System Entry Security › Controlling Access to Terminals › Controlling Access to Virtual Machines › Surrogate Control

Surrogate Control

Access verification for surrogate control is automatically invoked when certain program products use the VM Alternate Userid Interface (Diagnose X'D4').

Note: For details about this interface, see the Customization Guide.

For applications written in REXX or EXEC (or where Assembly language is inappropriate), a CMS module called SUROGATE is provided on the installation tape. The module implements the surrogate user facility through command forms. This module can be found on the appropriate mindisk ADMIN(176), ALTADMIN(276), or PREVADMIN(476) (under the AKVMAINT user ID), based on what has been deployed and what setting is applied to the Runtime Environment tag of the server.

Surrogacy is administered through the following command functions:

SUROGATE SET  userid|*  [ acid ]
SUROGATE RESET  userid|*

SET

Establishes an alternate ACID under which a virtual machine runs.

Permission for use of the virtual machine and authorization to the Alternate ACID being set are granted as follows:

TSS PERMIT(issuer) VMMACH(target-of-set) ACCESS(SUROGATE)
TSS PERMIT(issuer) ACID(acid-used-in-set)

• issuer—Is the controller ACID
• target-of-set—Is the worker virtual machine (CP directory id). It must be logged on when SUROGATE SET is issued
• acid-used-in-set—Is the Alternate ACID used in SUROGATE SET or RESET.

Note: The ACID authority is not required if issuer has the NOSUBCHK attribute.

SUROGATE SET remains in effect until it is explicitly reset bySUROGATE RESET or until the target of the set logs off.

VMMACH access validation in surrogate processing is always treated in FAIL mode.

Userid

Gives the ID of the virtual machine that acts with another’s authority.

*

Indicates the vmid of the issuer authorized as a surrogate controller and is also the default.

Acid

Is the alternate ACID providing the appropriate authorities.

RESET

Removes the alternate ACID established by a prior SUROGATE SET. Permission for use of the virtual machine and authorization to the Alternate ACID being set must be in effect (see the TSS PERMIT commands shown in the SET explanation).

In the example shown below, a VM master control machine (VMMASTER) has been permitted the proper authority for:

• The surrogate user function diagnose code (D4)
• Surrogate access to a worker machine (WRK7)
• Access to an ACID (USERA) whose authority is to be delegated.

The SUROGATE SET designates USERA’s authorities to WRK7.

TSS PERMIT(VMMASTER) DIAG(D4)
           . . .
TSS PERMIT(VMMASTER) VMMACH(WRK7) ACCESS(SUROGATE)
TSS PERMIT(VMMASTER) ACID(USERA)
           . . .
CP AUTOLOG WRK7
SUROGATE SET WRK7 USERA
           . . .