TAA Tools

The Change  User  Profile per  *PUBLIC 2  command is  designed for  the
situation where  IFS objects in  a directory for the  *PUBLIC user have
different  forms  of authority  and you  want to  authorize a  new user
profile to have  the same authority  as the *PUBLIC  user.  This  would
allow you to  make the new user profile a  group profile for designated
profiles  and then set the  *PUBLIC user to  *EXCLUDE to prevent access
by non-authorized  users.  This  allows members  of the  group to  have
the same authority as they had before.

See CHGPRFPUB to make similar changes to library objects.

See ADDGRPPRF for adding multiple users to a group profile.

You must have *ALLOBJ special authority to use CHGPRFPUB2.

Assume you  have various  objects in a  directory which  have different
authority  levels  such as  *RWX  or *RX  (or  even USER  DEF)  for the
*PUBLIC user.  You  want to prevent  unauthorized access by  eventually
setting the  *PUBLIC user to  *EXCLUDE.  You  would first create  a new
user profile (assume  the name is GROUP10).   Then run CHGPRFPUB2 for a
directory such as:


Because  the  default is  ACTION(*CHECK), no  changes  would occur.   A
listing would be  displayed of the changes  that would be made  and any
possible error conditions.

Assuming the  listing will  describe the results  you want  to achieve,
you would run again with ACTION(*CHANGE).


The displayed listing would describe the changes made.

You  would then use CHGUSRPRF  to assign each user  you want authorized
and specify them as belonging to the group profile GROUP10.

To set the *PUBLIC  user to *EXCLUDE, you  could use the TAA  CHGDIRAUT
command as:

                          DTAAUT(*EXCLUDE) OBJAUT(*NONE)


  **   If the  USRPRF user  is already  specified for  authority to  an
       object,  an exception  is noted, but  a change  will be  made if
       ACTION(*CHANGE) is  specified.    You may  want  to  change  the
       authority back to its original value.

  **   If  an  object  is specified  with  an  *AUTL  used  to  control
       authorizations,  an error will  be noted.   If the  *PUBLIC user
       is  specified  as  *AUTL,  you must  manually  change  the *AUTL
       object to achieve your objectives.

CHGPRFPUB2 escape messages you can monitor for

None.  Escape messages  from based on functions  will be re-sent.   The
sub  tool CVTIFSAUT  may  send  escape messages.    You cannot  proceed
unless CVTIFSAUT completes successfully.

CHGPRFPUB2 Command parameters                         *CMD

   USRPRF        The  name of the user profile  to be authorized to the
                 objects in the same manner as the *PUBLIC user.

   OBJ           The path name of  the directory and subdirectories  to
                 change authorities  for.   A directory must  be named.

   OMITDIR       If  the Object  parameter is  a directory,  specify up
                 to 10 subdirectory  names relative  to that  directory
                 to be excluded.

                 Any of  the OMITDIR entries  may be a  subdirectory of
                 the  directory specified  for  the OBJ  parameter.   A
                 subdirectory  can go multiple  levels deep, but cannot
                 skip any directories along  the way.  For  example, if
                 'Sub1' is  a directory in  the home directory  and has
                 a   subdirectory  of   'Sub1A',  you   cannot  specify
                 OBJ('*') and OMITDIR('Sub1A').

                 Generic directories  are supported  by using  an *  as
                 the last  character of an  OMITDIR path.   This causes
                 any  directory  starting  with  the characters  before
                 the * to be omitted.

                 An omitted directory cannot begin with  a / or \.   If
                 a directory  specified to be  omitted does  not exist,
                 no error occurs.


                  CHGPRFPUB2 OBJ(*) OMITDIR('dir1')

                     Omits /home/xxx/dir1 and all its subdirectories

                  CHGPRFPUB2 OBJ(*) OMITDIR('dir*')

                     Omits /home/xxx/yyyy where yyyy is a subdirectory
                      beginning with 'dir' and all their subdirectories

   ACTION        The ACTION to be performed.

                 *CHECK  is   the  default.    It   will  describe  any
                 situations  that  will  prevent  a  change  being made
                 such as an Authorization List is used

                 *CHANGE may  be specified  to grant  to the  specified
                 user the same authority as the *PUBLIC user.

   OUTPUT        How  to output  the  results.   *  is  the default  to
                 display  the spooled  file if  the command  is entered
                 interactively.  If  the display  is ended with  F3/F12
                 or the  Enter key, the  spooled file is  deleted after
                 it  is displayed.   To  retain  the spooled  file, you
                 may use the the  System Request 'Cancel' function  and
                 the spooled file will exist in a HLD status.

                 If  the command  is  entered  in  batch or  *PRINT  is
                 specified,  the spooled file  is output  and retained.


You must have *ALLOBJ special authority to use CHGPRFPUB2.


The following TAA Tools must be on your system:

     CHKALLOBJ       Check *ALLOBJ special authority
     CHKOBJ3         Check object 3
     CVTIFSDAUT      Convert IFS directory authority
     CVTIFSAUT       Convert IFS authority
     RMVMSGKEY       Remove message key
     RSNLSTMSG       Resend last message
     RTVSYSVAL3      Retrieve system value 3
     SNDCOMPMSG      Send completion message
     SNDESCINF       Send escape information
     SNDESCMSG       Send escape message


None, the tool is ready to use.

Objects used by the tool

   Object        Type    Attribute      Src member    Src file
   ------        ----    ---------      ----------    ----------

   CHGPRFPUB2    *CMD                   TAASETW       QATTCMD
   TAASETWC      *PGM       CLP         TAASETWC      QATTCL
   TAASETWR      *PGM       RPG         TAASETWR      QATTRPG

Added to TAA Productivity tools January 15, 2013

Home Page Up to Top