ACTION(xxxxxx) improperly set on TSS PERMIT command

Document ID : KB000071677
Last Modified Date : 22/02/2018
Show Technical Document Details
Introduction:
Adding ACTION(xxxxxxx) on a PERMIT is improperly set.
Question:
When adding a FACILITY(...) definition to an Accessor ID, the following ACTION(...) settings are improperly permitted:

 ACTION(ADMIN) - This setting is apparently discarded in that it is not reported by a subsequent TSS LIST command. ACTION(EXIT) ACTION(FAIL) ACTION(NODSN) - This setting is reported as ACTION(DENY) by a subsequent TSS LIST command.

ACTION(PASSWORD) - This setting is reported as ACTION(DENY) by a subsequent TSS LIST command. ACTION)REVERIFY). ACTION(VMPRIV). 
Answer:
Most TSS users use the ACTION keyword with the PERMIT. Per the doc: https://docops.ca.com/ca-top-secret-for-z-os/16-0/en/using/issuing-commands-to-communicate-administrative-requirements/keywords/action-keywordassign-actions

AUDIT, NOTIFY and DENY are the valid ACTIONS for FACILITYs. FAIL,AUDIT,NOTIFY,DENY,VMPRIV,PASSWORD, NODSNCHK,ADMIN, EXIT, REVERIFY are valid ACTIONs for the PERMIT.

Test fix ST00139 was written to correct the validation of the ACTION values associated with a FACILITY.