Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

Which settings influence file permissions with OPEN DATASET FOR OUTPUT

kimmo_sirpoma
Participant
0 Kudos

My question is related to Unix environments and file permissions on the OS level.

When creating a file with OPEN DATASET FOR OUTPUT ... the file permissions on the OS level are fixed. In most system that I have worked with, the created file has file with permission attributes -rw-rw--- ( that is 660 ). It means that 'other' group cannot work with the file at all.

I now want to know where this fixed setting comes from?

I know that in Unix there is a statement umask which enables defining default file attributes for to-be-created files, but did not find that command in .profile file of the user's <sid>adm home directory.

I know that in Unix there is global profile file where umask has been initially set. But in my systems, using my own OS user-id, and I don't have any umask command in my .profile file, the created files have file permissions other than what ABAP is creating.

I know also that SAP kernel profile parameter install/umask can be used. But in my systems the value has been 007 which should lead to quite different file attributes.

I also know, that developer has the possibility to use additional option TYPE in conjuction with OPEN DATASET command. But this addition is OS specific and therefore not recommended. You could for example give TYPE='umask 666".

So, why my files created with ABAP have permission 660, although my known parameters speaks different?

I am not having actual problem right now, but it might cause problems in interfaces with ftp-clients that use user-ids not belonging to group sapsys. I guess assigning external user-ids to sapsys is also a security issue.

Best regards,

Kimmo

3 REPLIES 3

kimmo_sirpoma
Participant
0 Kudos

Actually I was on right track but did not understand correctly the syntax of umask command in Unix. I thought it has the similar syntax for fileattributes as command chmod in Unix.

If SAP profile parameter install/umask has value 007 it means that group 'other' has no rights to the created file. Thus it is obvious why in my systems files created with ABAP has attributes -rw-rw--- (or 660).

br: Kimmo

Former Member
0 Kudos

Hi ,

Can you tell me how to change install/umask value from 007 to 002 .

i have the same setting and i am having problem.

0 Kudos

Talk to your BASIS team to maintain the profiles through RZ10/RZ11