The following sequence of RACF® commands
illustrates one way you can set up an execute-controlled
library. Assume the program is member XCLPGM in program library KBROWN.PGMLIB2.
- If program control is not active, enter:
SETROPTS WHEN(PROGRAM)
After
program control is active, it remains active until your installation
deactivates it by issuing the SETROPTS command with the NOWHEN(PROGRAM)
operand.
- Define a data set profile to protect the private program library by
issuing the ADDSD command with the appropriate operands. The following
command defines a data set profile to protect program library KBROWN.PGMLIB2.
The command assigns a UACC of EXECUTE to allow all users to execute
but not otherwise access the library.
ADDSD 'KBROWN.PGMLIB2' UACC(EXECUTE)
- Define a specific profile in the PROGRAM class that
protects the controlled program. The following command identifies
only program XCLPGM as a controlled program.
RDEFINE PROGRAM XCLPGM ADDMEM('KBROWN.PGMLIB2'/VOL6A/NOPADCHK)
Note: If
you intend to run in ENHANCED program security mode, add APPLDATA('MAIN') to
this RDEFINE command.
- Refresh the in-storage program control tables by issuing the following
command.
SETROPTS WHEN(PROGRAM) REFRESH
This
ensures that the changes take effect immediately.