z/OS Security Server RACROUTE Macro Reference
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


Return codes and reason codes

z/OS Security Server RACROUTE Macro Reference
SA23-2294-00

If the return codes and reason codes you are receiving are not discussed in this macro, refer to the return codes and reason codes described with RACROUTE REQUEST=DEFINE Return codes and reason codes.

When control is returned, register 15 contains one of the following return codes, and register 0 can contain a reason code.
Hex code
Meaning
00
RACDEF has completed successfully. Register 0 contains one of the following reason codes:
Reason code
Meaning
00
Indicates a normal completion.
04
Indicates RACFIND=NO was specified and no generic profile applying to the data set was found.
04
RACDEF has completed processing. Register 0 contains one of the following reason codes:
Reason code
Meaning
00
Indicates the following:
-
For TYPE=DEFINE, the resource name was previously defined.
-
For TYPE=DEFINE,NEWNAME, the new resource name was previously defined.
-
For TYPE=DELETE, the resource name was not previously defined.
04
Indicates for TYPE=DEFINE that the data set name was previously defined on a different volume and that the option disallowing duplicate data sets was specified at IPL.
08
RACDEF has completed processing. Register 0 contains one of the following reason codes:
Reason code
Meaning
00
Indicates the following:
-
For TYPE=DEFINE, the check for authority to allocate a data set or create a profile with the specified name has been failed.
-
For TYPE=DELETE or TYPE=DEFINE,NEWNAME if CHKAUTH=YES is specified, the authorization check has been failed.
-
For TYPE=ADDVOL,OLDVOL (or for TYPE=CHGVOL,OLDVOL) the old value was not defined.
04
Indicates for TYPE=DEFINE that no profile was found to protect the data set and that the RACF® protect-all option is in effect.
08
Indicates TYPE=DEFINE (or TYPE=ADDVOL,OLDVOL or TYPE=CHGVOL,OLDVOL) and DSTYPE=T were specified, and the user is not authorized to define a data set on the specified volume.
0C
Indicates TYPE=DEFINE and DSTYPE=T were specified, and the user is not authorized to define a data set with the specified name.
10
Indicates DSTYPE=T or CLASS=TAPEVOL was specified, and the user is not authorized to specify LABEL=(,BLP).
20
Indicates the data set owner is not authorized to use the specified DFP storage class.
24
Indicates the data set owner is not authorized to use the specified DFP management class.
0C
For TYPE=DEFINE,NEWNAME, the old data set name was not defined; or if the generation-data-group (GDG) modeling function is active, an attempt was made to rename a GDG name to a name that requires the creation of a new profile; or if generic profile checking is active, the old data set name was protected by a generic profile and there is no generic profile that protects the new data set name. This last case refers only to an attempt to rename an existing profile, which cannot be found.
10
For TYPE=DEFINE with MENTITY, the model resource was not defined.
64
Indicates that the CHECK subparameter of the RELEASE keyword was specified on the execute form of the RACDEF macro; however, the list form of the macro does not have the proper RELEASE parameter. Macro processing terminates.
Parent topic: RACDEF (standard form)

Example 1

Invoke RACF to define a discrete profile for a non-VSAM data set residing on the volume pointed to by register 8. Register 7 points to the data set name. All successful requests for update authority to the data set are to be audited, as well as all unsuccessful ones. 
RACDEF  ENTITY=(R7),VOLSER=(R8),CLASS='DATASET',
        AUDIT=(SUCCESS(UPDATE),FAILURES),
        RACFIND=YES

Example 2

Use the standard form of the RACDEF macro to define a discrete data set profile for a non-VSAM DASD data set. The data set for which you are creating a profile is a non-VSAM DASD data set named DSNAME. It resides on a volume ID named VOLID. You want to create a discrete profile by specifying the RACFIND keyword. In addition, you want to notify the user called USERNAME of any access attempts that have been rejected because they exceed the UACC of READ that you are allowing. 
RACDEF ENTITY=DSNAME,VOLSER=VOLID,CLASS='DATASET',UACC=READ,     X
       RACFIND=YES,NOTIFY=USERNAME,RELEASE=1.7

Example 3

Use the standard form of the macro to check the authority of a user to define a discrete data set profile for a non-VSAM DASD data set, but do not actually build the profile. The name of the data set is DSNAME. 
RACDEF ENTITY=DSNAME,VOLSER=VOLID,CLASS='DATASET',RACFIND=NO

Example 4

Use the standard form of the macro to define a generic data set profile protecting a resource named PROFNAME. Use the discrete profile protecting a resource named MDELPROF whose volser is in MDELVOL as a model for the new profile. Notify the user named USERNAME of any access attempts that have been rejected because they exceed the UACC of READ that you are allowing. 
RACDEF ENTITY=PROFNAME,CLASS='DATASET',GENERIC=YES,MENTITY=MDELPROF,  X
       MVOLSER=MDELVOL,UACC=READ,NOTIFY=USERNAME,RELEASE=1.7

Example 5

Use the standard form of the macro to define a tape-volume profile for a volume whose ID is VOLID. Allow a universal-access level of READ. 
RACDEF ENTITY=VOLID,CLASS='TAPEVOL',UACC=READ

Example 6

Use the standard form of the macro to delete a discrete data set profile named DSNAME, located on the volume named VOLID. 
RACDEF TYPE=DELETE,ENTITY=DSNAME,VOLSER=VOLID,CLASS='DATASET'

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014