Chapter 2 73
Command Definitions A-B
ALTSEC
You cannot use wildcards in any other manner within a user
specification.
A typical ACD consisting of three ACD pairs might look like this:
(R,W:ENGR.MFG;R,W,RACD:@.MRKT;R:@.@)
This ACD would allow Read and Write access to the ENGR user of the MFG
account; Read and Write access to any user of the MRKT account along with
the ability to read or copy the ACD; and Read access to any user in any
account.
^ filereference A file containing one or more ACD pairs. ACD pairs must be separated by
semi-colons and may be placed on separate lines. A single ACD pair may
not span more than one line. The file name must be preceded by the ^ sign
(caret symbol) to indicate that the designated file contains the ACD
definition. This is known as an indirect file.
The ALTSEC command fails if the indirect file does not contain a
syntactically correct ACD. ACD pairs may be on separate lines, but a pair
may not span lines. Parentheses are optional when defining an acdpair
within an indirect file.
The file reference may be specified using MPE or HFS file name Syntax.
For example:
filename[/lockword][.group[.account]]
If the file has an active lockword, you must be specify it. ACDs override
lockwords. Lockwords can only be specified in file references using MPE
name Syntax. Unqualified file names are relative to the current working
directory.
DELPAIR (Indicates "delete pair"). Use to delete one or more ACD pairs in an
existing ACD). DELPAIR must be followed by a valid userspec.
userspec Username and accountname, the same as the userspec described above in
acdpair. A wildcard (@) may be used for the username or both the
username and accountname together. A wildcard may not be specified for
the accountname unless it is also specified for the username.
COPYACD (Indicates "copy ACD"). Use COPYACD to copy an ACD from an existing
objectname to the specified objectname. ACDs can be copied only between
like objects. You must specify FILENAME or LDEV. FILENAME is the
default. You cannot copy an ACD from a device class (DEVCLASS), although
you may copy to all devices on the system by specifying the @ sign as the
target device.
DELACD (Indicates "delete ACD"). Use DELACD to delete all ACD pairs from the
specified objectname. ACDs may be removed only from devices and files in
MPE groups. The file access matrix controls access to a file when an ACD
is deleted.
MASK (Indicates "recalculate MASK"). Use MASK to recalculate the ACD file
group class mask ($GROUP_MASK) access permissions.
