Skip to Main Content
IBM Power Ideas Portal


This portal is to open public enhancement requests against IBM Power Systems products, including IBM i. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas
  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

Status Future consideration
Workspace IBM i
Created by Guest
Created on Jun 19, 2022

Enable no-auditing of /tmp like QTEMP

Please change audit code to not audit any activity in /tmp direcotry when system value QAUDLVL has option *NOQTEMP set - or by adding a new option *NOIFSTMP. As this directory is to be used for temporary files by design like objects in QTEMP this can reduce audit data damatically.
Idea priority Medium
  • Guest
    Reply
    |
    Sep 20, 2022

    The CAAC has reviewed this Idea and recommends that IBM not implement this request. We agree with the IBM response about the impact this Idea would have on system security. However, the Comment that suggests a QTEMP folder should be submitted as a separate new Idea, though applications would need to be rewritten to use the support if it were provided.


    Background: The COMMON Americas Advisory Council (CAAC) members have a broad range of experience in working with small and medium-sized IBM i customers. CAAC has a key role in working with IBM i development to help assess the value and impact of individual Ideas on the broader IBM i community, and has therefore reviewed your Idea.


    For more information about CAAC, see www.common.org/caac


    Nancy Uthke-Schmucki - CAAC Program Manager

  • Guest
    Reply
    |
    Jul 20, 2022

    What we need is a QTEMP like in the IFS, that will behave like QTEMP when we can specify *NOQTEMP in SysVal QAUDCTL

    We do not wish to break anything, especially if it is in security.

    One idea could be to create an IFS folder which carries the job name/job number/job internal ID. This folder will be accessible only from the same job.

    A Scope message will delete it when job ends.

    Alternatively, to be able to build a folder with an attribute that will regard that its auditing is not performed when *NOQTEMP is in SysVal QAUDCTL


    Shmuel Zailer CEO & CTO

  • Guest
    Reply
    |
    Jul 19, 2022

    Thank you for submitting this Idea. This is actually a duplicate of IBMI-I-3037 which was declined earlier this year.


    We do understand how auditing will create a large number of records in the audit journal for some operations. However, while it may seem like /tmp and QTEMP are the same, they are far from it.


    The integrated file system does not have anything similar to the concept of the QTEMP library for each job.


    Objects linked within the integrated file system are available to all jobs, provided users have the correct permissions for access. We (the integrated file system) must perform audit based on the system, user profile, and object configuration.


    Any change to not audit the current /tmp and it's contents will negatively impact system security.


    In fact, a change to not audit objects that are in a system-wide namespace would negatively impact system security.


    Having said that, though, there have been many requests for some directory that is truely temporary, maybe on a 24-hour or 7-day cycle of cleanup rather than between IPLs which could be several months or longer.


    Even that, though, could impact system security as those objects would still be accessible to everyone. But, we are considering it.


    Changing this to Uncommitted Candidate. There is not anything in our current plans to do anything, nor is this a promise to make a change.

  • Guest
    Reply
    |
    Jun 22, 2022

    I agree also, because we have the problems that the journal receivers increase during the scans, and we have to keep the receivers 2 month.


  • Guest
    Reply
    |
    Jun 21, 2022

    We are the developers of iSecurity/Antivirus. During the process of checking a folder, if a .zip, .tar, .war etc. is detected, there is a need to open the archive and check each file separately. Naturally, this requires created files. Each created produces also some authority changes. After the check, a delete takes place.
    All this is recorded in the QAUDJRN...

  • Guest
    Reply
    |
    Jun 20, 2022
    It should be noted that due to the extra writing  of these events, this caused a high amount and size of logs in QAUDJRN and therefore this will lead to server downtime due to 99.9% disk space occupancy.
  • Guest
    Reply
    |
    Jun 20, 2022

    We are the developers of iSecurity/Antivirus. During the process of checking a folder, if a .zip, .tar, .war etc. is detected, there is a need to open the archive and check each file separately. Naturally, this requires created files. Each created produces also some authority changes. After the check, a delete takes place.
    All this is recorded in the QAUDJRN...

    We also came across applications that transfer data in temporary files. No one needs to trace these files creation and deletion.

  • Guest
    Reply
    |
    Jun 20, 2022

    I agree 100%. Why stop at /tmp. DB2 Web Query creates/deletes multitudes of objects. So many that I've disabled CO and DO auditing. When enabled, DB2 Web Query accounts for over 99% of the CO/DO entries in the audit journal.

    IBM i Auditing needs to keep pace with how the system is actually used.