File system permissions for MFT in IBM MQ
When you install and configure the Managed File Transfer component of IBM MQ, the configuration, installations, and logs directories are created with the following permissions.
UNIX and Linux
Directory Permissions /var/mqm/mqft/config
- Writable by the mqm group
- World readable
Users in the mqm group have write access to these directories and files
/var/mqm/mqft/installations
- Writable by the mqm group
- World readable
/var/mqm/mqft/logs World readable and writable
Windows
Directory Permissions MQ_DATA_PATH\mqft\config The following users have full read and write access:
- Administrators
- System account
- mqm group
Other users have read access
MQ_DATA_PATH\mqft\installations The following users have full read and write access:
- Administrators
- System account
- mqm group
Other users have read access
MQ_DATA_PATH\mqft\logs The following users have full read and write access:
- Administrators
- System account
- mqm group
Other users have read and write access
z/OS
Note: DATA_PATH is derived from the environment variable BFG_DATA. Parent topic: Managed File Transfer security reference
Directory Permissions DATA_PATH/mqft/config
- Writable by the mqm group, or the group name identified in the environment variable BFG_GROUP_NAME
- World readable
Users in the mqm group, or the value in the environment variable BFG_GROUP_NAME, have write access to these directories and files
DATA_PATH/mqft/installations
- Writable by the mqm group, or the group name identified in the environment variable BFG_GROUP_NAME
- World readable
DATA_PATH/mqft/logs World readable and writable