Optical commands

This table lists the specific authorities required for the optical commands.

Commands identified by (Q) are shipped with public authority *EXCLUDE. Commands shipped with public authority *EXCLUDE shows which IBM-supplied user profiles are authorized to the command. The security officer can grant *USE authority to others.

Command	Referenced object	Authority needed
Command	Referenced object	Object	Library	Optical volume ¹
ADDOPTCTG (Q)	Optical Device	*USE	*EXECUTE
ADDOPTSVR (Q)	Server CSI	*USE	*EXECUTE
CHGDEVOPT⁴	Optical Device	CHANGE, OBJMGT	*EXECUTE
CHGOPTA (Q)
CHGOPTVOL	Root directory (/) of volume when changing the Text Description⁵	*W	Not applicable	Not applicable
	Optical Device	*USE	*EXECUTE	*CHANGE³
	Server CSI	*USE	*EXECUTE	Not applicable
CHKOPTVOL	Optical device	*USE	*EXECUTE	*USE
CHKOPTVOL	Root directory (/) of volume	*RWX	Not applicable	Not applicable
CPYOPT	Optical Device	*USE	*EXECUTE	*USE - Source Volume
				*ALL - Target Volume
	Each preceding dir in path of source file	*X	Not applicable	Not applicable
	Each preceding dir in path of destination file	*X	Not applicable	Not applicable
	Source file (*DSTMF)⁵	*R	Not applicable	Not applicable
	Parent dir of destination file	*WX	Not applicable	Not applicable
	Parent of parent dir if creating dir	*WX	Not applicable	Not applicable
CPYOPT	Destination file if replaced due to SLTFILE(*ALL)	*W	Not applicable	Not applicable
	Destination file if replaced due to SLTFILE(*CHANGED)	*RW	Not applicable	Not applicable
	Each dir in path that precedes source dir	*X	Not applicable	Not applicable
	Each dir in path that precedes target dir	*X	Not applicable	Not applicable
CPYOPT	Dir being copied⁵	*R	Not applicable	Not applicable
	Dir being copied if it contains entries	*RX	Not applicable	Not applicable
	Parent of target dir	*WX	Not applicable	Not applicable
	Target dir if replaced due to SLTFILE(*ALL)	*W	Not applicable	Not applicable
	Target dir if replaced due to SLTFILE(*CHANGED)	*RW	Not applicable	Not applicable
	Target dir if entries are to be created	*WX	Not applicable	Not applicable
CPYOPT	Source files	*R	Not applicable	Not applicable
	Destination file if replaced due to SLTFILE(*ALL)	*W	Not applicable	Not applicable
	Destination file if replaced due to SLTFILE(*CHANGED)	*RW	Not applicable	Not applicable
CRTDEVOPT⁴	Optical Device		*EXECUTE
CVTOPTBKU	Optical Device	*USE	*EXECUTE	*ALL
DSPOPT	Path Prefix when DATA (*SAVRST)⁵	*X	Not applicable	Not applicable
	File Prefix when (*SAVRST)²	*R	Not applicable	Not applicable
	Optical Device	*EXECUTE	*USE
	Server CSI	*USE	*EXECUTE
DSPOPTLCK
DSPOPTSVR	Server CSI	*USE	*EXECUTE
DUPOPT	Optical Device	*USE	*EXECUTE	*USE - Source Volume
DUPOPT				*ALL - Target Volume
INZOPT	Root directory (/) of volume	*RWX	Not applicable	Not applicable
INZOPT	Optical Device	*USE	*EXECUTE	*ALL
LODOPTFMW	Stream file	*R	Not applicable	Not applicable
LODOPTFMW	Path prefix	Refer to the general rules.
RCLOPT (Q)	Optical Device	*USE	*EXECUTE
RMVOPTCTG (Q)	Optical Device	*USE	*EXECUTE
RMVOPTSVR (Q)	Server CSI	*USE	*EXECUTE
STRNETINS (Q)⁶	Network optical device	*USE	*EXECUTE
WRKHLDOPTF²	Optical Device	*USE	*EXECUTE	*USE
WRKHLDOPTF²	Server CSI	*USE	*EXECUTE
WRKOPTDIR²	Optical Device	*USE	*EXECUTE	*USE
WRKOPTDIR²	Server CSI	*USE	*EXECUTE
WRKOPTF²	Optical Device	*USE	*EXECUTE	*USE
WRKOPTF²	Server CSI	*USE	*EXECUTE
WRKOPTVOL²	Optical Device	*USE	*EXECUTE
¹ Optical volumes are not actual system objects. The link between the optical volume and the authorization list used to secure the volume is maintained by the optical support function. ² There are seven options that can be invoked from the optical utilities that are not commands themselves. These options and their required authorities to the optical volume are shown below. Delete File: CHANGE Rename File: CHANGE Delete Directory: CHANGE Create Directory: CHANGE Rename Volume: ALL Release Held Optical File: CHANGE Save Held Optical File: USE - Source Volume, Change - Target Volume ³ Authorization list management authority to the authorization list currently securing the optical volume is needed to change the authorization list used to secure the volume. ⁴ To use this command, you must have IOSYSCFG special authority. ⁵ This authority check is only made when the Optical media format is Universal Disk Format (UDF). ⁶ You must have JOBCTL special authority to use this command.