John,

You hit it out of the park. I changed the flag I can now delete the file. A big THANK YOU!!!

-David.


-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of rob@xxxxxxxxx
Sent: Monday, May 05, 2014 4:35 AM
To: Midrange Systems Technical Discussion
Subject: RE: IFS File permissions

Once again this could be because it's /tmp. On 5250 you could try WRKLNK '/tmp'
8=Display attributes
Restricted rename and unlink . . . . . :

What do you have for that value?

Justin thought it might be related to the /root file system but IBM ships /tmp with that attribute. They do this as a poor copy of an 'IFS' method of QTEMP library. But mainly because other open systems do this with their /tmp directory.
Of course, this attribute causes their own smtp system to fail.
Most people turn it to No, do not restrict it.
IBM used to change it back with every release (perhaps even with IPL?). I know that I came unglued on them for doing so.

Basically what this does is, lets say you're signed on as JOHN and use some API which generates a file in there. Then the process gets passed off to another process that gets ran by someone like QTCP. It doesn't matter if you change QTCP and give her every special authority available, she will not be able to delete the file. QSECOFR even can't. Only JOHN can. Sure QSECOFR or QTCP can read the file, destroy the contents, etc.
They just cannot delete the actual file or rename it.

Rob Berendt
--
IBM Certified System Administrator - IBM i 6.1 Group Dekko Dept 1600 Mail to: 2505 Dekko Drive
Garrett, IN 46738
Ship to: Dock 108
6928N 400E
Kendallville, IN 46755
http://www.dekko.com





From: Justin Taylor <JUSTIN@xxxxxxxxxxxxx>
To: Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxx>
Date: 05/02/2014 05:13 PM
Subject: RE: IFS File permissions
Sent by: "MIDRANGE-L" <midrange-l-bounces@xxxxxxxxxxxx>



OK, so it sounds like the file is /tmp/myfile.txt and you're accessing it
via a NetServer share of the root (sharing the root would make me
incredibly nervous, but I digress).

As I recall, when you create a file under the local root file system, the
owner has authority but no else does (you'd expect it to have the dir
permissions but it doesn't). What user are you using to access the
NetServer? If you're using a different user, or guest access, that could
be your problem.


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.