Create Directory (CRTDIR)

Where allowed to run: All environments (*ALL) Threadsafe: No

Parameters Examples Error messages

The Create Directory (CRTDIR) command adds a new directory to the system.

A directory is an object that contains the names of other objects. Libraries and folders are types of directories. When a directory is created, a link is added to the directory prefix. The directory must have been created before any objects can be placed into it.

This command can also be issued using the following alternative command names:

• MD

• MKDIR

For more information about integrated file system commands, see the Integrated file system information in the iSeries Information Center at http://www.ibm.com/eserver/iseries/infocenter.

Restrictions:

1. The following restriction applies when the directory to be created is a library in the QSYS.LIB or independent ASP QSYS.LIB file system, or a directory within the "root" (/), QOpenSys, or user-defined file systems:

   • The audit (*AUDIT) special authority is required when specifying a value other than *SYSVAL on the Auditing value for objects (CRTOBJAUD) parameter.

2. The following restriction applies when the directory to be created is a folder in an existing folder in QDLS:

   • The change (*CHANGE) authority is required for the existing folder.

3. The user must have execute (*X) authority to each directory in the path.

4. When creating a directory in the "root" (/), QOpenSys or user_defined file system, the user must have write, execute (*WX) authority to the directory that contains the new directory.

5. When creating a directory, the owner ID (UID) is the user creating the directory.

   If the directory is to be created in the "root" (/), QOpenSys, and user-defined file systems, the following applies. If the S_ISGID bit of the parent directory is off, the group ID (GID) is set to the effective GID of the thread creating the directory. If the S_ISGID bit of the parent directory is on, the group ID (GID) of the new directory is set to the GID of the parent directory.

   If the directory is to be created in the QSYS.LIB or independent ASP QSYS.LIB file system, the GID is obtained from the primary user profile. For all other file systems, the GID is obtained from the parent directory.

6. The user must have all object (*ALLOBJ) and security administrator (*SECADM) special authorities to specify a value for the Scanning option for objects (CRTOBJSCAN) parameter other than *PARENT.

Top

---

 

Parameters

Keyword	Description	Choices	Notes
DIR	Directory	Path name	Required, Positional 1
DTAAUT	Public authority for data	Name, *INDIR, *RWX, *RW, *RX, *WX, *R, *W, *X, *EXCLUDE, *NONE	Optional
OBJAUT	Public authority for object	Single values: *INDIR, *NONE, *ALL Other values (up to 4 repetitions): *OBJEXIST, *OBJMGT, *OBJALTER, *OBJREF	Optional
CRTOBJAUD	Auditing value for objects	*SYSVAL, *NONE, *USRPRF, *CHANGE, *ALL	Optional
CRTOBJSCAN	Scanning option for objects	*PARENT, *YES, *NO, *CHGONLY	Optional
RSTDRNMUNL	Restricted rename and unlink	*NO, *YES	Optional

Top

 

Directory (DIR)

Specifies the path name of the directory to be created.

For more information on specifying path names, refer to "Object naming rules" in the CL concepts and reference topic in the iSeries Information Center at http://www.ibm.com/eserver/iseries/infocenter.

Do not use a name that begins with the character Q. The system assumes that libraries or directories with those names are system libraries or directories.

Top

 

Public authority for data (DTAAUT)

Specifies the public data authority given to the user for the directory, or specifies that all authorities are inherited from the directory it is to be created in.

*INDIR

The authority for the directory to be created is determined by the directory it is to be created in. The directory immediately preceding the new directory determines the authority. A directory created in the "root" (/), QOpenSys, or user-defined file system is assigned the same public, private and primary group authority, authorization list, and primary group as the directory it is to be created in. A directory created in QDLS for a folder defaults to *EXCLUDE for a first level folder. If created in the second level or greater, the authority of the previous level is used. The QOpenSys and "root" (/) file systems use the parent directory's Data Authority value. If the value *INDIR is specified for either the Public authority for object (OBJAUT) parameter or the DTAAUT parameter, then *INDIR must be specified for both parameters.

*RWX

The user can change the object and perform basic functions on the object except those limited to the owner or controlled by object existence (*OBJEXIST), object management (*OBJMGT), object alter (*OBJALTER) and object reference (*OBJREF) authorities. Read, write, execute (*RWX) authority provides object operational (*OBJOPR) and all data authorities.

*RW

The user can view and change the contents of an object. Read, write (*RW) authority provides *OBJOPR and data read (*READ), add (*ADD), update (*UPD) and delete (*DLT) authorities.

*RX

The user can perform basic operations on the object, such as run a program or display the contents of a file. The user is prevented from changing the object. Read, execute (*RX) authority provides *OBJOPR and data *READ and execute (*EXECUTE) authorities.

*WX

The user can change the contents of an object and run a program or search a library or directory. Write, execute (*WX) authority provides *OBJOPR and data *ADD, *UPD, *DLT, and *EXECUTE authorities.

*R

The user can view the contents of an object. Read (*R) authority provides *OBJOPR and data *READ authorities.

*W

The user can change the contents of an object. Write (*W) authority provides *OBJOPR and data *ADD, *UPD, and *DLT authorities.

*X

The user can run a program or search a library or directory. Execute (*X) authority provides *OBJOPR and data *EXECUTE authorities.

*EXCLUDE

The user cannot access the object. The OBJAUT value must be *NONE, if this special value is used.

*NONE

The user is given no data authorities to the objects. This value cannot be used with the OBJAUT value of *NONE.

authorization-list-name

Specify the name of the authorization list used. The format of the authorization list name remains the current ten-character format. The OBJAUT value must be *NONE, if this special value is used.

Top

 

Public authority for object (OBJAUT)

Specifies the public object authority given to users for the directory, or specifies that all authorities are inherited from the directory it is to be created in.

*INDIR

The object authority is based on the authority for the directory where this directory is to be created. A directory created in the "root" (/), QOpenSys, or user-defined file system is assigned the same public, private and primary group authority, authorization list, and primary group as the directory it is to be created in. If the value *INDIR is specified for either the OBJAUT parameter or the Public authority for data (DTAAUT) parameter, then *INDIR must be specified for both parameters.

*NONE

None of the other object authorities (*OBJEXIST, *OBJMGT, *OBJALTER or *OBJREF) are given to the users. If *EXCLUDE or an authorization list is specified for the DTAAUT parameter, *NONE must be specified. This value cannot be used with the DTAAUT value of *NONE.

*ALL

All of the other object authorities (*OBJEXIST, *OBJMGT, *OBJALTER or *OBJREF) are given to the users.

The user can specify up to four of the following values:

*OBJEXIST

The user is given object existence (*OBJEXIST) authority to the object. The user can delete the object, free storage of the object, perform save and restore operations for the object, and transfer ownership of the object.

*OBJMGT

The user is given object management (*OBJMGT) authority to the object. With this authority the user can specify security for the object, move or rename the object and add members to database files.

*OBJALTER

The user is given object alter (*OBJALTER) authority to the object. The user is able to alter the attributes of the objects. On a database file, the user can add and remove triggers, add and remove referential and unique constraints, and change the attributes of the database file. With this authority on an SQL package, the user can change the attributes of the SQL package. Currently, this authority is used only for database files and SQL packages.

*OBJREF

The user is given object reference (*OBJREF) authority to objects. Used only for database files, the user can reference an object from another object such that operations on that object may be restricted by the other object. On a physical file, the user can add a referential constraint in which the physical file is the parent.

Top

 

Auditing value for objects (CRTOBJAUD)

Specifies the auditing value of objects created in this directory.

Values for this parameter other than *SYSVAL may not be supported by some file systems.

*SYSVAL

The object auditing value for the objects in the directory is determined by the Create object auditing (QCRTOBJAUD) system value.

*NONE

Using or changing this object does not cause an audit entry to be sent to the security journal.

*USRPRF

The user profile of the user accessing this object is used to determine if an audit record is sent for this access. The OBJAUD parameter of the Change User Auditing (CHGUSRAUD) command is used to change the auditing for a specific user.

*CHANGE

All change accesses to this object by all users are logged.

*ALL

All change or read accesses to this object by all users are logged.

Top

 

Scanning option for objects (CRTOBJSCAN)

Specifies whether the objects created in a directory will be scanned when exit programs are registered with any of the integrated file system scan-related exit points.

The integrated file system scan-related exit points are:

• QIBM_QP0L_SCAN_OPEN - Integrated File System Scan on Open Exit Program

• QIBM_QP0L_SCAN_CLOSE - Integrated File System Scan on Close Exit Program

For details on these exit points, see the System API Reference information in the iSeries Information Center at http://www.ibm.com/eserver/iseries/infocenter.

This attribute can only be specified for directories created in the "root" (/), QOpenSys and user-defined file systems. For all other file systems, *PARENT should be specified and it will be ignored. Even though this attribute can be set for *TYPE1 and *TYPE2 directories, only objects which are in *TYPE2 directories will actually be scanned, no matter what value is set for this attribute.

*PARENT

The create object scanning attribute value for this directory is copied from the create object scanning attribute value of the parent directory.

*YES

After an object is created in the directory, the object will be scanned according to the rules described in the scan-related exit programs if the object has been modified or if the scanning software has been updated since the last time the object was scanned.

*NO

After an object is created in the directory, the object will not be scanned by the scan-related exit programs.

If the Scan file systems control (QSCANFSCTL) value *NOPOSTRST is not specified when an object with this attribute is restored, the object will be scanned at least once after the restore.

*CHGONLY

After an object is created in the directory, the object will be scanned according to the rules described in the scan-related exit programs only if the object has been modified since the last time the object was scanned. It will not be scanned if the scanning software has been updated. This attribute only takes effect if the Scan file systems control (QSCANFSCTL) system value has *USEOCOATR specified. Otherwise, it will be treated as if the attribute is *YES.

If the Scan file systems control (QSCANFSCTL) value *NOPOSTRST is not specified when an object with this attribute is restored, the object will be scanned at least once after the restore.

Top

 

Restricted rename and unlink (RSTDRNMUNL)

Specifies whether special restrictions apply for rename and unlink operations performed on objects within a directory. This attribute is equivalent to the S_ISVTX mode bit and can only be set for a directory in the Network File System (NFS), QFileSvr.400, "root" (/), QOpenSys, or user-defined file systems. Both the NFS and QFileSvr.400 file systems support this attribute by passing it to the server and surfacing it to the caller.

*NO

No additional restrictions for renaming or unlinking objects from this directory.

*YES

Objects within this directory may be renamed or unlinked only if one or more of the following are true for the user performing the operation:

1. The user is the owner of the object.

2. The user is the owner of the directory.

3. The user has all object (*ALLOBJ) special authority.

Top

---

 

Examples

Example 1: Creating a Directory

 CRTDIR   DIR('MYDIR')

This command creates the directory MYDIR and adds it to the current directory. The defaults are used for the remaining parameters.

Top

---

 

Error messages

*ESCAPE Messages

CPFA085

Home directory not found for user &1.

CPFA089

Pattern not allowed in path name.

CPFA09C

Not authorized to object. Object is &1.

CPFA09D

Error occurred in program &1.

CPFA0A0

Object already exists. Object is &1.

CPFA0A1

An input or output error occurred.

CPFA0A3

Path name resolution causes looping.

CPFA0A6

Number of links exceeds maximum allowed for the file system.

CPFA0A7

Path name too long.

CPFA0A9

Object not found. Object is &1.

CPFA0AA

Error occurred while attempting to obtain space.

CPFA0AB

Operation failed for object. Object is &1.

CPFA0AD

Function not supported by file system.

CPFA0B1

Requested operation not allowed. Access problem.

Top