJECTS on page 195 for more information.

Syntax:

OBJECT <objectfile-name>

This required keyword causes the object program named in <objectfile-name> to be

started by the XYGATEAC object file with a PAID equal to the userid specified by the

USER keyword.

Example:

COMMAND SCF-TECH

DESCRIPTION "SCF as SUPER.TECH"

USER 255,253

OBJECT $SYSTEM.SYSNN.SCF

ACL 1,* 3,5 XYPRO.OPER DENY 1,255

TIMEOUT 300

OPENSBYOBJECTS $SYSTEM.SYSTEM.SCF*

Note: The subvolume name SYSNN can be used to replace explicit references to the

SYS## subvolume where the current system image is loaded. The subvolume

SYSNN dynamically expands to the current SYS## subvolume when the

ACACL entry is executed.