In order to prevent the TSOS co-ownership restriction from jeopardizing general system operation, the scope of this restriction must be limited. For this reason it only affects very specific system functions in a very specific runtime environment.

The restriction of the TSOS co-administration right only applies to interactive and batch tasks under the TSOS user ID and affects the use of the following functions:

• In the case of the /MODIFY-FILE-ATTRIBUTES command, the restriction of the TSOS co-administration right affects the operands that are printed in semibold type in the overview below:

  FILE-NAME NEW-NAME SUPPORT *PUBLIC-DISK(...) | STORAGE-CLASS | *NONE(...) | | WORK-FILE | | IO_ATTRIBUTES | | *PARAMETERS(...) | | | PERFORMANCE | | | USAGE | | DISK-WRITE | | AVAILABILITY | | FILE-PREFORMAT | | VOLUME-SET | | VOLUME | | DEVICE-TYPE | | SO-MIGRATION | SPACE | *RELATIVE(...) | | PRIMARY-ALLOCATION | | SECONDARY-ALLOCATION | *ABSOLUTE(...) | | FIRST-PAGE | | SIZE | *RELEASE(...) | | NUMBER-OF-PAGES | | KEEP-MIN-ALLOCATION | MANAGEMENT-CLASS | USER-INFORMATION | ADM-INFORMATION *PRIVATE-DISK(...) | ... *ANY-DISK(...) | ... *TAPE(...) | ... PROTECTION *PARAMETERS(...) | PROTECTION-ATTR | *FROM-FILE(...) | | FILE-NAME | ACCESS | USER-ACCESS | BASIC-ACL | *PARAMETERS(...) | | OWNER | | *PARAMETERS(...) | | | READ | | | WRITE | | | EXEC | | GROUP | | *PARAMETERS(...) | | | READ | | | WRITE | | | EXEC | | OTHERS | | *PARAMETERS(...) | | | READ | | | WRITE | | | EXEC | GUARDS | *PARAMETERS(...) | | READ | | WRITE | | EXEC | WRITE-PASSWORD | READ-PASSWORD | EXEC-PASSWORD | DESTROY-BY-DELETE | AUDIT | SPACE-RELEASE-LOCK | EXPIRATION-DATE | FREE-FOR-DELETION SAVE *PARAMETERS(...) | BACKUP-CLASS | SAVED-PAGES MIGRATE CODED-CHARACTER-SET DIALOG-CONTROL OUTPUT

• In the case of the /MODIFY-GENERATION-SUPPORT command, the restriction of the TSOS co-administration right affects the operands that are printed in semibold type in the overview below:

  GENERATION-NAME SUPPORT *PUBLIC-DISK(...) | STORAGE-CLASS | *NONE(...) | | IO_ATTRIBUTES | | *PARAMETERS(...) | | | PERFORMANCE | | | USAGE | | DISK-WRITE | | AVAILABILITY | | FILE-PREFORMAT | | VOLUME-SET | | VOLUME | | DEVICE-TYPE | | SO-MIGRATION | SPACE | *RELATIVE(...) | | PRIMARY-ALLOCATION | | SECONDARY-ALLOCATION | *ABSOLUTE(...) | | FIRST-PAGE | | SIZE | *RELEASE(...) | | NUMBER-OF-PAGES | | KEEP-MIN-ALLOCATION | USER-INFORMATION | ADM-INFORMATION *PRIVATE-DISK(...) | ... *ANY-DISK(...) | ... *TAPE(...) | ... DIALOG-CONTROL OUTPUT

• In the case of the /MODIFY-FILE-GROUP-ATTRIBUTES command, the restriction of the TSOS co-administration right affects the operands that are printed in semibold type in the overview below:

  GROUP-NAME NEW-NAME GENERATION-PARAMETER *GENERATION-PARAMETER(...) | MAXIMUM | OVERFLOW-OPTION | BASE-NUMBER | *ABSOLUTE(...) | | NUMBER | *RELATIVE-TO-LAST-GENERATION(..) | | NUMBER PROTECTION *PARAMETERS(...) | PROTECTION-ATTR | *FROM-FILE(...) | | FILE-NAME | ACCESS | USER-ACCESS | BASIC-ACL | *PARAMETERS(...) | | OWNER | | *PARAMETERS(...) | | | READ | | | WRITE | | GROUP | | *PARAMETERS(...) | | | READ | | | WRITE | | OTHERS | | *PARAMETERS(...) | | | READ | | | WRITE | GUARDS | *PARAMETERS(...) | | READ | | WRITE | WRITE-PASSWORD | READ-PASSWORD | DESTROY-BY-DELETE | AUDIT | SPACE-RELEASE-LOCK | EXPIRATION-DATE | FREE-FOR-DELETION SAVE *PARAMETERS(...) | BACKUP-CLASS | SAVED-PAGES MANAGEMENT-CLASS MIGRATE CODED-CHARACTER-SET USER-INFORMATION ADM-INFORMATION STOR-CLASS-DEFAULT DIALOG-CONTROL OUTPUT

• If the CATAL macro is used with STATE=*UPDATE then the following operands are affected by the TSO co-ownership restriction:

  ACCESS
  ADMINFO
  AUDIT
  AVAIL
  BACKUP
  BASACL
  BASE
  DELDATE
  DESTROY
  DISKWR
  DISP
  EXDATE
  EXPASS
  GEN
  GROUPAR (READ, WRITE, EXEC)
  GUARDS (READ, WRITE, EXEC)
  IOPERF
  IOUSAGE
  LARGE
  MANCLAS
  MIGRATE
  NEWNAME
  OTHERAR (READ, WRITE, EXEC)
  OWNERAR (READ, WRITE, EXEC)
  PROTECT
  RDPASS
  RELSPAC
  SHARE
  S0MIGR
  STOCLAS
  USRINFO
  WRPASS

• In the case of the /DELETE-FILE command, the restriction applies only to the specification IGNORE-PROTECTION=*ACCESS and operates as follows:

  • If the TSOS user wants to delete another user’s file for which the TSOS coadministration right is restricted, then the specification IGNORE-PROTECTION= *ACCESS is ignored. This means that whether or not TSOS can delete the file depends on the file’s protection attributes.

  • If TSOS wants to delete a file under the TSOS user ID, then the specification IGNORE-PROTECTION=*ACCESS is also taken into account if the TSOS co-administration right has been restricted, even though such a restriction makes no sense. TSOS user IDs can therefore delete their own files irrespectively of their protection attributes.

• The explanations given for the DELETE-FILE command also apply to the ERASE macro with the specification IGNORE=ACCESS.

• In the case of the COPY-FILE command, the restriction has the following implications for the IGNORE-PROTECTION operand:

  • If TSOS wants to copy files and uses the specification IGNORE-PROTECTION=*SOURCE-FILE or IGNORE-PROTECTION=*TARGET-FILE for a file under another user ID then the specification is ignored. TSOS can only copy the file if this is permitted by the access rights for the source and/or target file.

  • If used in connection with TSOS’s own files, the specifications IGNORE-PROTECTION=*SOURCE-FILE or IGNORE-PROTECTION=*TARGET-FILE are also taken into account if the TSOS co-administration right has been restricted, even though such a restriction makes no sense. TSOS user IDs can therefore always copy their own files irrespectively of their access rights.

• The explanations given for the COPY-FILE command also apply to the COPFILE macro with IGNORE=*SOURCE/*TARGET.

• In the case of the /MODIFY-JV-ATTRIBUTES command, the restriction of the TSOS co-administration right affects the operands that are printed in semibold type in the overview below:

  JV-NAME NEW-NAME PROTECTION(...) | ACCESS | USER-ACCESS | BASIC-ACL | *PARAMETERS(...) | | OWNER | | *PARAMETERS(...) | | | READ | | | WRITE | | GROUP | | *PARAMETERS(...) | | | READ | | | WRITE | | OTHERS | | *PARAMETERS(...) | | | READ | | | WRITE | GUARDS | *PARAMETERS(...) | | READ | | WRITE | WRITE-PASSWORD | READ-PASSWORD | RETENTION-PERIOD | MONJV-PROTECTION | MANAGEMENT-CLASS

• If CATJV is used with STATE=*UPDATE then the following operands are affected by the TSOS co-ownership restriction:

  jvname2
  ACCESS
  BASACL
  GROUPAR (READ, WRITE)
  GUARDS (READ, WRITE)
  MANCLAS
  MONJV
  OTHERAR (READ, WRITE)
  OWNERAR (READ, WRITE)
  RDPASS
  RETPD
  SHARE
  WRPASS

• In the case of the /DELETE-JV command, the restriction applies only to the specification IGNORE-PROTECTION=*ACCESS and operates as follows:

  • If the TSOS user wants to delete another user’s job variable for which the TSOS co-administration right is restricted, then the specification IGNORE-PROTECTION= *ACCESS is ignored. This means that whether or not TSOS can delete the job variable depends on the job variable’s protection attributes.

  • If TSOS wants to delete a job variable under the TSOS user ID, then the specification IGNORE-PROTECTION=*ACCESS is also taken into account if the TSOS co-administration right has been restricted, even though such a restriction makes no sense. TSOS user IDs can therefore delete their own job variables irrespectively of their protection attributes.

• The explanations given for the DELETE-JV command also apply to the ERAJV macro with IGNORE=ACCESS.