Security file syntax
The syntax of the security file is as follows:
Syntax
[# comment]
user definition_name user_attributes
begin [* comment]
object_type [object_attributes]. access[=keyword[,keyword]...]
[object_type [object_attributes]. access[=keyword[,keyword]...] ]...
end | continue
Arguments
- [# | *] comment
- All text following a pound sign or an asterisk and at least one space is treated as a comment. Comments are not copied into the operational security file installed by the makesec command.
- user definition_name
- Specifies the name of the user definition. The name can contain up to 36 alphanumeric characters and must start with an alphabetic character.
- user_attributes
- Contains one or more attributes that identify the user or users to whom the definition applies. For details of how to define user attributes, see Specifying user attributes.
- begin
- Begins the part containing object statements and accesses within the user definition.
- object_type
- Identifies the type of object (for example: workstation, resource, or prompt) to which access is to be given for the specified user or users. All object types that the specified user or users needs to access must be explicitly defined. If they are not, no access will be given. For details of how to define object types, see Specifying object types.
- object_attributes
- Contains one or more attributes that identify the specific objects of the defined object type to which the same access is to be given. If no object attributes are defined, access is given to all objects of the defined object type. For details of how to define object attributes, see Specifying object attributes.
- access[=keyword[,keyword]...]
- Describes the access to the specified objects given to the selected users. If none is specified (by specifying just the keyword "access") no access is given to the associated objects. If access=@ then all access rights are assigned to the specified users. For details of how to define access, see Specifying access.
- continue
- Allows a user to inherit authorization from multiple stanzas. Add the Continue keyword before the Begin keyword of each subsequent stanza to request that HCL Workload Automation must not stop at the first stanza, but must continue including also the following stanzas that match the user definition. The user gets the accesses for the first matching entry of each stanza. For an example of the use of the Continue keyword, see Users logged into multiple groups [continue keyword].
- end
- Terminates the user definition. The users defined in the user definition that terminates with an end statement do not match any subsequent user definition.
Wildcards
The
following wildcard characters are permitted in user definition syntax:
- ?
- Replaces one alphanumeric character.
- @
- Replaces zero or more alphanumeric characters.