[Search for users] [Overall Top Noters] [List of all Conferences] [Download this site]

Conference iosg::all-in-1_v30

Title:	OLD ALL-IN-1 (tm) Support Conference
Notice:	Closed - See Note 4331.l to move to IOSG::ALL-IN-1
Moderator:	IOSG::PYE

Created:	Thu Jan 30 1992
Last Modified:	Tue Jan 23 1996
Last Successful Update:	Fri Jun 06 1997
Number of topics:	4343
Total number of notes:	18308

3520.0. "System Delete privilege in OA$SHAREx directories." by CTHP12::M_MORIN () Wed Nov 10 1993 14:42

It appears as though the files in the shared directories OA$SHAREx need to have 
S:RWED (namely D) privilege, in order for ALL-IN-1 to be able to delete the files 
in the directories when the last mail message reference is deleted.

A customer who has set the default protection for the ALL-IN-1 account to be 
S:RWE is having problems with the files not being deleted when the last mail 
message reference is deleted.  A protection violation error is logged 
on the console whenever this happens.  They've tried getting around the problem 
by using ACL's on the files but that didn't do it.

Is there an easy way to get around the requirement for the S:D privilege on the 
shared directory files, apart from customizing?

/Mario

T.R	Title	User	Personal Name	Date	Lines
3520.1		CTHP12::M_MORIN		`Wed Nov 10 1993 16:49`	6
	Along the same lines, how is the protection set in the shared directory files? Is it explicitely set to (S:RWED,O:RWED,G,W) or is it set from the SYSGEN parameter RMS_FILEPROT? /Mario
3520.2	(RWED,RWED,,)	UTRACK::SCHOLLAERT	Ajax 8 - Heerenveen 4, next.	`Thu Nov 11 1993 07:31`	23
	Mario, From STARS .... $ DIR/SEC/OWN OA$SHARE: Directory DISK$TECH:[ALLIN1.SHARED_E] OA$DAF_E.DAT;4 [ALLIN1] (RWED,RWED,,) In this example, the Shared Document Attributes File (SDAF) for mail area E is correctly owned and protected. This ownership and protection is passed to all files in shared directories belong- ing to that mail area, so it is important that it is correct. By the way, 3.0 does not generate OPCOM messages on failed deletion. The user gets a %OA-W-CAB_NODELPRIV message. Entry from docdb is gone. File left. Regards, Jan
3520.4	Not customisable...	HERO::PYE	Graham Pye	`Sun Nov 14 1993 17:33`	11
	Although you can fix the Janitor so that it sets the appropriate protection on the file, the janitor will need the appropriate directory protections in order that it can do this. There may be other places in the code that do the deletion that you won't be able to customise, one of them might be the user's own Empty Wastebasket function. Graham PS Why is S:D such a big deal anyway?
3520.5		CTHP12::M_MORIN	Mike, you owe me $553, thanks eh.	`Mon Nov 15 1993 15:40`	6
	A customer in Canada has a security requirement that dictates that they cannot have the explicit setting of S:D protection in a login .COM file (SET PROT/DEFAULT) or batch file, etc... An explicit S:D on SDAF.DAT though is allowed though which fixes our problem. /Mario