acfsutil sec realm create

Purpose

Creates an Oracle ACFS security realm.

Syntax and Description

acfsutil sec realm create -h
acfsutil sec realm create realm -m mount_point 
     -e { on -a {AES}  -k {128|192|256} | off }
     [-o {enable|disable}] [-d "description"]

acfsutil sec realm create -h displays help text and exits.

Table 16-65 contains the options available with the acfsutil sec realm create command.


Table 16-65 Options for the acfsutil sec realm create command

Option Description

realm

Specifies the realm name.

-m mount_point

Specifies the mount point for the file system. A mount point is specified as a path on Linux platforms.

-e {on|off}

Specifies encryption on or off for the realm.

-a {AES}

Specifies the encryption algorithm.

-k { 128|192|256}

Specifies the encryption key length.

-o {enable|disable}

Specifies where security is on or off for the realm.

-d "description"

Specifies a realm description.


The acfsutil sec create realm creates a new realm in the specified Oracle ACFS file system. The new realm name must be unique in the file system identified by the mount point.

A maximum of 500 Oracle ACFS security realms can be created, including any default system realms created by the acfsutil sec prepare command.

The realm is enabled by default unless the -o disable option is specified.

If the -e on option is specified, then encryption must have been initialized for the cluster and set on the file system. For more information, refer to "acfsutil encr init" and "acfsutil encr set".

If the -e off option is specified, you cannot specify the -a and -k options.

Only a security administrator can run this command.

Examples

The following example shows the use of the acfsutil sec realm create command.

Example 16-59 Using the acfsutil sec realm create command

$ /sbin/acfsutil sec realm create my_security_realm -m /acfsmounts/acfs1
     -e on -a AES -k 192 -o enable