|
  
DELETE
.
DELETE
--------
|
-
RuleFt RuleType Requestor Action Object [(ACIGROUP MIXED
-----------------------------------------------------------
RuleFt--- - {ADMIN, GRPADMIN, USRADMIN, USRDFLT,
-------------GRPDFLT, DEFAULT, MANAGE}
RuleType -- {ACCEPT, REJECT}
Requestor - {[USER] ReqUser, ACIGROUP ReqGroup}
Action ---- {READ, WRITE, MANAGE, CO-OWNER}
Object ---- {[fn ft] fp:fs.[dir1[.dir2[...dir8]]][.]}
------------{fn ft}
--
|
Purpose
Use the DELETE command to delete a rule governing Object from the SafeSFS rules database. The delete takes effect immediately.
Authorization
MANAGE authorization over the rule file from which the rule will be deleted or SAFADMIN authorization.
Parameters
RuleFT :
The file type of the rule file to be updated. It must be one of the following:
|
|
Specifies the GLOBAL ADMIN rule file.
|
|
|
|
|
|
Specifies the acigroup GRPADMIN rule file, where acigroup is the fs specification in object. Requires the ACIGROUP option.
|
|
|
|
|
|
Specifies the userid USRADMIN rule file, where userid is the fs specified in Object. The ACIGROUP option is invalid.
|
|
|
|
|
|
Specifies the userid USRDFLT rule file, where userid is the fs specified in Object. The ACIGROUP option is invalid.
|
|
|
|
|
|
Specifies the acigroup GRPDFLT rule file, where acigroup is the fs specification in Object. Requires the ACIGROUP option.
|
|
|
|
|
|
Specifies the GLOBAL DEFAULT rule file.
|
|
|
|
|
|
Specifies the SAFESFS MANAGE rule file. Requires SAFADMIN authorization.
|
RuleType:
|
|
A keyword specifying the type of access for the rule.
|
|
|
|
|
|
A keyword specifying the type of access for the rule. REJECT may not be used with MANAGE.
|
Requestor:
|
|
Specifies the requesting userid. Trailing pattern matching may be specified. The keyword USER is optional and may be omitted.
|
|
|
|
|
|
Specifies the name of an acigroup that requesting users are members of. Trailing pattern matching may be specified.
|
Action:
|
|
Specifies action of "READ".
|
|
|
|
|
|
Specifies action of "WRITE".
|
|
|
|
|
|
Specifies action of "CO-OWNER".
|
|
|
|
|
|
Specifies action of "MANAGE".
|
Object:
Specifies the object over which access is granted. Object is one of:
SFSObject:
[fn ft] fp:fs.[dir1[.dir2[...dir8]]][.]
|
|
1 to 8 character pattern matched file name. File type is required if file name is specified.
|
|
|
1 to 8 character pattern matched file type. File name is required if file type is specified.
|
|
|
1 to 8 character pattern matched file pool name. Default is `*:'.
|
|
|
1 to 8 character pattern matched file space name.
|
|
|
Each directory specified is a 1 to 16 character pattern matched directory name.
|
Rule Fileid:
Only valid for rules with an Action and Ruleft of MANAGE
|
|
1 to 8 character pattern matched file name.
|
|
|
Must be specified as one of: ADMIN, GRPADMIN, USRADMIN, USRDFLT, GRPDFLT, DEFAULT, or MANAGE
|
Options
|
|
|
|
|
Indicates that the fs specified in SFS Object is an acigroup, not a file space, indicating all members of that acigroup.
|
|
|
|
|
|
Indicates that the filename and filetype specified in the SFS Object contain mixed case characters and should not be upper cased by SafeSFS.
|
Return Codes
Return Code
|
Meaning
|
0
|
Rule deleted.
|
4
|
Not authorized.
|
8
|
Command failed. Rule not deleted.
|
113
|
Invalid parameter.
|
114
|
Invalid option.
|
115
|
Invalid rule file type.
|
116
|
Invalid rule file name.
|
118
|
Missing rule object filespace.
|
119
|
Invalid rule object file space.
|
120
|
Invalid rule object file name.
|
121
|
Invalid rule object directory.
|
122
|
Invalid rule object file pool.
|
123
|
Invalid rule object file type.
|
127
|
Invalid object for action Manage.
|
128
|
Reject may not be used with action Manage
|
143
|
Missing parameter file type.
|
144
|
Option ACIGROUP must be specified.
|
145
|
REJECT may not be used with MANAGE.
|
147
|
Invalid action for rule file specified.
|
307
|
Rule was not found. Rule was not deleted.
|
Usage Notes
- fp:fs. in the SFS object, is required. The period following the filespace is also required. All other tokens of the SFS object are optional. If directories are specified, they must be preceded by a period. The period following the last directory is optional. Trailing pattern matching may be used by specifying an *.
Examples
- SAFESFS DELETE ADMIN ACCEPT JOHN WRITE *:*.
This command deletes a rule allowing user JOHN to WRITE all file spaces in all file pools. The rule is deleted from the GLOBAL ADMIN rule file.
- SAFESFS DELETE MANAGE ACCEPT JOHN MANAGE GLOBAL ADMIN
This command deletes a rule allowing user JOHN to MANAGE the GLOBAL ADMIN rule file. The rule is deleted from the SAFESFS MANAGE rule file.
- SAFESFS DELETE ADMIN ACCEPT ACIGROUP SYSTEMS WRITE *:*.
This command deletes a rule allowing members of acigroup SYSTEMS to WRITE all file spaces in all file pools. The rule is deleted from the GLOBAL ADMIN rule file.
|
