IBM Security Z Security

 View Only
  • 1.  List USS directory and all subdirectories

    Posted Wed October 13, 2021 04:20 PM

    Hi guys,

    I am trying to use zSecure to list the permission mode of some USS directories. I am using the following options:

    - RE Resource Resource protection reports
    - U Unix Unix filesystem reports
    - F Filesystem Unix filesystem selection

    I am able to list a single directory and display the permission mode without any issues. Second thing I had to do was to list the directory and all subdirectories/files under it. I was able to do that by using an asterisk sign on the path name, for example: list all subdirectories and files under /u/ by specifying '/u*' on PATH NAME field.

    My problem is when the path name is actually a SYMLINK (symbolic link). The asterisk doesn't work as expected. When I specify the path name with a symlink, the result is just the resolved symlink, and it doesn't show the actual subdirectories and files. Example: path name = /bin . This is actually a symlink to /sysres/bin. The result is basically the symlink resolved, it doesn't list what is actually under /sysres/bin.

    My question is: Does any one know how to list all subdirectories and files when it comes to a symlink?

    I hope I was clear in my explanation.



    ------------------------------
    Danilo Farias
    ------------------------------


  • 2.  RE: List USS directory and all subdirectories

    Posted Thu October 14, 2021 03:12 AM
    The UI does not seem to allow this.

    Using CARLa codes you can select using DIRNAME. I took the RE.U.F report without any selections, and added SELECT DIRNAME='/etc/ssh'. This selects all files and directories in that '/etc/ssh' directory.

    n type=UNIX nodetailinherit name=UNIX1D required I=UNIX nodup,
    title="Unix files display",
    st="All Unix files",
    sumhelppanel=ckrt3uxi,
    helppanel=ckrt3uxj,
    detailhelppanel=ckrt3uxk
    define type=unix any_acl true where extended_acl or,
    file_default_acl or directory_default_acl
    define highprio("Pri",3,descending,noprop) max(auditpriority)
    define files(10," Files",noprop,key,pas) count
    define types(17,"Sensitivity types",noprop) sumcount
    define m_pts(17," Mount points",noprop) sumcount
    select dirname='/etc/ssh'
    display rel_pathname(nondispl) (compareopt=1 ? compare_result,),
    type attr any_acl("+",1,hb),
    extattr auditflags owner(firstonly) group(firstonly),
    rel_pathname(255) inode(10) abs_pathname(1024),
    (compareopt=1 ? / compare_changes ,),
    / / "System view of file"(d,ch),

    ------------------------------
    Sander De Graaf
    ------------------------------



  • 3.  RE: List USS directory and all subdirectories

    Posted Thu October 14, 2021 01:00 PM

    Danilo,
    Like for all symlinks that Map to a directory you have to specify the training backslash
    Example: ls /bin/ and not /bin
    ls /bin will only list the value of the symlink and where it points to.
    --
    Envoyé depuis l'application myMail pour Android






  • 4.  RE: List USS directory and all subdirectories

    Posted Fri October 15, 2021 04:18 AM

    Danilo,
    Like for all symlinks that Map to a directory you have to specify the training backslash
    Example: ls /bin/ and not /bin
    ls /bin will only list the value of the symlink and where it points to.



    ------------------------------
    philippe richard
    ------------------------------