ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzakz_5.4.0.1/rzakzqalwobjrst.htm

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
  PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="concept" />
<meta name="DC.Title" content="Save and restore system values: Allow restore of security sensitive objects" />
<meta name="abstract" content="Specifies the objects to be restored and if they can be restored while installing software fixes. (QALWOBJRST)" />
<meta name="description" content="Specifies the objects to be restored and if they can be restored while installing software fixes. (QALWOBJRST)" />
<meta name="DC.Relation" scheme="URI" content="rzakzrestoreoverview.htm" />
<meta name="DC.Relation" scheme="URI" content="rzakzlocksecurity.htm" />
<meta name="DC.Relation" scheme="URI" content="rzakzrestoreoperation.htm" />
<meta name="DC.Relation" scheme="URI" content="rzakzfinder.htm" />
<meta name="DC.Relation" scheme="URI" content="rzakzrestoreoperation.htm" />
<meta name="DC.Relation" scheme="URI" content="rzakzconfigurerestore.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 1998, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 1998, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzakzqalwobjrst" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Save and restore system values: Allow restore of security sensitive
objects</title>
</head>
<body id="rzakzqalwobjrst"><a name="rzakzqalwobjrst"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Save and restore system values: Allow restore of security sensitive
objects</h1>
<div><p>Specifies the objects to be restored and if they can be restored
while installing software fixes. (QALWOBJRST)</p>
<p><span class="uicontrol">Allow restore of security sensitive objects</span>, also
known as <span class="uicontrol">QALWOBJRST</span>, is a member of the save and restore
category of i5/OS™ system
values. You can use this system value to specify the objects to be restored
and whether they can be restored while installing software fixes. To learn
more, keep reading.</p>

<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" frame="border" border="1" rules="all"><thead align="left"><tr><th colspan="2" valign="top" class="firstcol" id="d0e37">Quick reference</th>
</tr>
</thead>
<tbody><tr><th valign="top" class="firstcol" id="d0e41" headers="d0e37 ">Location</th>
<td valign="top" headers="d0e41 d0e37 ">In iSeries™ Navigator,
select your system, <span class="menucascade"><span class="uicontrol"></span> &gt; <span class="uicontrol">Configuration
and Service</span> &gt; <span class="uicontrol">System Values</span> &gt; <span class="uicontrol">Save
and Restore</span> &gt; <span class="uicontrol">Objects</span></span></td>
</tr>
<tr><th valign="top" class="firstcol" id="d0e59" headers="d0e37 ">Special authority</th>
<td valign="top" headers="d0e59 d0e37 ">All object (*ALLOBJ) and security administrator (*SECADM)</td>
</tr>
<tr><th valign="top" class="firstcol" id="d0e64" headers="d0e37 ">Default value</th>
<td valign="top" headers="d0e64 d0e37 ">All objects selected</td>
</tr>
<tr><th valign="top" class="firstcol" id="d0e69" headers="d0e37 ">Changes take effect</th>
<td valign="top" headers="d0e69 d0e37 ">At the start of the next restore operation</td>
</tr>
<tr><th valign="top" class="firstcol" id="d0e74" headers="d0e37 ">Lockable</th>
<td valign="top" headers="d0e74 d0e37 ">Yes Lock function of security-related system values<br /><img src="rzakz503.gif" alt="Lockable system value" /><br /> (Click for details)</td>
</tr>
</tbody>
</table>
</div>
<div class="section"><h4 class="sectiontitle">What can I do with this system value?</h4><p>You may specify
whether or not objects with security-sensitive attributes can be restored.</p>
<p>The
system checks this system value before restoring any object with security-sensitive
attributes. These checks occur during the installation of program temporary
fixes (PTFs) and restore of licensed programs. However, the system does not
check this value during the installation of the operating system. This system
value gives your system additional integrity protection. You can prevent anyone
from restoring a system state object or an object that adopts authority.</p>
<p>The
following are types of objects that may be restored, if selected:</p>
<ul><li><span class="uicontrol">System state programs (*ALWSYSSTT)</span> <p>Allows programs,
service programs, and modules with the system-state or inherit-state attribute
to be restored.</p>
</li>
<li><span class="uicontrol">Programs that adopt their owner (*ALWPGMADP)</span> <p>Allows
programs, service programs, and modules that adopt their owner's authority
to be restored.</p>
</li>
<li><span class="uicontrol">Programs that have the S_ISUID (set-user-id) attribute enabled
(*ALWSETUID)</span> <p>Allows restore of files that have the S_ISUID
(set-user-ID) attribute enabled.</p>
</li>
<li><span class="uicontrol">Programs that have the S_ISGID (set-group-id) attribute enabled
(*ALWSETGID)</span> <p>Allows restore of files that have the S_ISGID
(set-group-ID) attribute enabled.</p>
</li>
<li><span class="uicontrol">Programs with validation errors (*ALWVLDERR)</span> <p>Allows
programs, service programs, and modules that have validation errors or that
have been tampered with to be restored.</p>
</li>
<li><span class="uicontrol">Allow restore of security-sensitive objects while installing
software fixes (*ALWPTF)</span> <p>Allow system-state or inherit-state
programs, service programs, modules, objects that adopt authority, objects
that have the S_ISUID (set-user-ID) attribute enabled, and objects that have
the S_ISGID (set-group-ID) attribute enabled to be restored to the system
during a PTF install.</p>
</li>
</ul>
<p>The restore system values work together when restoring objects. For
more information about how these system values work together, see Effects of
system value settings on restore operations.</p>
<p>You may also specify <span class="uicontrol">Allow
restore of security-sensitive objects while installing software fixes</span>.
This option is also represented as the *ALWPTF option for QALWOBJRST. This
value must be selected before installing software fixes (PTFs).</p>
</div>
<div class="section"><h4 class="sectiontitle">Where can I get more information about this system value?</h4><p>To
learn more, go to the save and restore system values overview topic. If you
are looking for a specific system value or category of system values, try
using the i5/OS system
value finder.</p>
</div>
</div>
<div><div class="relconcepts"><strong>Related concepts</strong><br />
<div><a href="rzakzrestoreoverview.htm" title="Use save and restore system values to control specific restore requiredties.">System values: Save and restore overview</a></div>
<div><a href="rzakzlocksecurity.htm" title="Find information about how to lock and unlock system values. Only some system values can be locked. This will provide you with a description of the lock function, what system values can be locked, and how to lock and unlock them.">Lock function of security-related system values</a></div>
<div><a href="rzakzrestoreoperation.htm" title="Describes how to requiredly set the restore system values so they are compatible during a restore operation. This topic also describes how the three restore system values work together when a restore is performed.">Effects of system value settings on restore operations</a></div>
</div>
<div class="reltasks"><strong>Related tasks</strong><br />
<div><a href="rzakzconfigurerestore.htm" title="After you plan how you want a restore operation to function, use iSeries Navigator to set the system values to reflect how to handle the restore operation. At this point, your system is ready for a restore command.">Configure system values for a restore operation</a></div>
</div>
<div class="relinfo"><strong>Related information</strong><br />
<div><a href="rzakzfinder.htm">System value finder</a></div>
</div>
</div>
</body>
</html>
Add readme and dist folders 2024-04-02 14:02:31 +00:00			`<?xml version="1.0" encoding="UTF-8"?>`
			`<!DOCTYPE html`
			`PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">`
			`<html lang="en-us" xml:lang="en-us">`
			`<head>`
			`<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />`
			`<meta name="security" content="public" />`
			`<meta name="Robots" content="index,follow" />`
			`<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />`
			`<meta name="DC.Type" content="concept" />`
			`<meta name="DC.Title" content="Save and restore system values: Allow restore of security sensitive objects" />`
			`<meta name="abstract" content="Specifies the objects to be restored and if they can be restored while installing software fixes. (QALWOBJRST)" />`
			`<meta name="description" content="Specifies the objects to be restored and if they can be restored while installing software fixes. (QALWOBJRST)" />`
			`<meta name="DC.Relation" scheme="URI" content="rzakzrestoreoverview.htm" />`
			`<meta name="DC.Relation" scheme="URI" content="rzakzlocksecurity.htm" />`
			`<meta name="DC.Relation" scheme="URI" content="rzakzrestoreoperation.htm" />`
			`<meta name="DC.Relation" scheme="URI" content="rzakzfinder.htm" />`
			`<meta name="DC.Relation" scheme="URI" content="rzakzrestoreoperation.htm" />`
			`<meta name="DC.Relation" scheme="URI" content="rzakzconfigurerestore.htm" />`
			`<meta name="copyright" content="(C) Copyright IBM Corporation 1998, 2006" />`
			`<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 1998, 2006" />`
			`<meta name="DC.Format" content="XHTML" />`
			`<meta name="DC.Identifier" content="rzakzqalwobjrst" />`
			`<meta name="DC.Language" content="en-us" />`
			`<!-- All rights reserved. Licensed Materials Property of IBM -->`
			`<!-- US Government Users Restricted Rights -->`
			`<!-- Use, duplication or disclosure restricted by -->`
			`<!-- GSA ADP Schedule Contract with IBM Corp. -->`
			`<link rel="stylesheet" type="text/css" href="./ibmdita.css" />`
			`<link rel="stylesheet" type="text/css" href="./ic.css" />`
			`<title>Save and restore system values: Allow restore of security sensitive`
			`objects</title>`
			`</head>`
			`<body id="rzakzqalwobjrst"><a name="rzakzqalwobjrst"><!-- --></a>`
			`<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>`
			`<h1 class="topictitle1">Save and restore system values: Allow restore of security sensitive`
			`objects</h1>`
			`<div><p>Specifies the objects to be restored and if they can be restored`
			`while installing software fixes. (QALWOBJRST)</p>`
			`<p><span class="uicontrol">Allow restore of security sensitive objects</span>, also`
			`known as <span class="uicontrol">QALWOBJRST</span>, is a member of the save and restore`
			`category of i5/OS™ system`
			`values. You can use this system value to specify the objects to be restored`
			`and whether they can be restored while installing software fixes. To learn`
			`more, keep reading.</p>`

			`<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" frame="border" border="1" rules="all"><thead align="left"><tr><th colspan="2" valign="top" class="firstcol" id="d0e37">Quick reference</th>`
			`</tr>`
			`</thead>`
			`<tbody><tr><th valign="top" class="firstcol" id="d0e41" headers="d0e37 ">Location</th>`
			`<td valign="top" headers="d0e41 d0e37 ">In iSeries™ Navigator,`
			`select your system, <span class="menucascade"><span class="uicontrol"></span> > <span class="uicontrol">Configuration`
			`and Service</span> > <span class="uicontrol">System Values</span> > <span class="uicontrol">Save`
			`and Restore</span> > <span class="uicontrol">Objects</span></span></td>`
			`</tr>`
			`<tr><th valign="top" class="firstcol" id="d0e59" headers="d0e37 ">Special authority</th>`
			`<td valign="top" headers="d0e59 d0e37 ">All object (ALLOBJ) and security administrator (SECADM)</td>`
			`</tr>`
			`<tr><th valign="top" class="firstcol" id="d0e64" headers="d0e37 ">Default value</th>`
			`<td valign="top" headers="d0e64 d0e37 ">All objects selected</td>`
			`</tr>`
			`<tr><th valign="top" class="firstcol" id="d0e69" headers="d0e37 ">Changes take effect</th>`
			`<td valign="top" headers="d0e69 d0e37 ">At the start of the next restore operation</td>`
			`</tr>`
			`<tr><th valign="top" class="firstcol" id="d0e74" headers="d0e37 ">Lockable</th>`
			`<td valign="top" headers="d0e74 d0e37 ">Yes Lock function of security-related system values<br /><img src="rzakz503.gif" alt="Lockable system value" /><br /> (Click for details)</td>`
			`</tr>`
			`</tbody>`
			`</table>`
			`</div>`
			`<div class="section"><h4 class="sectiontitle">What can I do with this system value?</h4><p>You may specify`
			`whether or not objects with security-sensitive attributes can be restored.</p>`
			`<p>The`
			`system checks this system value before restoring any object with security-sensitive`
			`attributes. These checks occur during the installation of program temporary`
			`fixes (PTFs) and restore of licensed programs. However, the system does not`
			`check this value during the installation of the operating system. This system`
			`value gives your system additional integrity protection. You can prevent anyone`
			`from restoring a system state object or an object that adopts authority.</p>`
			`<p>The`
			`following are types of objects that may be restored, if selected:</p>`
			`<ul><li><span class="uicontrol">System state programs (*ALWSYSSTT)</span> <p>Allows programs,`
			`service programs, and modules with the system-state or inherit-state attribute`
			`to be restored.</p>`
			`</li>`
			`<li><span class="uicontrol">Programs that adopt their owner (*ALWPGMADP)</span> <p>Allows`
			`programs, service programs, and modules that adopt their owner's authority`
			`to be restored.</p>`
			`</li>`
			`<li><span class="uicontrol">Programs that have the S_ISUID (set-user-id) attribute enabled`
			`(*ALWSETUID)</span> <p>Allows restore of files that have the S_ISUID`
			`(set-user-ID) attribute enabled.</p>`
			`</li>`
			`<li><span class="uicontrol">Programs that have the S_ISGID (set-group-id) attribute enabled`
			`(*ALWSETGID)</span> <p>Allows restore of files that have the S_ISGID`
			`(set-group-ID) attribute enabled.</p>`
			`</li>`
			`<li><span class="uicontrol">Programs with validation errors (*ALWVLDERR)</span> <p>Allows`
			`programs, service programs, and modules that have validation errors or that`
			`have been tampered with to be restored.</p>`
			`</li>`
			`<li><span class="uicontrol">Allow restore of security-sensitive objects while installing`
			`software fixes (*ALWPTF)</span> <p>Allow system-state or inherit-state`
			`programs, service programs, modules, objects that adopt authority, objects`
			`that have the S_ISUID (set-user-ID) attribute enabled, and objects that have`
			`the S_ISGID (set-group-ID) attribute enabled to be restored to the system`
			`during a PTF install.</p>`
			`</li>`
			`</ul>`
			`<p>The restore system values work together when restoring objects. For`
			`more information about how these system values work together, see Effects of`
			`system value settings on restore operations.</p>`
			`<p>You may also specify <span class="uicontrol">Allow`
			`restore of security-sensitive objects while installing software fixes</span>.`
			`This option is also represented as the *ALWPTF option for QALWOBJRST. This`
			`value must be selected before installing software fixes (PTFs).</p>`
			`</div>`
			`<div class="section"><h4 class="sectiontitle">Where can I get more information about this system value?</h4><p>To`
			`learn more, go to the save and restore system values overview topic. If you`
			`are looking for a specific system value or category of system values, try`
			`using the i5/OS system`
			`value finder.</p>`
			`</div>`
			`</div>`
			`<div><div class="relconcepts"><strong>Related concepts</strong><br />`
			`<div><a href="rzakzrestoreoverview.htm" title="Use save and restore system values to control specific restore requiredties.">System values: Save and restore overview</a></div>`
			`<div><a href="rzakzlocksecurity.htm" title="Find information about how to lock and unlock system values. Only some system values can be locked. This will provide you with a description of the lock function, what system values can be locked, and how to lock and unlock them.">Lock function of security-related system values</a></div>`
			`<div><a href="rzakzrestoreoperation.htm" title="Describes how to requiredly set the restore system values so they are compatible during a restore operation. This topic also describes how the three restore system values work together when a restore is performed.">Effects of system value settings on restore operations</a></div>`
			`</div>`
			`<div class="reltasks"><strong>Related tasks</strong><br />`
			`<div><a href="rzakzconfigurerestore.htm" title="After you plan how you want a restore operation to function, use iSeries Navigator to set the system values to reflect how to handle the restore operation. At this point, your system is ready for a restore command.">Configure system values for a restore operation</a></div>`
			`</div>`
			`<div class="relinfo"><strong>Related information</strong><br />`
			`<div><a href="rzakzfinder.htm">System value finder</a></div>`
			`</div>`
			`</div>`
			`</body>`
			`</html>`