Manualshelf

Technical data

ManualsBrandsCompaq ManualsPrinterLA36
521522523524525526527528529530
Setting Up and Maintaining Queues
14.6 Using Queue Options
Examples
1. The SET QUEUE/PROTECTION command in the following example modifies
the default protection of queue SYS_QUE1 to prevent access by nonprivileged
users. The SET SECURITY/ACL command then restricts access to only
those members of a project group who hold the ULTRA_LITE or MINUTES
identifiers. Members with the MINUTES identifier have only read and
submit access to the queue. The SHOW QUEUE/FULL command displays
information, including security information, about the queue.
$ SET QUEUE/PROTECTION=(S,O,G,W)
$ SET SECURITY/CLASS=QUEUE SYS_QUE1 -
_$/ACL=((IDENTIFIER=ULTRA_LITE, ACCESS=READ+SUBMIT+MANAGE+DELETE), -
_$ (IDENTIFIER=MINUTES, ACCESS=READ+SUBMIT))
$ SHOW QUEUE/FULL SYS_QUE1
Batch queue SYS_QUE1, stopped
/BASE_PRIORITY=4 /JOB_LIMIT=1 /OWNER=[1,4] /PROTECTION=(S,O,G,W)
(IDENTIFIER=ULTRA_LITE,ACCESS=READ+SUBMIT+MANAGE+DELETE)
(IDENTIFIER=MINUTES,ACCESS=READ+SUBMIT)
2. The following example shows how to use ACLs to restrict queue access to
members of a particular project group:
$ SET QUEUE/PROTECTION=(S,O,G,W)
$ SET SECURITY/CLASS=QUEUE SYS_QUE1 -
_$/ACL=((IDENTIFIER=ULTRA_LITE, ACCESS=READ+SUBMIT+MANAGE+DELETE), -
_$ (IDENTIFIER=MINUTES, ACCESS=READ))
3. The following example shows a queue that has only UIC-based protection, and
then gives user AGBELL control access with an ACL. Control access allows
user AGBELL to modify security information.
$ SHOW SECURITY/CLASS=QUEUE TELEPHONE_QUEUE
TELEPHONE_QUEUE object of class QUEUE
Owner: [INVENTORS,AGBELL]
Protection: (System: M, Owner: MD, Group: R, World: S)
Access Control List: <empty>
$ SET SECURITY/CLASS=QUEUE/ACL=(ID=[AGBELL],ACCESS=CONTROL) TELEPHONE_QUEUE
$ SHOW SECURITY/CLASS=QUEUE TELEPHONE_QUEUE
TELEPHONE_QUEUE object of class QUEUE
Owner: [INVENTORS,AGBELL]
Protection: (System: M, Owner: MD, Group: R, World: S)
Access Control List:
(IDENTIFIER=[INVENTORS,AGBELL],ACCESS=CONTROL)
14.6.1.5 Understanding How Privileges Affect Queues
Certain account privileges allow users to access a queue in spite of UIC-based
and ACL-based protection. The following table lists these account privileges and
the type of access they allow on a queue:
Privilege Access
OPER Manage and control access to all queues.
BYPASS Manage and control access to all queues.
READALL Read access to all jobs and to queue security information.
SYSPRV The access specified for users with system UICs.
GRPPRV The access specified for users with system or group UICs.
1426 Setting Up and Maintaining Queues