The permanent directory namespace must be enabled with the SYSOPS PERMDIRECTORIES option.
The permanent directory namespace consists of all files and directories with *DIR as the first node of their name. The namespace is distributed across all of the disk families on the system.
Within this namespace, all directories are permanent and have attributes that can control access to the files contained within the directories. Permanent directories can only be created in the permanent directory namespace.
Access to a file within the permanent directory namespace requires that X (traverse) permission be granted by each of the permanent directories containing the file. If these traverse permissions are granted by all containing permanent directories, then the actual file access permissions are determined by the file’s attributes in the same manner as for files that are not in the permanent directory namespace. If any of these traverse permissions are not granted, then no access is permitted to the file.
-
This permission checking requirement is an absolute requirement for nonprivileged users. Privileged users and tasks are not subject to this check.
-
Although permanent directory X (traverse) permissions might not be specifically mentioned when the topic of file access permissions is discussed, these permissions must still be granted for the user to access the file. For example, the statement, “Anyone can execute public code files” is generally true, but within the permanent directory namespace, directory traverse checks can prevent a user from access to a file to execute it.
-
Guard files cannot be assigned to a permanent directory.
Permanent directories can exist even when empty and must be removed by a specific command. They do not appear or disappear as files are created or removed as in the temporary directory file system. The security attributes assigned to a permanent directory are retained until the permanent directory is removed.
Within the permanent directory namespace, the owner of a file or directory is not determined by the file or directory title. The OWNER file attribute records the owner of the file. This can be either a usercode or null if the file is owned by “ * ”.
Files in the permanent directory namespace are considered to be unusercoded files, even though they may have a usercode as OWNER, because there is no usercode in the file title.
The NONUSERFILES option does not apply to permanent directories.
Permission checks for files within the permanent directory namespace are performed using the same algorithms used for files within the traditional namespace with two exceptions:
-
A nonprivileged user with write permission for a file and directory in the permanent directory namespace will be permitted to rename the file or directory.
-
CHANGE and REMOVE ignore guard files when they are used with a file in the permanent directory namespace.
In general, the X (traverse) permission must be granted to a process at each node of the file name to access a file within this namespace. For example:
*DIR/USERS/JOE/X ON MYFAM
For a process to access this file, the process must be granted:
-
X (traverse) permission to *DIR ON MYFAM
-
X (traverse) permission to *DIR/USERS ON MYFAM
-
X (traverse) permission to *DIR/USERS/JOE ON MYFAM
-
Some access permission to the actual file, *DIR/USERS/JOE/X ON MYFAM
The security mode combinations of the three control settings—R (Read), W (Write), and X (traverse) have the following effect when applied to a permanent directory file.
|
Control Setting |
Permanent Directory Files (FILEKIND = PERMDIR) |
|---|---|
|
NO |
No access is permitted to the files or subdirectories of the permanent directory. Using NX/Services, it may be possible to change to this directory, but not to see, access, or change the contents of the directory. |
|
R |
The user or program is permitted to see a listing of the files and subdirectories contained within the permanent directory. It is not possible to read or modify any of the files within the directory, nor to create or remove files within the directory, nor to access the contents of subdirectories of the directory. This setting is not normally used. |
|
W |
No access is permitted to the files or subdirectories of the permanent directory. This access setting is equivalent to a setting of NO, which is a better choice. This setting is not normally used. |
|
X |
The user or program can “traverse” through the permanent directory and access files and subdirectories contained within it. It is possible to read, modify, and update attributes of files within the directory, subject to the permissions on the file, if you know the name of the file. It is not possible to create or remove files within the directory. |
|
RW |
The user or program is permitted to see a listing of the files and subdirectories contained within the permanent directory. This access setting is equivalent to a setting of R. This setting is not normally used. |
|
RX |
The user or program is permitted to see a listing of the files and subdirectories contained within the permanent directory. The user or program can “traverse” through the permanent directory and access files and subdirectories contained within it. It is possible to read, modify, and update attributes of files within the directory, subject to the permissions on the file. It is not possible to create or remove files within the directory. |
|
WX |
The user or program is not permitted to see a listing of the files and subdirectories contained within the permanent directory. The user or program can “traverse” through the permanent directory and access files and subdirectories contained within it, provided that the user knows the file name. It is possible to read, modify, and update attributes of files within the directory, subject to the permissions on the file. It is possible to create files in the directory and to rename or remove files from the directory regardless of the permissions specified for the file. |
|
RWX |
Full access is granted to the directory. The user or program is permitted to see a listing of the files and subdirectories contained within the permanent directory. The user or program can “traverse” through the permanent directory and access files and subdirectories contained within it. It is possible to read, modify, and update attributes of files within the directory, subject to the permissions on the file. It is possible to create files in the directory and to remove files from the directory regardless of the permissions specified for the file. |
The R, W, and RW security mode combinations are not recommended for use on permanent directories. These combinations are likely to produce inconsistent behavior for users accessing those permanent directories.
Some additional restrictions apply to the COPY, ADD, MOVE, REMOVE, CHANGE and ALTER WFL statements when applied to files and permanent directories in the permanent directory name space. For more information about permanent directories, refer to the System Operations Guide.
