Angela, No you don't need UID 0. This is the main misunderstood part of Unix System Services, everybody thinks that you need UID 0 do do everything. UID 0 will give Superuser to whoever has this, no matter what other security is in place.
Unix System Services works everything off of a three bit permission, just like the Unix and Linux environments. Bit 1 - Onwer's Permission Bit 2 - Group's Permission Bit 3 - Everyone else's Permission Then you have SETUID, SETGID and Sticky bits as well. Please see below: For permissions, specify a 3-digit octal number. The first digit is access permission for the file owner. The second digit is access permission for any member of the file's group. The third digit is access permission for anyone else. An octal digit is a number in the range 0-7. The permission associated with each value is: 0: None 1: Search or execute 2: Write 3: Write plus search or execute 4: Read 5: Read plus search or execute 6: Read plus write 7: Read plus write plus search or execute The file mode contains the following bit fields for executable files: SETUID bit: This program is authorized to change its effective UID to that of the file owner. SETGID bit: This program is authorized to change its effective GID to that of the group owner. SETGID bit: This program is authorized to change its effective GID to that of the group that owns the file. Sticky bit: A superuser can set this bit so that this program can be loaded from the system LINKLST or LPALIB. Craig Angel Tamayo <a.tamay...@gmail.com> Sent by: IBM Mainframe Discussion List <IBM-MAIN@bama.ua.edu> 08/25/2011 07:51 AM Please respond to IBM Mainframe Discussion List <IBM-MAIN@bama.ua.edu> To IBM-MAIN@bama.ua.edu cc Subject Copying file to OMVS Hi List, Maybe someone here could have the same or similar case. I run job: //COPY1 EXEC PGM=IEBGENER,REGION=0M //SYSPRINT DD SYSOUT=* //SYSUT1 DD DISP=SHR,DSN=HLQ.COMPRESS.PAX //SYSUT2 DD PATH='/TEST/COMPRESS9', // PATHOPTS=(OWRONLY,OCREAT,OEXCL), // PATHDISP=(KEEP,DELETE) //SYSIN DD DUMMY I received message: ICH408I USER(ZOSUSER ) GROUP(OMVSGRP ) NAME(USER NAME ) 479 /TEST/COMPRESS9 CL(FSOBJ ) FID(00003813000000410000000000000000) INSUFFICIENT AUTHORITY TO OPEN ACCESS INTENT(RW-) ACCESS ALLOWED(OWNER ---) EFFECTIVE UID(0009999999) EFFECTIVE GID(0000000001) The RACF persons says that I need to have OMVS segment setup for my userid with UID(0). I suppose UID(0) will solve the problem but it is really the only way to solve it?. I'm looking for a solution without UID(0), any idea on this will be appreciated. As additional information ZOSUSER have authority to use SU (superuser) in OMVS environment, don't really know if this helps to this case. Angel ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html ********************************************************************** This communication contains information which is confidential and may also be privileged. It is for the exclusive use of the intended recipient(s). If you are not the intended recipient(s), please note that any distribution, copying or use of this communication or the information in it is strictly prohibited. If you have received this communication in error, please notify the sender immediately and then destroy any copies of it. ********************************************************************** ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html