Display Authority (DSPAUT)
|Where allowed to run: All environments (*ALL)
The Display Authority (DSPAUT) command shows the list of authorized users of an object and their authorities for the object. If the object is secured by an authorization list, the name of the authorization list is also shown.
The following are shown for the specified object:
- The object path name.
- The name of the object's owner.
- The name of the object's primary group.
- The name of the authorization list securing the object.
- A list of all the users who are authorized to use the object.
- The authorities that each user has for the object.
If an object does not have an owner name associated with it, no authorities for the object are shown.
See Appendix D of the System i Security Reference, SC41-5302 for the authorities needed to use this command.
For more information about integrated file system commands, see the Integrated file system topic collection in the IBM i Information Center at http://www.ibm.com/systems/i/infocenter/.
|OBJ||Object||Path name||Required, Positional 1|
|SYMLNK||Symbolic link||*NO, *YES||Optional|
Specifies the objects for which the authorized users and their authorities are displayed.
For more information on specifying path names, refer to "Object naming rules" in the CL topic collection in the Programming category in the IBM i Information Center at http://www.ibm.com/systems/i/infocenter/.
This is a required parameter.
- Specify the path name of the objects for which specific authorities are to be shown.
The object path name can be either a simple name or a name that is qualified with the name of the directory in which the object is located. A pattern can be specified in the last part of the path name. An asterisk (*) matches any number of characters and a question mark (?) matches a single character. If the path name is qualified or contains a pattern, it must be enclosed in apostrophes.
Symbolic link (SYMLNK)
If the last component in the path name is a symbolic link, specifies whether or not to display the symbolic link or the object pointed to by the symbolic link.
- The symbolic link object is not displayed. The object pointed to by the symbolic link is displayed.
- If the object is a symbolic link, the symbolic link is displayed. The object pointed to by the symbolic link is not displayed.
Specifies whether the output from the command is displayed at the requesting work station or printed with the job's spooled output.
- The output is displayed (if requested by an interactive job) or printed with the job's spooled output (if requested by a batch job).
- The output is printed with the job's spooled output.
Example 1: Displaying Users and Authorities
This command shows the authorized users and their authorities for the object named PROG1 to the user who entered the command, if that user has object management authority for the object. PROG1 is a program located in the library named ARLIB. The system assumes * for the device that shows the output list. If the command was entered in the batch subsystem, the output is placed in the default output queue for the job. If the command was entered in the interactive subsystem, the output is shown on the device where the user entered the command.
Example 2: Printing List of Users
DSPAUT OBJ('/MYDIR/MYOBJECT') OUTPUT(*PRINT)
This command causes the list of authorized users of MYOBJECT in the MYDIR directory to be printed.
- User profile name too long.
- A non-recoverable I/O error occurred.
- The address used for an argument was not correct.
- Possible APAR condition or hardware failure.
- Unknown system state.
- Error occurred while attempting to obtain space.
- Operation failed for object. Object is &1.
- Function not supported by file system.
- An input or output error occurred.
- Information passed to this operation was not valid.
- Path name resolution causes looping.
- Too many open files for process.
- Too many open files.
- Path name too long.
- Object not found. Object is &1.
- Requested operation not allowed. Access problem.
- Buffer overflow occurred.
- CCSID &1 not valid.
- Path name cannot begin with *.
- Pattern not allowed in path name directory.
- More than one name matches pattern.
- Home directory not found for user &1.
- Matching quote not found in path name.
- Path name contains null character.
- Path name pattern not valid.
- Not authorized to object. Object is &1.
- Error occurred in program &1.
- Object in use. Object is &1.
- Object damaged. Object is &1.
- Pattern not allowed in user name.
- Path name not converted.
- Name matching pattern not found.
- Path name not specified.
- Directory handle not valid.
- Severe error occurred while addressing parameter list.
- Value for number of directory entries not valid.
- Value for length of data buffer not valid.
- User profile &1 not correct.
- Unexpected errors occurred during processing.
- Not able to allocate internal system object.
- Object &2 in library &3 not found.
- Not authorized to object &2 in &3.
- Cannot allocate object &2 in library &3.