[Info-vax] Creating an audit ACL/ACE
Jan-Erik Söderholm
jan-erik.soderholm at telia.com
Fri Aug 17 03:20:21 EDT 2018
We have one file for which I'd like to know when someone writes to it.
The System Security manual have this example:
$ SET SECURITY/ACL=(AUDIT=SECURITY,ACCESS=READ+WRITE-
_$ +DELETE+CONTROL+FAILURE+SUCCESS) CONFIDREVIEW.MEM
So I tried:
$ set security /acl=(audit=security,access=write) <the-file> /log
%SET-F-SYNTAX, error parsing ''
-SYSTEM-F-IVACL, invalid access control list entry syntax
$
I also notice that the manual says this before the example above:
"...RWOODS can add an entry to the existing ACL for the
file CONFIDREVIEW.MEM, as follows:"
So, is it correct that one cannot enter an audit ACE as the first
and only ACE/ACL? There have to be an ACL on that file before?
For differnt reasons there is no ACL before and I'd prefer not to
create any. Or if one can create one that no real effect...
I only want to know when someone or something *writes* to one specific
file. The readers are plenty and I do not need to see that.
Thanks, Jan-Erik.
More information about the Info-vax
mailing list