Hi List, Amazing response by so many members, very much appreciated. Just to close the loop, I don't have Vista so that's out. The Unix display that I re-typed was with the + in front of the 755. From the follow-on copy and pastes below of your suggested commands it shows I have 2 USER ACL's defined somewhere in RACF that are likely the cause of my access issues when I try to rename this file in a simulated DR test scenario.
I issued the GETFACL command as suggested and that display is copied and pasted below. $ getfacl SYSTEM/etc/pagent_TTLS.conf #file: SYSTEM/etc/pagent_TTLS.conf #owner: 30456 #group: SYS1 user::rwx group::r-x other::r-x user:DRTSTCPY:-w- user:DREVTCPY:-w- I also displayed file attributes in TSO ishell and that display is copied and pasted below TSO ishell Display File Attributes (Option 2 or A) Pathname : /SYSTEM/etc/pagent_TTLS.conf More: + File type . . . . . . : Regular file Permissions . . . . . : 755 rwxr-xr-x Access control list . : 1 File size . . . . . . : 8562 File owner . . . . . : (30456) Group owner . . . . . : SYS1(2) Last modified . . . . : 2021-03-25 16:09:34 Last changed . . . . : 2021-07-01 11:01:20 Last accessed . . . . : 2021-07-02 09:10:43 Created . . . . . . . : 2020-10-25 01:46:59 Link count . . . . . : 1 Pathname : /SYSTEM/etc/pagent_TTLS.conf More: - + Link count . . . . . : 1 Set UID bit . . . . . : 0 Set GID bit . . . . . : 0 Sticky bit . . . . . : 0 Auditor audit . . . . : R= W= E= User audit . . . . . : R= F W= F E= F Device number . . . . : 4 Inode number . . . . : 53 Major device . . . . : 0 Minor device . . . . : 0 File format . . . . . : NA Pathname : /SYSTEM/etc/pagent_TTLS.conf More: - Major device . . . . : 0 Minor device . . . . : 0 File format . . . . . : NA Shared AS . . . . . . : 1 APF authorized . . . : 0 Program controlled . : 0 Shared library . . . : 0 Char Set ID/Text flag : 00000 OFF Directory default ACL : 0 File default ACL . . : 0 Seclabel . . . . . . : I also displayed the file in TSO ISPF 3.17 and that display is below as well as the follow-on display manage ACL's TSO ISPF 3.17 Display z/OS UNIX Directory List Row 29 to 43 of 65 Command ===> Scroll ===> CSR Pathname . : /SYSTEM/etc Command Filename Message Type Permission Audit Ext Fmat ------------------------------------------------------------------------------- pagent_TTLS.con File rwxr-xr-x+ fff--- --s- ---- OPTION # 23 Manage ACLs Display z/OS UNIX ACL List Row 1 from 2 Command ===> Scroll ===> CSR S UID Read Write eXecute Name Type 69234537 W DRTSTCPY USER 69234538 W DREVTCPY USER Sent from Outlook<http://aka.ms/weboutlook> ________________________________ From: IBM Mainframe Discussion List <IBM-MAIN@LISTSERV.UA.EDU> on behalf of fred glenlake <fred.glenl...@outlook.com> Sent: July 1, 2021 1:43 PM To: IBM-MAIN@LISTSERV.UA.EDU <IBM-MAIN@LISTSERV.UA.EDU> Subject: Unix Permissions Display Question Hi List, I am trying to understand what I am seeing when I display my /SYSTEM/etc files especially for my PAGENT files. I re-typed the display below: Type Perm Permission Owner Filename File 755 rwxr-xr-x BPXROOT pagent_TTLS.bkup20191118 File +755 +rwxr-xr-x pagent_TTLS.conf File 755 rwxr-xr-x BPXROOT pagent_TTLS.conf.oldcert I am really interested in what the "+" means in front of the 755 and the permissions rwxr-xr-x. I think it means the file pagent_TTLS.conf is somehow protected externally by RACF but I am not sure. I have not been able to locate a redbook or manual that tells me what the "+" means. In a CHMOD command the + means adding permissions, that I know (or think I know). I am not a z/UNIX guru by any stretch of the imagination. I am hoping someone can enlighten me please. Also if it is externally protected how I could go about displaying the RACF protection or profile or ?? I have a started task that tries to copy in an new version of this file when we do a DR test but my started task fails and I need to do it manually as SuperUser. Thanks, FredG. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN