CONSOLE COMMAND authority is granted using the CONSOLE profile in the TSOAUTH class.
RDEF TSOAUTH CONSOLE UACC(NONE)
SETR RACLIST(TSOAUTH)
PE CONSOLE CLASS(TSOAUTH) ID(...) ACCESS(READ)
SETR RACLIST(TSOAUTH) REFRESH
For ACF2 as:
LID need CONSOLE bit field - Permits you to access the TSO/E CONSOLE facility
2011年9月11日 星期日
2011年9月3日 星期六
IBM utility IDCAMS can encrypt and decrypt data sets
The IBM utility IDCAMS can encrypt and decrypt data sets. The key to be used can be provided as parameter or through a separate DD statement.
1 - Key provided as parameter
Encryption
//ENCRYPT EXEC PGM=IDCAMS
//SYSIN DD *
REPRO IFILE(IN01) -
OFILE(OT01) -
ENCIPHER( PRIVATEKEY -
DATAKEYVALUE('ABCDEFGJ') -
)
//IN01 DD *
RECORD 1
RECORD 2
RECORD 3
/*
//OT01 DD SYSOUT=*,
// DCB=(LRECL=80,RECFM=FB,BLKSIZE=27920)
//SYSPRINT DD SYSOUT=*
Decryption
//DECRYPT EXEC PGM=IDCAMS,
// COND=(0,LT)
//SYSIN DD *
REPRO IFILE(IN01) -
OFILE(OT01) -
DECIPHER( DATAKEYVALUE('ABCDEFGJ') )
/*
//IN01 DD DSN=enciphered dataset,
// DISP=SHR
//OT01 DD SYSOUT=*
//SYSPRINT DD SYSOUT=*
2 - Key provided through DD statement
Encryption
//ENCRYPT EXEC PGM=IDCAMS
//SYSIN DD *
REPRO IFILE(IN01) -
OFILE(OT01) -
ENCIPHER( PRIVATEKEY -
DATAKEYFILE(KEY) -
)
//KEY DD *
C1C2C3C4C5C6D1
/*
//IN01 DD *
RECORD 1
RECORD 2
RECORD 3
/*
//OT01 DD SYSOUT=*,
// DCB=(LRECL=80,RECFM=FB,BLKSIZE=27920)
//SYSPRINT DD SYSOUT=*
Decryption
//DECRYPT EXEC PGM=IDCAMS,
// COND=(0,LT)
//SYSIN DD *
REPRO IFILE(IN01) -
OFILE(OT01) -
DECIPHER( DATAKEYFILE(KEY) )
/*
//KEY DD *
C1C2C3C4C5C6D1
/*
//IN01 DD DSN=enciphered dataset,
// DISP=SHR
//OT01 DD SYSOUT=*
//SYSPRINT DD SYSOUT=*
2011年9月2日 星期五
Define USERID and grant OPERATIONS and SPECIAL Priviledges
//S1 EXEC PGM=IDCAMS
//SYSPRINT DD SYSOUT=*
//SYSIN DD *
DEFINE ALIAS (NAME(PHIL01) RELATE(USERCAT.TSO))
//NEWID EXEC PGM=IKJEFT01,DYNAMNBR=75,TIME=100,REGION=6M
//SYSPRINT DD SYSOUT=*
//SYSTSPRT DD SYSOUT=*
//SYSTERM DD DUMMY
//SYSUADS DD DSN=SYS1.UADS,DISP=SHR
//SYSLBC DD DSN=SYS1.BRODCAST,DISP=SHR
//SYSTSIN DD *
DD 'PHIL01.*'
DU PHIL01
AU PHIL01 NAME('PHIL') PASSWORD(PASSW0RD) -
OWNER(SYS1) DFLTGRP(SYS1) UACC(READ) OPERATIONS SPECIAL -
TSO(ACCTNUM(ACCT#) PROC(ISPFPROC) JOBCLASS(S) MSGCLASS(X) -
HOLDCLASS(X) SYSOUTCLASS(X) SIZE(4048) MAXSIZE(0)) -
OMVS(HOME(/u/phil01) PROGRAM(/bin/sh) UID(0))
PERMIT ACCT# CLASS(ACCTNUM) ID(PHIL01)
PERMIT ISPFPROC CLASS(TSOPROC) ID(PHIL01)
PERMIT DBSPROC CLASS(TSOPROC) ID(PHIL01)
PERMIT JCL CLASS(TSOAUTH) ID(PHIL01)
PERMIT OPER CLASS(TSOAUTH) ID(PHIL01)
PERMIT ACCT CLASS(TSOAUTH) ID(PHIL01)
PERMIT MOUNT CLASS(TSOAUTH) ID(PHIL01)
AD 'PHIL01.*' OWNER(PHIL01) UACC(READ) GENERIC
SETROPTS REFRESH RACLIST(TSOPROC)
MKDIR '/u/phil01'
LOGOFF
Define alias in usercatalog
//S1 EXEC PGM=IDCAMS
//SYSPRINT DD SYSOUT=*
//SYSIN DD *
DEFINE ALIAS (NAME(PHIL) RELATE(USERCAT.CAT01))
Using IKJEFT01 to Copy HFS directory to SYSOUT
//PRINT EXEC PGM=IKJEFT01
//SYSTSPRT DD SYSOUT=*
//SYSUT1 DD PATH='/tmp/file.out',PATHOPTS=ORDONLY
//SYSUT2 DD SYSOUT=*,DCB=(LRECL=121,RECFM=FBA,BLKSIZE=1210)
//SYSTSIN DD DATA
OCOPY INDD(SYSUT1) OUTDD(SYSUT2)
//*
RACF RESUME and REVOKE a user for a set period of time
To resume a revoked userid and revoke it again 1 day later. The user's ID
will be resumed at 00:00 on the 14th and revoked at 00:00 on the 15th.
ALU ZOSAEP RESUME(01/14/11) REVOKE(01/15/11)
2011年9月1日 星期四
PackUnpack a Dataset using TRSMAIN
(1) Pack
//STEP01 EXEC PGM=TRSMAIN,PARM=PACK
//SYSPRINT DD SYSOUT=*
//INFILE DD DISP=SHR,DSN=FILE.TO.TERSE
//OUTFILE DD DSN=FILE.TERSED,
// DISP=(NEW,CATLG),
// SPACE=(CYL,(5,5)),RECFM=FB,LRECL=1024
//*
(2) Unpack
//STEP01 EXEC PGM=TRSMAIN,PARM=UNPACK
//SYSPRINT DD SYSOUT=*
//INFILE DD DISP=SHR,DSN=FILE.PACKED
//OUTFILE DD DSN=FILE.UNPACKED,
// DISP=(NEW,CATLG),
// SPACE=(CYL,(200,50))
訂閱:
文章 (Atom)