z/OS Security Server RACF Callable Services
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


IPC security credentials (CREI)

z/OS Security Server RACF Callable Services
SA23-2293-00

The IPC security credentials (CREI) structure is used in the z/OS UNIX IPC system to pass data from the kernel to RACF®.

The CREI is built by the kernel, and is created for each system call entry to RACF.

The CREI contains:
  • User information: a user type field that indicates whether the caller is a standard z/OS UNIX process known to RACF, or a system function that is not a process.

    Functions that accept a system caller process the request as if the caller is a superuser. If an audit record is written, the user z/OS UNIX user identifier (UID) and z/OS UNIX group identifier (GID) values in the record are set to -1.

  • Audit data: data known by the kernel that needs to be passed through the IPC system to the RACF callable services for auditing. This data includes an audit function code, which identifies the system call being processed. The audit function codes are described in z/OS Security Server RACF Data Areas.
  • IPC key: the key of the IPC service that is being checked.
  • IPC identifier: the identifier of the IPC service that is being checked.

The CREI structure is mapped by the IRRPCREI mapping macro.

For the mapping of the CREI, see z/OS Security Server RACF Data Areas.

Parent topic: Using the RACF callable services

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014