Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
Establishing a security retention period for tape data sets (RETPD option) z/OS Security Server RACF Security Administrator's Guide SA23-2289-00 |
|
The RACF® security retention period is the number of days that RACF protection remains in effect for a tape data set. For example, to select tape volumes to return to the scratch pool, a tape librarian can issue the SEARCH command with the EXPIRES operand. When the librarian issues this command, RACF uses the security retention period to check if RACF protection for all data sets on a tape volume has expired. If RACF protection has expired, the tape volume can be returned to the scratch pool. If you use a tape management system, such as DFSMSrmm, you need not enable RETPD. For more information, see Using DFSMSrmm with RACF. If you define a tape volume with a TVTOC, RACF uses the security retention period when checking the authority to overwrite a data set on the volume with a data set of a different name. Before opening the tape data set for output, RACF ensures that the security retention periods for all of the following data sets on the volume have expired. Users can specify a security retention period on the ADDSD and ALTDSD commands, or, for data sets covered by a discrete profile, by the use of the EXPDT/RETPD JCL operands. If a user does not specify a retention period with RACF commands or JCL, RACF selects a retention period through profile modeling, an installation exit, or a system default set with the RETPD operand on the SETROPTS command. If you have the SPECIAL attribute, you can establish a system default
number of days with the RETPD operand. With this operand, you can
specify a one to five digit number in the range of 0 - 65533. To set
a default retention period for a data set that never expires, specify
99999. The following example shows how to specify a RACF security retention period of 365 days:
RACF uses the default security
retention period for a tape data set in the following situations:
For example, if a user specifies RETPD=0 on the JCL statement and your installation has established a default retention period of 365 using SETROPTS RETPD, RACF uses 365 as the retention period for the user's data set. The default security retention period when RACF is installed is RETPD(0), to indicate no
retention period.
Note:
|
Copyright IBM Corporation 1990, 2014
|