ACF2 security definitions for SENDMAIL
Article ID: 126191
Updated On:
Products
ACF2
ACF2 - DB2 Option
ACF2 for zVM
ACF2 - z/OS
ACF2 - MISC
Issue/Introduction
Below are the RACF commands to configure SENDMAIL security.
What are the equivalent commands for ACF2 ?
ADDGROUP SMMSPGRP OMVS(GID(25))
ADDGROUP SNDMGRP OMVS(GID(26))
ADDUSER MAILNULL DFLTGRP(SNDMGRP) NOPASSWORD OMVS(UID(26) HOME(’/’))
ADDUSER SENDMAIL DFLTGRP(SNDMGRP) NOPASSWORD OMVS(UID(0) HOME(’/’))
ADDUSER SMMSP DFLTGRP(SMMSPGRP) NOPASSWORD OMVS(UID(25) HOME(’/’))
RDEFINE STARTED SENDMAIL.* STDATA(USER(SENDMAIL))
SETROPTS RACLIST(STARTED) REFRESH
PERMIT BPX.DAEMON CLASS(FACILITY) ID(SENDMAIL) ACCESS(READ)
SETROPTS RACLIST(FACILITY) REFRESH
Environment
ACF2 16.0
SENDMAIL
Z/OS 2.1 and above
SENDMAIL
Z/OS 2.1 and above
Resolution
The original commands used for the conversion come from RACF.
Below are ACF2 translated commands to configure security for SENDMAIL.
ACF2 allows the insertion of the OMVS segment with the initial INSERT of the logonid.
SET PROFILE(GROUP) DIV(OMVS)
INSERT SMMSPGRP GID(25)
INSERT SNDMGRP GID(26)
SET LID
INSERT MAILNULL NAME(MAILNULL) RESTRICT GROUP(SNDMGRP) UID(26) HOME(/)
INSERT SENDMAIL NAME(SENDMAIL) STC GROUP(SNDMGRP) UID(0) HOME(/)
INSERT SMMSP NAME(SMMSP) RESTRICT GROUP(SMMSPGRP) UID(25) HOME(/)
SET RESOURCE(FAC)
RECKEY BPX ADD( DAEMON UID(uid for SENDMAIL) SEERVICE(READ) ALLOW)
F ACF2,REBUILD(FAC)
Feedback
Yes
No
Powered by
