I have an AUTOERAS record created to delete VSAM and NON-VSAM data:
**** / AUTOERAS LAST CHANGED BY logonid ON mm/dd/yy-hh:mm
NOERASEALL NONON-VSAM PROCESS(SAF) NOSECLEVEL SECLVL(0)
I would like to get this to work for all volumes, whether SMS or non-SMS controlled. I created a profile record to test:
set profile(erase) division(profile)
ACFAB072 PROFILE TESTIT STORED BY logonid ON mm/dd/yy-hh:mm
ACFAB051 TOTAL RECORD LENGTH= 163 BYTES, 3 PERCENT UTILIZED
This is working for non-VSAM files on non-SMS volumes, but does not work for non-VSAM on SMS volumes, or VSAM files on either type of volume.
For the other three types of datasets to be erased, the catalog SVC, SVC026 must be active. By default that is set to ignore with ACF2.
CATAUTH JOBNAME=******** USERID=******** PROGRAM=******** RB=SVC026
RETCODE=4 SAFDEF=INTERNAL MODE=IGNORE SUBSYS=ACF2
To have catalog validation active, you will need to insert a SAFDEF record to override the internal one. As an example:
insert safdef.svc026 id(svc026) rb(svc026) mode(global) racroute(request=auth,class=dataset)
Since this will turn on validation for all catalog calls, you will need to create some rules to give access to the master and user catalogs. For an example, let us use MASTER.CATALOG and USER.CATALOG as the dataset names:
CATALOG UID(uid string of sysprog) R(A) W(A) A(A) E(A) <== only the sysprog and security should need access.
CATALOG UID(uid string of sysprog) R(A) W(A) A(A) E(A) <== only the sysprog and security need full access
CATALOG UID(-) R(A) W(A) A(P) E(A) <== everyone else will need to read and write to the user catalog
Now you need to activate the SAFDEF record:
At this point, catalogs will be validated, and the AUTOERAS record will work for all 4 types, non-VSAM and VSAM on an SMS volume, and non-VSAM and VSAM on a non-SMS volume. If you run a SECTRACE, you should see an entry for the data to be eraced that looks like this:
TRACEID: TEST EVENT#: 00037360
JOBNAME: BATCHTST USERID: TESTID ASID: 004B
PROGRAM: ISRUDL RB CURR: SVC029 APF: YES SFR/RFR: 0/0:4
SAFDEF: +ENFORCE INTERNAL MODE: GLOBAL