Restoring licensed programs

This topic introduces the instructions on restoring the licensed programs on your system.

The Restore Licensed Programs (RSTLICPGM) command is used to install IBM-supplied programs on your system. It can also be used to install non-IBM programs that were created by using the IBM® System Manager for IBM i licensed program.

When your system is shipped, only users with *ALLOBJ special authority can use the RSTLICPGM command. The RSTLICPGM procedure calls an exit program to install programs that are not supplied by IBM.

To protect security on your system, the exit program should not run using a profile with *ALLOBJ special authority. Instead of having a user with *ALLOBJ authority run the command directly, use a program that adopts *ALLOBJ special authority to run the RSTLICPGM command.

Here is an example of this technique. The program to be installed using the RSTLICPGM command is called CPAPP (Contracts and Pricing).
  1. Create a user profile with sufficient authority to successfully install the application. Do not give this profile *ALLOBJ special authority. In this example, the user profile is called OWNCP.
  2. Write a program to install the application. In this example, the program is called CPINST:
    Note: By using the code examples, you agree to the terms of the Code license and disclaimer information.
    PGM
RSTLICPGM CPAPP
ENDPGM
  3. Create the CPINST program to adopt the authority of a user with *ALLOBJ special authority, such as QSECOFR, and authorize OWNCP to the program: 
    CRTCLPGM QGPL/CPINST USRPRF(*OWNER) +
         AUT(*EXCLUDE)
GRTOBJAUT OBJ(CPINST) OBJTYP(*PGM) +
          USER(OWNCP)  AUT(*USE)
  4. Sign on as OWNCP and call the CPINST program. When the CPINST program runs the RSTLICPGM command, you are running under QSECOFR authority. When the exit program runs to install the CPAPP programs, it drops adopted authority. The programs called by the exit program run under the authority of OWNCP.