z/OS UNIX System Services Planning
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


Steps for setting up the CHOWN.UNRESTRICTED profile

z/OS UNIX System Services Planning
GA32-0884-00

Before you begin: CHOWN.UNRESTRICTED must be a discrete profile. Matching generic profiles are ignored.

Perform the following steps to set up the CHOWN.UNRESTRICTED profile.

  1. Define the discrete profile in the UNIXPRIV class called CHOWN.UNRESTRICTED:
    RDEFINE UNIXPRIV CHOWN.UNRESTRICTED UACC(NONE)

    _______________________________________________________________

  2. Permit the user or group with the appropriate access level. UPDATE access is required in order to change ownership to UID 0. READ access is required to change ownership to any other UID value, or to the GID of a group to which the user is not connected. For example:
    PERMIT CHOWN.UNRESTRICTED CLASS(UNIXPRIV)ID(GRPX) ACCESS(READ)
    If you do not activate the UNIXPRIV class and activate SETROPTS RACLIST processing for the UNIXPRIV class, only superusers are allowed to transfer ownership of files to others.

    _______________________________________________________________

  3. Activate the SETROPTS RACLIST processing for the UNIXPRIV class, if it is not already active.
    SETROPTS RACLIST(UNIXPRIV)
    If SETROPTS RACLIST processing is already in effect for the UNIXPRIV class, you must refresh SETROPTS RACLIST processing in order for the CHOWN.UNRESTRICTED profile to take effect.
    SETROPTS RACLIST(UNIXPRIV) REFRESH

    _______________________________________________________________

When you are done, you have set up the CHOWN.UNRESTRICTED profile in the UNIXPRIV class.

Parent topic: Allowing z/OS UNIX users to change file ownerships

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014