Configuration Files and Records

CA VM:Secure uses configuration files to control the processing of most product–related functions. Each configuration file contains records that can only appear in that file. To edit the configuration files, use the CONFIG command. This chapter describes the CONFIG command and explains each configuration file and the records that can appear in them.

The majority of the records can be changed dynamically, and their new values take effect immediately after the file is saved. This is referred to as dynamic reconfiguration. To update certain configuration file records you must take down the CA VM:Secure product server. In an SSI complex, the servers on every member must be taken down before changing certain records. The records are:

ACCESS
ALTERNATE
AUTOPASS
DIRECT
ENCRYPT (CA VM:Secure only)
RESID
SSINODE

Changes to those records take effect when you restart the product.

You can set up or change the CA VM:Secure configuration by entering this command:

vmsecure config

The CA VM:Secure System Configuration Menu appears.

CONFIG System Configuration Menu VM:Secure -------------------------------------------------------------------------------- + - - - - - - - - - - - - - - - - - + | Selection: | + - - - - - - - - - - - - - - - - - + 1 DASD Configuration Maintain VM:Secure controlled DASD definitions (EXTENT, IGNORE, SUBPOOL, etc.) 2 Product Configuration Control how VM:Secure should operate (CPUID, DELAYHIS, USEREXIT, etc.) 3 Authorizations Authorize who can issue VM:Secure commands (GRANT, LIST, WITHHOLD) 4 Security Configuration Control processing of Rules Facility (AUTOEXP, GROUP, JOURNAL, etc.) 5 SFS Configuration Change File Pools and Storage Groups Copyright (c) yyyy CA. All rights reserved. -------------------------------------------------------------------------------- PF1:Help PF3:Quit PF10:Print PF12:End

Options 1 through 4 start XEDIT on the appropriate configuration file for you to edit.

Option 5 displays the SFS Configuration Menu, from which you can add or delete SFS file pools and update user storage group information. CA VM:Secure reflects the changes in the SFS CONFIG file.

Note: For more information about setting up or changing the CA VM:Secure configuration for SFS, see Configuring CA VM:Secure for SFS.

If you know which configuration features you want to work with, you can enter the CONFIG command with different parameters to access the appropriate configuration file or configuration submenu directly.

To work with the AUTHORIZ CONFIG file, enter the following:
```
vmsecure config authoriz
```
To work with the DASD CONFIG file, enter the following:
```
vmsecure config dasd
```
To work with the PRODUCT CONFIG file, enter the following:
```
vmsecure config product
```

Note: While CA VM:Secure is running, you cannot change any ACCESS, DIRECT, or (for CA VM:Secure only) ENCRYPT records in this file. If you need to change, add, or remove any of these records, you must stop CA VM:Secure first, then edit this configuration file.

To work with the SECURITY CONFIG file, enter the following:
```
vmsecure config security
```
Note: You cannot change the AUTOPASS record in this file while CA VM:Secure is running. If you need to change, add, or remove this record, you must stop CA VM:Secure first, and then edit this configuration file.
To work with the CA VM:Secure configuration for the SFS CONFIG file, enter:
```
vmsecure config sfs
```
This displays the SFS Configuration Menu.

Note: For more information about the CONFIG command, see CONFIG Command in the chapter "Command Reference" in the Reference Guide.

This section contains the following topics:

Tell Technical Publications how we can improve this information