Leave My Stream Files Alone, Please
October 20, 2010 Hey, Competent IBM i Professional:
Recently one of your fellow readers told me that her shop’s nightly job halted because one of the users had inadvertently dragged something from one network folder and dropped it into another one. Don’t you just hate it when little mistakes cause big problems? Here’s an easy way to help reduce the likelihood of such errors in the Integrated File System.
The Integrated File System (IFS) is the umbrella file system that allows IBM i to store many types of data. It is a directory-based system.
To create a directory, use any of three versions of the Create Directory command: CRTDIR, MD, or MKDIR. And now comes the good part. The Create Directory command has a parameter named Restricted Rename and Unlink (RSTDRNMUNL). Setting this parameter to *YES prevents unauthorized users from renaming, deleting, or moving objects in the directory.
CRTDIR DIR('/home/mydir') RSTDRNMUNL(*YES)
Authorized users include an object’s owner, the directory’s owner, and anyone with special authority. The file systems for which this attribute may be set (as of IBM i 7.1) are the Network File System (NFS), QFileSvr.400, “root” (/), QOpenSys, and user-defined file systems.
This authority is a characteristic of the directory, not the objects in the directory. Moving an object from a restricted directory to a non-restricted one may allow other users to rename, move, and delete that object.