Introduction
The profiles in the RACF® database
contain the information RACF needs
to control access to resources. The RACF commands
allow you to add, change, delete, and list the profiles for:
- Users
- Groups
- Data sets
- General resources, which include terminals, DASD volumes, and all other resource classes defined in the RACF class descriptor table (CDT).
Table 1 shows, in alphabetic order, each command, and its function.
Most RACF functions do not require special versions or releases of the operating system or operating system components. However, some do require that your system be at a certain level. If you are unsure about whether a particular RACF function is available with your system, see your security administrator.
Some commands require that the RACF subsystem be active or that you have authorization to issue the commands. Refer to the "Authorization Required" section with each command for details on the authorization required.
The following RACF commands
are available only on RACF for
VM:
- ADDFILE
- ADDDIR
- ALTFILE
- ALTDIR
- DELFILE
- DELDIR
- LFILE
- LDIRECT
- PERMFILE
- PERMDIR
- SRFILE
- SRDIR
See the appropriate RACF Command Language Reference for your VM system for more information.
Note: In data sharing mode or read-only mode, RACF employs global ENQs to serialize access to
the RACF database before adding
or removing protection from a resource. Otherwise - unless
the installation has explicitly converted to GRS - RACF uses
hardware RESERVE/RELEASE.