z/OS Security Server RACF Command Language Reference
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


RACPRIV (Set write-down privileges)

z/OS Security Server RACF Command Language Reference
SA23-2292-00

Purpose

Use the RACPRIV command to allow users, who are authorized to the profile IRR.WRITEDOWN.BYUSER in the FACILITY class, to set, reset, and query the setting of the write-down privilege that they are running within their address space. This command ends with an error message if write-down by user is not active on the system.

To activate write-down by user, the profile IRR.WRITEDOWN.BYUSER must be defined in the FACILITY class, the FACILITY class must be active and RACLISTed, and the SETR MLS option must be active.

Issuing options

The following table identifies the eligible options for issuing the RACPRIV command:

As a RACF® TSO command? As a RACF operator command? With command direction? With automatic command direction? From the RACF parameter library?
Yes No No No No

For information on issuing this command as a RACF TSO command, refer to RACF TSO commands.

Authorization required

To issue the RACPRIV command, the user must have at least READ access to IRR.WRITEDOWN.BYUSER.

Syntax

For the key to the symbols used in the command syntax diagrams, see Syntax of RACF commands and operands. The complete syntax of the RACPRIV command is:

   
RACPRIV
 

[ WRITEDOWN [( ACTIVE | INACTIVE | RESET )] ]

For information on issuing this command as a RACF TSO command, refer to RACF TSO commands.

Parameters

WRITEDOWN
Specifies the user's current write-down mode. If WRITEDOWN is specified without a value, or if RACPRIV is issued without any keywords, the current write-down mode is listed. The write-down privilege can only be set, reset, or listed if the FACILITY class is active and RACLISTed, the profile IRR.WRITEDOWN.BYUSER exists in the FACILITY class in the RACLISTed profiles, the SETR MLS option is active, and the user issuing the command has authority to IRR.WRITEDOWN.BYUSER.
ACTIVE
Specifies that the user's write-down mode be set on.
INACTIVE
Specifies that the user's write-down mode be set off.
RESET
Specifies that the user's write-down mode be reset to the user's installation defined default.

Examples

     
Example 1 Operation User DEBBIE1 wants to know her current write-down setting.
Known
  • DEBBIE1 has READ access to IRR.WRITEDOWN.BYUSER.
  • The FACILITY class is active and RACLISTed.
  • The profile IRR.WRITEDOWN.BYUSER exists in the FACILITY class in the RACLISTed profiles.
  • The SETROPTS MLS option is active.
Command RACPRIV
Defaults None.
Output User DEBBIE1 might receive the following message: 
WRITEDOWN is not currently active for this user
Example 2 Operation User DEBBIE1 wants to set her write-down setting to active.
Known
  • DEBBIE1 has READ access to IRR.WRITEDOWN.BYUSER.
  • The FACILITY class is active and RACLISTed.
  • The profile IRR.WRITEDOWN.BYUSER exists in the FACILITY class in the RACLISTed profiles.
  • The SETROPTS MLS option is active.
Command RACPRIV WRITEDOWN(ACTIVE)
Defaults None.
Output User DEBBIE1 will receive the following message: 
WRITEDOWN is currently active for this user
Parent topic: RACF command syntax

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014