You can issue a specific REVOKE to remove one permission by listing the user/profiles XAUTH data, and then issuing the REVOKE exactly as it appears in the listing. For example, the output of the following TSS LIST command would enable the authorization following it to be revoked:
XA DATASET = SYS1.PROCLIB ACCESS = READ PRIVPGM = IEBCOPY
TSS REVOKE(user) DSNAME(SYS1.PROCLIB)
ACCESS(READ)
PRIVPGM(IEBCOPY)
Even if there were other permissions with different access levels or other criteria, only this permission would be revoked.
Everything that can be coded on a PERMIT can be coded on a REVOKE with the exception of the FOR parameter. In this situation, the FOR parameter will list as the UNTIL parameter. Therefore, only the UNTIL parameter should be used with the TSS REVOKE command function.
If you code the REVOKE with only the resource and no other parameters, then all matches of the resource are revoked.
Example: revoke permission
This example revokes all permissions that match it.
TSS REVOKE(user) DSNAME(SYS1.PROCLIB)
|
Copyright © 2009 CA Technologies.
All rights reserved.
|
|