Resources that configure which line commands are allowed

It is possible to configure which line commands are allowed on the various overview displays. This holds both for overviews from a database query and, for example, from a data set containing configurations for zSecure Alert. For each command, READ access to a resource CKR.ACTION.overview-type.entity.action-character is checked.

Note that you cannot disable the S (show additional information), X or XX (exclude entry for FORALL command), and Z or ZZ (select entry for FORALL command) line action commands.

The different overview-type/entity combinations are:

AD.F: ACF2_RULE

AI.I: ACF2_INFOLINE

AK.F: ACF2_RULELINE

AL.L: ACF2_LID

AR.I: ACF2_INFORULE

CA.$: CICS_DB2TRAN

CD.$: CICS_DB2ENTRY

CE.S: CERTIFICATE CD.$

CL.$: RACF CLASS

CP.$: CICS_PROGRAM

CR.$: CICS_REGION

CS.$: CICS_TRANSACTION

DA.$: DB2_TABLESPACE

DB.$: DB2_BUFFERPOOL

DC.$: DB2_COLLECTION

DD.$: DB2_DATABASE

DE.$: DB2_VARIABLE

DG.$: DB2_STOGROUP

DH.$: DB2_SCHEMA

DJ.$: DB2_JAR

DK.$: DB2_PACKAGE

DL.$: DB2_CONTROL

DM.$: DB2_COLUMN

DN.$: DB2_PLAN

DO.$: DB2_ROUTINE

DP.$: DB2_ACCESS

DQ.$: DB2_SEQUENCE

DR.$: DB2_REGION

DS.$: DSN

DT.$: DB2_TABLE

DU.$: DB2_AUDITPOLICY

DY.$: DB2_DATATYPE

EF.$: RUN_DD

FL.$: FIELD

IC.$: SETROPTS_CLASS

MB.$: MEMBER

MC.$: IMS_REGION

MP.$: IMS_PSB

MQ.$: MQ_REGION

MT.$: IMS_TRANSACTION

QA.$: MQ_CHLAUTH

QC.$: MQ_CONNECT

QH.$: MQ_CHANNEL

QI.$: MQ_INIT

QN.$: MQ_NAMELIST

QO.$: MQ_AUTHINFO

QP.$: MQ_PROCESS

QQ.$: MQ_QUEUE

QT.$: MQ_TOPIC

R1.$: REPORT_AC1

RA.$: RACF_ACCESS

RA.C: RACF_ACCESS (Custom display)

RA.D: RACF_ACCESS (Data set profiles)

RA.G: RACF_ACCESS (Group information)

RA.R: RACF_ACCESS (Resources)

RA.U: RACF_ACCESS (User information)

RC.D: RACF (DATASET entities)

RC.G: RACF (GROUP entities)

RC.M: RACF (User ID summary)

RC.R: RACF (RESOURCE entities)

RC.U: RACF (USER entities)

RD.D: REPORT_NONDEFAULT

RN.D: REPORT_REDUNDANCY

RO.D: REPORT_OUTOFGROUP

RP.$: REPORT_PADS

RR.D: REPORT_PROFILE

RR.R: REPORT_PROFILE

RS.D: REPORT_SENSITIVE

SC.D: RACF REPORT_SCOPE (DATASET entities)

SC.R: RACF REPORT_SCOPE (RESOURCE entities)

SD.$: SENSDSN

SM.D: SMF (DATASET entities)

SM.G: SMF (GROUP entities)

SM.L: SMF (LOGONID entities)

SM.R: SMF (RESOURCE entities)

SM.U: SMF (USER entities)

SP.$: SPT

ST.$: REPORT_STC

TK.$: ICSF_TOKEN

TR.D: TRUSTED (data sets)

TR.R: TRUSTED (Resources)

TR.U: TRUSTED (Users)

UN.$: UNIX

ZA.B: Alert (Category selection)

ZA.C: Alert (Configuration selection)

ZA.D: Alert (Destinations)

ZA.R: Alert (Selection)

You can allocate ddname C2RIMENU to a data set or terminal before starting zSecure, or select the "Debug action commands" option under Setup trace (see the User Reference Manual). For every action command that is selected, a line describing the tested resource is written to the ddname. You can display the C2RIMENU ddname by using the C2RIMENU primary command.

To change the action character or the description, see the User Reference Manual.