z/OS Security Server RACF Security Administrator's Guide
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


Opening an unlabeled tape for output

z/OS Security Server RACF Security Administrator's Guide
SA23-2289-00

To open an unlabeled tape for output when TAPEDSN is active, the user must have at least UPDATE authority to the tape volume and to all data sets on the volume. If a labeled tape is encountered when opening an output tape and the user has ALTER authority to the volume, the volume label is destroyed and RACF® protection for the volume is deleted. For additional details, see z/OS DFSMS Using Magnetic Tapes.

You should be careful when using nonspecific volume requests for output volumes because the operating system assigns volume serial numbers and it is impossible for you to determine if the volume mounted is defined to RACF under a different number. If your installation plans to use RACF protection for nonlabeled tapes, you should use JCL scans to prevent the use of nonspecific volume requests and establish procedures to ensure that operators mount the correct tapes.
Note:
  1. Because protection is on a volume level, you should specify PROTECT=YES in the DD statement for only one data set on the volume.
  2. RACF protection of nonlabeled tapes does not depend on tape data set protection being active.
  3. RACF does not maintain the TVTOC for nonlabeled tapes. But if the TVTOC contains any entries, RACF uses these entries during authorization checking.
  4. You cannot RACF-protect nonlabeled tapes that have a volume serial number of "Lnnnnn".
Parent topic: Tape data set and tape volume protection for nonlabeled (NL) tapes

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014