An OpenTP1 administrator can use OS commands to manage the file owners and file access authorizations for each file system, which helps prevent unintentional corruption of files. An OpenTP1 administrator can:

• classify file owners as the OpenTP1 administrator or an OpenTP1 group
• provide users with restricted file access authorization: either READ-WRITE or READ

These features are made more effective and the OpenTP1 file system is easier to manage if the OpenTP1 administrator separates the OpenTP1 file system into two subsystems:

• a subsystem in which the files contain OpenTP1 system-related items
• a subsystem in which the files are user files

For safety and convenience, access to system files can be restricted to the OpenTP1 administrator and the users of the OpenTP1 group. This subsystem should contain files used by OpenTP1 to provide uninterrupted online processing: for example, the system journal file, checkpoint dump file, and status file.

For convenience to end-users, user files should be created in another subsystem of the OpenTP1 file system.

Table 4-4 shows an example of using owner and access authority to protect files when the OpenTP1 file system separates system and user files.

Table 4-4 Example of OpenTP1 file system protection (by owner and access authority)

OpenTP1 file system	Owner		Access authority
	User ID	Group ID	Owner	User in the group	Other user
For system	OpenTP1 administrator	OpenTP1 group	rw (permitted to read and write)	r- (permitted to read)	r- (permitted to read)
For user	OpenTP1 administrator	OpenTP1 group	rw (permitted to read and write)	rw (permitted to read and write)	r- (permitted to read)

An OpenTP1 administrator can use the commands filchown and filchmod during online processing to dynamically change the owner of, and access authority for, an OpenTP1 file. This enables specific users to be validated to use an OpenTP1 file during online processing. For details about protecting OpenTP1 files, see the manual OpenTP1 Operation.