Valid on z/VM.
Use DIAGNOSE to secure the use of CP diagnose codes.
When used with TSS ADDTO/REMOVE, this resource class has the following format:
TSS ADDTO(acid) DIAGNOSE(oper,...)
One to four characters (0‑9, A‑F)
One to five DIAGNOSE codes per TSS command
When used with TSS PERMIT/REVOKE, this resource class has the following format:
TSS PERMIT(acid) DIAGNOSE(oper,...)
One to four characters (0‑9, A‑F)
One to five DIAGNOSE codes per TSS command
DIAGNOSE is used with:
The administrator can use the following methods to control access to DIAGNOSE codes: Expiration, Facility, Time/Day, and Actions.
This example protects a DIAGNOSE code 84 (Directory Update In Place), by assigning ownership to the Systems Programming Department (SYSPDEPT):
TSS ADDTO(SYSPDEPT) DIAGNOSE(84)
The administrator may now PERMIT limited access to users or profiles that require access.
This example removes ownership:
TSS REMOVE(SYSPDEPT) DIAGNOSE(84)
This example permits a programmer to use DIAGNOSE code 84 (Directory Update In Place):
TSS PERMIT(PROGUSER) DIAGNOSE(84)
In this example, VMPRIV is implied.
The administrator may revoke PROGUSER's permission:
TSS REVOKE(PROGUSER) DIAGNOSE(84)
Some DIAGNOSE codes have both privileged and nonprivileged subcodes; therefore, This example permits an ACID to execute nonprivileged forms of DIAGNOSE 80 (MSSFCALL):
TSS PERMIT(USER01) DIAGNOSE(80)
This example permits USER01 to issue privileged forms of DIAGNOSE 80 (for example, to write to the IOCDS):
TSS PERMIT(USER01) DIAGNOSE(80)
ACTION(VMPRIV)
|
Copyright © 2014 CA Technologies.
All rights reserved.
|
|