This question involves renaming a file owned by one user to a directory owned by another user. The 2 user accounts involved are savftp and savjob.
The savftp account is a drop off point for files that are processed by user savjob.
The default directory for savftp has the following acl entries:
Directory USR$DISK1:[000000]
SAVFTP.DIR;1 [SAVFTP] (RWE,RWE,RE,)
(IDENTIFIER=[SAVJOB],OPTIONS=DEFAULT,ACCESS=READ+DELETE)
(IDENTIFIER=[SAVJOB],ACCESS=READ+WRITE+DELETE)
User savjob processes the file in the usr$disk1:[savftp] directory. After processing the file user savjob attempts to rename the file to a directory owned by savjob on the same device. The rename fails with the following errors:
%RENAME-E-OPENOUT, error opening USR$DISK1:[SAVJOB.ENTDBA.ARC]TO_RECONCILE.OLD;
as output
-RMS-E-ENT, ACP enter function failed
-SYSTEM-F-NOPRIV, insufficient privilege or object protection violation
As you can see the error happens when savjob tries to write to its own directory.
This process worked prior to migrating from another server with the same OS version, which by the way is OpenVMS 8.2, both systems are at the same patch level.
The old file in the USR$DISK1:[SAVJOB.ENTDBA.ARC] has its protection set to (RWED,RWED,RWED,)
When the new version of TO_RECONCILE.OLD is written it comes with the ace (IDENTIFIER=[SAVJOB],ACCESS=READ+DELETE)
Directory USR$DISK1:[SAVJOB.ENTDBA.ARC]
[SAVFTP] (RWED,RWED,RE,)
(IDENTIFIER=[SAVJOB],ACCESS=READ+DELETE)
TO_RECONCILE.OLD;1335
[SAVFTP] (RWED,RWED,RWED,)
TO_RECONCILE.OLD;1334
If I remove the ace and set the file permissions to be the same as TO_RECONCILE.OLD;1334; the job works once.
The next run fails with the errors previously listed.
How do I fix this?
Thanks in advance
Kevin
