ACF2 security definitions for SENDMAIL

Document ID : KB000126191
Last Modified Date : 11/02/2019
Show Technical Document Details
Question:
Below are the RACF commands to configure SENDMAIL security.
What are the equivalent commands for ACF2 ?

ADDGROUP SMMSPGRP OMVS(GID(25))
ADDGROUP SNDMGRP OMVS(GID(26))
ADDUSER MAILNULL DFLTGRP(SNDMGRP) NOPASSWORD OMVS(UID(26) HOME(’/’))
ADDUSER SENDMAIL DFLTGRP(SNDMGRP) NOPASSWORD OMVS(UID(0) HOME(’/’))
ADDUSER SMMSP DFLTGRP(SMMSPGRP) NOPASSWORD OMVS(UID(25) HOME(’/’))
RDEFINE STARTED SENDMAIL.* STDATA(USER(SENDMAIL))
SETROPTS RACLIST(STARTED) REFRESH
PERMIT BPX.DAEMON CLASS(FACILITY) ID(SENDMAIL) ACCESS(READ)
SETROPTS RACLIST(FACILITY) REFRESH

 
Environment:
ACF2 16.0
SENDMAIL
Z/OS 2.1 and above
Answer:
The original commands used for the conversion come from RACF. 
Below are ACF2 translated commands to configure security for SENDMAIL.

ACF2 allows the insertion of the OMVS segment with the initial INSERT of the logonid. 

SET PROFILE(GROUP) DIV(OMVS)
INSERT SMMSPGRP GID(25)
INSERT SNDMGRP GID(26)
 
SET LID
INSERT MAILNULL NAME(MAILNULL) RESTRICT GROUP(SNDMGRP) UID(26) HOME(/)
INSERT SENDMAIL NAME(SENDMAIL) STC GROUP(SNDMGRP) UID(0) HOME(/)
INSERT SMMSP NAME(SMMSP) RESTRICT GROUP(SMMSPGRP) UID(25) HOME(/)

SET RESOURCE(FAC)
RECKEY BPX ADD( DAEMON UID(uid for SENDMAIL) SEERVICE(READ) ALLOW)
F ACF2,REBUILD(FAC)