Re: Simulating adopted authority with IFS -- MIDRANGE-L

Subject: Re: Simulating adopted authority with IFS
From: Bryan Dietz <bdietz400@xxxxxxxxx>
Date: Tue, 4 Jun 2024 07:51:35 -0500
List-archive: <https://archive.midrange.com/midrange-l/>
List-post: <mailto:midrange-l@lists.midrange.com>
List-subscribe: <https://lists.midrange.com/mailman/listinfo/midrange-l>, <mailto:midrange-l-request@lists.midrange.com?subject=subscribe>
List-unsubscribe: <https://lists.midrange.com/mailman/options/midrange-l>, <mailto:midrange-l-request@lists.midrange.com?subject=unsubscribe>

I think you should follow Davids recommendation on using Profile handles

https://www.ibm.com/docs/en/i/7.4?topic=programs-example-using-profile-handles

--
Bryan

datil400 wrote on 6/4/2024 6:18 AM:

Hi Rob,

I explain the IFS configuration:

1. All directories USER(*PUBLIC) DTAAUT(*EXCLUDE) OBJATU(*NONE)
2. For all directories, Application group profile (GRPAPP) as Primary Group
(PGP) and authorities *ALL.
3. All files, application group profile as Primary Group (PGP = GRPAPP) and
authorities *ALL
4. Anyone can own the object
5. Login with a user without authorizations
6. Effective group profile of then job is changed with qsysetegid() to
GRPAPP profile.

Follow-Ups:

Re: Simulating adopted authority with IFS , datil400

This mailing list archive is Copyright 1997-2026 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.