Scan file system

This system value can be used to specify whether file systems should be scanned using the integrated file system scan-related exit programs.

You can scan for a variety of reasons, depending on how the exit program is defined. For example, you can scan for a specific text string, file name, or virus. Integrated file system scanning is enabled when exit programs are registered with any of the integrated file system scan-related exit points.

See Table 2 for details on this system values.

Table 1. Possible values for the scan file system value
iSeries™ Navigator Character-based interface Description
Deselected *NONE No integrated file system objects will be scanned.
Selected *ROOTOPNUD Stream file objects stored in *TYPE2 1 directories in the "root" (/), QOpenSys, and user-defined file systems will be scanned.
  1. The integrated file system is comprised of several different files systems. File systems are comprised of directories which can be formatted differently. *TYPE2 directories provide enhance performance, reliability, functionality, and capacity when managing files within those directories. For more information on these directory types, see *TYPE2 directories.

Relationship to security policy

It is important to provide an explicit written statement within your security policy regarding viruses and scanning personal systems for suspicious programs. The exit programs provide security against viruses. These system values specify whether the exit programs are called.

Table 2. Quick reference. Provides details for the scan file systems system value.
iSeries Navigator name Use registered exit program to scan the "root" (/), QOpenSys, and user-defined file systems
Character-based interface name QSCANFS
Authority

*ALLOBJ
*SECADM

Note: The QSECOFR user profile is shipped with these authorities.
How to access
iSeries Navigator
  1. Expand Security > Policies.
  2. Right click Security Policy and select Properties.
  3. On the Scan page, you will find the option for retaining security information.
Character-based interface
  1. In the character-based interface type WRKSYSVAL QSCANFS.
Changes take effect Immediately
Default value Selected (*ROOTOPNUD)
Lockable Yes
Special considerations You can provide granular control of scanned files using the options associated with scan file system control system value.

For more detailed information about this security value, see Chapter 3, "Security System Values" in Security Reference.

Parent topic: General security system values