z/OS DFSMS Managing Catalogs
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


Storage Administration (STGADMIN) Profiles in the FACILITY Class

z/OS DFSMS Managing Catalogs
SC23-6853-00

To control the ability to perform functions associated with storage management, define profiles in the FACILITY class whose profile names begin with STGADMIN (storage administration). The STGADMIN.IGG facility classes are only intended for SMS data sets.

If defined, these profiles are checked before a user is allowed to perform the protected function. Users must have read access to the specific profile in order to use the protected functions. If these profiles are not defined, other RACF® checking is still made to verify authority.

Start of change Note that the following STGADMIN.IGG statement permissions are checked with LOG=NONE:
  • STGADMIN.IGG.DELNVR.NOBCSCHK
  • STGADMIN.IGG.DEFDEL.UALIAS
  • STGADMIN.IGG.DEFINE.RECAT
  • STGADMIN.IGG.DELETE.RENAME
End of change
Some FACILITY profiles are not checked if the caller is using the system key or is running in supervisor state. These profiles are:
  • STGADMIN.IGG.DEFDEL.UALIAS
  • STGADMIN.IGG.DEFNVSAM.NOBCS
  • STGADMIN.IGG.DEFNVSAM.NONVR
  • STGADMIN.IGG.DELETE.NOSCRTCH
  • STGADMIN.IGG.DELGDG.FORCE
  • STGADMIN.IGG.DELGDG.RECOVERY
  • STGADMIN.IGG.DELNVR.NOBCSCHK
  • STGADMIN.IGG.DIRCAT
  • STGADMIN.IGG.LIBRARY
  • STGADMIN.IGG.DEFINE.RECAT
Define the following classes to protect catalog functions. For a complete list of STGADMIN profiles, see z/OS DFSMSdfp Storage Administration.
STGADMIN.IDC.DIAGNOSE.CATALOG
protects the ability to use the access method services DIAGNOSE command against catalogs.
STGADMIN.IDC.DIAGNOSE.VVDS
protects the ability to use the access method services DIAGNOSE command against a VVDS when a comparison is made to a BCS.
STGADMIN.IDC.EXAMINE.DATASET
protects the ability to use the access method services EXAMINE command on catalogs.
STGADMIN.IGG.ALTER.SMS
controls the ability to alter the storage class and management class of an SMS-managed data set. If the profile is not built, the user must have RACF authority to the storage class and the management class to alter it. To use this profile, the administrator must have ALTER access to the data set whose storage or management class is to be changed.
STGADMIN.IGG.ALTER.UNCONVRT
protects the ability to alter an SMS-managed catalog data set to an unmanaged catalog data set.
STGADMIN.IGG.DEFDEL.UALIAS
allows you to define or delete an alias related to a usercatalog without further authorization checking.
STGADMIN.IGG.DEFNVSAM.NOBCS
controls the ability to define or alter a NVR for a data set without affecting the BCS entry if one exists. This profile is only checked by authorized services using the LOCATE macro, not by utilities like IDCAMS.
STGADMIN.IGG.DEFNVSAM.NONVR
controls the ability to define or alter a BCS for a data set without affecting the VVDS entry if one exists. This profile is only checked by authorized services using the LOCATE macro, not by utilities like IDCAMS.
STGADMIN.IGG.DELETE.NOSCRTCH
protects the ability to delete the BCS entry for an SMS-managed data set without deleting the data set itself (for example, using DELETE NOSCRATCH). This protects against functions that uncatalog data sets.
STGADMIN.IGG.DELGDG.FORCE
protects the ability to use DELETE FORCE on a generation data group that contains an SMS-managed generation data set. The DELETE GDG FORCE command deletes SMS generation data sets referenced by the generation data group. It also removes the generation data group entry in the catalog.
STGADMIN.IGG.DELGDG.RECOVERY
this command deletes the generation data group and uncatalogs the SMS generation data sets. When you use this command, the generation data group entry is deleted from the catalog and generation data sets remain unaffected in the VTOC, and if SMS managed, in the VVDS.
STGADMIN.IGG.DELNVR.NOBCSCHK
protects the ability to delete the VVDS entry (the NVR) for an SMS-managed non-catalog data set and to bypass the catalog name and BCS entry checking. If there is a BCS entry or if the catalog name contained in the NVR does not match the catalog provided in the request, the function is denied unless the user has authority to this profile.
STGADMIN.IGG.DIRCAT
protects the ability to direct a catalog request to a specific catalog, bypassing the normal catalog search. A directed catalog request is one in which the catalog name is explicitly passed to catalog management in the CATALOG parameter of access method services commands.
Note on catalog requests in SMS : In an SMS environment, all the catalog requests against SMS-managed data sets should be satisfied by the normal catalog search order. You must be authorized to this facility class in order to direct the catalog request to a specific catalog, unless you are using one of the following commands:
  • LISTCAT
  • DEFINE ALIAS of a usercatalog
  • IMPORT CONNECT
  • EXPORT CONNECT
  • LISTCAT LEVEL, and other catalog commands that list the catalog in a generic manner.
STGADMIN.IGG.DLVVRNVR.NOCAT
protects the ability to delete a VVR or NVR without an associated catalog. Users having RACF READ authority to the facility class will need no other RACF authority to the master catalog to perform the DELETE NVR or DELETE VVR functions.
Note: Access to this facility class should be restricted to users who understand the risk involved in deleting a VVR or NVR entry from a VVDS.
STGADMIN.IGG.DELETE.RENAME
controls the ability to delete data set entries flagged as "rename in process". Attempts without the facility class for data sets flagged in this manner receive message IDC3009I with a return code of 90 and a reason code of 54. The "rename in progress" flag is ignored for users having RACF READ authority to the facility class and issuing a DELETE, and the entry is deleted. This facility class is intended for maintenance purposes.
STGADMIN.IGG.LIBRARY
protects the ability to DEFINE, DELETE or ALTER tape library and tape volume entries.
STGADMIN.IGG.DEFINE.RECAT
controls the ability to DEFINE RECATALOG a data set without having any authorization to the data set. The only data set authorization is:
  • Users must have ALTER authority to the target and source catalog while performing a REPRO MERGECAT
  • Users must have UPDATE authority to the target catalog while performing a DEFINE RECATALOG

The primary purpose of this RACF facility class is for REPRO MERGECAT command processing. Historically, there was a security restriction in REPRO MERGECAT processing where in Catalog Management requires the catalog administrator who executes the REPRO MERGECAT command to have ALTER authority to the data set(s). With this RACF facility class, the REPRO MERGECAT function does not require ALTER authority to the data set(s) being moved.

In order to use the REPRO MERGECAT command, you must do the following RACF set-up:
  • ALTER authority to both source and target catalogs
  • READ authority to the following RACF facility classes:
    • STGADMIN.IGG.DELETE.NOSCRTCH
    • STGADMIN.IGG.DEFINE.RECAT
Parent topic: Controlling Catalog Functions with RACF Profiles in the FACILITY Class

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014