Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.


Share this Page URL
Help

Switch to superuser mode > Switch to superuser mode - Pg. 84

3.1.3 Using the BPX.SUPERUSER profile Using the BPX.SUPERUSER resource name in the FACILITY class is another way for users to get full superuser authority for a limited time when performing tasks requiring such authority. These users do not have a UID(0). You can assign users this authority as follows: As an individual user As a group of users all belonging to the same RACF group Since the user who has this authority is a normal user, the user must switch his authority to superuser mode using the su shell command. Set up BPX.SUPERUSER profiles Determine the users that may require this authority; they may be: z/OS UNIX system programmers MVS system programmers RACF system programmers RACF administrators If many of the users are in the same group, you can define a RACF group with any users who need to use superuser mode. This group should not be used for any other access, for example: AG UNIXSUP OWNER(SECADM) Define the BPX.SUPERUSER profile in class FACILITY: RDEFINE FACILITY BPX.SUPERUSER OWNER(SECADM) UACC(NONE) Use the PERMIT command to permit all groups and individual users needing temporary