TAA Tools
LMTDLTSPLF      LIMIT DLTSPLF                          TAASPLT

             *                                         *
             *    CAUTION.  If you limit the commands  *
             *    described, there may be system or    *
             *    product functions that will fail     *
             *    because they assume that *PUBLIC     *
             *    has *USE authority to these          *
             *    commands.  In general, you should    *
             *    consider restricting only menu       *
             *    controlled end users.                *
             *                                         *

There are several methods  of limiting users to control  who can delete
spooled  files.  This  tool describes 3  typical solutions in  order of

  **   LMTDLTSPLF  tool.   A simple  command that  limits users  who do
       not  have special  authority.    The  default is  to  limit  the
       commands   to  users   who   have  *JOBCTL   authority.     More
       restrictive  control can be  gained by limiting  the commands to
       *SPLCTL special authority.

  **   Using  an authorization  list.    See  the  later  section  that
       describes the  steps to limit  the DLTSPLF and  CLROUTQ commands
       to  users who  are authorized  to an  authorization list.   Note
       that this does not change the CHGSPLFA command.

  **   LMTDLTSPL2 tool.   This  is  a separate  tool that  allows  more
       granular control in terms of:

         --   The file names to be controlled such as QPJOBLOG.

         --   The type  of control required  by spooled  file including
              the   special  authorities   *JOBCTL/*SPLCTL  or   if  an
              authorization list is provided.

The  LMTDLTSPLF command  provides the simplest  solution.   Only a user
with *ALLOBJ authority can use LMTDLTSPLF.

The command  to  limit the  deletion  of spooled  files  to only  those
users with *JOBCTL authority would be:


The commands DLTSPLF,  CLROUTQ, and CHGSPLFA would be  changed to use a
validity checking program.

  **   When  DLTSPLF or CLROUTQ is used,  the validity checking program
       ensures the user  has *JOBCTL  special authority.   If not,  the
       program  sends  a  special  diagnostic  followed  by  a  general
       escape message.

  **   When  CHGSPLFA  is used,  the  validity  checking program  would
       prevent  a  user  who  does  not  have  *JOBCTL  authority  from
       changing the current  output queue.   This prevents a  user from
       moving a  spooled file to an output queue  which is printing and
       would  therefore cause the  spooled file to  be deleted when the
       spool writer  has  output  the file.    Any other  spooled  file
       parameters could be changed.

You may  also reset the commands  to their original  shipped default by
specifying TYPE(*NONE).

Handling the escape message in a program

If  you have  programs that  delete spooled files  for users,  they may
fail due to the  escape message that may be  sent by either DLTSPLF  or
CLROUTQ or an attempt  to change the output queue  using CHGSPLFA.  The
escape  message  is  the  general  message  CPF0001 which  indicates  a
general command failure.  If you  use the LMTDLTSPLF tool, the  TAA9882
diagnostic  message  will  be sent  prior  to  the  escape  message  to
describe the specific error condition.

A  method  of  programming for  this  error  is  to  use the  TAA  Tool
RTVDIAGMSG  which  will allow  you to  retrieve the  diagnostic message
associated with the last escape message.

Your code might look like:

             DLTSPLF    FILE(xxxx)
             MONMSG     MSGID(CPF0001) EXEC(DO) /* Cmd error */
             IF         (&MSGID *EQ 'TAA9882') DO /* Not auth */
                        /*                                    *
                        /*     Handle not authorized          *
                        /*                                    *
             ENDDO      /* Not auth */
             SNDESCMSG  MSG('Command error.  See previous messages')
             ENDDO      /* Cmd error */

The SNDESCMSG  command is  a TAA Tool  command to  simplify sending  an
escape message.

If you  limit the commands with  an authorization list, the  message ID
to monitor for is CPD0002.

Command parameters                                    *CMD

   TYPE          The  type  of  limitation you  want  to  place  on the
                 commands.   The default  is *JOBCTL  meaning the  user
                 must  have the  special authority  *JOBCTL to  perform
                 the function.  *SPLCTL may also be specified.

                 *NONE   may  be  specified  to   cause  the  specified
                 commands to  be  set  so  that  no  validity  checking
                 program  exists.   This  is  the  way the  command  is
                 shipped by  the system.  When *NONE  is specified, the
                 CHKEXSVLD parameter is ignored.

   DLTSPLF       Whether  to limit  the DLTSPLF  command.   The default
                 is *YES which  causes a  validity checking program  to
                 be named for the command.

                 *NO  does not  change  the  command validity  checking
                 program (there may already be one specified).

   CLROUTQ       Whether  to limit  the CLROUTQ  command.   The default
                 is *YES which  causes a  validity checking program  to
                 be named for the command.

                 *NO  does not  change  the  command validity  checking
                 program (there may already be one specified).

   CHGSPLFA      Whether  to  limit the  CHGSPLFA command  so  that the
                 user cannot  change the  current  Output Queue.    The
                 default  is  *YES which  causes  a  validity  checking
                 program  to  be named  for  the  command.   Specifying
                 *YES  does  not  prevent the  user  from  changing any
                 other attributes with CHGSPLFA.

                 *NO  does not  change  the command  validity  checking
                 program (there may already be one specified).

   CHKEXSVLD     Whether  to check  for an  existing validity  checking
                 program  on the commands  to be changed.   The default
                 is  *YES  which  prevents   a  change  if  a   current
                 validity checking  program already  exists and  is not
                 the value to be changed to.

       No  check  occurs  if you  have  specified  *NONE  for the  TYPE

                 *NO causes a  change regardless of  whether a  program
                 already exists.

New system release implications

When  a new  system release  is  installed, the  commands  in QSYS  are
deleted and installed as shipped by the system.

Therefore,  you should  place the  LMTDLTSPLF command  in a  CL program
along  with any other  changes to QSYS  objects and run  the program on
each release.

Using an Authorization list instead of LMTDLTSPLF

The use  of an  authorization list  allows more  granular control  than
the simple  LMTDLTSPLF command.   You  can provide a  list of  names of
users who are allowed to delete spooled files.

Note  that this does cause any change  to CHGSPLFA.  You could consider
the LMTDLTSPLF command for just the CHGSPLFA command.

The following steps describe how to do  this.  You must be a user  with
*ALLOBJ authority to do these steps.

  1.   Create an authorization  list or use an existing one.   A sample
       create command would be:

                           TEXT('Used to limit DLTSPLF and CLROUTQ')

  2.   Use  EDTAUTL  to  add  the  users  to  the  list that  you  want
       authorized to DLTSPLF  and CLROUTQ.   When the display  appears,
       add the users and specify the Object Authority as *USE.

              EDTAUTL    AUTL(DLTSPLF)

  3.   Use the  following  commands to  change the  DLTSPLF command  to
       use the authority from the authorization list.

                           USER(*PUBLIC) AUT(*EXCLUDE)


  4.   Use  the following  commands to  change  the CLROUTQ  command to
       use the authority from the authorization list.

                           USER(*PUBLIC) AUT(*EXCLUDE)



You  must  use  the Authorization  list  method  if you  have  the S/38
Environment  on  your  system  to  control  the  commands  CNLSPLF  and


Only a user with *ALLOBJ special authority may use LMTDLTSPLF.

Any  APIs  that may  exist  that allow  deletion  of  spooled files  or
changes to file attributes are not considered.

If  you have  the S/38  environment on  your system,  you must  use the
Authorization list method  to prevent  the use of  CNLSPLF and  CLROUTQ
from the S/38 environment library.


The following TAA Tools must be on your system:

     CHKALLOBJ       Check *ALLOBJ special authority
     RTVCMDA         Retrieve command attributes
     RTVSPCAUT       Retrieve special authority
     SNDCOMPMSG      Send completion message
     SNDESCMSG       Send escape message


None, the tool is ready to use.

Objects used by the tool

   Object        Type    Attribute      Src member    Src file
   ------        ----    ---------      ----------    ----------

   LMTDLTSPLF    *CMD                   TAASPLT       QATTCMD
   TAASPLTC      *PGM       CLP         TAASPLTC      QATTCL
   TAASPLTC2     *PGM       CLP         TAASPLTC2     QATTCL
   TAASPLTC3     *PGM       CLP         TAASPLTC3     QATTCL
   TAASPLTC4     *PGM       CLP         TAASPLTC4     QATTCL
   TAASPLTC5     *PGM       CLP         TAASPLTC5     QATTCL
   TAASPLTC6     *PGM       CLP         TAASPLTC6     QATTCL
   TAASPLTC7     *PGM       CLP         TAASPLTC7     QATTCL


   TAASPLTC   CL pgm

Validity checking programs

   Command     *JOBCTL     *SPLCTL
   --------    ---------   ---------


Added to TAA Productivity tools May 1, 1996

Home Page Up to Top