Chapter 4 - Managing Data Security

Overview of Data Security

This chapter discusses managing data security on a VINES network. For information about managing security on StreetTalk for Windows NT file services, refer to Managing StreetTalk for Windows NT Services.

VINES support for multiple operating systems includes the ability to protect data by setting access rights on directories (called folders in the Macintosh world) and files created under the different file systems. While the Macintosh file system has its own access rights scheme, the file system used by the DOS and OS/2 operating systems, called the FAT (File Allocation Table) system, does not. The VINES File System (VFS) supports both the native Macintosh access rights scheme, adds file-level ARLs for Macintosh users, and provides a VINES access rights scheme for operating systems like DOS and OS/2, that do not have one.

The SETARL program lets you display access rights lists (ARLs) for directories and files from both the VINES File System perspective and the native Macintosh perspective. These perspectives are known as views. You can edit and save an ARL from any one view. This chapter explains access rights lists under the different file systems and how to set them using the SETARL program.

Types of Access Rights Lists

Each directory has two Access Rights Lists (ARLs): the Directory ARL, which specifies access rights for the directory itself and for new subdirectories created in that directory; and the ARL for new files, which specifies the rights that each new file created in that directory will inherit. Both ARLs appear in the same Set Access Rights menu.

In addition, each ARL applies to a Primary List and an Extended List. The Primary List exists for every directory and file and contains three entries: Owner, Group, and World. The Extended List is an additional list that you create. You can enter up to five StreetTalk names of individuals or StreetTalk lists. These two lists are explained in more detail later in this chapter.

Figure 4-1 shows the Primary List of a sample ARL for the root directory of a file service.

Figure 4-2 shows the Extended List for the root directory of the file service.

Each file has only one File ARL that specifies the access rights for that file. Like directory ARLs, a File ARL has both a Primary List and an Extended List.

Figure 4-3 shows the Primary List of a sample ARL for the file CHAP01.DOC, on network drive F, in directory BOOK2.

Figure 4-4 shows the Extended List for the file's ARL.

The following sections explain the information in the Set Access Rights menu. Refer to Figures 4-1 through 4-4 as you read them.

File System Views

The SETARL menus provide two pieces of information called "Saved View" and "Current View." In addition, the F4 function key lets you display the "Next View." The Saved View is the view that was last edited and then saved; the Current View is the view displayed on the screen. In the SETARL program, view refers to the file system whose access rights scheme you are reading, editing, copying, or testing. Figures 4-1 through 4-4 display the VINES File System's access rights scheme, as reflected in the "Current View" field. In addition, the ARLs were last saved from the VINES view ("Saved View").

ARLs can be displayed, edited, copied, and saved from any one of three file system views:

	VINES view
	Macintosh view
	UNIX view

The VINES view is for native operating systems that do not have their own ARL scheme, such as DOS and OS/2. The UNIX view is for VINES Toolkit users only. See Appendix A of this book for details.

Before you can edit or copy an ARL from a particular view, you must display that view. To change the view currently displayed, press F4. The views alternate between VINES and Macintosh. Both views appear by default.

To request a particular view or to limit the views that can appear, use the DOS SET command with the environment variable VIEWS= and the arguments V (VINES) or M (Macintosh). Use this command at the DOS command line before entering the SETARL program to control a single session with SETARL. Or, place SET VIEWS in a user profile to set up your own default views for every VINES session.

For example, the command:

SET VIEWS=M

specifies that only the Macintosh view be displayed. Use this example if your file service supports only Macintosh users.

Once the VIEWS environment variable is set, the program returns error messages when you attempt to display a view that has not been set. Using the example above, if you try to display the VINES view (using the /VIEW switch with the SETARL command), you will receive an error message because the view you requested is not enabled with the environment variable.

Saved View

Because you can save an ARL from different file system views, the Saved View is very important. User access to directories and files is determined by the rights granted in the view that is saved. If you save from the VINES view, VFS checks the ARL in a particular order and grants the user access based on the first match between the user name and the ARL. This is true for DOS, Windows, OS/2, and Macintosh users. For example, if the user name is in the group named in the Group field, then the user has the access granted to the group.

However, if you save from the Macintosh view, the resulting access rights for a Macintosh user are determined in the same way as AppleShare access rights. When verifying access, AppleShare compares the user name against the Owner, Group, and World fields. If the user name matches two or three fields, then the user has a combination of the access rights granted to those named in the fields. For example, a user name matches the Group and World fields. If World has See Folders, See Files, and Make Changes access and Group has only See Folders and See Files access, the user has See Folders, See Files, and Make Changes access. The user's access rights are a combination of the rights granted to Group and World.

The last saved view is also important when backing up and restoring directories and files. The ARLs must be restored from the same view in which they were set so that they are interpreted in the same way.

Access Rights Lists

The lower part of the Set Access Rights menu displays the Primary and Extended access rights lists (ARLs) for a directory or file that you specify. Figure 4-1 and Figure 4-3 show the Primary Lists for a directory and a file.

Note: Although a user name or list name already exists in an Access Rights List (ARL), the SETARL program still allows the same entry to be made. Even if the original user has been deleted from the system, if that user name is still on the ARL, you can enter a duplicate name.

The only true default ARL is that of a root directory of a file service. If you create the file service and the directories for your users, you must edit the ARLs of the root directory and of the user directories so that your users have appropriate access to their directories.

To edit these ARLs, use the SETARL program. This program provides tools for:

	Viewing and editing ARLs from different file system views
	Adding, deleting, and changing names and access rights in the Primary and Extended Lists
	Copying ARLs
	Testing access of a particular user to a selected directory or file

Before you begin editing, you should understand the Primary and Extended Lists and the access rights that you can grant or deny under the different file system views. The following sections explain the Primary and Extended Lists and the access rights.

Changing Access Rights Lists on 4.x File Services from 5.x Clients

If you use the 5.x SETARL command on a 4.x file service and you are not on the ARL but are on the AdminList of the service's group, it will appear that you have no rights on the service. For example, if you select Edit Current ARL and then use F5 to test your access, you receive the following result:

No access entries apply - user has no access.

However, because you are on the group AdminList, you can change the ARL.

Changing Access Rights Lists on 5.x File Services from 4.x Clients

You cannot change the ARLs on a 5.x file service from a 4.x client, even if you have C (Control) access on the ARL or are an administrator of the group. If you attempt to do so, you receive the following error message:

** Error code 14 **

To change the ARL, use a 5.x DOS or OS/2 client.

Primary List

The Primary List exists for every directory and file and contains the following entries:

Owner Field

When a file service is created, the Owner field of the ARL for the root directory of the file service displays the StreetTalk name of the person who created the file service.

The Owner must be an individual or a file service. You cannot use a StreetTalk list in this field. After a file service has been created, the Owner of new subdirectories and files is determined by the file system in which subdirectories and files are created and by the inheritance rules selected.

Every ARL must have an Owner. If you leave this field blank, the system returns an error message when you attempt to save the ARL.

For example, if you create a file service while logged in as Admin@Mkt@WCTUS, Admin@Mkt@WCTUS appears in this field as the Owner of the root directory of that file service. As the administrator, you must create directories within the file service for other users and grant those users sufficient access to the root directory so that they can see their directories. Depending on the file security required, you could change the Owners of the user directories to be the users, or you could add the users to the Extended List and assign appropriate access rights.

Owner Rights

The Owner of the root directory of a file service has all access rights by default. Depending on how this Owner sets up the ARLs for new subdirectories and files, subsequent Owners may or may not have all rights. However, because, by definition, an Owner can always change the access rights (Control access in the VINES view), the Owner can give him/herself other access rights.

Note that if you try to remove the Owner's right to change access rights, the system beeps and displays an error message. When setting up ARLs, keep in mind that those people on the AdminList of the group in which the file service is created can change the ARL.

If you have upgraded your VINES network to revision 5.xx, the Owner is the file service; anyone on the AdminList of the file service can change the ARL.

Group Field

By default the Group of a new file service is that of the Owner, and represents everyone in the Owner's StreetTalk group. To continue with the above example, the Group would be *@Mkt@WCTUS. The Item portion of the Group field is always *. You can leave this field blank, or you can enter the name of another group or a StreetTalk list.

Be careful when selecting a StreetTalk list for this field. For best performance, do not select lists that contain either templates (entries that use wildcards) or other StreetTalk lists.

If you have upgraded your VINES network to revision 5.xx, the Group is any group, not the group of the file service. Anyone on the AdminList of the file service can edit the ARL and change this field.

Group Rights

After you create a file service, the Group of the Owner has no access rights to the root directory of the file service. In addition, after upgrading to revision 5.xx, any group has no access rights to the file service and its contents.

Note that if you change the access rights of the Group in the Get Privileges menu at a Macintosh client, the changes are reflected here.

World Field

This field is always *@*@*. You can change the access rights granted to World, but you cannot edit the field name.

World Rights

By default World does not have any access rights to the root directory of a file service.

Macintosh

If you have enabled Macintosh Guest login, users logging in as Guest from a Macintosh have the access rights shown in the World field.

Extended List

The Extended List is empty by default. Depending on your file security needs, you can enter up to five verifiable StreetTalk names of individuals or five StreetTalk Lists in the Extended List.

Note: Even though a user name or a list name already exists in an Access Rights List (ARL), the SETARL program still allows you to make the same entry. Even if the original user has been deleted from the system, if that user's name is still on the ARL, you can enter a duplicate name.

Be careful when selecting StreetTalk lists for the Extended List. For best performance, do not select lists that reside on remote servers or lists that reference either items or other lists on remote servers.

Figure 4-2 and Figure 4-4 show the Extended Lists for the Directory and File ARLs.

Note: When searching for a StreetTalk name, you can use patterns such as Bob*@*@WCTUS to find all the people named Bob in every group in the organization. This flexibility in the use of patterns is not available in access rights lists. In ARLs, you can use a wildcard character (*) only as a placeholder for the entire Item or for both the Item and Group. You cannot use a wildcard character as a placeholder for part of the Item, Group, or Organization name. You also cannot have a specific Item, and then a wildcard for the group.

For example, you could use "*@Mkt@WCTUS" to put everyone in the Mkt group in the organization WCTUS on the list. However, you could not use "Bob*@Mkt@WCTUS" to put multiple people named Bob in the group Mkt on the list. In addition, you could not use Bob Harris@*@WCTUS.

The Extended List is controlled by a maximum rights mask, called "Maximum Rights" in the menu. The Maximum Rights settings effectively "cover up," or mask the settings in the Extended List. The rights set in this line dictate the maximum possible rights that anyone in the Extended List may have - in spite of what the settings next to the StreetTalk name may be. For example, the users designated in the Extended List may each have been granted Write access to a file. If Write access is denied in the Maximum Rights line, then none of those users will have Write access.

Use Maximum Rights to temporarily grant or deny access to the entire Extended List. For example, if you want the people on the Extended List of a file to be unable to access that file temporarily, change the maximum rights to no access (that is, all - in the fields). Later, change the rights back so that the access granted to the users in the list is restored.

Inheritance Rules

Inheritance rules are the rules of a file system that determine what protection new directories and files have when they are created. The VINES and Macintosh file systems each have a set of inheritance rules. You can choose between them using the SETARL program.

In the Macintosh view of the SETARL menu, the question "Macintosh clients inherit using VINES rules?" asks you to decide if you want new subdirectories and files to inherit access rights following rules of the VINES File System or rules of the Macintosh file system. In the VINES view, you do not have a choice; VINES rules are assumed. In the Macintosh view, however, you can choose between VINES rules or the Macintosh rules. What you select determines what access rights new folders and files created from the Macintosh file system receive. By default folders and files created from a Macintosh inherit using Macintosh rules.

Note that you can change the inheritance rules independently from the view in which you save an ARL. For example, you may want to save the ARL from the VINES view. While editing the VINES view, you can display the Macintosh view and change the inheritance rules. To save the change to the inheritance rules, return to the view from which you selected the EDIT command and press F10.

VINES Rules

The inheritance rules for the VINES File System are summarized below:

	New subdirectories inherit both the directory and new file ARLs of the parent directory.
	New files inherit access rights according to the parent directory's new file ARL.
	When a new file or directory is created, the names and access rights in both the Primary and Extended Lists are copied to the ARL of the new file or directory.

Macintosh Rules

Folders created in a Macintosh file volume have the following default access privileges:

	Owner is the person who created the folder and has complete access (See Folders, See Files, and Make Changes).
	Group is the group of the creator of the folder (Owner). The individuals in that group have no access privileges.
	World, which is all users on the network, has no access privileges. On the Macintosh desktop, this field is called "Everyone."

The Owner is the only one who can change these privileges and can do so at any time.

New files are governed by the parent folder's access privileges settings. In addition, files can be "locked" under Macintosh, which means that a file cannot be moved, copied, or renamed.

VINES Rules or Macintosh Rules

Three differences exist between using VINES inheritance rules and using Macintosh inheritance rules:

1. By selecting VINES rules, you can maintain sole control over the file service, regardless of which workstation types access the service.

2. How files inherit access rights, or privileges, as they are called on the Macintosh desktop, differs as follows:

- If you select VINES rules, new files will be protected by the New File ARL of the parent folder. Depending on how the ARL is set up, the New File ARL may differ from the ARL of the parent folder.

- If you select Macintosh rules, new files will be protected by the access privileges assigned to the parent folder.

3. Under VINES rules, new folders inherit the exact same ARL that has been assigned to the parent folder. The Owner and Group are the same, no matter who creates the new folder. Under Macintosh rules, if the creator of the folder is not the Owner of the parent folder, the Owner of the new folder will differ from the Owner of the parent folder.

Example Selecting Inheritance Rules

Anna Meier creates the first folder of a file volume; she is the Owner of that folder. If she adds John Stevens to the Extended List of that folder and assigns him See Folders, See Files, and Make Changes rights, John can create a new folder in that file volume. If VINES rules are in effect, Anna Meier is the Owner of any new folder John creates and John cannot change the access privileges on his folder. If Macintosh rules are in effect, John owns any new folder he creates and can change the access privileges.

Changing ARLs on 4.x File Services from 5.x Clients

If you use the 5.x SETARL command on a 4.x file service and you are not on the ARL but are on the AdminList of the service's group, it will appear that you have no rights on the service. For example, if you select Edit Current ARL and then use F5 to test your access, you receive the following message:

No access entries apply - user has no access.

However, because you are on the group AdminList, you can change the ARL.

Changing ARLs on 5.x File Services from 4.x Clients

You cannot change the ARLs on a 5.x file service from a 4.x client even if you have C (Control) access on the ARL or are an administrator of the group. If you attempt to do so, you receive the following error message:

** Error code 14 **

To change the ARL, use a 5.x DOS or OS/2 client.

Defining Access Rights

The sets of access rights or privileges that are displayed with the lists depend on the view and the directory or file selected. In the VINES view, the access rights are not cumulative. For example, if you have Control access to a file, that access does not automatically give you Write access. Write access must be assigned separately.

In the VINES view, directories have two ARLs, the ARL for the directory itself and the ARL for new files created in the directory. When VINES inheritance rules are in effect, new subdirectories created in a directory inherit both of these ARLs.

VINES View Access Rights for a Directory

In the VINES view, the ARL of a directory contains the following access rights:

Control (C)

Lets users change access rights, including changing the Owner and Group. Note that Control access cannot be taken away from the Owner.

Search (S)

Lets users search for all the file and directory names in a directory. Also gives users access to the attributes of the directory and the files and subdirectories in it. Users must have this right to be able to open files in a directory.

Read (R)

Lets users see all the names of the subdirectories and files in a directory.

Write (W)

Lets users create, rename, and change the attributes of subdirectories and files within a directory, as long as they also have Search access to the directory.

Delete (D)

Lets users delete subdirectories and files from the directory, as long as they also have Search access to the directory.

VINES View Access Rights for a New File

In the VINES view, a New File ARL for a directory and a File ARL contain the following access rights:

Execute (E)

If the file is an executable file, lets users run the program in the file.

Read (R)

Lets users open a file for reading only. Unless users also have Write access to the file and Read access to the parent directory, they cannot save, delete, or make changes to the file.

Write (W)

Lets users open a file for writing. Users can save the file with or without changes.

DOS Execute (E) Right for Files

The Execute access right, which is available on the SETARL screen as E, applies only to DOS clients. It is not intended for OS/2 or Macintosh clients. For example, if you set the Execute right on a file, a DOS client can read the file, but an OS/2 client cannot because OS/2 does not specify execute access to the file system.

To produce an effect of Execute Only on a DOS file, use SETARL to set the Execute right and nothing else.

Note also that on the SETATTR screen, the Execute Only setting in the VINES View has no affect at all on a 5.x file, regardless of whether the client is a DOS, OS/2, or Macintosh client. The command-line version (SETATTR ±EO) also has no effect on a file, although the command seems to work. However, the SETATTR ±EO command on a 4.x file does affect the Execute mode of the file.

Macintosh View Access Rights

In the Macintosh view, the ARL of a folder (directory) contains the following access rights:

See Folders (SFo)

Lets users open a folder and see the folders within it. Users cannot open any files within that folder. In addition, users must have See Folders access to the folders within that folder to open them. See Folders also lets users use the folder name as a component in a path name.

See Files (SFi)

Lets users open the files within a folder for reading, but they cannot make any changes.

Make Changes (MC)

In combination with See Files, this privilege lets users create, delete, rename, and change attributes of files in the folder. In combination with See Folders, this privilege lets users create, delete, rename, and change attributes of folders within the folder.

With only this privilege on a folder, a user can create a file and then open it for writing only if it is empty.

A folder with only Make Changes access is called a drop box. From the Macintosh desktop, a user can drag a file or folder (with or without files in it) into a drop box, but afterwards, the user cannot open the drop box folder to see the dropped file or folder.

Even though Macintosh does not support access rights for files, VINES does. Only the See File (SFi) and Make Changes (MC) access rights appear in the Macintosh view of a folder's ARL for new files. You cannot edit the new file ARL of a folder. However, you can display the ARL of a file and edit it. To edit the ARL of a file, you need See Files on the parent folder, but you do not need See Files on the file.

By itself, See Files lets a user open the file for reading only. By itself, Make Changes lets a user open a file for writing only. The combination of See Files and Make Changes lets a user open a file, modify and store it, and delete the file.

Verifying Access

When a user attempts to access a directory or file, VFS checks the ARL of the directory or file. The order in which VFS checks the ARL is as follows:

1. Owner (Primary List)

2. Item@Group@Organization (An individual name in the Extended List)

3. Group (Primary List)

4. *@Group@Organization (A group name or a StreetTalk list in the Extended List)

5. *@*@Organization (All individuals in an Organization in the Extended List)

6. World (Primary List)

Note that the order of entries in the Extended List becomes important when a user's name is in two different StreetTalk lists, in two different groups, or in a group and a list. The user has the access rights granted to the first group or list name in the Extended List. If the user is in the Primary List's group and in a group or StreetTalk list in the Extended List, the user has the access rights granted to the Primary List's group.

Example User Name on Two StreetTalk Lists

Sara Fox@Mkt@WCTUS is a member of two lists, Writers@Mkt@WCTUS and Newsletter@Mkt@WCTUS. An administrator grants those on the list Writers@MktWCTUS only Search and Read access to a directory, and those on the list Newsletter@Mkt@WCTUS Search, Read, Write, and Delete access. If the list Writers@Mkt@WCTUS precedes the list Newsletter@Mkt@WCTUS on the Extended List of the ARL, Sara has only Search and Read access to the directory. If the opposite is true, Sara has Search, Read, Write, and Delete access.

Command Summary

For both directories and files, the following commands are available in all views. These commands are explained in more detail later in this chapter.

Change Path

Lets you display the ARL of a different directory or file. When you select this command, a data entry screen appears. You can enter the path name or press F5 to select from a list. If the directory or file is in the current directory, you can enter just its name. If not, enter as much information as necessary. For example, to change to the directory REPORTS on network drive H, enter H:\REPORTS.

Edit

Lets you make changes to the ARL displayed in the lower part of the menu. The editing keys are explained in the help screen available after you have selected the command.

Copy ARL to Target

Lets you copy the displayed ARL to the ARL of one or more other directories or files. Note that you cannot copy a file ARL to a directory ARL.

Copy ARL from Source

Lets you copy from the ARL of another directory or file to the displayed ARL. Note that you cannot copy from a file ARL to a directory ARL.

For both Copy commands, you can copy the following ARLs:

Test Access

Lets you test the access rights settings for a particular user. When you select this command, a separate menu appears. You enter the StreetTalk name of a user, and the program displays the results. For a more powerful test, use the Test User Access option in the VFILES Main Menu. This test shows not only the access rights but also the attributes that are ON and if the user is an administrator of the file service. See the chapter on managing VINES file services in Managing VINES Services for details on using the VFILES menu and this option.

Setting the File System View

Before you access the SETARL program, decide which view you require. By default the VINES file system view appears when you enter SETARL without the /VIEW switch. You can use the /VIEW switch each time you access the program.

If you always want to display the same view, use the DOS SET command and the environment variable VIEWS to set up the view you and your users need in your user profiles or in a batch file that you create.

The format for this command is:

SET VIEWS=[file_system_view]

where [file_system_view] may be V (VINES, which in SETARL indicates DOS and OS/2) or M (Macintosh).

SETATTR and SET VIEWS=

The SETATTR (Set Attributes) program also uses this environment variable. The views applicable for SETATTR are DOS (D) and Macintosh (M). The VINES view in SETATTR is a cumulative one and is always displayed with the DOS or Macintosh view. By default you can see both DOS and Macintosh views.

SETARL and SET VIEWS=

The SETARL program looks for the environment variable before displaying the Set Access Rights menu. If you have not set the variable, the program lets you access the VINES and Macintosh file system views.

When you enter the SETARL command at the DOS prompt, SETARL displays the VINES view by default if you have not used SET VIEWS. If you have set the environment variable to one view, the program displays only that view and acts as if the other views do not exist. The next section explains how to access the SETARL program in more detail.

If you want to limit the views for both SETARL and SETATTR programs simultaneously, use the combination SET VIEWS=V,D to display only the VINES view in SETARL and only the DOS view (with VINES) in SETATTR. See Chapter 5 for details on the Set Attributes program.

Accessing the SETARL Program

Accessing the SETARL program depends on where you are and what you want to do:

	If you are at the DOS command line and want to manage the access rights lists, the quickest way to enter the SETARL program is to use the SETARL command from DOS. See the next section, "From DOS."
	If you have just created a file service and have the Control a Service menu displayed, the quickest way to enter the SETARL program is to select the Manage Files command.

The system automatically sets the service to an available network drive and then displays the VFILES main menu. When the VFILES main menu appears, the current path is the root directory of the new file service.

From the VFILES main menu, you can create directories for users and applications and then set up the access rights lists for them. To manage the access rights, select the Set Access Rights option in the VFILES main menu. See the section, "From MSERVICE or OPERATE."

If you are managing a file service from the OPERATE or MSERVICE programs, the quickest way to the SETARL program is to display the Control a Service menu and select the Manage Files command to display the VFILES menu.

If the file service is not already set to a drive, the VFILES program automatically assigns the file service to an unused drive and then displays the VFILES main menu. If the file service is already set to a drive, the VFILES main menu appears immediately.

When the VFILES Main Menu appears on your screen, the current path is the root directory of the file service. To manage the access rights, select the Set Access Rights option in the VFILES Main Menu. See the section, "From MSERVICE or OPERATE."

For details on using the VFILES Main Menu, see the chapter on managing file services in Managing VINES Services.

From DOS

At the DOS prompt, enter the SETARL command, using the switches as needed:

SETARL [DOS pathname] [/VIEW:file_system] [/H]

where [DOS pathname] is the complete DOS path name of the directory or file whose access rights list you want to manage. If you omit a path name, the program assumes the current directory.

If you do not specify the /VIEW switch, the SETARL program displays the VINES view or the view last saved. Or, if you have used the SET VIEWS command to limit the file system views available to one view, the SETARL program displays that view.

If you have not used SET VIEWS or if you have requested that more than one view be available, enter /V:M to display the Macintosh view.

The [/H] switch provides a brief description and a usage statement for the SETARL command.

From MSERVICE or OPERATE

To access the SETARL program from the MSERVICE program:

1. At the DOS prompt, enter MSERVICE and the name of the file service.

2. At the Manage A Service menu, select CONTROL service to display the Control A Service menu.

3. At the Control A Service screen, select the MANAGE files option.

If the file service has not been assigned or "mapped" to a drive, the VFILES program automatically assigns the file service to a network drive that is currently unused (a letter from D through Y). The VFILES main menu appears. The root directory of the file service is the current path. In the example below, the file service is mapped to drive F; the root directory appears as F:\.

If the file service is already assigned to a drive, the VFILES Main Menu appears on the screen. The current path shows the letter of the network drive to which the file service is mapped and the root directory of the file service. In the following sample VFILES screen, the current path is F:\, the root directory of file service AdminFiles@Adm@WCTUS.

The VFILES main menu (Managing VINES File Services) provides access to all of the SETARL, SETDRIVE, SETATTR, and V commands programs and to DOS file management commands (for changing, listing, creating, and removing directories and for deleting files). When the menu appears, option 2, Manage Directories and Files, is highlighted as a default. For more details on using VFILES, see Managing VINES Services.

4. To enter the SETARL program, select the Set Access Rights option. The SETARL menu appears with the root directory of the file service as the Path, as shown below.

Note that the EDIT command is highlighted as a default. The SETARL example shown above shows the default rights assignments for a new file service. The Owner is the creator of the file service, Admin@Adm@WCTUS, and has all access rights. The Group is the StreetTalk name of the Owner's group - *@Adm@WCTUS. The Group and World have no access rights.

Any new subdirectories created in this root directory will inherit the ARL for the Directory and the ARL for New Files. New files will inherit the rights granted in the ARL for New Files.

Before Using Commands

Before you select one of the commands at the top of the Set Access Rights menu, do the following checks:

1. Verify that the ARL displayed is the one you want. Check the Volume and Path fields for the name of the file service and the correct name of the file or directory.

2. If you are working with a file service that supports more than one type of native file system (for example, DOS and Macintosh), verify that the file system view shown is the one you want to use. Check the Current View field on the left side of the menu, or look at the set of access rights displayed.

3. Check the previously Saved View if you plan to edit the ARL.

To avoid access problems for files that are not to be shared across different file systems, edit an ARL from the view in which the directory (folder) or file was created. For example, if a file was created on a Macintosh workstation, edit its ARL from the Macintosh view.

For directories and files that are shared across different file systems, select a view and, after editing that view, check the other views to verify that users have the appropriate access. Table 4-2 and Table 4-3 show how access rights translate, or "map," from one file system view to another for directories and files.

Caution: Using any combination of access rights other than those shown in the tables results in no sharing capabilities among different workstation types.

Note that for files, even though VFS defines file-level protection for Macintosh files, the equivalent access rights on the parent folder are required for the access desired. For example, a Macintosh user would need See Files on the parent folder as well as See Files on the file itself. In contrast, a VINES user would need Search on the parent directory and Read on the file only.

Example How VINES Rights Map to Macintosh Rights

Anna Meier creates a directory called MONTHLY.RPT from a DOS, Windows, or OS/2 workstation, and assigns Search and Read access to John Stevens. John has Search and Read access to the directory when using a DOS, Windows, or OS/2 workstation. He also has See Folders and See Files access to that directory from a Macintosh workstation. For John to have See Folders and See Files from a Macintosh workstation, Anna must assign both Search and Read in the VINES view.

In addition, Anna creates a subdirectory for John's monthly reports called STEVENS. She makes John the Owner of the directory and assigns him all access rights from the VINES view. John has complete access to his directory from any type of workstation.

Using Commands from SETARL

This section defines and illustrates the commands available in the SETARL menu:

	Change Path
	Edit
	Copy ARL to Target
	Copy ARL from Source
	Test Access

Change Path Command

To use the Change Path command, perform the following steps:

1. Select the Change Path command from the Set Access Rights menu.

2. At the Change Path screen, enter the new path name.

To select the name from a list, press F5 to display the Select Path screen.

To display and highlight the names of parent directories, subdirectories, and files, use the left and right arrow keys. After highlighting a path name, press ENTER to select it.

After you select a name, the Set Access Rights menu is again displayed. The selected name in the Path field and the ARL of the selected directory or file are displayed in the lower part of the menu.

3. If the view you want to edit appears, press ENTER to begin editing the ARL.

If you want to edit a different view, press F4 to display the next view and then press ENTER to begin editing the ARL.

Edit Command

To change the names or access rights of an ARL, select EDIT from the SETARL menu. The Edit ARL screen appears.

Table 4-4 defines the editing keys available in this menu.

Editing the Primary List

To edit the Owner and Group fields in a Primary List:

1. Use the arrow keys to position the cursor in the field you want to edit.

2. In the Owner field, press F2 to select a user name from STDA, or enter a StreetTalk name. You can enter 8-bit ASCII characters, such as accents, for item names; however, they convert to equivalent 7-bit ASCII characters. For example, the characters É, é, è, ê, ë, and e appear as e.

3. In the Group field, enter a StreetTalk name in the format *@[groupname]@[organizationname].

The edit screen is in strikeover mode so that any existing text disappears as you type. To change to insert mode, press INSERT.

The ENTER key does not function in the name fields of Owner and Group. If the StreetTalk name needs to wrap to a second line, the system wraps it.

4. To edit the access rights, press TAB to move the cursor from the name field to the first access right field. To:

- Grant an access right, type a plus sign (+ ).

- Deny an access right, type a minus sign (- ).

Do not press ENTER. After you type a plus or minus sign, the cursor automatically moves to the next field.

5. Continue to edit the access rights, using TAB to move between the name fields and the access rights and SPACEBAR to move the cursor within the access rights fields.

The on-line help text describes the other keys available to you for editing the ARL.

6. To preview the effects of your edits on another view, press F4. Remember that, except for the inheritance rules setting, you cannot edit a preview screen.

To edit the access rights settings from another view, you must:

- Return to the original edit view (press F4).

- Exit the Edit screen (press either ESC or F10).

- Change to the view to be edited (press F4).

- Select Edit.

7. If you do not want to enter any names in the Extended List, press F10 to save your edits.

If you have edited the ARL from a view that is not the currently Saved View, the system warns you and requests that you confirm the save. Highlight YES or NO as needed, and press ENTER to return to the Set Access Rights Main Menu.

To enter names in the Extended List, continue to the next section.

Editing the Extended List

To edit the fields in an Extended List:

1. To add a new entry to the Extended List, use the arrow keys to position the cursor in the first blank line, and press F2 to select a name using STDA.

You can also enter the StreetTalk name. The system automatically displays a line of access rights (all minus signs) when you enter a name in this list.

2. Press TAB to move to the access rights column, and type a + or - in each field.

3. To preview the effect of the changes, press F4. (The screen below shows a sample preview of the Macintosh view of a directory ARL.)

4. Press F4 again to return to the view you are editing.

5. When you have completed editing the list, press F10 to save your changes.

6. If you have edited the ARL from a view that is not the currently Saved View, the system warns you and requests that you confirm the save. Highlight YES or NO as needed, and press ENTER to return to the Set Access Rights main menu.

The view in which you press F10 to save an ARL is the view that the VFS system stores as the Saved view. When displaying an ARL in different file system views, the SETARL program accesses this Saved view and then translates the rights stored there to display in other views. The Saved view is also the default view; that is, the view you see if you do not specify a view when you enter SETARL at the command line.

Testing User Access

The SETARL program lets you test user access while you are editing an ARL or directly from the Set Access Rights Main Menu. A test run during editing tests only the view you are editing. A test run from the SETARL Main Menu tests all the views. This section describes these two ways of testing an ARL.

In addition to the SETARL tests, you can test user access from the VFILES Main Menu and from the StreetTalk REPORT program:

	The VFILES test retrieves access rights and attributes information for a particular user on a particular directory or file. In addition, the VFILES test tells you if the user is an administrator of the file service (that is, the user's name is on the AdminList of the group in which the service was created).
	The StreetTalk REPORT program lets you create a user access report against one or more directories and files and provides the complete ARL and attribute settings.

For more information on the VFILES test, see the chapter on managing file services in Managing VINES Services. For information on the user access report, see Chapter 6.

Testing from Edit Mode

To test the ARL view you are editing:

1. At the Edit ARL screen, press F8.

2. When the system prompts you, enter a StreetTalk name, or press F2 to select from the STDA user list.

The system displays the results of the test in the top of the menu.

3. You can continue to edit the ARL with the results displayed, or you can press ESC to make the test results disappear.

When you continue editing with the results displayed, note that the results change as you edit the entry of the user tested.

For example, in the ARL below, if you changed the Owner's Execute access in the ARL for New Files to -, the Execute right would disappear from the test results.

Testing from Main Menu

To test an ARL from all views:

1. Select the Test Access command from the top of the Set Access Rights menu.

2. When the Test Access menu appears, press F2 to select a name using STDA, or enter a user name.

When the test succeeds and the results appear, you see the access rights granted in each view and also the entry in the ARL used to assign access to the selected user.

In the example below, you can see that the selected user name (Maria Santos@Sal@WCTES) appears in line 2 of the Extended List.

If you are testing the ARL of a directory, you can use F4 to toggle between the ARL of the directory and the ARL for new files in the directory. To exit the Test menu, press ESC.

If Something Goes Wrong

If the StreetTalk name entered is not valid, an error message appears below the name, requesting that you try again:

STKnnnn: StreetTalk name not found; please check your entry and try again.

STKnnnn represents the StreetTalk error code for the StreetTalk error. Use the VNSERR command for help interpreting the error code. Enter VNSERR STKnnnn at the DOS prompt to display the help text.

The reason that the name was not found could be that the entry was misspelled. Try entering the name again.

If your second attempt fails, it may be that the connection to the server maintaining the StreetTalk name entered is down, preventing verification of the StreetTalk name. To determine the status of the server and the connection, use the VINES Network and Systems Management (VNSM) program described in Monitoring and Optimizing Servers.

Copy ARL to Target Command

If you need to change the ARLs of several directories to make them the same, use the Copy ARL to Target command. Change the first ARL and the copy it to the remaining ARLs. In addition, use this command if you want to change the ARL of all the files in a directory. To do this, edit the New File ARL of the directory and then copy it to all files in the directory.

To Copy the ARL Displayed to Other ARLs

1. From the top of the Set Access Rights Main menu, select Copy ARL to Target to display the Copy ARL to data entry screen.

2. Enter a path name, or press F5 to select a path name from a directory listing. If you do not enter a path name, the system assumes the current directory.

When you press F5, the Select Destination screen appears.

3. At this screen, use the right and left arrow keys to highlight the directories and/or files to which you want to copy the ARL. Note that the Select Destination screen follows the rules for copying. If you are copying from a file, directory names do not appear in the screen.

You can select and deselect one or more destination directories or files:

- To select a destination directory or file, press ENTER. An asterisk next to the path name indicates that it is selected.

- To deselect a destination directory or file, press ENTER again.

- To select all subdirectories and files in a directory, press F2.

4. When you are ready to copy, press F10. You return to the data entry screen, where the names selected are displayed as the ARL is copied. When the copies are made, you return to the Set Access Rights menu, where the number of ARLs copied appears.

Error Message

If you try to copy to the ARL of a directory from the ARL of a file, an error message appears:

Please enter the path of a file. ARLs of files can be copied to ARLs of other files only.

If you see this message, either enter a new path name or press F5 to select another destination.

Copy ARL from Command

If you are viewing an ARL and you know that the ARL of another directory or file is exactly what you want for the ARL displayed, you do not need to edit the ARL. To copy from the ARL of the other directory or file use the following procedure.

To Copy from an ARL

1. Select Copy ARL from source in the SETARL menu to display the Copy ARL from data entry screen.

2. At this screen, enter a path name or press F5 to select a path name from a directory listing. The system defaults to the current directory if you do not enter a pathname.

When you press F5 from the Copy From screen, the Select Source menu appears.

3. At this screen, use the right and left arrow keys to highlight a source path name, and press ENTER to select it. The system copies the ARL and returns to the SETARL menu, where a message indicating that the copy has been made appears.

Note that the Select Source menu follows the copy rules. If you are copying to a directory, file names do not appear in the Select Source listing.

Error Messages

If the source and destination are the same, the system presents an error message and allows you to enter or select another path:

Please enter a different source name. The source and destination names must be different.

If you try to copy from the ARL of a file to the ARL of a directory, an error message appears:

Please enter the path of a directory. ARLs of files can be copied to ARLs of other files only.

Enter another path name or press F5 to select from the listing.