Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
Defining tape volumes with a TVTOC z/OS Security Server RACF Security Administrator's Guide SA23-2289-00 |
|
To provide protection for tape data sets, you (or an assigned administrator) can predefine individual tape volumes to RACF® using the RDEFINE command with the TAPEVOL class and TVTOC operand. Tape volumes defined with the RDEFINE command and TVTOC operand are called scratch pool volumes. When RACF processes the RDEFINE command with the TVTOC operand, it places the user ID of the command issuer in the access list of the volume with ALTER authority. A scratch pool volume can be used by any RACF-defined user for output (for writing). When the first user writes a data set to a scratch pool volume, RACF places the user ID of that user in the access list of the volume with ALTER authority. After RACF creates the volume's access list, only the command issuer, the first user of the volume, and any users added to the access list with UPDATE authority can write additional data sets to the volume. For example, to define a tape volume labeled TX0050 with
the attribute that it can hold a TVTOC and assign it a UACC of NONE,
enter:
After you define a tape volume with a TVTOC, you can use generic profiles to protect data sets that reside on that volume. To define a generic profile for data sets, use the ADDSD command and specify the profile name. The following example shows how to define the
generic profile USER03.*.
Note:
|
Copyright IBM Corporation 1990, 2014
|