|
ChrisI went digging around and finally found something in the open() Unix-style API, where the bit about "Each directory in the path" is relevant.
Authorization Required for open() (excluding QSYS.LIB, independent ASP QSYS.LIB,and QDLS) Object Referred to Authority Required errno Each directory in the path name preceding the object to be opened *X EACCES
Existing object when access mode is O_RDONLY *R EACCES Existing object when access mode is O_WRONLY *W EACCES Existing object when access mode is O_RDWR *RW EACCESExisting object when O_TRUNC is specified *W EACCES Parent directory of object to be created when object does not exist and O_CREAT is specified *WX EACCES
I like to think of directories as analogous to libraries and files to objects. You need execute authority to a library in order to see objects in that library, IIRC. Directories would be similar, except that each directory needs execute authority, as stated above. It seems this is a safe enough situation, as it takes write *W authority to a directory in order to add objects to it, right?
This analogy, as far as it goes, also helps me when using the SAV and RST commands. E.g., saving in the IFS without using an asterisk is like SAVLIB, and you can restore the directory, even if it does not exist on the target machine. If you specify files, even with '*', you do not get the directory saved along with the objects. This is just like SAVOBJ, where the containing library is not saved along with the objects.
Finally, a little more digging at the support site found this link http://www-1.ibm.com/support/docview.wss?uid=nas1e3dc97d7f1aeaf348625685f005c6263entitled "Integrated File System Authority Considerations". It's part of the registered knowledge base, but the link might get around that - I don't know. If you have software support you can get registered and use this part of the KB, as you probably know.
Just some rambling. HTH Vern At 04:05 PM 11/24/2005, you wrote:
Well I created a test program to see what authorities are needed to open a file for read only. Turns out that the file is not the problem, but the directory. While the users had read access to the directory, they did not have *RX. So to use the IFS, the users need *RX to the directories and *R to the file for read only. To create a file users will need *RWX to the last directory in the path and *RX to the directories above. I want to thank everyone for their incites and URLs to the documentation. No where I read did it say you need *RX to the directory containing the file in which you want to read. Argh! Christopher Bipes IS Director CrossCheck, Inc. 707.586.0551, ext. 1102 707.585.5700 FAX Chris.Bipes@xxxxxxxxxxxxxxx www.Cross-Check.com Notice of Confidentiality: This e-mail, and any attachments thereto, is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution or copying of this e-mail, and any attachments thereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify me by e-mail (by replying to this message) or telephone (noted above) and permanently delete the original and any copy of any e-mail and any printout thereof. Thank you for your cooperation with respect to this matter. -- This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options, visit: http://lists.midrange.com/mailman/listinfo/midrange-l or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.