Library commands
This table lists the specific authorities required for the library commands.
Commands identified by (Q) are shipped with public authority *EXCLUDE. Commands shipped with public authority *EXCLUDE shows which IBM-supplied user profiles are authorized to the command. The security officer can grant *USE authority to others.
Command | Referenced object | Authority needed | |
---|---|---|---|
For object | For library being acted on | ||
ADDLIBLE | Library | *USE | |
CHGCURLIB | New current library | *USE | |
CHGLIB 8 | Library | *OBJMGT | |
CHGLIBL | Every library being placed in the library list | *USE | |
CHGSYSLIBL (Q) | Libraries in new list | *USE | |
CLRLIB 3 | Every object being deleted from library | *OBJEXIST | *USE |
Object types *DTADCT14, *JRN14,*JRNRCV14, *MSGQ14, *SBSD14 | See the authority required by the DLTxxx command for the object type | ||
ASP device (if specified) | *USE | ||
CPYLIB 4 | From-Library | *USE | |
To-library, if it exists | *USE, *ADD | ||
CHKOBJ, CRTDUPOBJ commands | *USE | ||
CRTLIB command, if the target library is being created | *USE | ||
Object being copied | The authority that is required when you use the CRTDUPOBJ command to copy the object type. | ||
CRTLIB 9 | ASP device (if specified) | *USE | |
DLTLIB 3 | Every object being deleted from library | *OBJEXIST | *USE, *OBJEXIST |
Object types *DTADCT14, *JRN14,*JRNRCV14, *MSGQ, *SBSD14 | See the authority required by the DLTxxx command for the object type | ||
ASP device (if specified) | *USE | ||
DSPLIB | Library | *READ | |
Objects in the library 5 | Some authority other than *EXCLUDE | ||
ASP device (if specified) | *EXECUTE | ||
DSPLIBD | Library | Some authority other than *EXCLUDE | |
EDTLIBL | Library to add to list | *USE | |
RCLLIB | Library | *USE, *OBJEXIST | |
RSTLIB (Q)7, 17, 19 | Media definition | *USE | *EXECUTE |
Library, if it does exist | *READ, *ADD | ||
Message queues being restored to library where they already exist | *OBJOPR, *OBJEXIST 7 | *EXECUTE. *READ, *ADD | |
Programs that adopt authority | Owner or *ALLOBJ and *SECADM | *EXECUTE | |
Library saved if VOL(*SAVVOL) is specified | *USE 6 | ||
Every object being restored over in the library | *OBJEXIST 3 | *EXECUTE, *READ, *ADD | |
User profile owning objects being created | *ADD 6 | ||
Tape unit, diskette unit, optical unit | *USE | *EXECUTE | |
Output file, if specified | See General Rules | See General Rules | |
QSYS/QASAVOBJ field reference file for output file, if an output file is specified and does not exist | *USE | *EXECUTE | |
RSTLIB (Q) | Tape (QSYSTAP) or diskette (QSYSDKT) file | *USE 6 | *EXECUTE |
QSYS/QPSRLDSP printer output, if OUTPUT(*PRINT) specified | *USE | *EXECUTE | |
Save file | *USE | *EXECUTE | |
Optical File (OPTFILE)12 | *R | Not applicable | |
Path prefix of optical file (OPTFILE)12 | *X | Not applicable | |
Optical volume11 | *USE | ||
ASP device description15 | *USE | ||
RSTS36LIBM | From-file | *USE | *EXECUTE |
To-file | *CHANGE | *EXECUTE | |
To-library | *CHANGE | *EXECUTE | |
Device file or device description | *USE | *EXECUTE | |
RTVLIBD | Library | Some authority other than *EXCLUDE | |
SAVLIB18 | Every object in the library | *OBJEXIST 6 | *READ, *EXECUTE |
Media definition | *USE | *EXECUTE | |
Save file, if empty | *USE, *ADD | *EXECUTE | |
Save file, if records exist in it | *USE, *ADD, *OBJMGT | *EXECUTE | |
Save active message queue | *OBJOPR, *ADD | *EXECUTE | |
Tape unit, diskette unit, optical unit | *USE | *EXECUTE | |
Output file, if specified | Refer to the general rules. | Refer to the general rules. | |
QSYS/QASAVOBJ field reference file, if output file is specified and does not exist | *USE 6 | *EXECUTE | |
QSYS/QPSAVOBJ printer output | *USE 6 | *EXECUTE | |
Command user space, if specified | *USE | *EXECUTE | |
SAVLIB | Optical File12 | *RW | Not applicable |
Parent Directory of optical file (OPTFILE)12 | *WX | Not applicable | |
Path Prefix of optical file (OPTFILE)12 | *X | Not applicable | |
Root Directory (/) of Optical Volume12, 13 | *RWX | Not applicable | |
Optical volume11 | *CHANGE | ||
ASP device description15 | *USE | ||
SAVRSTLIB | On the source system, same authority as required by SAVLIB command. | ||
On the target system, same authority as required by RSTLIB command. | |||
SAVS36LIBM | Save to a physical file | *OBJOPR, *OBJMGT | *EXECUTE |
Either QSYSDKT for diskette or QSYSTAP for tape, and all commands need authority to the device | *OBJOPR | *EXECUTE | |
Save to a physical file if MBROPT(*ADD) is specified | *ADD | *READ, *ADD | |
Save to a physical file if MBROPT(*REPLACE) is specified | *ADD, *DLT | *EXECUTE | |
From-library | *USE | ||
WRKLIB 10, 16, 20 | Library | *USE | |
|
|||
|
|||
|
|||
|