Ownership and security – HP Integrity NonStop J-Series User Manual
Page 76
OSS File Synchronization
HP AutoSYNC User’s Guide—522580-017
5-6
Ownership and Security
Modification Timestamp of Symbolic Links
, TIMEEXACT is
ignored for symbolic links.
•
The RENAMEOPEN option is not supported for OSS files. If a destination file is
open at the time of the synchronization, it will not be synchronized but a warning is
written to the log file and synchronization continues with the next file or directory.
The BACKUP[INFILE] for OSS file sets is an entry-sequenced file that contains the
names of the files and directories to be synchronized in addition to internal file
information. Specify the
option to preserve this file for
debugging purposes.
Ownership and Security
AutoSYNC propagates the standard file and directory security.
Unlike Guardian, OSS does not allow AutoSYNC to "give" ownership of files to another
user, or to set the group ID to another group, unless the user is SUPER.SUPER. The
user always becomes the owner of the files on the destination file set, unless the user
is SUPER.SUPER. This means each user can only synchronize their own files unless:
•
The user is SUPER.SUPER. The Super ID always has permission to synchronize
files for other user IDs.
•
option OWNER is specified and the
user is the same as the specified owner or, the OWNERGROUP is specified and
the group ID is the same as the specified owner. In these cases the destination
files are all owned by the user. If the OWNER option is omitted and the files are not
owned by the user, an error 4001, permission denied, is returned. Likewise, if the
OWNERGROUP is omitted and the group ID is not the group ID of the user, an
error 4001, permission denied, is returned.
The security of the destination file or directory is the same as the source file or
directory, except for WRITE access. WRITE access on the destination files is set to
allow subsequent synchronizations, much like PURGE security for Guardian files.
(There is no PURGE security for OSS files.) If the user is the owner of the source file
or directory but did not have WRITE access to the source file set, WRITE access on
the destination OSS files is set as follows:
•
If the user is not SUPER.SUPER (255,255), WRITE access is granted for the
destination file. AutoSYNC applies the equivalent of Guardian purge security rules
to OSS WRITE security.
•
If the user is SUPER.SUPER (255,255), WRITE security is not upgraded and
remains the same as the source file security setting because the SUPER.SUPER
user always has the required WRITE access.
You may use the SECURE option to override the default security setting.