Security server example

This information unit presents a security server coding example using RACF® to achieve the required access and invocation control as described in Controlling access to RMF data for the sysplex data services.

  1. To activate the resource class FACILITY: 
    SETROPTS CLASSACT(FACILITY) GENCMD(FACILITY) GENERIC(FACILITY)
  2. To define the profile: 
    RDEFINE FACILITY profile UACC(NONE)
    where profile is one of the following profile names:
    • ERBSDS.SMFDATA (mandatory)
    • ERBSDS.MON2DATA (optional)
    • ERBSDS.MON3DATA (optional)
    • or the generic profile name ERBSDS.*.
  3. To grant the user ID of the application program READ access: 
    PERMIT profile CLASS(FACILITY) ID(userid) ACC(READ)
  4. Activate changes: 
    SETROPTS RACLIST(FACILITY) REFRESH