Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Security doc org refactor #3978

Open
wants to merge 15 commits into
base: master
Choose a base branch
from
+701 −333
Open

Security doc org refactor #3978

Show file tree
Hide file tree
Changes from 11 commits
Commits
Show all changes
15 commits
Select commit Hold shift + click to select a range
eea5467
initial refactor with title change and collapsable ESM commands
janan07 Nov 1, 2024
55335a7
initial component listing for security customization
janan07 Nov 4, 2024
8f637e9
readd Configure address space job naming
janan07 Nov 4, 2024
d7cb4e9
formatting
janan07 Nov 4, 2024
e50bbd0
formatting
janan07 Nov 4, 2024
118ec2f
formatting
janan07 Nov 4, 2024
1faea93
remove summary for ACF2
janan07 Nov 4, 2024
ac265e8
Merge branch 'master' into janan07-security-doc-org-refactor
janan07 Nov 4, 2024
ef69d93
re add ACF2 collapsable content
janan07 Nov 4, 2024
8302558
Merge branches 'janan07-security-doc-org-refactor' and 'janan07-secur…
janan07 Nov 4, 2024
8affbc3
fix note at the bottom of systemrequirements-zos
janan07 Nov 4, 2024
afcda3e
address Sean's comments
janan07 Nov 5, 2024
f0077ec
add link to zwe init security
janan07 Nov 5, 2024
1839c4b
fix typo and add roles
janan07 Nov 5, 2024
9b9f049
shuffle content from initializing Zowe security configuration into Co…
janan07 Nov 7, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 17 additions & 0 deletions docs/user-guide/assign-security-permissions-to-users.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,23 @@ see [zwe init security](../appendix/zwe_server_command_reference/zwe/init/zwe-in
| Cross memory server (ZIS) | FACILITY | `ZWES.IS` | READ | Allow Zowe ZWESLSTC processes to access the Zowe ZIS cross memory server. | This parameter permits the Zowe main server to use ZIS cross memory server. Run the command that applies to your ESM. <br/>• [RACF](https://github.com/zowe/zowe-install-packaging/blob/79527166f34e28c205c5f60bf4b4bb7b630bc6a1/workflows/templates/ZWESECUR.vtl#L329) <br/>• [ACF2](https://github.com/zowe/zowe-install-packaging/blob/79527166f34e28c205c5f60bf4b4bb7b630bc6a1/workflows/templates/ZWESECUR.vtl#L560) <br/>• [Top Secret](https://github.com/zowe/zowe-install-packaging/blob/79527166f34e28c205c5f60bf4b4bb7b630bc6a1/workflows/templates/ZWESECUR.vtl#L780) |


## Configuring address space job naming

The user ID `ZWESVUSR` that is associated with the Zowe started task must have `READ` permission for the `BPX.JOBNAME` profile in the `FACILITY` class. This is to allow setting of the names for the different z/OS UNIX address spaces for the Zowe runtime components.

1. To display who is authorized to the profile, issue the following command:
```
RLIST FACILITY BPX.JOBNAME AUTHUSER
```

2. Activate the facility class, permit `BPX.JOBNAME`, and refresh facility class:
```
SETROPTS CLASSACT(FACILITY) RACLIST(FACILITY)
PERMIT BPX.JOBNAME CLASS(FACILITY) ID(ZWESVUSR) ACCESS(READ)
SETROPTS RACLIST(FACILITY) REFRESH
```

For more information, see [Setting up the UNIX-related FACILITY and SURROGAT class profiles](https://www.ibm.com/support/knowledgecenter/en/SSLTBW_2.3.0/com.ibm.zos.v2r3.bpxb200/fclass.htm) in the "z/OS UNIX System Services" documentation.

## Granting users permission to access z/OSMF

Expand Down
Loading
Loading