The tables in this section describe the syntax and use of
HP-UX FTAM's action/concurrency strings. Action/concurrency strings
are always and only used as arguments to certain command options,
as noted in the following tables.
Note that unless a file has passwords or concurrency control
associated with actions, you do not need to use the -z
option to satisfy access control. You either have permission to
perform the desired action, or you do not.
To obtain exclusive access to a file, use the -X
option, which does not require an action/concurrency string argument.
Examples |
 |
The following examples illustrate correct use of the -z and
-i option for several different situations.
To restrict access for others to read and read_attributes
on the file JuneData, enter the following command:
$ fcattr JuneData -i user,RPXEACD -i group,RPXEACD -i other,RA |
The following examples illustrate correct use of the -z and
-i option for several different situations.
This allows the user and group members full access to the
file, while other users have only read and read attribute access.
To delete the access control for this file enter the following command:
$ fcattr JuneData -d other -d group -d user |
Now, consider this case. First, access control is put on the
file, using the following command:
$ fcattr MarchData -i user,RPXEACD=XS -i group,RPXEACD=XS |
This grants the user and all group members full permissions,
and allows a user to request either eXclusive or Shared access on
any action. Suppose two people want to copy MarchData
to their own directories, but one requests exclusive access during
the copy and the other requests shared access, which is the default
access method. The first person enters the following command to
copy the file with shared access:
$ fcp /source/MarchData marchdata |
A moment later, while the first copy is under way, the second
person enters the following command to copy the file with exclusive
access:
$ fcp /source/MarchData -X MyMarchData |
Because the first request was for shared access (the default),
the second person's request will fail; he can not get exclusive
access at present. If the order of the commands were reversed, the
first person would be allowed exclusive access, and the request
for shared access would fail due to the current exclusive user.
The next example uses the -z option to gain access to a file
on the paris host. The user requires read permission, which uses
shared access and has a password associated.
$ fcp henri@paris:datafile -z R=S.ReadPass,A=S.RattrPass HenrisData |
This example shows a user setting access control on a remote
file that she owns. Note that she retains all permissions, and gives
group users only read and read_attribute permission.
$ fcattr tokyo:memos/salesmemo -i user,RPXEACD -i group,RA |
In the next example, the file owner sets special permissions
which permit multiple users to simultaneously read or read the attributes
of the directory (providing they know the password). However, a
user will require knowledge of a different passwords to delete,
or change the attributes of, the directory. Notice that the remote
host in this example (dublin) is not an HP- UX system, since it
maintains concurrency and passwords on file-actions, and
the specified user for access control (sales) is not a legal value
for an HP-UX FTAM system.
Table 5-6 Title not available (Examples)
| $ fcattr mike@dublin:MemoDir -i sales,RA=S#.ReadPass,D=X#.DelPass,C=X#.ChngPass |
|
The last example shows how to use the -z option to delete
a file which has access control applied to it. The access control
for file deletion includes a password, and requires exclusive access
to the file, so that the deletion will not affect another user's
operations.
$ fdel giovanni@rome:italy.data -z D=X.DeletePass |
Printable version
