DSXchange

A short text to describe your forum
http://dsxchange.com./

Project Permissions on AIX

http://dsxchange.com./viewtopic.php?f=24&t=108915

Page 1 of 1

Project Permissions on AIX

Posted: Wed Apr 04, 2007 2:16 pm
by DKostelnik
Greetings!

I have a couple of ETL Developers that are apparently stepping on each others projects. Developer A wants to make sure Developer B can look at his jobs, but not modify them unless it is exported from Developer A's project into Developer B's project.

The directory level security on the individual projects is setup as RW for the owner R Group and R for Other. If I create a file from the command line, the permissions are set correctly for the file (-rw-r--r--).

However, when a job is created through DataStage, the permissions come out more global (Directories: drwxrwxr-x Files:-rw-rw-r--). We don't want write permissions on Group.

The umask is set to 027 which means permissions for a new
directory: rwxr-x--- or file: rw-r----- .

I am guessing that DataStage is manipulating the permissions, but I don't know how or why. Anyone have any clues?

Posted: Wed Apr 04, 2007 5:23 pm
by Madhusv
From Datastage Administrator you can set up the roles like "Developer", "Operator" etc.

Log into the administartor and click on the project you have to change permissions, then Properties->Permissions.

Posted: Wed Apr 04, 2007 7:09 pm
by ray.wurlod
You DO want write permission on group.

You DO want different groups for different projects, and you want to make sure that the two developers are only in the right group. In dsenv and the users' profiles, make sure that umask is set to 002.

Posted: Thu Apr 05, 2007 9:20 am
by DKostelnik
Madhusv wrote:From Datastage Administrator you can set up the roles like "Developer", "Operator" etc.

Log into the administartor and click on the project you have to change permissions, then Properties->Permissions.
Yes, I it setup that way. The problem is the developers fall into one security group, which means they have access to all the different projects. It is the way AIX (UNIX) security is being set for the files in the projects that is mucking everything up.

Posted: Thu Apr 05, 2007 9:23 am
by DKostelnik
ray.wurlod wrote:You DO want write permission on group.

You DO want different groups for different projects, and you want to make sure that the two developers are only in the right group. In dsenv and the users' p ...
Ratz, I only have standard access to the form so your message was cut off. Each developer has his own project and does not share it with anyone, so if I can get the AIX system programmer to assign each ETL Developer a different default group, perhaps that will work...

Posted: Thu Apr 05, 2007 1:03 pm
by ray.wurlod
That is essentially what I suggested. :D

Posted: Thu Apr 05, 2007 1:11 pm
by DKostelnik
ray.wurlod wrote:That is essentially what I suggested. :D ...
Cool! Thank you! :D
All times are UTC-06:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited