z/OS Security Server RACF Security Administrator's Guide
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


Unknown, blank, and undefined security labels

z/OS Security Server RACF Security Administrator's Guide
SA23-2289-00

When you receive a SYSOUT data set with an unknown security label (consisting of hexadecimal zeros) or a blank security label while the SECLABEL class is active on the receiving node, RACF® assigns a security label called RACSLUNK to the SYSOUT data set. When you receive a SYSOUT data set with a security label that is not defined on your system, the data set keeps its security label and RACSLUNK label is not assigned.

While the SECLABEL class is active, no users are authorized to access SYSOUT data sets with unknown, blank, or undefined labels, until you take one of the following actions:
  • Define the RACSLUNK or undefined label to RACF as a security label in the SECLABEL class and authorize users to access it.
  • Translate the RACSLUNK or undefined label to a defined security label on your node using the ADDMEM value of a NODES class profile. (See Understanding NODES profiles.) Tip: Translate an undefined label to a defined security label that uses the same level and category authorizations, if one already exists.
With either action, a user must be logged on with the appropriate security label to access the SYSOUT data set.
Parent topic: Setting up NODES profiles

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014