You hit it out of the park. I changed the flag I can now delete the file. A big THANK YOU!!!


-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of rob@xxxxxxxxx
Sent: Monday, May 05, 2014 4:35 AM
To: Midrange Systems Technical Discussion
Subject: RE: IFS File permissions

Once again this could be because it's /tmp. On 5250 you could try WRKLNK '/tmp'
8=Display attributes
Restricted rename and unlink . . . . . :

What do you have for that value?

Justin thought it might be related to the /root file system but IBM ships /tmp with that attribute. They do this as a poor copy of an 'IFS' method of QTEMP library. But mainly because other open systems do this with their /tmp directory.
Of course, this attribute causes their own smtp system to fail.
Most people turn it to No, do not restrict it.
IBM used to change it back with every release (perhaps even with IPL?). I know that I came unglued on them for doing so.

Basically what this does is, lets say you're signed on as JOHN and use some API which generates a file in there. Then the process gets passed off to another process that gets ran by someone like QTCP. It doesn't matter if you change QTCP and give her every special authority available, she will not be able to delete the file. QSECOFR even can't. Only JOHN can. Sure QSECOFR or QTCP can read the file, destroy the contents, etc.
They just cannot delete the actual file or rename it.

Rob Berendt
IBM Certified System Administrator - IBM i 6.1 Group Dekko Dept 1600 Mail to: 2505 Dekko Drive
Garrett, IN 46738
Ship to: Dock 108
6928N 400E
Kendallville, IN 46755

From: Justin Taylor <JUSTIN@xxxxxxxxxxxxx>
To: Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxx>
Date: 05/02/2014 05:13 PM
Subject: RE: IFS File permissions
Sent by: "MIDRANGE-L" <midrange-l-bounces@xxxxxxxxxxxx>

OK, so it sounds like the file is /tmp/myfile.txt and you're accessing it
via a NetServer share of the root (sharing the root would make me
incredibly nervous, but I digress).

As I recall, when you create a file under the local root file system, the
owner has authority but no else does (you'd expect it to have the dir
permissions but it doesn't). What user are you using to access the
NetServer? If you're using a different user, or guest access, that could
be your problem.

This thread ...


Return to Archive home page | Return to MIDRANGE.COM home page