The HFS Unload Utility
In the z/OS UNIX environment, a hierarchical file system contains files and directories. The security information for these files and directories resides within the file system itself, not within the RACF database. Thus, the RACF Database Unload Utility (IRRDBU00) cannot be used to report on file system security data.
The irrhfsu utility reports on file system security data in a manner consistent with IRRDBU00. A different record type is created for mounted file systems, for each file and directory, and for each access control list entry contained within a file or directory. The format of these records are documented the same way IRRDBU00 output is documented in the z/OS Security Server (RACF) Macros and Interfaces manual. Sample DB2 load and table statements are provided for these record types.
The irrhfsu utility can be invoked as a UNIX command, or from batch using the BPXBATCH program. It can be run against the entire file system, or a list of subtrees within the file system. The output can be appended to your IRRDBU00 output so you can combine the data within a relational database for integrated queries.
The utility also contains an access list cleanup function, in the spirit of RACF's IRRRID00 utility.
The irrhfsu utility consists of these files:
- Documentation for irrhfsu in PDF format (124KB)
- C source code for the utility (TXT, 47.9KB)
- An executable version of the utility, compiled for z/OS V1.13 (116KB)
- Sample DB2 load statements (TXT, 8KB)
- Sample DB2 table statements (TXT, 19.3KB)
You can download these files either by using your browser or by using anonymous file transfer protocol (ftp). From your browser, select "file" and "save as". For anonymous ftp, use the site public.dhe.ibm.com. irrhfsu can be found in the directory /eserver/zseries/zos/racf/irrhfsu/. Full installation instructions are in the HFSUnloadReadMe.pdf file.
We welcome your comments and questions on the irrhfsu utility. Please direct them to the RACF-L mailing list. Subscription information for RACF-L can be found from the RACF-L Discussion List Page.
This program contains code made available by IBM Corporation on an "AS-IS" basis. Any one receiving this program is considered to be licensed under IBM copyrights to use the IBM-provided code in any way he or she deems fit, including copying it and redistributing it, except that it may be neither sold nor incorporated within a product that is sold. No license under any IBM patents or patent applications is to be implied from this copyright license.
The software is provided "as-is", and IBM disclaims all warranties, express or implied, including but not limited to implied warranties of merchantability or fitness for a particular purpose.
This page was last updated May, 2009.