CDD/Plus Dictionary Management Utility SET — VMS CDD+_4.1A
You can use any of four variations of the SET command:
SET DEFAULT temporarily sets your default CDD directory.
SET PROTECTION modifies access control lists.
SET ABORT and SET NOABORT control whether a series of DMU
commands executes to completion after CDD or DMU errors occur.
Command Syntax:
SET DEFAULT path-name
SET PROTECTION uic- or rights-specification [qualifiers]
path-name [,path-name]...
SET [NO]ABORT
Additional information available:
ABORT
Use the SET ABORT command to ensure that execution of a series of DMU
commands aborts when one of the commands causes a DMU or CDD error.
If you specify SET ABORT, DMU stops processing a command file as soon
as one of the commands causes a DMU or CDD error.
Use the SET NOABORT command to ensure that execution of a command
file of DMU commands continues to completion, despite CDD or DMU
errors.
SET NOABORT is the default.
Command Syntax:
SET [NO]ABORT
DEFAULT
Use the SET DEFAULT command to temporarily set your default CDD directory. Only dictionary directories or subdictionaries can be used as default directories. Command Syntax: SET DEFAULT path-name
Additional information available:
parameters
path-name Specifies the default directory. You cannot use wildcards in the path name. If you are using a terminal of the VT200 family, you can use 8-bit characters in path names. Type "HELP specify path-name" for further information.
privileges
You need PASS_THRU at the target dictionary directory or subdictionary and all of its ancestors in order to set the default directory.
PROTECTION
Use the SET PROTECTION command to add entries to the access control list of each specified dictionary directory, subdictionary, or object. You can also use the SET PROTECTION/EDIT command to add, delete, and modify access control list entries. Command Syntax: SET PROTECTION uic- or rights-specification [qualifier] path-name [,path-name]...
Additional information available:
parametersprivilegesqualifiers
parameters
uic-specification Identifies the user identification criteria of the user[s] whose access control list entry you are modifying. You must specify at least one of the following: o /PASSWORD o /TERMINAL o /UIC o /USERNAME o /RIGHTS path-name Identifies the dictionary directory, subdictionary, or object owning the access control list you want to change. You cannot use any wildcards in the path name. If you are using a terminal of the VT200 family, you can use 8-bit characters in path names. Type "HELP specify path-name" for further information.
privileges
You need PASS_THRU and CONTROL at the target dictionary directory, subdictionary, or object to set protection.
qualifiers
Additional information available:
/AUDIT/BANISH/DENY/GRANT/PASSWORD/POSITION
/RIGHTS/TERMINAL/UIC/USERNAME
/AUDIT
Syntax:
/AUDIT [= (quoted-string [, quoted-string]...)]
/AUDIT=file-specification
/NOAUDIT
Use /AUDIT to create history list entries auditing the creation of
new access control list entries.
You can include explanatory text in history list entries in two ways:
o By including quoted strings. Enclose each quoted string in
double quotation marks, and enclose the series of strings in
parentheses. The parentheses are optional if you specify only
one quoted string.
o By specifying a file whose contents are to be included in the
history list entry. The file specification is a standard VMS
file specification, and the default file type is .DAT. You can
include no more than 64 input strings in a history list entry.
DMU ignores any excess.
With /NOAUDIT, no history list entries are created. The default is
/NOAUDIT.
/BANISH
Syntax:
/[NO]BANISH = privileges
/BANISH enumerates the privileges denied to the specified user(s) at
the current dictionary directory or subdictionary and all of its
descendants. /NOBANISH specifies the privileges that are not
banished. The specification of a privilege in /NOBANISH overrides
the specification of the same privilege in /BANISH.
The most common use for the combination of the two qualifiers is in
an example like "/BANISH=ALL/NOBANISH=(PASS,SEE)", where it is easier
to enumerate the privileges that are not to be banished than to do
the opposite.
Once banished, privileges cannot be granted further down in the
hierarchy.
Type "HELP specify privileges" for further information.
/DENY
Syntax:
/[NO]DENY = privileges
/DENY enumerates the privileges denied to the specified user(s) at
the current dictionary directory, subdictionary, or object. In
addition, denied privileges extend to descendants, but they can be
granted again at lower levels in the hierarchy. /NODENY specifies
the privileges that are not denied. The specification of a privilege
in /NODENY overrides the specification of the same privilege in
/DENY.
The most common use for the combination of the two qualifiers is in
an example like "/DENY=ALL/NODENY=(PASS,SEE)", where it is easier to
enumerate the privileges that are not denied than to do the opposite.
Type "HELP specify privileges" for further information.
/GRANT
Syntax:
/[NO]GRANT = privileges
/GRANT enumerates the privileges granted to the specified user(s).
/NOGRANT specifies the privileges that are not granted. The
specification of a privilege in /NOGRANT overrides the specification
of the same privilege in /GRANT.
The most common use for the combination of the two qualifiers is in
an example like "/GRANT=ALL/NOGRANT=(CONTROL,FORWARD,GLOBAL_DELETE)",
where it is easier to enumerate the privileges that are not granted
than to do the opposite.
Type "HELP specify privileges" for further information.
/PASSWORD
Syntax:
/PASSWORD = quoted-string
Use /PASSWORD to include a password in the user identification
criteria of an access control list entry. The quoted string can be
any string of printable characters other than open parenthesis [(],
close parenthesis [)], or period [.]. DMU translates lowercase
characters to uppercase. Enclose the string in double quotation
marks.
/POSITION
Syntax:
/POSITION = number
Use /POSITION to specify the relative position within the access
control list where you want to place the new entry. If you do not
specify the /POSITION qualifier, the default position is 1.
/RIGHTS
Syntax:
/RIGHTS = uic- or rights-specification
Use /RIGHTS to include user identification codes with the user
identification criteria of an ACL entry. You can specify any of
three alternative types of user identification code: a numeric UIC,
an alphanumeric UIC, or a rights identifier.
A numeric UIC consists of an octal group number and an octal member
number separated by a comma and enclosed by either square brackets
([]) or angle brackets (<>).
You can use the wildcard * in place of the group number to identify
all group numbers, and in place of the member number group to
identify all member numbers. A /UIC specification of [*,*] matches
all user identification codes.
An alphanumeric UIC consists of a single text string within brackets.
A rights identifier consists of a single text string which the system
manager has defined in the rights database to indicate all members of
a particular group.
/RIGHTS performs the same function as /UIC.
/TERMINAL
Syntax:
/TERMINAL = terminal-specification
Use /TERMINAL to include information about the terminal(s) in the
user identification criteria of an access control list entry.
The terminal specification can be any of the following:
o TTcn or TXcn -- a specific terminal number.
For example: /TERMINAL = TTA7.
o LOCAL -- terminals hardwired to the system.
For example: /TERMINAL = LOCAL.
o NON_LOCAL -- dial-up and remote terminals, and terminals
processing batch and network jobs.
For example: /TERMINAL = NON_LOCAL.
o BATCH -- terminals processing batch jobs.
For example: /TERMINAL = BATCH.
o NETWORK -- terminals processing network jobs.
For example: /TERMINAL = NETWORK.
/UIC
Syntax:
/UIC = uic- or rights-specification
Use /RIGHTS to include user identification codes with the user
identification criteria of an ACL entry. You can specify any of
three alternative types of user identification code: a numeric UIC,
an alphanumeric UIC, or a rights identifier.
A numeric UIC consists of an octal group number and an octal member
number separated by a comma and enclosed by either square brackets
([]) or angle brackets (<>).
You can use the wildcard * in place of the group number to identify
all group numbers, and in place of the member number group to
identify all member numbers. A /UIC specification of [*,*] matches
all user identification codes.
An alphanumeric UIC consists of a single text string within brackets.
A rights identifier consists of a single text string which the system
manager has defined in the rights database to indicate all members of
a particular group.
/RIGHTS performs the same function as /UIC.
/USERNAME
Syntax:
/USERNAME = string
Use /USERNAME to include a specific username with the user
identification criteria of an access control list entry.
/EDIT
Syntax:
SET PROTECTION/EDIT [qualifier] path-name
Use the SET PROTECTION/EDIT command to invoke the access control list
keypad editor.
Instead of using the SET PROTECTION command and typing the command
qualifiers for each access control list entry, you can edit the
access control list with the SET PROTECTION/EDIT command. This
allows you to see and test changes before you commit access control
list modifications.
The editor displays the access control list for the specified
dictionary directory, subdictionary, or object. You use the numeric
keypad to move the cursor and to modify access control list entries.
You may use the PF2 key (next to the GOLD key on the numeric keypad)
to display HELP text once you're in the screen editor mode.
NOTE: You may use this command only on VT52, VT100, and VT200
compatible terminals. You cannot use it on hardcopy terminals.
/AUDIT is the only qualifier you can specify in the command line of
SET PROTECTION/EDIT.