HELPLIB.HLB  —  RMU72  Set  Privilege  Examples
    Example 1

    The following example assumes that the user with a user
    identification code (UIC) of [SQL,USER] has created the mf_
    test_db database and is therefore the owner of the database.
    After creating the mf_test_db database, the owner displays the
    root file ACL for the database. Then the owner grants Oracle RMU
    privileges to database users. The Oracle RMU privileges granted
    to each type of user depend on the type of Oracle RMU access the
    user needs to the database.

    $! Note that by default the owner (the user with a UIC of [SQL,USER])
    $! is granted all the Oracle RMU privileges in the root file
    $! ACL and no other users are granted any Oracle RMU privileges.

    $ RMU/SHOW PRIVILEGE MF_TEST_DB.RDB
    Object type: file,  Object name: SQL_USER:[USER]MF_TEST_DB.RDB;1,
    on 30-MAR-1996 15:51:55.79

        (IDENTIFIER=[SQL,USER],ACCESS=READ+WRITE+CONTROL+RMU$ALTER+
        RMU$ANALYZE+RMU$BACKUP+RMU$CONVERT+RMU$COPY+RMU$DUMP+RMU$LOAD+
        RMU$MOVE+RMU$OPEN+RMU$RESTORE+RMU$SECURITY+RMU$SHOW+RMU$UNLOAD+
        RMU$VERIFY)
    $!
    $! The owner uses the RMU Set Privilege command and the After
    $! qualifier to grant the RMU$ANALYZE, RMU$OPEN, and
    $! RMU$VERIFY privileges to a user with a UIC of [SQL,USER2].
    $! This user will serve as the database administrator for the
    $! mf_test_db database.

    $ RMU/SET PRIVILEGE/ACL=(IDENTIFIER=[SQL,USER2],ACCESS=RMU$ANALYZE -
    _$ +RMU$OPEN+RMU$VERIFY) -
    _$ /AFTER=(IDENTIFIER=[SQL,USER])/LOG MF_TEST_DB.RDB
    %RMU-I-MODIFIED, SQL_USER:[USER]MF_TEST_DB.RDB;1 modified

    $!
    $! Next, the owner grants the RMU$SECURITY privilege to a user with a
    $! UIC of [SQL,USER3].  This gives the user USER3 the ability
    $! to grant other users the appropriate privileges they need for
    $! accessing the database with Oracle RMU commands.  Because both
    $! the database creator and user USER3 have the RMU$SECURITY
    $! privilege, both of them can modify the root file ACL for the
    $! database.

    $ RMU/SET PRIVILEGE/ACL=(IDENTIFIER=[SQL,USER3],ACCESS=RMU$SECURITY) -
    _$ /AFTER=(IDENTIFIER=[SQL,USER2])/LOG MF_TEST_DB.RDB
    %RMU-I-MODIFIED, SQL_USER:[USER]MF_TEST_DB.RDB;1 modified
    $!
    $! The user with a UIC of [RDB,USER4], who will serve as the database
    $! operator, is granted the RMU$BACKUP, RMU$CONVERT, RMU$DUMP, and
    $! RMU$RESTORE privileges:
    $ RMU/SET PRIVILEGE/ACL=(IDENTIFIER=[RDB,USER4],ACCESS=RMU$BACKUP -
    _$ +RMU$CONVERT+RMU$DUMP+RMU$RESTORE) -
    _$ /AFTER=(IDENTIFIER=[SQL,USER3])/LOG MF_TEST_DB.RDB
    %RMU-I-MODIFIED, SQL_USER:[USER]MF_TEST_DB.RDB;1 modified
    $!
    $! The RMU$LOAD and RMU$SHOW privileges are granted to the user
    $! with a UIC of [RDB,USER5]. This user will be writing programs
    $! that load data into the database.

    $ RMU/SET PRIVILEGE/ACL=(IDENTIFIER=[RDB,USER5],ACCESS=RMU$LOAD -
    _$ +RMU$SHOW) /AFTER=(IDENTIFIER=[RDB,USER4]) MF_TEST_DB.RDB
    %RMU-I-MODIFIED, SQL_USER:[USER]MF_TEST_DB.RDB;1 modified
    $!
    $! No privileges are granted to all other users.

    $ RMU/SET PRIVILEGE/ACL=(IDENTIFIER=[*,*],ACCESS=NONE) -
    _$ /AFTER=(IDENTIFIER=[RDB,USER5])/LOG MF_TEST_DB.RDB
    %RMU-I-MODIFIED, SQL_USER:[USER]MF_TEST_DB.RDB;1 modified
    $!
    $! The RMU/SHOW PRIVILEGE command displays the root file ACL for the
    $! mf_test_db database.

    $ RMU/SHOW PRIVILEGE MF_TEST_DB.RDB
    Object type: file,  Object name: SQL_USER:[USER]MF_TEST_DB.RDB;1,
    on 30-MAR-1996 15:52:17.03

        (IDENTIFIER=[SQL,USER],ACCESS=READ+WRITE+CONTROL+RMU$ALTER+
        RMU$ANALYZE+RMU$BACKUP+RMU$CONVERT+RMU$COPY+RMU$DUMP+RMU$LOAD+
        RMU$MOVE+RMU$OPEN+RMU$RESTORE+RMU$SECURITY+RMU$SHOW+RMU$UNLOAD+
        RMU$VERIFY)
        (IDENTIFIER=[SQL,USER2],ACCESS=RMU$ANALYZE+RMU$OPEN+RMU$VERIFY)
        (IDENTIFIER=[SQL,USER3],ACCESS=RMU$SECURITY)
        (IDENTIFIER=[RDB,USER4],ACCESS=RMU$BACKUP+RMU$CONVERT+RMU$DUMP+
        RMU$RESTORE)
        (IDENTIFIER=[RDB,USER5],ACCESS=RMU$LOAD+RMU$SHOW)
        (IDENTIFIER=[*,*],ACCESS=NONE)

    Example 2

    The following command adds an ACE for the user with a UIC of
    [RDB,USER1] to the root file ACL for the personnel database. This
    ACE grants [RDB,USER1] the RMU$BACKUP privilege for the personnel
    database. The RMU$BACKUP privilege allows user [RDB,USER1]
    to access the RMU Backup, RMU Backup After_Journal, and RMU
    Checkpoint commands for the personnel database.

    $ RMU/SET PRIVILEGE/ACL=(IDENTIFIER=[RDB,USER1],ACCESS=RMU$BACKUP) -
    _$ PERSONNEL.RDB

    Example 3

    The Replace qualifier in the following example causes the ACE
    in the root file ACL for the user with a UIC of [RDB,USER4]
    to be replaced by the ACE specified for the user with a UIC of
    [SQL,USER6]:

    $ RMU/SET PRIVILEGE/ACL=(IDENTIFIER=[RDB,USER4]) -
    _$ /REPLACE=(IDENTIFIER=[SQL,USER6],ACCESS=RMU$BACKUP+RMU$CONVERT -
    _$ +RMU$DUMP+RMU$RESTORE)/LOG MF_TEST_DB.RDB
    %RMU-I-MODIFIED, SQL_USER:[USER]MF_TEST_DB.RDB;1 modified
    $!
    $ RMU/SHOW PRIVILEGE MF_TEST_DB.RDB
    Object type: file,  Object name: SQL_USER:[USER]MF_TEST_DB.RDB;1,
    on 30-MAR-1996 15:52:23.92

        (IDENTIFIER=[SQL,USER],ACCESS=READ+WRITE+CONTROL+RMU$ALTER+
        RMU$ANALYZE+RMU$BACKUP+RMU$CONVERT+RMU$COPY+RMU$DUMP+RMU$LOAD+
        RMU$MOVE+RMU$OPEN+RMU$RESTORE+RMU$SECURITY+RMU$SHOW+RMU$UNLOAD+
        RMU$VERIFY)
        (IDENTIFIER=[SQL,USER2],ACCESS=RMU$ANALYZE+RMU$OPEN+RMU$VERIFY)
        (IDENTIFIER=[SQL,USER3],ACCESS=RMU$SECURITY)
        (IDENTIFIER=[SQL,USER6],ACCESS=RMU$BACKUP+RMU$CONVERT+RMU$DUMP+
        RMU$RESTORE)
        (IDENTIFIER=[RDB,USER5],ACCESS=RMU$LOAD+RMU$SHOW)
        (IDENTIFIER=[*,*],ACCESS=NONE)

    Example 4

    The Delete qualifier in the following example causes the ACE for
    the user with a UIC of [RDB,USER5] to be deleted from the root
    file ACL for the mf_test_db database:

    $ RMU/SET PRIVILEGE/ACL=(IDENTIFIER=[RDB,USER5]) -
    _$ /DELETE/LOG MF_TEST_DB.RDB
    %RMU-I-MODIFIED, SQL_USER:[USER]MF_TEST_DB.RDB;1 modified
    $!
    $ RMU/SHOW PRIVILEGE MF_TEST_DB.RDB
    Object type: file,  Object name: SQL_USER:[USER]MF_TEST_DB.RDB;1,
    on 30-MAR-1996 15:52:29.07

        (IDENTIFIER=[SQL,USER],ACCESS=READ+WRITE+CONTROL+RMU$ALTER+
        RMU$ANALYZE+RMU$BACKUP+RMU$CONVERT+RMU$COPY+RMU$DUMP+RMU$LOAD+
        RMU$MOVE+RMU$OPEN+RMU$RESTORE+RMU$SECURITY+RMU$SHOW+RMU$UNLOAD+
        RMU$VERIFY)
        (IDENTIFIER=[SQL,USER2],ACCESS=RMU$ANALYZE+RMU$OPEN+RMU$VERIFY)
        (IDENTIFIER=[SQL,USER3],ACCESS=RMU$SECURITY)
        (IDENTIFIER=[SQL,USER6],ACCESS=RMU$BACKUP+RMU$CONVERT+RMU$DUMP+
        RMU$RESTORE)
        (IDENTIFIER=[*,*],ACCESS=NONE)

    Example 5

    In the following example, the Like qualifier copies the root file
    ACL from the mf_test_db database to the test_db database. As part
    of this operation, the original root file ACL for the test_db
    database is deleted.

    $ RMU/SHOW PRIVILEGE TEST_DB.RDB
    Object type: file,  Object name: SQL_USER:[USER]TEST_DB.RDB;1,  on
    30-MAR-1996 15:52:31.48

        (IDENTIFIER=[SQL,USER],ACCESS=READ+WRITE+CONTROL+RMU$ALTER+
        RMU$ANALYZE+RMU$BACKUP+RMU$CONVERT+RMU$COPY+RMU$DUMP+RMU$LOAD+
        RMU$MOVE+RMU$OPEN+RMU$RESTORE+RMU$SECURITY+RMU$SHOW+RMU$UNLOAD+
        RMU$VERIFY)
    $ !
    $ RMU/SHOW PRIVILEGE MF_TEST_DB.RDB
    Object type: file,  Object name: SQL_USER:[USER]MF_TEST_DB.RDB;1,
    on 30-MAR-1996 15:52:33.86

        (IDENTIFIER=[SQL,USER],ACCESS=READ+WRITE+CONTROL+RMU$ALTER+
        RMU$ANALYZE+RMU$BACKUP+RMU$CONVERT+RMU$COPY+RMU$DUMP+RMU$LOAD+
        RMU$MOVE+RMU$OPEN+RMU$RESTORE+RMU$SECURITY+RMU$SHOW+RMU$UNLOAD+
        RMU$VERIFY)
        (IDENTIFIER=[SQL,USER2],ACCESS=RMU$ANALYZE+RMU$OPEN+RMU$VERIFY)
        (IDENTIFIER=[SQL,USER3],ACCESS=RMU$SECURITY)
        (IDENTIFIER=[SQL,USER6],ACCESS=RMU$BACKUP+RMU$CONVERT+RMU$DUMP+
        RMU$RESTORE)
        (IDENTIFIER=[*,*],ACCESS=NONE)
    $!
    $ RMU/SET PRIVILEGE/LIKE=MF_TEST_DB.RDB/LOG TEST_DB.RDB
    %RMU-I-MODIFIED, SQL_USER:[USER]TEST_DB.RDB;1 modified
    $!
    $ RMU/SHOW PRIVILEGE TEST_DB.RDB
    Object type: file,  Object name: SQL_USER:[USER]TEST_DB.RDB;1,  on
    30-MAR-1996 15:52:41.36

        (IDENTIFIER=[SQL,USER],ACCESS=READ+WRITE+CONTROL+RMU$ALTER+
        RMU$ANALYZE+RMU$BACKUP+RMU$CONVERT+RMU$COPY+RMU$DUMP+RMU$LOAD+
        RMU$MOVE+RMU$OPEN+RMU$RESTORE+RMU$SECURITY+RMU$SHOW+RMU$UNLOAD+
        RMU$VERIFY)
        (IDENTIFIER=[SQL,USER2],ACCESS=RMU$ANALYZE+RMU$OPEN+RMU$VERIFY)
        (IDENTIFIER=[SQL,USER3],ACCESS=RMU$SECURITY)
        (IDENTIFIER=[SQL,USER6],ACCESS=RMU$BACKUP+RMU$CONVERT+RMU$DUMP+
        RMU$RESTORE)
        (IDENTIFIER=[*,*],ACCESS=NONE)

    Example 6

    The New qualifier in the following example deletes all the
    existing ACEs and the Acl qualifier specifies a new ACE for the
    root file ACL for the mf_test_db database. Note that after the
    RMU Set Privilege command in this example is issued, only the
    user with a UIC of [SQL,USER2] or a user with an OpenVMS override
    privilege would be able to display the root file ACL for the mf_
    test_db database.

    $ RMU/SHOW PRIVILEGE MF_TEST_DB.RDB
    Object type: file,  Object name: SQL_USER:[USER]MF_TEST_DB.RDB;1,
    on 30-MAR-1996 15:52:44.50

        (IDENTIFIER=[SQL,USER],ACCESS=READ+WRITE+CONTROL+RMU$ALTER+
        RMU$ANALYZE+RMU$BACKUP+RMU$CONVERT+RMU$COPY+RMU$DUMP+RMU$LOAD+
        RMU$MOVE+RMU$OPEN+RMU$RESTORE+RMU$SECURITY+RMU$SHOW+RMU$UNLOAD+
        RMU$VERIFY)
        (IDENTIFIER=[SQL,USER2],ACCESS=RMU$ANALYZE+RMU$OPEN+RMU$VERIFY)
        (IDENTIFIER=[SQL,USER3],ACCESS=RMU$SECURITY)
        (IDENTIFIER=[SQL,USER6],ACCESS=RMU$BACKUP+RMU$CONVERT+RMU$DUMP+
        RMU$RESTORE)
        (IDENTIFIER=[*,*],ACCESS=NONE)
    $!
    $ RMU/SET PRIVILEGE/NEW -
    _$ /ACL=(IDENTIFIER=[SQL,USER2],ACCESS=READ+WRITE+CONTROL+ -
    _$ RMU$ALTER+RMU$ANALYZE+RMU$BACKUP+RMU$CONVERT+RMU$COPY+ -
    _$ RMU$DUMP+RMU$LOAD+RMU$MOVE+RMU$OPEN+RMU$RESTORE+RMU$SHOW+ -
    _$ RMU$UNLOAD+RMU$VERIFY)/LOG MF_TEST_DB.RDB
    %RMU-I-MODIFIED, SQL_USER:[USER]MF_TEST_DB.RDB;1 modified
Close Help