[Info-vax] Creating an audit ACL/ACE
DuncanMorris
duncanjmmorris at btinternet.com
Fri Aug 17 06:23:52 EDT 2018
On Friday, August 17, 2018 at 8:20:25 AM UTC+1, Jan-Erik Söderholm wrote:
> We have one file for which I'd like to know when someone writes to it.
> The System Security manual have this example:
>
> $ SET SECURITY/ACL=(AUDIT=SECURITY,ACCESS=READ+WRITE-
> _$ +DELETE+CONTROL+FAILURE+SUCCESS) CONFIDREVIEW.MEM
>
> So I tried:
>
> $ set security /acl=(audit=security,access=write) <the-file> /log
> %SET-F-SYNTAX, error parsing ''
> -SYSTEM-F-IVACL, invalid access control list entry syntax
> $
>
> I also notice that the manual says this before the example above:
>
> "...RWOODS can add an entry to the existing ACL for the
> file CONFIDREVIEW.MEM, as follows:"
>
> So, is it correct that one cannot enter an audit ACE as the first
> and only ACE/ACL? There have to be an ACL on that file before?
>
> For differnt reasons there is no ACL before and I'd prefer not to
> create any. Or if one can create one that no real effect...
>
> I only want to know when someone or something *writes* to one specific
> file. The readers are plenty and I do not need to see that.
>
> Thanks, Jan-Erik.
You need one of FAILURE/SUCCESS on the command
set security /acl=(audit=security,access=write+success) <file>/log
More information about the Info-vax
mailing list