When a file is copied by means of the COPFILE macro or COPY-FILE command, protection attributes can be passed on depending on the value of the PROTECTION or PROTECT operand.
In addition to the existing ways of passing on protection attributes with PROTECTION or PROTECT=*SAME, it is now also possible to enter protection attributes with PROTECTION or PROTECT=*STD when used together with the “default protection” function. The last change date of the source file can be accepted with CHANGE-DATE or CHANGE=*SAME.
Generally, the protection attributes of the source file are not used. This is possible only if copying within the caller's user ID or copying a foreign file to one of the caller's files. In all other cases, the shareability and access authorizations are set to the default values (namely SHARE=NO and ACCESS=WRITE with COPFILE or USER-ACCESS=*OWNER-ONLY and ACCESS=*WRITE with COPY-FILE).
The passing of protection attributes is contingent upon the following factors:
the direction of the copy operation, namely
within the same user ID
from some other user ID
how the source file is protected
by standard access control
by a BACL (basic access control list)
by GUARDS
the type of the target file
a file on a public volume (pubset)
a file on a private disk
a tape file
a file generation
a temporary file
The backup attributes LARGE, BACKUP, MIGRATE, NUM-OF-BACKUP-VERS, OPNBACK and MANCLAS (see the CATAL macro) and the backup attributes DESTROY, RETPD, ENCRYPT, RDPASS, WRPASS, EXPASS and DELDATE are copied subject to the conditions mentioned above. The following applies to write attributes:
Copying within the same user ID
Source file protected by | Target file on pubset | Target file on Private disks | Target file on Tape |
|---|---|---|---|
Standard access control | (1) | (1) | (1) |
Basic Access Control List, (BACL) | (1) | (1) | (2) |
GUARDS | (1) | (3) | (2) |
Copying from a foreign user ID to one's own user ID
Source file protected by | Target file on pubset | Target file on Private disks | Target file on Tape |
|---|---|---|---|
Standard access control | (1) | (1) | (1) |
Basic Access Control List, (BACL) | (3) | (3) | (2) |
GUARDS | (3) | (3) | (2) |
(1) | The attributes of the source file are copied. If there is already a catalog entry for the target file, the attributes in this entry are replaced; any existing BACL or GUARDS entry is deleted or overwritten. |
(2) | The default values for tape files (SHARE=YES or USER-ACCESS=ALL-USERS, ACCESS=WRITE) are inserted. Tape files do not have any BACL or GUARDS entries. |
(3) | The default values for disk files are inserted. If there is already a catalog entry for the target file, the standard access control attributes in this entry are replaced; any existing BACL or GUARDS entry is deleted. |
Copying from the user's own user ID to another user ID
Copying in this manner is possible only if there is already a file cataloged under the other user ID. Only the data is copied into the existing file. Specifying the operand PROTECT=SAME in the macro or the operand PROTECTION=SAME in the command has no effect in this case.
Special cases
Systems support
The user ID with the TSOS privilege is the co-owner of all files and may also create files under other user IDs (for restrictions see "Restrictions on TSOS co-ownership"). Copying under such a user ID is thus always carried out as described for “Copying within the same user ID”, even if the user IDs of the source and target files are different. This does not apply to other co-owner IDs (see "Defining co-ownership (co-owners)").
file generations.
The protection attributes defined for a generation group apply to each generation in this group. The individual generations do not have their own separate protection attributes.
If a generation is copied, the protection attributes of the associated group are used (since these apply to each individual generation).
If a generation is copied into a group, it receives the attributes of this target group (i.e. no attributes of the source file are transferred).
Temporary files
Temporary files are task-local files. For this reason, no protection attributes of the source file are transferred when a temporary file is copied.
Copying with PROTECTION=*STD or PROTECT=*STD
If the target file is not present and default protection is active then the target file is assigned the protection attribute values supplied by default protection. If default protection is not active then – as previously– the system default values are assigned. If the target file exists then the existing values remain unchanged.