Previous Topic: VMTAPE MOUNT RuleNext Topic: VMTAPE MOUNT SYSTEM Rule


Description

With the VMTAPE MOUNT rule, you can control access based upon volume serial number or data set name. Scratch and foreign tape mounts can also be controlled. Rules for FOREIGN and SCRATCH are meaningful only when created at the system level or at the CA VM:Tape user level.

Without the CA VM:Secure interface, the CA VM:Tape MOUNT command can be issued by users only for tapes that they own, by users who know the data set name of your tape and any applicable password, and by users with ANYTAPE authorization.

Note: Users with ANYTAPE authorization in the VMTAPE CONFIG file can continue to mount tapes regardless of rules.

With the CA VM:Secure interface, users granted access by a VMTAPE MOUNT rule can mount other users’ tapes if they know the data set name and applicable password for the tape. If the rule allowing the CA VM:Tape MOUNT command specifies the LOGPASS option, the requesting user IDs must give their logon passwords when mounting tapes, and the requirement for the data set name and tape password is bypassed. If the rule allowing the MOUNT command specifies the NOPASS option, the requesting user IDs do not have to give a password or the data set name when mounting tapes.

MOUNT requests default to normal processing if no rules are defined to govern MOUNT attempts. The NORULE record in the SECURITY CONFIG file does not apply to CA VM:Tape requests.

Examples