Chuck,

Thanks for the options.

I'm doing something similar now in batch.
All objects get restored to a temp install library.
I then run a CL with the below commands (i5/OS and TAATOOL) on the temp library.

I also use the same CL to fix/standardize authorities on main production libraries.

CHGLIBOWN LIB(&LIBNAM) NEWOWN(CM_GRP) OLDOWN(*ANY) +
CUROLDOWN(*REVOKE) OMITOWN(*NONE) /* +
Change ownership of the library */

CHGOBJAUT OBJ(QSYS/&LIBNAM) OBJTYPE(*LIB) USER(*ALL) +
AUT(*REMOVE) DLTSPLF(*NO) /* Remove +
LIBRARY private authority */

CHGOBJAUT OBJ(QSYS/&LIBNAM) OBJTYPE(*LIB) USER(*PUBLIC) +
AUT(*CHANGE) DLTSPLF(*NO) /* Grant +
*change authority to the LIBRARY *PUBLIC +
user */

CHGOBJAUT OBJ(&LIBNAM/*ALL) OBJTYPE(*ALL) USER(*ALL) +
AUT(*REMOVE) DLTSPLF(*NO) /* Remove +
private authorities for all objects in +
the library */

CHGOBJAUT OBJ(&LIBNAM/*ALL) OBJTYPE(*ALL) USER(*PUBLIC) +
AUT(*CHANGE) DLTSPLF(*NO) /* Grant +
*CHANGE authority for user *PUBLIC to all +
object in the library. */

DSPLIBAUT LIB(&LIBNAM) BYPOWNER(*YES) OUTPUT(*PRINT)


Paul

-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of CRPence
Sent: Monday, August 15, 2016 12:50 PM
To: midrange-l@xxxxxxxxxxxx
Subject: Re: Force or change the object owner on an object restore

On 15-Aug-2016 10:58 -0500, Steinmetz, Paul wrote:
I would like to force or change the object owner on an object restore.

Ideally the owner would be the desired value when saved. Restore will assign the same owner as was recorded on the media, or to the /default/ owner (QDFTOWN) when the same-named User Profile (USRPRF) does not exist at the restored-to system.


Is there a simple way to achieve this?

Yes, relatively simple, esp. for /QSYS.LIB objects. But as reactive vs proactive, and thus if there would be repeated restores, /expensive/ in terms of system resources if effected after each restore on the restored-to system, as contrasted with effecting the changes just once on the saved-from system completed prior to the save.

The Output (OUTPUT) feature of the restore functions could be used to provide the list of objects for which ownership should be changed; any number of means can be utilized to process such a list from which to build\perform the required Change Object Owner (CHGOBJOWN) [or CHGOWN] requests; e.g. RCVF in a CLP, a SQL query, etc. -- noting that for non-/QSYS.LIB objects, the likely stream file as output would need to be copied to a PF for native RLA reads. Rather than /batching/ the changes, with use of a pre-created Output File (OUTFILE) from the model file QASRRSTO with record format QSRRST and specification of Add Records
(*ADD) for the Output Member Options (OUTMBR) parameter, the effect can be achieved more directly by making the records available to a Trigger that had been added to the file for the upcoming *AFTER *INSERT activity
-- though not likely much value to do so.


Many objects come shipped with owner of QPGMR, and that is not our
desired owner.

As worded, the issue seems possibly to be for restore of ¿3rd party?
/products/? If so, then might be worth asking why they do not have an /application/ user [that maybe needs to be created as a pre-requisite to installing their product]; while use of QPGMR might seem fine from their perspective, they should realize that QPGMR will not be the same to every installation, so they should avoid that imposition. I kinda expected that IBM emphasized that 3rd party app providers should use their own profile to avoid such issues.? Anyhow, if they do\will not provide for application user(s), having created and saved with owner QPGMR [and ??], then perhaps asking that they provide a script [with variable\parameter input capability] or command that allows assigning the desired alternative to the user profile QPGMR [and ??]; that way the customer\recipient of the media need not try to figure out, and possibly muck-up something, what to change [and what can be safely changed, and to what user, according to some required minimum Special Authority
(SPCAUT) or other requirements].

FWiW: If the objects are specific to a library or two, there are likely to be command+programs already [I have probably posted one way back in the day], that achieves what is desired; e.g. variants of CHGOWNLIB or CHGLIBOWN tools have long existed to change ownership [of both the library object] and all objects within the named library, to a named user profile [possibly coded to omit redundant requests for any objects already owned by the user named to become the new owner].

--
Regards, Chuck

--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxx for any subscription related questions.

As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.