RMVSYSLIBE -- Remove System Library List Entry

RMVSYSLIBE REMOVE SYSTEM LIBRARY LIST ENTRY TAALIBQ
The Remove System Library List Entry command allows a user job to remove a library from the system portion of the library list for the current job. The only libraries that are valid to be removed are those that the Security Officer has identified in the RMVSYSLIBE data area in TAASECURE. The data area is shipped with no libraries specified. The data area should be updated with the EDTCONARR TAA command. Assume the Security Officer has specified LIB32 in the RMVSYSLIBE data area and that it exists on the system portion of the library list. The following command removes LIB32: RMVSYSLIBE LIB(LIB32) The intent of RMVSYSLIBE is to allow the placement of an optional library on the system portion of the library list. Users can remove the library if they do not need it or it causes conflicts with other functions that appear in libraries lower in the library list. System library list ------------------- The system portion of the library list can be changed by changing the system value QSYSLIBL. This only impacts new jobs. The system command CHGSYSLIBL can be used to change the list during a job, but this is a very security sensitive function. CHGSYSLIBL is shipped by the system so that it is only authorized to QSECOFR. The command should not be made public. CHGSYSLIBL allows any library to be added or removed from the system portion of the library list. Not only can the improper use of the command cause application problems, but improper use can also impact the security and integrity of the system. When a library is added to the system portion of the library list, it is always placed in front of QSYS. This can be a cause of significant security and integrity considerations. If you have a library that you want to be optional on the system portion of the library list, authorizing a user to CHGSYSLIBL probably provides a method of removing it, but at a considerable loss of control. The tool RMVSYSLIBE allows you to have an optional library that users can remove without giving up control. The user does not have to be authorized to the CHGSYSLIBL command (the CPP adopts the QSECOFR profile). Other comments -------------- Although RMVSYSLIBE is available for PUBLIC use, the command does not cause any function to occur unless the Security Officer takes an overt action to describe the library in the RMVSYSLIBE data area. QSYS can never be removed. There is no corresponding function to place the optional library back on the system portion of the library list so that it appears after QSYS. If you need to add the library back to the library list, consider the use of the CHGPRDLIB TAA tool. Command parameters CMD ------------------ LIB The library to be removed. Restrictions ------------ QSYS can never be removed. Prerequisites ------------- The following TAA Tools must be on your system: CONARR Constant array Implementation -------------- The tool is ready to use, but any libraries to be removed must be specified in the RMVSYSLIBE data area in TAASECURE. Use the following command: EDTCONARR DTAARA(TAASECURE/RMVSYSLIBE) Objects used by the tool ------------------------ Object Type Attribute Src member Src file ------ ---- --------- ---------- ---------- RMVSYSLIBE CMD TAALIBQ QATTCMD TAALIBQC PGM CLP TAALIBQC QATTCL

RMVSYSLIBE      REMOVE SYSTEM LIBRARY LIST ENTRY       TAALIBQ


The Remove  System  Library List  Entry command  allows a  user job  to
remove a  library from the system  portion of the library  list for the
current  job.   The only  libraries that  are valid  to be  removed are
those that the Security  Officer has identified in the  RMVSYSLIBE data
area  in  TAASECURE.   The  data  area  is  shipped with  no  libraries
specified.   The  data area  should be updated  with the  EDTCONARR TAA
command.

Assume the  Security  Officer has  specified  LIB32 in  the  RMVSYSLIBE
data area  and that  it exists  on the  system portion  of the  library
list.  The following command removes LIB32:

          RMVSYSLIBE    LIB(LIB32)

The  intent of  RMVSYSLIBE is  to  allow the  placement of  an optional
library on the system  portion of the library  list.  Users can  remove
the library if  they do not need it  or it causes conflicts  with other
functions that appear in libraries lower in the library list.

System library list
-------------------

The system portion  of the library list can  be changed by changing the
system value QSYSLIBL.  This only impacts new jobs.

The  system command CHGSYSLIBL can be used  to change the list during a
job, but  this is a  very security sensitive  function.  CHGSYSLIBL  is
shipped by  the system so that it  is only authorized to  QSECOFR.  The
command should not be made public.

CHGSYSLIBL  allows any library to  be added or removed  from the system
portion of the  library list.   Not only  can the improper  use of  the
command cause  application problems, but  improper use can  also impact
the security and integrity of the system.

When a  library is added to the system portion  of the library list, it
is  always  placed  in  front  of  QSYS.    This  can  be  a  cause  of
significant security and integrity considerations.

If you  have  a library  that you  want to  be optional  on the  system
portion  of  the  library   list,  authorizing  a  user  to  CHGSYSLIBL
probably  provides a method of removing  it, but at a considerable loss
of control.

The tool RMVSYSLIBE allows you  to have an optional library  that users
can remove without giving up control.

The  user does  not have  to be  authorized to  the  CHGSYSLIBL command
(the CPP adopts the QSECOFR profile).

Other comments
--------------

Although  RMVSYSLIBE is  available  for *PUBLIC  use, the  command does
not cause any function  to occur unless  the Security Officer takes  an
overt action to describe the library in the RMVSYSLIBE data area.

QSYS can never be removed.

There is no  corresponding function to place the  optional library back
on  the system  portion of the  library list  so that it  appears after
QSYS.

If you need to add the library  back to the library list, consider  the
use of the CHGPRDLIB TAA tool.

Command parameters                                    *CMD
------------------

   LIB           The library to be removed.

Restrictions
------------

QSYS can never be removed.

Prerequisites
-------------

The following TAA Tools must be on your system:

     CONARR          Constant array

Implementation
--------------

The tool  is ready  to use,  but any  libraries to be  removed must  be
specified  in  the  RMVSYSLIBE   data  area  in  TAASECURE.    Use  the
following command:

          EDTCONARR    DTAARA(TAASECURE/RMVSYSLIBE)

Objects used by the tool
------------------------

   Object        Type    Attribute      Src member    Src file
   ------        ----    ---------      ----------    ----------

   RMVSYSLIBE    *CMD                   TAALIBQ       QATTCMD
   TAALIBQC      *PGM       CLP         TAALIBQC      QATTCL

Added to TAA Productivity tools May 1, 1996

Home Page

Up to Top