- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - OpenVMS
- >
- Re: changing fdl file protection
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-02-2008 03:20 AM
тАО07-02-2008 03:20 AM
changing fdl file protection
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-02-2008 03:40 AM
тАО07-02-2008 03:40 AM
Re: changing fdl file protection
2. Set an acl on the parent directory to create all future files without protection.
set sec x.dir/acl=(default,s:rwed,o:rwed,g:rwed,w:rwed)
3. Change all fdl files to get that protection set file *.fdl/prot=(s:rwed,o:rwed,g:rwed,w:rwed)
Wim
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-02-2008 03:41 AM
тАО07-02-2008 03:41 AM
Re: changing fdl file protection
Wim
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-02-2008 04:04 AM
тАО07-02-2008 04:04 AM
Re: changing fdl file protection
FDL files may have an OWNER and PROTECTION clause in them for the target file, but that is often mre a nuisance than help. Just set the protection after the target file create, if needed at all.
It is somewhat odd to allow all uses to add and delete FDL files IF those are also used for production files, as it is all too easy to put something bad in place, or remove something good, impacting production.
If you need more help than Wim's replies offer, then please be sure to explain a little better what root problem you are trying to solve, and how those FDL's will be used. How come 'all users' even know how to create FDL files? That's not typical, not even for a development shop.
Cheers,
Hein van den Heuvel
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-02-2008 05:22 AM
тАО07-02-2008 05:22 AM
Re: changing fdl file protection
Wim
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-02-2008 06:26 AM
тАО07-02-2008 06:26 AM
Re: changing fdl file protection
Permitting all users to add/remove FDL files to a master location is a dangerous practice. A single incorrect keystroke can cause major mayhem and disruption, all without any intent to do harm.
My personal preferences depend upon precisely what problem is being addressed. One common solution for testing is to use a consistent logical name to access the FDL files in your programs and command procedures, thus permitting a fine degree of control of where the FDL file is actually retrieved from (which can provide for a list of defaults). Just such an approach was described in " Inheritance Based Environments in Stand-alone OpenVMS Systems and OpenVMS Clusters", published in the OpenVMS Technical Journal, Volume 3, February 2004 (reprints available via http://www.rlgsc.com/publications/vmstechjournal/inheritance.html ).
As to the group and global libraries, my normal recommendation is to limit add/delete access, possibly by having the library directory owned by an Identifier, with the Identifier granted to those users authorized to make more global updates.
While such a scheme is a bit of work, it creates accountability for changes.
- Bob Gezelter, http://www.rlgsc.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-02-2008 06:43 AM
тАО07-02-2008 06:43 AM
Re: changing fdl file protection
Basically, you configure the shared files off to the ownership of the identifier, and grant the identifier to the folks that need to share access.
This also avoids granting privileges all around.