You should make your own class.
Classes can be dynamically added by adding to the CDT class.
On Sun, 12 Nov 2023 05:40:03 -0500 David Cole <dbc...@colesoft.com> wrote:
:>I've got a problem. Decades ago, I made some assumptions about RACF's
:>FACILITY class that have turned out to be wrong.
:>Currently, I'm working on implementing a new security rule for z/XDC,
:>and the individual rules ("entities") can be up to 59 characters long.
:>Decades ago, when I was porting z/XDC's security rules from ACF2 to
:>RACF, I made the decision to piggy-back my security rules into RACF's
:>FACILITY class. I didn't know much about RACF then (and I still
:>don't), and it did not occur to me that rule length would be an
:>issue. I was wrong. It is an issue.
:>Yesterday, I was testing with an instance of the new rule that was 44
:>characters long. Boom! My "RACROUTE REQUEST=AUTH" (racheck) call
:>failed with "ICH409I 282-054 ABEND DURING RACHECK PROCESSING". This
:>basically means that the entity I passed (my 44-character rule) was
:>too long for its class (FACILITY).
:>Ouch!
:>So now I have several questions that I'm hoping someone here can
:>provide answers to.
:> * What is the longest entity the FACILITY class will accept?
:> * Where do I find that specific fact doc'd?
:> * Is there a command that will display that information?
:> * Is there a catch-all class that z/XDC can use for its rules
:>other than FACILITY?
:> * Where do other vendors put their rules?
--
Binyamin Dissen <bdis...@dissensoftware.com>
http://www.dissensoftware.com
Director, Dissen Software, Bar & Grill - Israel
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
