Receiving this violation :
ACF04056 ACCESS TO RESOURCE CPWR.PRODUCT.ABCD.ABC10001 TYPE RFAC BY USERABC NOT AUTHORIZED
ACF2 violation report shows :
REQUESTED RESOURCE REC LOOKUP KEY
UID SOURCE CPU MODULE DISP DSP-MOD KEY-MOD SERV
DATE TIME JNAME LID NAME PRE RMC INT PST FIN
MLS USER-SECLABEL RSRC-SECLABEL MODE SRC RRC RSN
RFAC-CPWR.PRODUCT.ABCD.ABC10001 *VIO RFAC-CPWR
USERABC OMVSDGRP STCINRDR IPLK ACF9CAUT NO-RULE - DIRECTRY READ
20.034 02/03 15.56 USERABC USERABC COMPANY/LMS -P 0 0 20 0 16
SAF RESOURCE CLASS FACILITY
ACF2 rule is coded as follows :
l cpwr
ACF75052 RESOURCE RULE CPWR STORED BY S934J ON 02/11/20-16:26
$KEY(CPWR) TYPE(FAC)
PRODUCT.LICENSE.- UID(USERABC) SERVICE(UPDATE) PREVENT
PRODUCT.ABC.- - UID(*) ALLOW
- UID(*) SERVICE(READ) LOG
ACF75051 TOTAL RECORD LENGTH= 298 BYTES, 7 PERCENT UTILIZED
RESOURCE
Testing rule gives :
test CPWR
. r(PRODUCT.ABCD.ABC10001) UID(USERABC)
ACF71114 THE FOLLOWING PARAMETERS ARE IN EFFECT:
DATE=02/14/20 TIME=0856 SOURCE=******** UID=E130LMS
LID= ROLE=
TARGET RESOURCE: RFAC CPWR.PRODUCT.ABCD.ABC10001
NO RULE APPLIES IN RESOURCE RECORD CPWR TYPE FAC
RESULT: ACCESS WOULD BE DENIED
REASON: KEY MODIFIED BY DIRECTORY
Why does this rule does not permit UID(USERABC) access to RESOURCE CPWR.PRODUCT.ABCD.ABC10001 TYPE RFAC?
Release : 16.0
Component : CA ACF2 for z/OS