|
If the return codes and reason codes you are receiving are not
discussed in this macro, refer to the return codes and reason codes
described with RACROUTE REQUEST=DEFINE Return codes and reason codes.
When control is returned, register 15 contains one of the following
return codes, and register 0 can contain a reason code. - Hex code
- Meaning
- 00
- RACDEF has completed successfully. Register 0 contains one of
the following reason codes:
- Reason code
- Meaning
- 00
- Indicates a normal completion.
- 04
- Indicates RACFIND=NO was specified and no generic profile applying
to the data set was found.
- 04
- RACDEF has completed processing. Register 0 contains one of the
following reason codes:
- Reason code
- Meaning
- 00
- Indicates the following:
- -
- For TYPE=DEFINE, the resource name was previously defined.
- -
- For TYPE=DEFINE,NEWNAME, the new resource name was previously
defined.
- -
- For TYPE=DELETE, the resource name was not previously defined.
- 04
- Indicates for TYPE=DEFINE that the data set name was previously
defined on a different volume and that the option disallowing duplicate
data sets was specified at IPL.
- 08
- RACDEF has completed processing. Register 0 contains one of the
following reason codes:
- Reason code
- Meaning
- 00
- Indicates the following:
- -
- For TYPE=DEFINE, the check for authority to allocate a data set
or create a profile with the specified name has been failed.
- -
- For TYPE=DELETE or TYPE=DEFINE,NEWNAME if CHKAUTH=YES is specified,
the authorization check has been failed.
- -
- For TYPE=ADDVOL,OLDVOL (or for TYPE=CHGVOL,OLDVOL) the old value
was not defined.
- 04
- Indicates for TYPE=DEFINE that no profile was found to protect
the data set and that the RACF® protect-all
option is in effect.
- 08
- Indicates TYPE=DEFINE (or TYPE=ADDVOL,OLDVOL or TYPE=CHGVOL,OLDVOL)
and DSTYPE=T were specified, and the user is not authorized to define
a data set on the specified volume.
- 0C
- Indicates TYPE=DEFINE and DSTYPE=T were specified, and the user
is not authorized to define a data set with the specified name.
- 10
- Indicates DSTYPE=T or CLASS=TAPEVOL was specified, and the user
is not authorized to specify LABEL=(,BLP).
- 20
- Indicates the data set owner is not authorized to use the specified
DFP storage class.
- 24
- Indicates the data set owner is not authorized to use the specified
DFP management class.
- 0C
- For TYPE=DEFINE,NEWNAME, the old data set name was not defined;
or if the generation-data-group (GDG) modeling function is active,
an attempt was made to rename a GDG name to a name that requires the
creation of a new profile; or if generic profile checking is active,
the old data set name was protected by a generic profile and there
is no generic profile that protects the new data set name. This last
case refers only to an attempt to rename an existing profile, which
cannot be found.
- 10
- For TYPE=DEFINE with MENTITY, the model resource was not defined.
- 64
- Indicates that the CHECK subparameter of the RELEASE keyword was
specified on the execute form of the RACDEF macro; however, the list
form of the macro does not have the proper RELEASE parameter. Macro
processing terminates.
Example 1
Invoke RACF to define a
discrete profile for a non-VSAM data set residing on the volume pointed
to by register 8. Register 7 points to the data set name. All successful
requests for update authority to the data set are to be audited, as
well as all unsuccessful ones. RACDEF ENTITY=(R7),VOLSER=(R8),CLASS='DATASET',
AUDIT=(SUCCESS(UPDATE),FAILURES),
RACFIND=YES
Example 2
Use the standard form of the RACDEF macro to define a discrete
data set profile for a non-VSAM DASD data set. The data set for which
you are creating a profile is a non-VSAM DASD data set named DSNAME.
It resides on a volume ID named VOLID. You want to create a discrete
profile by specifying the RACFIND keyword. In addition, you want to
notify the user called USERNAME of any access attempts that have been
rejected because they exceed the UACC of READ that you are allowing. RACDEF ENTITY=DSNAME,VOLSER=VOLID,CLASS='DATASET',UACC=READ, X
RACFIND=YES,NOTIFY=USERNAME,RELEASE=1.7
Example 3
Use the standard form of the macro to check the authority of a
user to define a discrete data set profile for a non-VSAM DASD data
set, but do not actually build the profile. The name of the data set
is DSNAME. RACDEF ENTITY=DSNAME,VOLSER=VOLID,CLASS='DATASET',RACFIND=NO
Example 4
Use the standard form of the macro to define a generic data set
profile protecting a resource named PROFNAME. Use the discrete profile
protecting a resource named MDELPROF whose volser is in MDELVOL as
a model for the new profile. Notify the user named USERNAME of any
access attempts that have been rejected because they exceed the UACC
of READ that you are allowing. RACDEF ENTITY=PROFNAME,CLASS='DATASET',GENERIC=YES,MENTITY=MDELPROF, X
MVOLSER=MDELVOL,UACC=READ,NOTIFY=USERNAME,RELEASE=1.7
Example 5
Use the standard form of the macro to define a tape-volume profile
for a volume whose ID is VOLID. Allow a universal-access level of
READ. RACDEF ENTITY=VOLID,CLASS='TAPEVOL',UACC=READ
Example 6
Use the standard form of the macro to delete a discrete data set
profile named DSNAME, located on the volume named VOLID. RACDEF TYPE=DELETE,ENTITY=DSNAME,VOLSER=VOLID,CLASS='DATASET'
|