Re: Unix Permissions Display Question

fred glenlake Fri, 02 Jul 2021 07:10:53 -0700

Hi List,

Amazing response by so many members, very much appreciated.   Just to close the 
loop, I don't have Vista so that's out.   The Unix display that I re-typed was 
with the + in front of the 755.   From the follow-on copy and pastes below of 
your suggested commands it shows I have 2 USER ACL's defined somewhere in RACF 
that are likely the cause of my access issues when I try to rename this file in 
a simulated DR test scenario.


I issued the GETFACL command as suggested and that display is copied and pasted 
below.

$ getfacl SYSTEM/etc/pagent_TTLS.conf
#file:  SYSTEM/etc/pagent_TTLS.conf
#owner: 30456
#group: SYS1
user::rwx
group::r-x
other::r-x
user:DRTSTCPY:-w-
user:DREVTCPY:-w-

I also displayed file attributes in TSO ishell and that display is copied and 
pasted below

TSO ishell
Display File Attributes (Option 2 or A)

Pathname : /SYSTEM/etc/pagent_TTLS.conf
                                     More:     +
File type . . . . . . : Regular file
Permissions . . . . . : 755 rwxr-xr-x
Access control list . : 1
File size . . . . . . : 8562
File owner  . . . . . : (30456)
Group owner . . . . . : SYS1(2)
Last modified . . . . : 2021-03-25 16:09:34
Last changed  . . . . : 2021-07-01 11:01:20
Last accessed . . . . : 2021-07-02 09:10:43
Created . . . . . . . : 2020-10-25 01:46:59
Link count  . . . . . : 1
Pathname : /SYSTEM/etc/pagent_TTLS.conf
                                     More:   - +
Link count  . . . . . : 1
Set UID bit . . . . . : 0
Set GID bit . . . . . : 0
Sticky bit  . . . . . : 0
Auditor audit . . . . : R=     W=     E=
User audit  . . . . . : R= F   W= F   E= F
Device number . . . . : 4
Inode number  . . . . : 53
Major device  . . . . : 0
Minor device  . . . . : 0
File format . . . . . : NA
Pathname : /SYSTEM/etc/pagent_TTLS.conf
                                     More:   -
Major device  . . . . : 0
Minor device  . . . . : 0
File format . . . . . : NA
Shared AS . . . . . . : 1
APF authorized  . . . : 0
Program controlled  . : 0
Shared library  . . . : 0
Char Set ID/Text flag : 00000 OFF
Directory default ACL : 0
File default ACL  . . : 0
Seclabel  . . . . . . :

I also displayed the file in TSO ISPF 3.17 and that display is below as well as 
the follow-on display manage ACL's

TSO ISPF 3.17 Display
                           z/OS UNIX Directory List         Row 29 to 43 of 65
Command ===>                                                  Scroll ===> CSR

Pathname . : /SYSTEM/etc

Command  Filename        Message          Type Permission Audit  Ext  Fmat
-------------------------------------------------------------------------------
         pagent_TTLS.con                  File rwxr-xr-x+ fff--- --s- ----


OPTION # 23 Manage ACLs Display

                            z/OS UNIX ACL List                    Row 1 from 2
Command ===>                                             Scroll ===> CSR

S   UID       Read  Write  eXecute  Name      Type
    69234537          W             DRTSTCPY  USER
    69234538          W             DREVTCPY  USER


Sent from Outlook<http://aka.ms/weboutlook>

________________________________
From: IBM Mainframe Discussion List <IBM-MAIN@LISTSERV.UA.EDU> on behalf of 
fred glenlake <fred.glenl...@outlook.com>
Sent: July 1, 2021 1:43 PM
To: IBM-MAIN@LISTSERV.UA.EDU <IBM-MAIN@LISTSERV.UA.EDU>
Subject: Unix Permissions Display Question

Hi List,

I am trying to understand what I am seeing when I display my /SYSTEM/etc files 
especially for my PAGENT files.   I re-typed the display below:

Type   Perm   Permission   Owner           Filename
File     755      rwxr-xr-x       BPXROOT      pagent_TTLS.bkup20191118
File   +755    +rwxr-xr-x                              pagent_TTLS.conf
File     755      rwxr-xr-x       BPXROOT      pagent_TTLS.conf.oldcert

I am really interested in what the "+" means in front of the 755 and the 
permissions rwxr-xr-x.   I think it means the file pagent_TTLS.conf is somehow 
protected externally by RACF but I am not sure.   I have not been able to 
locate a redbook or manual that tells me what the "+" means.   In a CHMOD 
command the + means adding permissions, that I know (or think I know).   I am 
not a z/UNIX guru by any stretch of the imagination.   I am hoping someone can 
enlighten me please.  Also if it is externally protected how I could go about 
displaying the RACF protection or profile or ??   I have a started task that 
tries to copy in an new version of this file when we do a DR test but my 
started task fails and I need to do it manually as SuperUser.

Thanks,

FredG.

----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Unix Permissions Display Question

Reply via email to