acfsutil sec realm delete

Purpose

Deletes objects from an Oracle ACFS security realm.

Syntax and Description

acfsutil sec realm delete -h
acfsutil sec realm delete realm -m mount_point 
     {[-u user, ...] [-G os_group, ...] 
     [-l :ruleset,commandrule:ruleset, ...]
     [-f [ -r] path, ...] ] [-e ]}

acfsutil sec realm delete -h displays help text and exits.

Table 16-66 contains the options available with the acfsutil sec realm delete command.


Table 16-66 Options for the acfsutil sec realm delete command

Option Description

realm

Specifies the realm name.

-m mount_point

Specifies the directory where the file system is mounted.

-u user

Specifies user names to delete.

-G os_group

Specifies the operating system groups to delete.

-l commandrule:ruleset

Specifies the filters to delete from the realm. To display a list of the command rules, use acfsutil sec info with the -c option. ruleset specifies the rule set associated with the command rule for this realm.

-f [-r] path ...

Deletes files specified by path from the realm. -r specifies a recursive operation. File paths must be separated by spaces.

If this is the last realm securing the file, the file is encrypted or decrypted to match the file system level encryption state.

-e

Disables encryption on the realm.

When disabling encryption, this option decrypts any files in the realm that do not belong to any other encrypted realms. If a file is part of another realm which is encrypted or if encryption is turned on for the file system, then the file remains encrypted.


The acfsutil sec realm delete command removes objects from the specified realm. The objects to be deleted include users, groups, rule sets, and files. If the command encounters an error when deleting an object, a message is displayed and the command continues processing the remaining objects.

Multiple entries can be added in a comma-delimited list when adding users, operating system groups, or command rules. Do not use spaces in the comma-delimited list. If spaces are added, then enclose the list in quotes.

Only a security administrator can run this command.

Examples

The following example shows the use of the acfsutil sec realm delete command.

Example 16-60 Using the acfsutil sec realm delete command

$ /sbin/acfsutil sec realm delete my_security_realm -m /acfsmounts/acfs1
     -f -r /acfsmounts/acfs1/myoldfiles/*.log