Resources › CPU Resource Class—Secure CPU Access

CPU Resource Class—Secure CPU Access

Valid on z/OS and z/VM.

Use CPU to:

• Secure an ACID's access to a particular CPU
• Force an ACID to enter the system only through a particular CPU

When used with TSS ADDTO/REMOVE, this resource class has the following format:

TSS ADDTO(acid) CPU(smfid|id from DMKSYS)

Prefix length

One to four characters for z/OS, One to eight characters for VM

Capacity of list

One to five CPU IDs per TSS command

When used with TSS PERMIT/REVOKE, this resource class has the following format:

TSS PERMIT(acid) CPU(smfid)

Prefix length

One to four characters for z/OS, One to eight characters for VM

Capacity of list

One to five CPU IDs per TSS command

This keyword is used with:

• The commands CREATE, ADDTO, REMOVE, PERMIT, REVOKE, ADMIN, DEADMIN, WHOOWNS, and WHOHAS
• The ACID types User, Profile, Department, Division, Zone, DCA, VCA, ZCA, LSCA, SCA, and MSCA when used with TSS ADD/REMOVE
• The ACID types User, Profile, DCA, VCA, ZCA, LSCA, SCA, and MSCA when used with TSS PERMIT/REVOKE
• CPU(OWN) authority to ADD or REMOVE ownership of CPU from ACIDs
• CPU(XAUTH) authority to PERMIT or REVOKE access to CPUs

The administrator can use any of the following methods to control access to CPUs: Expiration, Facility, Program Pathing, Time/Day, and Actions. The administrator can use any of the following methods to control access to CPUs details on each of the access control methods.

Examples: CPU resource class

This example protects the CPU, SYSA, byr assigning ownership to Department 01:

TSS ADDTO(DEPT01) CPU(SYSA)

The administrator may now PERMIT access to users or to profiles that require access.

This example removes ownership:

TSS REMOVE(DEPT01) CPU(SYSA)

This example permits the day shift to execute BATCH jobs on CPU‑SYSA:

TSS PERMIT(DAYPROF) CPU(SYSA) FACILITY(BATCH)

This example revokes access to SYSA:

TSS REVOKE(DAYPROF) CPU(SYSA)