Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
Activating security labels by system image (SECLBYSYSTEM option) z/OS Security Server RACF Security Administrator's Guide SA23-2289-00 |
|
If you have the SPECIAL attribute, and if the SECLABEL class is active, you can allow activation of security labels on a system image basis. Specify the SMF ID of each selected system in the member list of profiles in the SECLABEL class to indicate that a particular security label is active on that system. Rules:
After activating SECLBYSYSTEM, you must issue SETROPTS RACLIST(SECLABEL) REFRESH to complete the activation of security labels by system. This option cannot be activated when the SECLABEL class is inactive. To activate this option, enter:
To cancel the SECLBYSYSTEM option, specify NOSECLBYSYSTEM on the SETROPTS command. Then, issue the SETROPTS RACLIST(SECLABEL) REFRESH. Note: Do not specify SETROPTS SECLBYSYSTEM if any system sharing the RACF® database is not at the necessary
software level for multilevel security support. Use of the SETROPTS
SECLBYSYSTEM option should not cause problems on these systems, but
it does not provide full protection on these systems. For details,
see z/OS Planning for Multilevel Security and the Common Criteria.
|
Copyright IBM Corporation 1990, 2014
|