Currently using HFS for user directory and zFS for system directories with auto mount policy:
filesystem <uc_name>.///.<sysname>.U.<uc_name>
Planning to switch to zFS for user directory in addition to system directories with auto mount policy Type zFS:
filesystem <uc_name>.///.<sysname>.U.<uc_name> type zFS
For system directories, following FSA resource rules are in place:
$KEY(SYSC) TYPE(FSA)
ZFS.- UID(stcid) SERVICE(UPDATE) ALLOW
How to avoid or circumvent creating a resource rule for every user under FSA?
Release : 16.0
Component : ACF2 for z/OS
FSACCESS is unrelated to any directories, it is only the ZFS dataset name that is validated.
The BYP-FSA option would disable FSA checking to all ZFS file system and there is no way to bypass FSA checking for user directory /u/ only.
When the file systems were HFS, there was no validation against the file system dataset name. The same emulation can be done with ZFS file systems by writing a generic resource rule as shown below:
$KEY(********) TYPE(FSA)
- UID(-) ALLOW
Next, rules can be written for specific HLQs that need to be protected for existing ZFS file systems:
e.g. $KEY(abcdefg) TYPE(FSA)
- UID(xxxx) ALLOW