BPX Facility Resource Classes

The BPX facility resources classes are:

BPX.SUPERUSER: Allows non‑superusers to gain superuser authority. (Control over UNIX command su).
BPX.DAEMON: Allows daemon programs to validate user password and then change the identity of a spawned address space (control over setuid ( ) and seteuid ( ) ).
BPX.SERVER: Allows daemon programs to customize the security environment of a thread.
BPX.SMF: Restricts access for C/C++ applications to generate SMF records without requiring APF authorization.
BPX.DEBUG: Allows users to use dbx to debug programs that run as APF‑authorized or with BPX.SERVER authority.
BPX.WLMSERVER: Allows users to use WLM server functions.
BPX.STOR.SWAP: Allows users to make address spaces non-swappable.
BPX.FILEATTR.APF: Allows users to turn on the APF‑authorized attribute for an HFS file.
BPX.FILEATTR.PROGCTL: Allows users to turn on the program controlled attribute for an HFS file.
BPX.JOBNAME: Controls which users are allowed to set their own job names by using the BPX.JOBNAME environment variable or the inheritance structure on spawn. Users with READ or higher permissions to this resource can define their own job names.

For information on the BPX facility resources classes, see the z/OS UNIX Systems Services Planning Guide.

Examples: BPX facility resource classes

This example establishes BPX.SUPERUSER ownership:

TSS ADD(dept) IBMFAC(BPX.)

This example grants access to specific resources:

TSS PER(acid) IBMFAC(BPX.SMF)

This example restricts access for C/C++ applications to generate SMF records without requiring APF authorization.

TSS PER(acid) IBMFAC(BPX.SMF) ACC(READ)