Guards differ in their name and type. The guard name ensures that the guard is unique on a pubset and the guard type provides information on the type of data the guard contains. For example, type STDAC guards contain access conditions and type DEFPATTR guards contain default protection values.
Specific guard types can contain references to other guards (reference guards). For example, rules for default protection contain the names of the guards that themselves contain the required definitions of the protection attribute default values.
When it determines a set of guards, GUARDS-SAVE considers several selection criteria that the user can specify:
Guard name
The user selects the name of a guard that is to be processed with the GUARD-NAME operand. If the guard name contains wildcards, GUARDS-SAVE selects all guards that match the specified pattern.
Guard type
The user can specify
SELECT=*BY-ATTRIBUTES(TYPE=)to limit the selection made with the GUARD-NAME operand to specific guard types. GUARDS-SAVE selects the guards of the required type from the set of guards found in the first selection step.Guard references
With the
SELECT=*BY-ATTRIBUTES(RESOLVE=*YES)entry, the user specifies whether the set of guards determined in the first two selection steps are to be searched for reference guards and any found added to the previously found guards.All found reference guards are themselves searched for references. However, GUARDS-SAVE does not carry out a semantic check on the validity of the of the references and this therefore means that both valid and invalid guard references can be selected.
The following guard references are valid:
Guard purpose
Guard type
Reference purpose
Reference type
Rule container for default protection
DEFAULTP
Specifies attribute default values
DEFPATTR
Specifies user IDs and user groups for global pubset default settings
DEFPUID
Specifies attribute default value
DEFPATTR
Read, write, execute guard that is specified for the default value of the GUARDS protection attribute
STDAC
Rule container for co-owner protection
COOWNERP
Specifies the access conditions for the co-owner
STDAC
The default settings of the GUARDS-SAVE statements are defined such that the search for reference guards is carried out.
GUARD-NAME=*, SELECT=(TYPE=*ANY). In this way, reference guards that were not found will also be listed in the result logs. If the search for reference guards is deactivated (SELECT=(RESOLVE=*NO)), guards that may be missing are not found.The following examples serve to illustrate the selection method described in this section:
Example 1
All rule containers for default protection are to be backed up, whereby the reference guards are also to be considered.
The user makes the following entries for selecting the guards:
GUARD-NAME=SYS.UD*, SELECT=(TYPE=DEFAULTP, RESOLVE=*YES)
GUARDS-SAVE executes the following selection steps:
Find all guards whose names begin with the string
SYS.UD.Select the guards from those found in step 1 that are of type DEFAULTP.
Make a recursive search through the set of guards found in steps 1 and 2 for reference guards. The reference guards found are selected additionally.
As a result of this selection, GUARDS-SAVE processes the set of all guards whose names begin with the string SYS.UD and are of guard type DEFAULTP. In addition, all guards that are referenced by the guards found in steps 1 and 2 are also saved, regardless of the string their names are composed of and of their guard type. This means that the selected set of guards also includes some whose names do not begin with SYS.UD and whose guard type is not DEFAULTP.
From a log, the user can ascertain which guards were saved because of their name and type, which guards were saved because of a reference and which guards should have been saved because of their reference but could not be saved.
Example 2
All rule containers for co-owner protection are to be saved, but not the reference guards.
The user makes the following entries for selecting the guards:
GUARD-NAME=SYS.UC*, SELECT=(TYPE=COOWNERP, RESOLVE=*NO)
GUARDS-SAVE executes the following selection steps:
Find all guards whose names begin with the string
SYS.UC.Select the guards from those found in step 1 that are of type COOWNERP.
As a result of this selection, GUARDS-SAVE processes the set of all guards whose names begin with the string SYS.UC and are of guard type COOWNERP. Any referenced guards of type STDAC are ignored.
From a log, the user can ascertain which guards were saved because of their name and type. He cannot determine which guards were referenced.