Alan, people using the VM:Operator software have it normally installed in the "System Operator", so it is started before RACF comes up. He,ce it is indeed tempting to use a RACF message to start automated startup using VM:Operator "scripts".
2011/3/8 Alan Altmark <alan_altm...@us.ibm.com> > On Monday, 03/07/2011 at 11:10 EST, Alain Benveniste > <a.benveni...@free.fr> wrote: > > ICH520I RACF xxxxx IS ACTIVE. > > Explanation: > > RACF release xxxxx has been successfully initialized. > > > > I removed xautolog autolog2 from raciplxi and I asked VM:Operator to > autolog > > VMSERV* users prior to xautolog autolog2 when the message ICH520I is > met. > > I got a HCP6525E External Security Manager is unavailable. > > ICH520I seems to lie ! :) > > It is in there so that we can catch people trying to cheat RACF and > AUTOLOG2. The only virtual machines that are permitted to start prior to > RACF are the SYSTEM_USERIDs from SYSTEM CONFIG (e.g. OPEREREP, OPERATOR, > etc.). They run with their CP-given permissions until RACF is up. > > AUTOLOG2 should start VM:Operator, which can then bring up the rest of the > system. > > If you want something a little "cleaner": > 1. Put SYSTEM_USERIDS STARTUP RACFVM in SYSTEM CONFIG > 2. Change RACIPLXI EXEC to autolog AUTOLOG1. > > Alan Altmark > > z/VM and Linux on System z Consultant > IBM System Lab Services and Training > ibm.com/systems/services/labservices > office: 607.429.3323 > mobile; 607.321.7556 > alan_altm...@us.ibm.com > IBM Endicott > -- Kris Buelens, IBM Belgium, VM customer support
