To control who can define a LNKLST set, the RACF® security administrator can take the following
steps:
- To establish a profile for the LNKLST set name for the FACILITY
class, issue RDEFINE:
RDEFINE FACILITY CSVDYNL.lnklstname.DEFINE UACC(NONE)
where
lnklstname is
the name of the LNKLST set. For example,
MYLNKLST.SET
You
can use generic characters for the qualifiers in the LNKLST set name.
For example,
CSVDYNL.MYLNK*
If you
have RACF 1.9 or higher installed,
you can use the following generic to cover all LNKLST set names:
CSVDYNL.**
To
ensure that generic profile checking is in effect for the class FACILITY,
issue the following command:
SETROPTS GENERIC(FACILITY)
For
coverage of LNKLST sets, check the names currently specified in the
PROGxx parmlib members. Also use the DISPLAY PROG,LNKLST system command.
- To permit the user (in this example user OPER1) to use the REQUEST=DEFINE
option of the CSVDYNL macro for LNKLST set l, issue the following:
PERMIT CSVDYNL.l.DEFINE CLASS(FACILITY) ID(OPER1) ACCESS(UPDATE)
OPER1
must be the name of a RACF-defined user or group profile.
Note: Instead
of specifying individual userids, you can specify the name of a RACF group profile and connect
authorized users to the group. See
Defining RACF profiles.
- If the FACILITY class is not already active, issue the SETROPTS
command as follows:
SETROPTS CLASSACT(FACILITY)
(To
ensure that the FACILITY class is active, you can issue the SETROPTS
LIST command.)
- To refresh the FACILITY resource class, issue SETROPTS RACLIST:
SETROPTS RACLIST(FACILITY) REFRESH