ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Use the &LID logonid symbolic in a USS home directory ACF2 rule.

book

Article ID: 131381

calendar_today

Updated On:

Products

ACF2 ACF2 - DB2 Option ACF2 for zVM ACF2 - z/OS ACF2 - MISC

Issue/Introduction


When using automount for user filesystems a site may want to protect those directories for each logonid. When using /u/&SYSUID as home directory for each user, is there a way a site can create a rule for granting access to each ID using the logonid symbolic without needing to code rules for each logonid?

Environment

Release:
Component: ACF2MS

Resolution

The "&LID" rule qualifier can be used in dataset access rules to represent the logonid of the user requesting access. 

Details can be found in the following two sections of the ACF2 documentation: 

Section "&LID Qualifiers" 

&LID can be used as one or more of the qualifiers. &LID represents the logonid of the user who is requesting the access. &LID cannot be used with any other characters in a single qualifier, it must be used alone as the entire qualifier. To learn more about using &LID see Using &LID in Data Set Rules. 

Section "Using &LID in Data Set Rules" 

&LID is a symbolic replacement for one or more qualifiers in a data set rule line. &LID cannot be used in as the $KEY value. &LID represents the logonid of the user who is requesting the access. 

The following is a sample rule: 

$KEY(/U) TYPE(HFS)
&LID UID(*) READ(A) WRITE(A) ALLOC(A) EXEC(A) 
PGMXYZ.USERS.&LID UID(*) READ(A) WRITE(A) ALLOC(A) EXEC(A) 

Logonid USER25 has access to the following USS path/file: 

/u/USER25 
/u/PGMXYZ/USERS/USER25 

Logonid USER005 has access to the following USS path/file: 

/u/USER005 
/u/PGMXYZ/USERS/USER005