Hi: Regarding RACF protection of VOLCAT (tape volume catalog), I found the following paragraph in IBM DFSMS documentation:
<<<<< In general, tape users do not require any RACF access authority to the VOLCAT. During job processing, the updates to the VOLCAT are made by authorized system users. However, the VOLCAT still needs a data set profile and should be defined with UACC(NONE). Storage administrators using ISMF should have READ access to STGADMIN.IGG.LIBRARY and IDCAMS users should have an access level to STGADMIN.IGG.LIBRARY appropriate to the function being performed. For the required RACF access level when using IDCAMS, refer to "Required Security Authorization for VOLCAT Operations" in z/OS DFSMS Access Method Services Commands. >>>>> How do you understand “authorized system users” in this context? Is it talking about system tasks that don’t even bother to check RACF authority to the VOLCAT? What about, for instance, address spaces like OAM or DFRMM? Don’t they need any RACF authority over the DATASET profile protecting VOLCAT? PD: cross posted to the RACF list Thanks in advance for your help, Juan G. Mautalen ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN