Adding an entry to the RACF class - ironstream_for_servicenow_event_mgmt - 7.4

Ironstream for ServiceNow® Event Management for IBM Z Installation

Product type
Software
Portfolio
Integrate
Product family
Ironstream
Product
Ironstream > Ironstream for ServiceNow® Event Management
Version
7.4
Language
English
Content type
Installation
Product name
lronstream for ServiceNow® Event Management for IBM Z
Title
Ironstream for ServiceNow® Event Management for IBM Z Installation
Copyright
2022
First publish date
2007
Last updated
2023-09-04
Published on
2023-09-04T17:10:40.523800

The VP390 task or the task’s owning user requires a z/OS UNIX System Services (USS) segment. Because USS segments are associated with RACF-defined user IDs, you should add an identifying entry for VP390 to a RACF class to meet the USS requirement.

This addition allows the VP390 to run as a started task. If the VP390 is to be run as a submitted job, enter the user ID on the JOB card of the startup job.

To add an entry to the RACF class, follow these steps:

  1. Verify that the STARTED class is defined by entering this command:
    RLIST STARTED *

    This command displays a list of entries for the STARTED class.

  2. Determine whether a RACF user (for example, IBMUSER) has an OMVS segment by entering this command:
    LU IBMUSER OMVS
  3. If the STARTED class is activated, add the VP390 task to the defined user (for example, IBMUSER) by entering this command:
    RDEFINE STARTED VP390.VP390 STDATA(USER(IBMUSER) GROUP(SYS1))

    Then refresh the class by entering this command:

    SETROPTS RACLIST(STARTED) REFRESH

    If the STARTED class is not activated, assign RACF identities to the started procedures.

    Incorporate this sample into the ICHRIN03 job of SYS1.SAMPLIB(RACTABLE)

    Example:
    
    ICHRINO3 CSECT
    COUNT    DC  AL2(((ENDRINO3-COUNT-2)/32)+32768)
    *-------New VP390 Entry-----------------
    ENTRY1   EQU *
    PROC1    DC CL8'VP390 '
    USERID   DC CL8'IBMUSER '
    GROUP1   DC CL8'SYS1 '
    FLAGS1   DC XLI'00' 
             DC XL7'00'
    *-------Last Entry----------------------
    ENTRY2   EQU *
    PROC2    DC CL8'* '
    USERID2  DC CL8'IBMUSER ' GROUP2 DC CL8'= '
    FLAG2    DC XLI'00'
    ENDRINO3 EQU *
    END
RACF allows the started procedures table to contain a generic entry, indicated by an asterisk (* ) in the procedure-name field. When searching the table for a procedure-name match, if RACF finds a procedure name of "*" as the last entry in the table and the procedure name was not specifically matched by any other entry in the table, RACF uses the "*" entry as a match for the procedure. This procedure is documented in the IBM Security Server (RACF) System Programmer's Guide.