PRTLIBAUT -- Print Library Authorizations

PRTLIBAUT PRINT LIBRARY AUTHORIZATIONS TAASEDY
The Print Library Authorizations command prints the object authority information of objects within a library and the library object. This can be helpful in reviewing security. See the PRTLIBAUT2 tool for printing authorities to library objects (not the objects within a library). A typical command would be: PRTLIBAUT LIB(xxx) You can avoid printing the owner line for each object by specifying: PRTLIBAUT LIB(xxx) PRTOWNER(NO) You can specify a particular user and print only his authorities. Since the user can also access via the PUBLIC profile if he does not have a specific authority, the PUBLIC line prints by default. If you have ALLOBJ special authority, all authorities will be printed. If you do not have ALLOBJ special authority, not all of the information may be printed. If an object is printed which has authority also controlled by an authorization list and the PUBLIC user is specified as AUTL, an extra line is printed describing the authorities of the PUBLIC user to the authorization list. Contrast with PRTLIBAUT2 ------------------------ The PRTLIBAUT2 command provides similar information for library objects (not the objects within the library). For example, you can see the authorizations for all libraries, user libraries, libraries on the user library list, etc. Contrast with DSPUSRAUT ----------------------- The DSPUSRAUT command provides more information regarding security to objects because it includes group profiles and authorization list authorities. However, for DSPUSRAUT to perform the function, you must first do CVTUSRAUT to build a permanent file. PRTLIBAUT is just a simple listing of the objects in the library (and the library object) with the individual authorizations to the object shown. Command parameters CMD ------------------ LIB The library to be printed. OBJTYPE The object type to be printed. The default is ALL. A specific object type may be named. The command prompt includes the valid object types. OBJATTR The object attribute to be printed. The default is ALL. Object attributes such as PF or RPG may be entered. There is no check to ensure a valid attribute exists or that it is meaningful if a specific object type is entered. PFTYPE If the object attribute is PF, a PFTYPE of DTA or SRC may be entered to print only data or source files. The default is ALL for all PF types. PRTOWNER A YES/NO parameter for whether to print a line for the owner for each object listed. The default is YES to cause an 'owner' line to be printed. NO may be specified to bypass the owner line. USER The User to be printed for individual authorizations. The default is ALL. A specific user or PUBLIC may be specified. Entering a name or PUBLIC will allow a simple review of the authorities for that user. If the PUBLIC user line is printed and the library is controlled by an authorization list for which the public authority comes from the authorization list, a second line is printed. It will contain the PUBLIC authority to the authorization list. Note that if a specific user (other than PUBLIC) is specified and the object is controlled by an authorization list, the listing does not include any authorizations the user may have to the authorization list. The additional line only occurs for the PUBLIC user. PRTPUBLIC A YES/NO parameter for whether a line should be printed for the PUBLIC user. The default is YES. NO may be specified to not print the PUBLIC user information. If a USER parameter is specified, libraries that are not specifically authorized to the user may still be accessible because of the PUBLIC authorization. Restrictions ------------ None. Prerequisites ------------- The following TAA Tools must be on your system: CHKALLOBJ Check all object special authority RTVDBFA Retrieve data base file attributes RTVOBJAUT Retrieve object authority RTVOBJLST Retrieve object list RTVSYSVAL3 Retrieve system value 3 SNDCOMPMSG Send completion message SNDESCMSG Send escape message SNDSTSMSG Send status message Implementation -------------- None, the tool is ready to use. Objects used by the tool ------------------------ Object Type Attribute Src member Src file ------ ---- --------- ---------- ---------- PRTLIBAUT CMD TAASEDY QATTCMD TAASEDYC PGM CLP TAASEDYC QATTCL TAASEDYC2 PGM CLP TAASEDYC2 QATTCL TAASEDYR PGM RPG TAASEDYR QATTRPG

PRTLIBAUT       PRINT LIBRARY AUTHORIZATIONS           TAASEDY


The Print  Library Authorizations command  prints the  object authority
information of  objects within a library and the  library object.  This
can be helpful in reviewing security.

See  the PRTLIBAUT2  tool for  printing authorities  to library objects
(not the objects within a library).

A typical command would be:

             PRTLIBAUT    LIB(xxx)

You can avoid printing the owner line for each object by specifying:

             PRTLIBAUT    LIB(xxx) PRTOWNER(*NO)

You can  specify  a particular  user and  print  only his  authorities.
Since the user  can also access via the *PUBLIC profile  if he does not
have a specific authority, the *PUBLIC line prints by default.

If  you  have  *ALLOBJ  special  authority,  all  authorities  will  be
printed.  If  you do  not have  *ALLOBJ special authority,  not all  of
the information may be printed.

If  an object  is printed  which has  authority also  controlled by  an
authorization  list and  the  *PUBLIC user  is specified  as  *AUTL, an
extra line is printed  describing the authorities  of the *PUBLIC  user
to the authorization list.

Contrast with PRTLIBAUT2
------------------------

The  PRTLIBAUT2  command  provides  similar   information  for  library
objects  (not the objects  within the library).   For example,  you can
see  the authorizations  for all  libraries, user  libraries, libraries
on the user library list, etc.

Contrast with DSPUSRAUT
-----------------------

The DSPUSRAUT command  provides more information regarding  security to
objects  because  it includes  group  profiles  and authorization  list
authorities.    However, for  DSPUSRAUT  to perform  the  function, you
must first do CVTUSRAUT to build a permanent file.

PRTLIBAUT is just a simple listing  of the objects in the library  (and
the library  object) with the  individual authorizations to  the object
shown.

Command parameters                                    *CMD
------------------

   LIB           The library to be printed.

   OBJTYPE       The object  type to be printed.   The default is *ALL.
                 A specific  object type  may be  named.   The  command
                 prompt includes the valid object types.

   OBJATTR       The object  attribute to be  printed.  The  default is
                 *ALL.   Object  attributes such  as PF  or RPG  may be
                 entered.    There  is  no  check  to  ensure  a  valid
                 attribute  exists  or  that  it  is  meaningful  if  a
                 specific object type is entered.

   PFTYPE        If the  object attribute  is PF, a  PFTYPE of  *DTA or
                 *SRC  may  be entered  to  print only  data  or source
                 files.  The default is *ALL for all PF types.

   PRTOWNER      A *YES/*NO parameter for whether  to print a line  for
                 the  owner for  each object  listed.   The default  is
                 *YES to cause an 'owner' line to be printed.

                 *NO may be specified to bypass the owner line.

   USER          The    User    to    be    printed   for    individual
                 authorizations.   The default  is  *ALL.   A  specific
                 user or *PUBLIC may be specified.

                 Entering  a  name  or  *PUBLIC  will  allow  a  simple
                 review of the authorities for that user.

                 If the  *PUBLIC user line  is printed and  the library
                 is  controlled by an authorization  list for which the
                 public authority  comes from  the authorization  list,
                 a  second  line  is  printed.   It  will  contain  the
                 *PUBLIC authority to the authorization list.

                 Note  that if a specific user  (other than *PUBLIC) is
                 specified  and  the   object  is   controlled  by   an
                 authorization list,  the listing does not  include any
                 authorizations    the   user    may   have    to   the
                 authorization list.  The  additional line only  occurs
                 for the *PUBLIC user.

   PRTPUBLIC     A  *YES/*NO parameter  for whether  a  line should  be
                 printed for  the *PUBLIC user.   The default  is *YES.
                 *NO  may be  specified to  not print  the *PUBLIC user
                 information.

                 If a USER parameter  is specified, libraries that  are
                 not specifically  authorized to the user  may still be
                 accessible because of the *PUBLIC authorization.

Restrictions
------------

None.

Prerequisites
-------------

The following TAA Tools must be on your system:

      CHKALLOBJ      Check all object special authority
      RTVDBFA        Retrieve data base file attributes
      RTVOBJAUT      Retrieve object authority
      RTVOBJLST      Retrieve object list
      RTVSYSVAL3     Retrieve system value 3
      SNDCOMPMSG     Send completion message
      SNDESCMSG      Send escape message
      SNDSTSMSG      Send status message

Implementation
--------------

None, the tool is ready to use.

Objects used by the tool
------------------------

   Object        Type    Attribute      Src member    Src file
   ------        ----    ---------      ----------    ----------

   PRTLIBAUT     *CMD                   TAASEDY       QATTCMD
   TAASEDYC      *PGM       CLP         TAASEDYC      QATTCL
   TAASEDYC2     *PGM       CLP         TAASEDYC2     QATTCL
   TAASEDYR      *PGM       RPG         TAASEDYR      QATTRPG

Added to TAA Productivity tools November 1, 1997

Home Page

Up to Top