RULES Command

Reference Guide › Command Reference › RULES Command

RULES Command

The RULES command edits rules in the rules database. You must have the Rules Facility installed to use this command.

RULES ["Parms"]

Parms:

  USER [("UserOpts"]
| GROUP [("RuleOpts"]
| SYSTEM [("RuleOpts"]

UserOpts:

[ERASE]
[HELP]

RuleOpts:

[DEFAULT]
[ERASE]
[HELP]

Definitions

[GROUP [groupname]]

Modifies rules for your own security group as specified on the ACIGROUP statement in your directory entry. If you specify groupname, the command modifies rules for that security group instead.

If you use the default authorizations supplied by CA VM:Secure, you must be a security group manager or a system administrator to use the GROUP parameter.

[SYSTEM]

Modifies the system‑wide rules. If you use the default authorizations supplied by CA VM:Secure, you must be a system administrator to use this parameter.

[USER [userid]]

Modifies user rules. If you specify a user ID, the command modifies rules for that specified user ID; if you do not specify a user ID, the command modifies rules for your own user ID.

[DEFAULT]

Modifies the default rules for a security group or for the system. This option is valid only with the GROUP or SYSTEM parameter.

[ERASE]

Deletes the rules file.

[HELP]

Displays a file named RULES HELPINFO on your terminal. After the help file is typed, you are placed in an XEDIT session of the appropriate rules file.

Description

The RULES command creates or deletes a file in the rules database or invokes XEDIT for updating existing rules.

The following table explains the kinds of rule to use to control various functions.

To control:	Create this kind of rule:
Other users’ access to your virtual machine and minidisks	AUTOLOG, COUPLE, DIAL, LINK, LOGON, LOGONBY, SPOOL, TRANSFER, or XAUTOLOG
CP commands at the system level	STORE or TAG
CA VM:Secure GROUP command	MEMBER
CA VM:Tape commands	CATALOG, LIST, or MOUNT
CA VM:Schedule commands	CANCEL, QUERY, or SCHEDULE

You can add the edit special comment (*ED=) to any rules file. This statement contains the following information about the last update performed on a rules file: date, time, user ID performing the update, and the name of the CA VM:Secure macro invoked for the last update.

If all rules are removed from a rules file, CA VM:Secure erases the rules file. Any comments that you put in the file will be lost.

CA VM:Secure treats XAUTOLOG rules as AUTOLOG rules. All AUTOLOG rules apply to the CP XAUTOLOG command.

Examples

To create rules that govern your own user ID and the minidisks you own, enter:
```
vmsecure rules
```
This command puts you in XEDIT in your user rules file. You can then enter a rule such as:
```
accept kelso link
```
This rule allows user ID KELSO to link to all of your minidisks. If one of your minidisks has a link password other than ALL, the requesting user ID must enter the password.
To erase your rules file, enter:
```
vmsecure rules (erase)
```