(PYVMS LOGO) Python on OpenVMS

(go to: table of contents, index, list of vms_sys, prev: SET_RESOURCE_DOMAIN, next: SHOW_INTRUSION)


SET_SECURITY - Set Security Characteristics


Sets the security characteristics of an object.

vms_sys.set_security() does _not_ raise an exception when the SYS$SET_SECURITY routine returns an error. You must check 'status' in the dictionary that is returned.

Format:

    dict = vms_sys.set_security \
                  ([clsnam], [objnam], [objhan], [flags], \
                   [itmlst], [contxt] ,[acmode])
Returns:
dict
A dictionary that has the following keys:
'status'
the condition value returned from SYS$SET_SECURITY.
'contxt'
the context value if and only if the 'contxt' argument was specified.

It is only put into the dictionary, when SYS$SET_SECURITY returns a success status.

Arguments:
clsnam
Name of the object class. E.g.: "FILE" or "QUEUE". Please see the system services reference manual for a complete list.
objnam
Name of the protected object whose associated security profile is going to be changed. See the system services reference manual for details.
objhan
"object handle" - this is a Python (32-bit) integer. Please see the system services reference manual for how this is passed.
@@ Argument not tested.
flags
Mask specifying processing options. Symbolic names (OSS_M_name) are available in module 'vms_ossdef'.
itmlst
Item list specifying which information about the object(s) is to be modified.
contxt
Value used to maintain the processing context when dealing with a single protected object across multiple vms_sys.get_security() or vms_sys.set_security() calls.

Don't forget to release the context after use - see the examples section below.

acmode
According to the documentation, this argument should not be used.

No tests have been done with profile related item codes. Be aware that this system service is not very good documented (I have filed a complaint) and it does not fill in the returned length of several items. That is the reason that several 'converter functions' are defined in file VMSDEF_$OSSDEF.DAT

Examples:

$ copy _NLA0: ACL.DAT
$!
$ directory /acl ACL.DAT

Directory DKA100:[PYTHON.PYTHON-1_5_2.VMS]

ACL.DAT;1

Total of 1 file.
$!
----------------------------------------

----- set a simple ACE

>>> import vms_sys

>>> acetxt = '(IDENTIFIER=[1,4],ACCESS=EXECUTE+DELETE)'
>>> status, errpos, acestr = vms_sys.parse_acl (acetxt)
>>> print vms_sys.getmsg (status) [0]
%SYSTEM-S-NORMAL, normal successful completion
>>> 
>>> # do not use a simple print!
>>> print repr (acestr)
'\014\001\000\000\014\000\000\000\004\000\001\000'
>>>
>>> flags  = 0
>>> itmlst = (('OSS$_ACL_ADD_ENTRY',acestr),)
>>> dict = vms_sys.set_security ('FILE', 'ACL.DAT', None, \
...                              flags, itmlst, None)
>>>
>>> status = dict.get ('status')
>>> print vms_sys.getmsg (status) [0]
%SYSTEM-S-NORMAL, normal successful completion
>>>

$ directory /ACL ACL.DAT

Directory DKA100:[PYTHON.PYTHON-1_5_2.VMS]

ACL.DAT;1
          (IDENTIFIER=[G1,SYSTEM],ACCESS=EXECUTE+DELETE)

Total of 1 file.
$

----- change owner UIC of file

$ set FILE /OWNER= [2,5] ACL.DAT
$ directory /OWNER ACL.DAT

Directory DKA100:[PYTHON.PYTHON-1_5_2.VMS]

ACL.DAT;1            [2,5]

Total of 1 file.
$

>>> import vms_sys
>>>
>>> flags  = 0
>>> uic    = 0x30006	# [3,6]
>>> itmlst = ( ('OSS$_OWNER',uic),)
>>>
>>> dict   = vms_sys.set_security ('FILE', 'ACL.DAT', None, \
...                                flags, itmlst, None)
>>>
>>> status = dict.get ('status')
>>> print vms_sys.getmsg (status) [0]
%SYSTEM-S-NORMAL, normal successful completion
>>>

$ directory /OWNER ACL.DAT

Directory DKA100:[PYTHON.PYTHON-1_5_2.VMS]

ACL.DAT;1            [3,6]

Total of 1 file.
$

(go to: table of contents, index, list of vms_sys, prev: SET_RESOURCE_DOMAIN, next: SHOW_INTRUSION)

19-JUL-1999 ZE.