Quick Links

Sponsored Links

Support Goto400.com

CL Command Reference - PRTPUBAUT

CL Command List > PRTPUBAUT Reference

Description:

The Print Publicly Authorized Objects (PRTPUBAUT) command allows you to print a report of the specified objects that do not have public authority of *EXCLUDE. For *PGM objects, only the programs that do not have public authority of *EXCLUDE that a user can call (the program is either user domain or the system security level (QSECURITY system value) is 30 or below) will be included in the report. This is a way to check for objects that every user on the system is authorized to access.

This command will print two reports. The first report (Full Report) will contain all of the specified objects that do not have public authority of *EXCLUDE. The second report (Changed Report) will contain the objects that now do not have public authority of *EXCLUDE that did have public authority of *EXCLUDE or did not exist when the PRTPUBAUT command was previously run. If the PRTPUBAUT command was not previously run for the specified objects and library or folder, there will be no ¡¯Changed Report¡¯. If the command has been previously run, but no additional objects do not have public authority of *EXCLUDE, then the ¡¯Changed Report¡¯ will be printed but there will be no objects listed.

The reports will contain the following information:

. The object type specified on the command (if object type is not *DOC or *FLR).

. The name of the library specified on the command (if object type is not *BLKSF, *DIR, *DOC, *FLR, *SOCKET, *STMF, or *SYMLNK).

. The name of the folder the documents are in (if object type is *DOC).

. The name of the directory objects are in (if object type is *BLKSF, *DIR, *SOCKET, *STMF, or *SYMLNK).

. The date and time the report was last run (only shown on the Changed Report).

. An entry for each object that does not have *PUBLIC authority of *EXCLUDE. Each entry contains the following information:
¨C The name of the library the object is in (if object type is not *BLKSF, *DIR, *DOC, *FLR, *SOCKET, *STMF, or *SYMLNK).
¨C The name of the folder the folder is in (if object type is *FLR).
¨C The name of the object.
¨C The owner of the object.
¨C The authorization list securing the object.
¨C The special value for the *PUBLIC authority (e.g. *ALL or *CHANGE).
¨C The sensitivity level of the document or folder (if object type is *DOC or *FLR).
¨C An indicator for the individual authorities that *PUBLIC has to the program (¡¯X¡¯ or ¡¯ ¡¯) (if object type is not *DOC or *FLR).

The file QPBXXXXXXX (where ¡¯XXXXXXX¡¯ is the object type specified on the command) in library QUSRSYS contains information from the last time the PRTPUBAUT command was run. If object type is not *BLKSF, *DIR, *DOC, *FLR, *SOCKET, *STMF, or *SYMLNK there is a member within the file, with the same name as the library, for each library that has been previously specified on the command. If a special value is specified for the library name (for example, *USRLIBL), then the ¡¯*¡¯ will be replaced with a ¡¯Q¡¯ in the member name. For object types that don¡¯t require a library to be specified (e.g. *USRPRF), the library name is QSYS. System file QAOBJAUT in library QSYS with format name of QSYDSAUT is the model file for the file.

If the object type is *FLR, the first member will contain the information from the previous time *FLR was specified on the command. System file QASECDLO in library QSYS with format name of QSECDLO is the model file for the file.

If the object type is *DOC, there is a member within the file for each folder that has been previously specified on the command. The member name will be the same as the system name of the folder. System file QASECDLO in library QSYS with format name of QSECDLO is the model file for the file.

If the object type is *BLKSF, *DIR, *SOCKET, *STMF, or *SYMLNK, there is a member within the file for each directory that has previously been specified in the Directory (DIR) parameter. The member names are based on the order the directories are processed. The member naming convention is x000000001, x000000002, and so on. The first character in the member name will either be N or Y. This character indicates if the subdirectories were searched when the data was gathered. N indicates the subdirectories were not searched, Y indicates they were searched. Once a member name has been assigned to a directory, the numeric portion with the appropriate prefix is used for all of the object types listed above. The system file QASECDIR in library QSYS with format name of QSECDIR is the model file for the file.

Note: The file QASECGFIPB in library QUSRSYS contains the file ID values of every directory that has been processed and the Nxxxxxxxxx member name that has been assigned to it. The system file QASECGFI in library QSYS with format name of QSECGFI is the model file for QASECGFIPB.

Restriction: You must have all object (*ALLOBJ) or audit (*AUDIT) special authority to run this command.


Examples:

PRTPUBAUT OBJTYPE(*FILE) LIB(QSYS)

This command prints both full and changed reports for the file objects in the library QSYS.