Adds an entry to the access control list (ACL) for a dictionary
object or dictionary directory.
Format
DEFINEP [FOR] path-name sequence-number [,]
{ PW = password }
{ UIC = [uic-spec] }
{ USER = username }
{ }
{ TTnn: }
{ { } } [,...] {,}
{ {LOCAL } }
{ TERMINAL = {NONLOCAL } }
{ {BATCH } }
{ { } }
{ {NETWORK } }
{ {GRANT } {privilege-list } }
{ {DENY } = { } } [,...]
{ {BANISH } {ALL } }
{ { } }
1 – Arguments
path-name
Is the given name, full dictionary path name, or relative
dictionary path name of the dictionary object or dictionary
directory whose ACL list you want to change. DEFINEP accepts
both DMU and CDO style path names.
sequence-number
Is the sequence number of the entry to be added to the ACL. This
number must be an unsigned, nonzero integer.
PW = password
Specifies a password to be appended to the given name of the
dictionary object or dictionary directory when used alone in a
command or statement or as part of a full or relative dictionary
path name. You can specify a password in an ACL entry on a
directory or object either in the DMU or in the CDO format
dictionary.
UIC = [uic-spec]
Specifies the UIC or group of UICs to which the added ACL entry
applies. The UIC specification must be enclosed in square
brackets and must conform to the OpenVMS rules for specifying
UICs (see the OpenVMS documentation set). You can specify
numeric and alphanumeric UICs and rights identifiers. (A rights
identifier is a single text string enclosed in brackets. The
system manager defines a rights identifier in the system rights
database. The identifier indicates all members of a particular
group.)
USER = username
Specifies the OpenVMS user name to which the added ACL entry
applies. Do not put the user name in parentheses or brackets.
LOCAL
TERMINAL = NONLOCAL
BATCH
NETWORK
Specifies a particular terminal or a type of terminal to which
the added ACL entry applies.
o TTnn: is the number of a specific terminal line to which the
added ACL entry applies. You can specify a particular terminal
only in ACL entries in the DMU format dictionary.
o LOCAL specifies that the added ACL entry applies to all
terminals hard-wired to your local system.
o NONLOCAL specifies that the added ACL entry applies to the
local system's dial-up terminal lines, to batch jobs on the
local system, to remote terminals logged in to the system
by DECnet, and to processes initiated by a DEC DATATRIEVE
Distributed Data Manipulation Facility (DDMF) on a remote node
in a network of Digital computers.
o BATCH specifies that the added ACL entry applies to all batch
jobs run on the local system.
o NETWORK specifies that the added ACL entry applies to all
processes initiated by a DEC DATATRIEVE Distributed Data
Manipulation Facility (DDMF) on a remote node in a network
of Digital computers.
, (comma)
Separates user identification criteria and privilege
specifications.
GRANT
Specifies the privileges granted by the added ACL entry.
DENY
Specifies the privileges denied by the added ACL entry.
BANISH
Specifies, for a dictionary directory and all its descendants,
the access privileges that the entry denies and the privileges
that no ACL of any of the descendants can grant. The BANISH
clause is valid in ACL entries either in the DMU or in the CDO
format dictionary.
privilege-list
Is a letter or string of letters, each one of which is the
abbreviation for the access privilege granted, denied, or
banished by the added ACL entry.
2 – Example
The following example defines an ACL entry for a DMU format
dictionary directory that uses all the user identification
criteria and all the privilege specifications:
DTR> DEFINEP FOR MONTHLY_DATA 1 PW = "SECRET", USER = JONES,
[Looking for define privilege option]
CON> UIC = [240,240], TERMINAL = NETWORK, GRANT = PSRWME,
[Looking for define privilege option]
CON> DENY = CDUXH, BANISH = FG
DTR>