Manualshelf

Technical data

ManualsBrandsCompaq ManualsPrinterLA36
301302303304305306307308309310
Managing Storage Media
9.4 Protecting Volumes
You can enable the protection fields by specifying either of the following items:
XAR mount option, using the following format:
MOUNT/PROTECTION=XAR
When you specify the XAR option for a file that has an associated XAR, the
protection fields in the XAR are enabled.
DIGITAL System Identifier (DSI) mount option, using the following format:
MOUNT/PROTECTION=DSI
If you specify the DSI option, you enable the XAR permissions Owner and
Group for XARs containing DSI.
For more information about the XAR and DSI options, refer to the OpenVMS
Record Management Utilities Reference Manual.
9.4.1.2 Changing Protection After Disk Volumes Are Mounted
You can change protection by using the SET SECURITY/CLASS=VOLUME
command with the /PROTECTION, /OWNER, or /ACL qualifier to change any
aspect of the volume security profile.
Changing UIC-Based Protection
To change UIC-based protection after a volume is mounted, use the SET
SECURITY/CLASS=VOLUME/PROTECTION command. For example:
$ SET SECURITY/CLASS=VOLUME/PROTECTION=(S:RWCD,O:RWCD,G:RC,W:RC) DUA0:
The protection set in this example allows the system and owner all types of
access. Group and world access types can only read files and run programs. Any
category not specified in the protection code (S,O,G,W) is unchanged.
Changing ACL-Based Protection
To change ACL-based protection after a volume is mounted, use the SET
SECURITY/CLASS=VOLUME/ACL command. To change the ACL, for example:
$ SET SECURITY/CLASS=VOLUME/ACL=(IDENTIFIER=DOC,ACCESS=READ+WRITE+EXECUTE) -
_$ $1$DSA7:
This example gives holders of the DOC identifier read, write, and execute access
to the $1$DSA7: volume.
9.4.1.3 Displaying UIC- and ACL-Based Protection
You can use the SHOW SECURITY/CLASS=VOLUME command to display
protection. For example:
$ SHOW SECURITY/CLASS=VOLUME $1$DSA27:
The following example shows the resulting display:
$1$DSA27: object of class VOLUME
Owner: [1,1]
Protection: (System: RWCD, Owner: RWCD, Group: RWCD, World: RWCD)
Access Control List:
(IDENTIFIER=[ABC,SADAMS],ACCESS=READ+WRITE+CREATE+DELETE)
In the display are the name and profile of the VOLUME class object $1$DSA27.
The profile includes the owner UIC, the protection code, and the access control
list (ACL) of the protected object.
Managing Storage Media 925