Quick Links

Sponsored Links

Support Goto400.com

CL Command Reference - CHGAUD

CL Command List > CHGAUD Reference

Description:

The Change Auditing Value (CHGAUD) command sets up or changes auditing on an object or group of objects. An object name pattern can be used to change authority for a group of related objects.

The CHGAUD command can also be used to change auditing of a directory tree where the directory, its contents, and the contents of all of its subdirectories are to have auditing changed. If SUBTREE(*ALL) is specified, this command will attempt to change the auditing of all objects within the subtree. A diagnostic message will be sent for each object that could not have its auditing changed and, when all of the objects have been attempted, an escape message will be sent. If all of the objects had auditing changed with no errors, a completion message will be sent.

If a symbolic link object is encountered, either specified in the Object (OBJ) parameter or encountered in the processing of a subtree, the value specified for the Symbolic link (SYMLNK) parameter will be applied to that symbolic link object. If processing a subtree, the processing of that branch of the subtree then stops because a symbolic link object itself cannot have subtrees.

Restrictions:

You must have audit (*AUDIT) special authority to use this command. Users with *AUDIT special authority can turn auditing on or off for an object regardless of whether they have authority to the object.


Examples:

Example 1: Changing object auditing value of a file

CHGAUD OBJ(¡¯/QSYS.LIB/PAYROLL.LIB/PAYFILE.FILE¡¯)
OBJAUD(*CHANGE)

This command changes the object auditing value of the PAYFILE file in the PAYROLL library. The auditing value of the PAYFILE file is changed so that all change access to the file by all users is logged by the system.



Example 2: Changing object auditing value of a symbolic link when SYMLNK(*NO)

CHGAUD OBJ(¡¯/sym1¡¯) OBJAUD(*CHANGE) SUBTREE(*ALL) SYMLNK(*NO)

This command will first determine if there are subtrees to process. Since the object specified in the OBJ parameter is a symbolic link, the SUBTREE parameter will be ignored because a symbolic link object does not have subtrees. Next, the object pointed to by symbolic link sym1 (dir1) will be changed because the SYMLNK parameter specifies that the symbolic link object not be changed.

In this example, the object auditing value for dir1 is changed so that all change access to the directory by all users is logged by the system. It does not change the object auditing value of the symbolic link object (sym1) and it does not change the object auditing value of the contents of dir1.



Example 3: Changing object auditing value of a symbolic link when SYMLNK(*YES)

CHGAUD OBJ(¡¯/sym1¡¯) OBJAUD(*CHANGE) SUBTREE(*ALL) SYMLNK(*YES)

This command will first determine if there are subtrees to process. Since the object specified in the OBJ parameter is a symbolic link, the SUBTREE parameter will be ignored because a symbolic link object does not have subtrees. Next, the symbolic link object (sym1) will be changed because the SYMLNK parameter specifies that the symbolic link object be changed.

In this example, the object auditing value for sym1 is changed so that all change access to the symbolic link by all users is logged by the system. It does not change the object auditing value of the object pointed to by the symbolic link (dir1) and it does not change the object auditing value of the contents of dir1.



Example 4: Changing object auditing value of a directory when SUBTREE(*ALL) and SYMLNK(*NO)

CHGAUD OBJ(¡¯/dir1¡¯) OBJAUD(*CHANGE) SUBTREE(*ALL) SYMLNK(*NO)

This command will first determine if there are subtrees to process. Since the object specified in the OBJ parameter is a directory, the subtrees will be processed. When the processing of the tree encounters a *SYMLNK object, the value for the SYMLNK parameter will be applied to that *SYMLNK object. When the SYMLNK parameter is *NO, the object the symbolic link points to will be changed. The processing of that branch of the tree then stops because the *SYMLNK object itself does not have a subtree.

In this example, the object auditing value for dir1, dir2.1, dir2.2, dir2.3, dir3.1, dir3.2, dirA is changed so that all change access to those directories by all users is logged by the system. The object auditing value of sym3.3, dirB.1, dirB.2, dirB.3 is not changed.



Example 5: Changing object auditing value of a directory when SUBTREE(*ALL) and SYMLNK(*YES)

CHGAUD OBJ(¡¯/dir1¡¯) OBJAUD(*CHANGE) SUBTREE(*ALL) SYMLNK(*YES)

This command will first determine if there are subtrees to process. Since the object specified in the OBJ parameter is a directory, the subtrees will be processed. When the processing of the tree encounters a *SYMLNK object, the value for the SYMLNK parameter will be applied to the *SYMLNK object. When the SYMLNK parameter is *YES, the symbolic link object will be changed. The processing of that branch of the tree then stops because the *SYMLNK object itself does not have a subtree.

In this example, the object auditing value for dir1, dir2.1, dir2.2, dir2.3, dir3.1, dir3.2, sym3.3 is changed so that all change access to those directories and symbolic link by all users is logged by the system. The object auditing value of dirA, dirB.1, dirB.2, dirB.3 is not changed.



Example 6: Changing object auditing value of a directory when SUBTREE(*NONE) and SYMLNK(*NO)

CHGAUD OBJ(¡¯/dir1¡¯) OBJAUD(*CHANGE) SUBTREE(*NONE) SYMLNK(*NO)

This command will not process subtrees. Since the object specified in the OBJ parameter is not a symbolic link, the SYMLNK parameter will be ignored.

The object auditing value of dir1 is changed so that all change access to the directory by all users is logged by the system.

NOTE:

The only way to change dirB.1, dirB.2, and dirB.3 is to specify them individually in the OBJ parameter of the change command, or to specify the change command with OBJ(dirA) and SUBTREE(*ALL).