- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - OpenVMS
- >
- Letting unprivileged users initialize and mount ta...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-26-2007 06:51 PM
тАО02-26-2007 06:51 PM
I have a problem where I have to let otherwise unprivileged users initalize, mount and use tape devices in an OpenVMS 7.3 Alpha Cluster. I know of the privileges MOUNT, OPER and VOLPRO. This however does not let an unprivileged user initialize or mount a system wide tape device. I certantly does not want the user to have SYSPRV for this operation. Do any of you know a way through this problem?
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-26-2007 07:17 PM
тАО02-26-2007 07:17 PM
Re: Letting unprivileged users initialize and mount tape devices
regards Kalle
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-26-2007 07:48 PM
тАО02-26-2007 07:48 PM
Re: Letting unprivileged users initialize and mount tape devices
who does what. (An ACL lets you be more
selective, of course.) Around here (with me
being the only likely user), for example:
ALP $ show devi /full dlt
Magtape ALP$MKB400:, device type Quantum DLT4000 CPQ DRV, is online, record-
oriented device, file-oriented device,
[...]
Owner process ID 00000000 Dev Prot S:RWPL,O:RWPL,G:R,W:RWPL
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-26-2007 08:26 PM
тАО02-26-2007 08:26 PM
Re: Letting unprivileged users initialize and mount tape devices
I should have thought of that. This clearly shows I still have a lot to learn in the VMS world...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-26-2007 08:52 PM
тАО02-26-2007 08:52 PM
Re: Letting unprivileged users initialize and mount tape devices
Please review the details of protecting devices in the OpenVMS Guide to System Security (available from the OpenVMS www site at http://www.hp.com/go/openvms )
It works quite well, also check out the details of using the ALLOCATE command. Private volumes are different from public volumes.
- Bob Gezelter, http://www.rlgsc.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО02-26-2007 10:29 PM
тАО02-26-2007 10:29 PM
Solution(old syntax)
$ set acl/object=device/acl=(ident=[*,*],access=none) 'device'
$ set acl/object=device/acl=(ident=[uic],access=read+write+control) 'device'
(still works under vms v8.2)
(current - check help, can recall from which version of vms...)
$ set security/class=device/acl=(ident=[uic],access=read+write+control) 'device'
Hope this helps.
John.