Usage notes

This service is only intended for use by a z/OS UNIX file system and by z/OS UNIX servers. The service contains support for z/OS UNIX servers, but cannot be directly invoked by a z/OS UNIX server.
If the CRED user type is system, IRRSMF00 allows the operation, and sets the owning z/OS UNIX user identifier (UID) to zero.
IRRSMF00 builds the IFSP in the output_FSP area provided by the caller. The caller must save the IFSP as part of the attributes for the object.
IRRSMF00 builds the IFSP with the S_ISUID bit set to zero and the S_ISVTX bit set to the value in the mode byte. If the new object is a directory, and the FILE.GROUPOWNER.SETGID profile exists in the UNIXPRIV class, the S_ISGID bit is inherited from the parent directory. Otherwise, the S_ISGID bit is set to zero.
The new object's owning UID is set to the effective UID of the process. By default, the owning GID is set to that of the parent directory. However, if the FILE.GROUPOWNER.SETGID profile exists in the UNIXPRIV class, then the owning GID is determined by the set-gid bit of the parent directory as follows:
- If the parent's set-gid bit is on, then the owning GID is set to that of the parent directory.
- If the parent's set-gid bit is off, then the owning GID is set to the effective GID of the process.
If the parent directory has a directory model ACL, and the new object is a directory, then the parent's directory model ACL is copied as the new directory's access ACL and directory model ACL. The caller must pass in the address of the parent's directory model ACL in the CredPDirModelAcl field. The caller must pass in the length and address of buffers to contain both the new directory's access ACL and directory model ACL. The buffers must be large enough to contain the copied ACL. The address of the new directory's directory model ACL buffer must be passed in using the CredDirModelAcl field, and its length must be passed in using the CredDirModelAclLen field. The address of the new directory's access ACL buffer must be passed in using the CredAccAcl field, and its length must be passed in using the CredAccAclLen field.
If the parent directory has a file model ACL, and the new object is a directory, then the parent's file model ACL is copied as the new directory's file model ACL. The caller must pass in the address of the parent's file model ACL in the CredPFileModelAcl field. The caller must pass in the length and address of a buffer to contain the new directory's file model ACL. The buffer must be large enough to contain the copied ACL. The address of the new directory's file model ACL buffer must be passed in using the CredFileModelAcl field, and its length must be passed in using the CredFileModelAclLen field.
If the parent directory has a file model ACL, and the new object is a file, then the parent's file model ACL is copied as the new file's access ACL. The caller must pass in the address of the parent's file model ACL in the CredPFileModelAcl field. The caller must pass in the length and address of a buffer to contain the new file's access ACL. The buffer must be large enough to contain the copied ACL. The address of the new file's access ACL buffer must be passed in using the CredAccAcl field, and its length must be passed in using the CredAccAclLen field.
If the SECLABEL class is active, the security label from the owning directory will be propagated to the output FSP unless the security label is SYSMULTI. If the owning directory's security label is SYSMULTI, the security label of the output FSP will be set to that of the requesting address space, unless a system CRED is passed containing a security label. If a system CRED containing a security label is passed when the owning directory's security label is SYSMULTI, the security label from the CRED will be used in the output FSP instead of the address space security label.