Before you begin: For each zFS file system, ask the z/OS® UNIX administrator
for the name of the MVS™ data
set where the file system is stored.
Perform the following steps to restrict access to a zFS file system.
- Define a profile in the FSACCESS class to protect each zFS file
system. The profile name is the name of the MVS data set that contains the file system.
Example:
RDEFINE FSACCESS OMVS.ZFS.WEBSRV.TOOLS UACC(NONE)
If
multiple file systems are stored in data sets with similar names,
you can define a generic profile name to protect multiple file systems.
Before you define a generic profile in the FSACCESS class, enable
generics for the class, as follows.
Example:
SETROPTS GENERIC(FSACCESS)
RDEFINE FSACCESS OMVS.ZFS.WEBSRV.** UACC(NONE)
______________________________________________________________________
- Authorize selected users and groups with UPDATE access.
Example:
PERMIT OMVS.ZFS.WEBSRV.TOOLS CLASS(FSACCESS) ID(GROUPB USER19) ACCESS(UPDATE)
______________________________________________________________________
- Activate your profile changes in the FSACCESS class, as follows.
- If the FSACCESS class is not already active, activate and RACLIST
it.
Example:
SETROPTS CLASSACT(FSACCESS) RACLIST(FSACCESS)
- If the FSACCESS class is already active and RACLISTed, refresh
it.
Example:
SETROPTS RACLIST(FSACCESS) REFRESH
______________________________________________________________________
You have now restricted access to a zFS file system to only the
specified users and groups.