Native Shared File System (SFS) administration provides for one or more administrators who have unrestricted access to everything in a filepool. This forces you to create separate filepools whenever you want to grant an SFS administrator authority over a subset of users. While you may want multiple filepools for performance reasons, they may not be the answer to providing greater ease of administrative authority. Even creating multiple filepools does not always solve the problem of splitting authority in a detailed and flexible manner.
CA ACF2 for z/ VM provides the option of validating SFS-related commands SFS administrators issue through the CA ACF2 for z/ VM command limiting feature. The command rule key is always SFS_ followed by up to eight bytes of command name. For example, the SFS QUERY command rule key is SFS_QUERY. You must include the rule key of any SFS command to be validated explicitly or implicitly in the COMMANDS keyword of the CMDLIM VMO record.
The SFS command syntax to be validated is not free form like CP commands. Instead, SFS reconstructs each command in a fixed format before passing it to CA ACF2 for z/ VM. CA ACF2 for z/ VM uses this reconstructed syntax to create command limiting models.
This section contains the following topics:
|
Copyright © 2013 CA Technologies.
All rights reserved.
|
|