VMTAPE MOUNT Rule

Rules Facility Guide › Rules Reference › VMTAPE MOUNT Rule

VMTAPE MOUNT Rule

Use the VMTAPE MOUNT rule to control who can mount a tape

{ACCEPT | REJECT} requester VMTAPE MOUNT "Parms" [access] [("Options"]


Parms:

{DSN dsname | VOLUME {volser |FOREIGN | SCRATCH}}


Options:

[DAY dayname[‑dayname]]
[EXPIRE mm/dd/yy [hh:mm:ss]]
[GROUP]
[LOGPASS | NOPASS]
[TIME hhmm hhmm]

Definitions

{ACCEPT | REJECT}: Accepts or rejects the CA VM:Tape MOUNT request controlled by this rule.
requester: Defines the set of requesting user IDs this rule is to govern. When specified without the GROUP option, requester is a user ID. Enter an asterisk (*) for requester to specify all user IDs. When specified with the GROUP option, requester is the name of a security group. Enter an * for requester to specify all user IDs in all security groups.
DSN dsname: Specifies that the rule applies to any tape volume that the targetid owns with the data set name dsname in the CA VM:Tape TMC. The software issues the request based on DSN regardless of which volume the DSN resides on. Users requesting mounts by DSN owned by other users must also have OWNEDBY authority in the VMTAPE CONFIG file. You can use an asterisk (*) for dsname to specify all data set names.
VOLUME {volser | FOREIGN | SCRATCH}: Specifies the tape volume to which the rule applies. The volser variable lets you specify tapes by volume serial that you want to be accepted or rejected from being accessed. You can use an asterisk (*) for volser to specify all volumes for a user, a group, or the system, depending on which rule file the rule is defined in. FOREIGN specifies all foreign tape volumes (tapes not listed in the TMC). SCRATCH specifies all scratch volumes owned by the CA VM:Tape service virtual machine. The FOREIGN and SCRATCH options are effective only when specified in the user rules for the CA VM:Tape service virtual machine or at the system level.
[access]: Defines the type of tape mount access to which the rule is to apply. Valid values are READ, WRITE, and asterisk (*). A rule with an access value of * or WRITE applies to both read and write mounts. A rule with an access value of READ applies only to read mounts. The default access type depends on the type of rule: the default access for an ACCEPT rule is for read mounts; the default access for a REJECT rule is for read and write mounts.
[LOGPASS]: Causes the system to prompt for and verify the requesting user ID’s logon password. Existing tape passwords and the data set name are not required by the user ID issuing the CA VM:Tape MOUNT command.
[NOPASS]: Specifies that password verification is bypassed. Existing tape passwords and the data set name are not required by the user ID issuing the CA VM:Tape MOUNT command. Specify NOPASS if you want this VMTAPE MOUNT rule to govern. If you want CA VM:Tape to do its own security checking, omit the NOPASS parameter.

Note: The DAY, EXPIRE, GROUP, and TIME options are explained in Common Rule Options.