![[Digital logo]](../../IMAGES/DIGITAL-LOGO.GIF){kind=logo}
![[HR]](../../IMAGES/REDBAR.GIF)
Defines a UIC-based protection to be propagated to new files throughout a directory tree. The protection code in the ACE is assigned to new files created in the directory. The Default Protection ACE applies to directory files only. Although the system propagates the Default Protection ACE to new subdirectories, the protection code is not assigned to the subdirectories. Instead, the subdirectories receive a modified copy of the parent directory's protection code in which delete access is not granted.An example of a Default Protection ACE is as follows:
(DEFAULT_PROTECTION,S:RWED,O:RWED,G,W)The ACE grants read, write, execute, and delete access to users in the system (S) and owner (O) categories but no access to users in the group and world categories. For more information, see the OpenVMS Guide to System Security.
(DEFAULT_PROTECTION[,OPTIONS=attribute[+attribute...]],access)
options
Specify any of the following attributes:
Hidden Indicates that this ACE should be changed only by the application that adds it. Although the Hidden attribute is valid for any ACE type, its intended use is to hide Application ACEs. To delete or modify a hidden ACE, you must use the SET SECURITY command. Users need the SECURITY privilege to display a hidden ACE with the DCL commands SHOW SECURITY or DIRECTORY/SECURITY. SECURITY privilege is also required to modify or delete a hidden ACE with the DCL command SET SECURITY. The ACL editor displays the ACE only to show its relative position within the ACL, not to facilitate editing of the ACE. To create a hidden ACE, an application can invoke the $SET_SECURITY system service.
Protected Protects the ACE against casual deletion. Protected ACEs can be deleted only in the following ways:
- By using the ACL editor
- By specifying the ACE explicitly when deleting it
Use the command SET SECURITY/ACL=(ace)/DELETE to specify and delete an ACE.
- By deleting all ACEs, both protected and unprotected
Use the command SET SECURITY/ACL/DELETE=ALL to delete all ACEs.
The following commands do not delete protected ACEs:
- SET SECURITY/ACL/DELETE
- SET SECURITY/LIKE
- SET SECURITY/DEFAULT
Nopropagate Indicates that the ACE cannot be copied by operations that usually propagate ACEs. For example, the ACE cannot be copied by the SET SECURITY/LIKE or SET SECURITY/DEFAULT commands. None Indicates that no attributes apply to an entry. Although you can create an ACL entry with OPTIONS=None, the attribute is not displayed. Whenever you specify additional attributes with the None attribute, the other attributes take precedence. The None attribute is equivalent to omitting the field. access
Specify access in the format of a UIC-based protection code, which is as follows:[category: list of access allowed (, category: list of access allowed,...)]
- User categories include system (S), owner (O), group (G), and world (W). See the OpenVMS Guide to System Security for a definition of these categories. Access types for files include read (R), write (W), execute (E), and delete (D). The access type is assigned to each ownership category and is separated from its access types with a colon (:).
- A null access list means no access, so when you omit an access type for a user category, that category of user is denied that type of access. To deny all access to a user category, specify the user category without any access types. Omit the colon after the user category when you deny access to a category of users.
- When you omit a user category from a protection code, the current access allowed that category of user is set to no access.
Controls the type of access allowed to a particular user or group of users. An example of an Identifier ACE is as follows:(IDENTIFIER=SALES,ACCESS=READ+WRITE)A system manager can use the Authorize utility (AUTHORIZE) to grant the SALES identifier to a specific group of users. Read and write access to the file INVENTORY.DAT is then granted to users who hold the SALES identifier.
For more information, see the OpenVMS Guide to System Security.
(IDENTIFIER=identifier[+identifier...] [,OPTIONS=attributes[+attributes...]] ,ACCESS=access-type[+access-type...])
identifier
Specifies a user or groups of users whose access to an object is defined in the ACE. A system manager creates or removes identifiers and assigns users to hold these identifiers.Types of identifiers are as follows:
UIC Identifiers in alphanumeric format that are based on the user identification codes (UICs) and that uniquely identify each user on the system. Users with accounts on the system automatically receive a UIC identifier, for example, [GROUP1,JONES] or [JONES]. Thus, each UIC identifier specifies a particular user. General Identifiers defined by the security administrator in the rights list to identify groups of users on the system. A general identifier is an alphanumeric string of 1 to 31 characters, containing at least one alphabetic character. It can include the letters A to Z, dollar signs ($), underscores (_), and the numbers 0 to 9, for example, 92SALES$, ACCOUNT_3, or PUBLISHING. Environmental Identifiers describing different types of users based on their initial entry into the system. Environmental identifiers are also called system-defined identifiers. Environmental identifiers correspond directly to the login classes described in the OpenVMS Guide to System Security. They include batch, network, interactive, local, dialup, and remote. For more information, see the OpenVMS Guide to System Security.
options
Specify any of the following attributes:
Default Indicates that an ACE is to be included in the ACL of any files created within a directory. When the entry is propagated, the Default attribute is removed from the ACE of the created file. This attribute is valid for directory files only. Note that an Identifier ACE with the Default attribute has no effect on access.
Hidden Indicates that this ACE should be changed only by the application that adds it. Although the Hidden attribute is valid for any ACE type, its intended use is to hide Application ACEs. To delete or modify a hidden ACE, you must use the SET SECURITY command. Users need the SECURITY privilege to display a hidden ACE with the DCL commands SHOW SECURITY or DIRECTORY/SECURITY. SECURITY privilege is also required to modify or delete a hidden ACE with the DCL command SET SECURITY. The ACL editor displays the ACE only to show its relative position within the ACL, not to facilitate editing of the ACE. To create a hidden ACE, an application can invoke the $SET_SECURITY system service.
Protected Protects the ACE against casual deletion. Protected ACEs can be deleted only in the following ways:
- By using the ACL editor
- By specifying the ACE explicitly when deleting it
Use the command SET SECURITY/ACL=(ace)/DELETE to specify and delete an ACE.
- By deleting all ACEs, both protected and unprotected
Use the command SET SECURITY/ACL/DELETE=ALL to delete all ACEs.
The following commands do not delete protected ACEs:
- SET SECURITY/ACL/DELETE
- SET SECURITY/LIKE
- SET SECURITY/DEFAULT
Nopropagate Indicates that the ACE cannot be copied by operations that usually propagate ACEs. For example, the ACE cannot be copied by the SET SECURITY/LIKE or SET SECURITY/DEFAULT commands. None Indicates that no attributes apply to an entry. Although you can create an ACL entry with OPTIONS=None, the attribute is not displayed. Whenever you specify additional attributes with the None attribute, the other attributes take precedence. The None attribute is equivalent to omitting the field. access
Specify access types that are valid for the object class. See the OpenVMS Guide to System Security for a listing of valid access types.
Grants additional identifiers to a process while it is running the image to which the Subsystem ACE applies. Users with execute access to the image can access objects that are in the protected subsystem, such as data files and printers, but only when they run the subsystem images. The Subsystem ACE applies to executable images only.An example of a Subsystem ACE is as follows:
(SUBSYSTEM, IDENTIFIER=ACCOUNTING)
(SUBSYSTEM,[OPTIONS=attribute[+attribute...],]IDENTIFIER=identifier [,ATTRIBUTES=attribute[+attribute...]] [,IDENTIFIER=identifier [,ATTRIBUTES=attribute[+attribute...]],...])
options
Specify any of the following attributes:
Protected Protects the ACE against casual deletion. Protected ACEs can be deleted only in the following ways:
- By using the ACL editor
- By specifying the ACE explicitly when deleting it
Use the command SET SECURITY/ACL=(ace)/DELETE to specify and delete an ACE.
- By deleting all ACEs, both protected and unprotected
Use the command SET SECURITY/ACL/DELETE=ALL to delete all ACEs.
The following commands do not delete protected ACEs:
- SET SECURITY/ACL/DELETE
- SET SECURITY/LIKE
- SET SECURITY/DEFAULT
Nopropagate Indicates that the ACE cannot be copied by operations that usually propagate ACEs. For example, the ACE cannot be copied by the SET SECURITY/LIKE or SET SECURITY/DEFAULT commands. None Indicates that no attributes apply to an entry. Although you can create an ACL entry with OPTIONS=None, the attribute is not displayed. Whenever you specify additional attributes with the None attribute, the other attributes take precedence. The None attribute is equivalent to omitting the field. identifier
A general identifier specifying the users or groups of users who are allowed or denied access to an object. It is an alphanumeric string of 1 through 31 characters, containing at least one alphabetic character. It can include the letters A to Z, dollar signs ($), underscores (_), and the numbers 0 to 9. For more information, see the OpenVMS Guide to System Security.A Subsystem ACE can have multiple pairs of identifiers, with special attributes assigned to the identifiers. A subsystem might require several identifiers to work properly. For example:
(SUBSYSTEM,IDENTIFIER=MAIL_SUBSYSTEM,ATTRIBUTE=NONE,IDENTIFIER=BLDG5,ATTRIBUTE=NONE)attribute
The identifier characteristics you specify when you add identifiers to the rights list or grant identifiers to users. You can specify the following attribute:
Resource Allows holders of the identifier to charge disk space to the identifier. Used only for file objects.
| Qualifier | Description |
|---|---|
| /CLASS | Specifies the class of object whose ACL is being edited |
| /JOURNAL | Controls whether a journal file is created for the editing session |
| /MODE | Specifies the use of prompting during the editing session |
| /OBJECT_TYPE | Superseded by the /CLASS qualifier |
| /RECOVER | Restores an ACL from a journal file at the beginning of an editing session |
All of the qualifiers described in this section also apply to the SET SECURITY/EDIT command. You can substitute the SET SECURITY/EDIT command wherever the EDIT/ACL command is shown; the syntax is the same for both commands.
Specifies the class of the object whose ACL is being edited. Unless the object is a file, you must specify the object class.
/CLASS =object-class
To edit the ACL for an object other than a file, specify the object class with the /CLASS qualifier. Specify one of the following classes:
CAPABILITY A system capability, such as the ability to process vector instructions. Currently, the only defined object name for the CAPABILITY class is VECTOR, which governs the ability of a subject to access a vector processor on the system. Note that you must supply the capability name as the object name parameter. COMMON_EVENT_CLUSTER A common event flag cluster. DEVICE A device, such as a disk or tape drive. FILE A file or a directory file. This is the default. GROUP_GLOBAL_SECTION A group global section. LOGICAL_NAME_TABLE A logical name table. QUEUE A batch queue or a device (printer, server, or terminal) queue. RESOURCE_DOMAIN A resource domain. SECURITY_CLASS A security class. SYSTEM_GLOBAL_SECTION A system global section. VOLUME A disk or tape volume.
Examples
$ EDIT/ACL/CLASS=DEVICE WORK1
$ EDIT/ACL/CLASS=QUEUE FAST_BATCH
Controls whether a journal file is created for the editing session.
/JOURNAL [=file-spec]
/NOJOURNAL
By default, the ACL editor keeps a journal file containing a copy of modifications made during an editing session. The journal file is given the name of the object and a .TJL file type. If you specify a different name for the file, do not include any wildcard characters.To prevent the ACL editor from creating a journal file, specify /NOJOURNAL.
If your editing session ends abnormally, you can recover the changes made during the aborted session by invoking the ACL editor with the /RECOVER qualifier.
Examples
$ EDIT/ACL/JOURNAL=COMMONACL.SAV MECH1117.DAT
$ EDIT/ACL/CLASS=RESOURCE/JOURNAL=ZERO_RESOURCE.TJL [0]
Specifies the use of prompting during the editing session.
/MODE =option
By default, the ACL editor prompts you for each ACE and provides values for some of the fields within an ACE (/MODE=PROMPT). To disable prompting, specify /MODE=NOPROMPT on the command line.
Example
$ EDIT/ACL/MODE=NOPROMPT WEATHERTBL.DAT
With this command, you initiate an ACL editing session to create an ACL for the file WEATHERTBL.DAT. The /MODE=NOPROMPT qualifier specifies that no assistance is required in entering the ACL entries.
The /OBJECT_TYPE qualifier is superseded by the /CLASS qualifier.
Restores an ACL from a journal file at the beginning of an editing session.
/RECOVER [=file-spec]
/NORECOVER
The /RECOVER qualifier specifies that the ACL editor must restore the ACL from a journal file. The ACL editor restores the ACL to the state it was in when the last ACL editing session ended abnormally.By default the journal file is given the name of the object and a .TJL file type. If you specify a more meaningful name for the journal file when you invoke the ACL editor (by using /JOURNAL), specify that file name with the /RECOVER qualifier.
Example
$ EDIT/ACL/JOURNAL=SAVEACL MYFILE.DAT . . . User creates ACL until system crashes . . . $ EDIT/ACL/JOURNAL=SAVEACL/RECOVER=SAVEACL MYFILE.DAT . . . ACL is restored and user proceeds with editing until done . . . ^Z $
The first command in this example starts the ACL editing session and specifies that the ACL editor must save the journal file SAVEACL.TJL if the session ends abnormally. The session proceeds until it is aborted by a system crash.
The next command restores the lost session with the journal file SAVEACL.TJL. To end the session, press Ctrl/Z. The ACL editor saves the edits and deletes the journal file.
You can use ACCOUNTING qualifiers to:
You can use the reports to learn more about how the system is used and how it performs.
Produces reports of resource use.
ACCOUNTING [filespec[,...]]
filespec[,...]
Specifies the accounting files you want to process.Each file specification can include the percent (%) and asterisk (*) wildcard characters. If it does not include the device or directory, your current default device or directory is used. If it does not include the file name or file type, the values ACCOUNTNG and DAT are used respectively.
If you do not specify a file, the command processes the file SYS$MANAGER:ACCOUNTNG.DAT.
Use this DCL command to run the Accounting utility:$ ACCOUNTING [filespec[,...]]You are returned to DCL level when the command has finished processing the specified accounting files.
By default, the command directs its output to the current SYS$OUTPUT device. If you want to direct the output to a file, use the /OUTPUT qualifier.
Requires READ access to the accounting files you specify, and to the directories containing them.
This section describes and provides examples of each ACCOUNTING qualifier. Table 2-1 summarizes the ACCOUNTING qualifiers.
| Qualifier | Description |
|---|---|
| /ACCOUNT | Selects or rejects records for the specified account names |
| /ADDRESS | Selects or rejects records for DECnet for OpenVMS requests made by the specified nodes |
| /BEFORE | Selects all records time-stamped before the specified time |
| /BINARY | Copies the selected records to a new file in binary format |
| /BRIEF | Produces a brief report of the selected records |
| /ENTRY | Selects or rejects records for print and batch jobs with the specified queue entry numbers |
| /FULL | Produces a full report of the selected records |
| /IDENT | Selects or rejects records for the specified processes |
| /IMAGE | Selects or rejects records for the specified images |
| /JOB | Selects or rejects records for print and batch jobs with the specified job names |
| /LOG | Outputs informational messages |
| /NODE | Selects or rejects records for DECnet for OpenVMS requests made by the specified nodes |
| /OUTPUT | Specifies the output file |
| /OWNER | Selects or rejects records for subprocesses created by the specified processes |
| /PRIORITY | Selects or rejects records for the specified priority |
| /PROCESS | Selects or rejects records for the specified types of process |
| /QUEUE | Selects or rejects records for print or batch jobs executed by the specified queues |
| /REJECTED | Copies the rejected records to a new file |
| /REMOTE_ID | Selects or rejects records for DECnet for OpenVMS requests made by the specified remote IDs |
| /REPORT | Specifies the resources that you want to summarize in a summary report |
| /SINCE | Selects all records time-stamped at or after the specified time |
| /SORT | Sorts the selected records |
| /STATUS | Selects or rejects records with the specified final exit status codes |
| /SUMMARY | Produces a summary report of the selected records |
| /TERMINAL | Selects or rejects records for interactive sessions at the specified terminals |
| /TITLE | Specifies the title shown on the first line of a summary report |
| /TYPE | Selects or rejects the specified types of record |
| /UIC | Selects or rejects records for the specified UICs |
| /USER | Selects or rejects records for the specified user names |
6048P001.HTM OSSG Documentation 26-NOV-1996 12:42:17.42
Copyright © Digital Equipment Corporation 1996. All Rights Reserved.