Authority holders

An authority holder is a tool for keeping the authorities for a program-described database file that does not currently exist on the system.

The primary use of an authority holder is for System/36 environment applications, which often delete program-described files and create them again.

An authority holder can be created for a file that already exists or for a file that does not exist, using the Create Authority Holder (CRTAUTHLR) command. The following descriptions apply to authority holders:
  • Authority holders can only secure files in the system auxiliary storage pool (ASP) or a basic user ASP. They cannot secure files in an independent ASP.
  • The authority holder is associated with a specific file and library. It has the same name as the file.
  • Authority holders can be used only for program-described database files and logical files.
  • After the authority holder is created, you add private authorities for it like a file. Use the commands to grant, revoke, and display object authorities, and specify object type *FILE. On the object authority displays, the authority holder is indistinguishable from the file itself. The displays do not indicate whether the file exists; nor do they show that the file has an authority holder.
  • If a file is associated with an authority holder, the authorities defined for the authority holder are used during authority checking. Any private authorities defined for the file are ignored.
  • Use the Display Authority Holder (DSPAUTHLR) command to display or print all the authority holders on the system. You can also use it to create an output file (OUTFILE) for processing.
  • If you create an authority holder for a file that exists:
    • The user creating the authority holder must have *ALL authority to the file.
    • The owner of the file becomes the owner of the authority holder regardless of the user creating the authority holder.
    • The public authority for the authority holder comes from the file. The public authority (AUT) parameter on the CRTAUTHLR command is ignored.
    • The existing file's authority is copied to the authority holder.
  • If you create a file and an authority holder for that file already exists:
    • The user creating the file must have *ALL authority to the authority holder.
    • The owner of the authority holder becomes the owner of the file regardless of the user creating the file.
    • The public authority for the file comes from the authority holder. The public authority (AUT) parameter on the CRTPF or CRTLF command is ignored.
    • The authority holder is linked to the file. The authority specified for the authority holder is used to secure the file.
  • If an authority holder is deleted, the authority information is transferred to the file itself.
  • If a file is renamed and the new file name matches an existing authority holder, the authority and ownership of the file are changed to match the authority holder. The user renaming the file needs *ALL authority to the authority holder.
  • If a file is moved to a different library and an authority holder exists for that file name and the target library, the authority and ownership of the file are changed to match the authority holder. The user moving the file must have *ALL authority to the authority holder.
  • Ownership of the authority holder and the file always match. If you change the ownership of the file, ownership of the authority holder also changes.
  • When a file is restored, if an authority holder exists for that file name and the library to which it is being restored, it is linked to the authority holder.
  • Authority holders cannot be created for files in these libraries: QSYS, QRCL, QRECOVERY, QSPL, QTEMP, and QSPL0002 – QSPL0032.