As per the Installation Enhancement Section of the 14.1 doc:
Before CA SYSVIEW® Performance Management 14.1, the system configuration options member was required to be in a data set that was defined to the logical SYS1.PARMLIB concatenation. The SYSVIEW system configuration options member "GSVXGSVX" can now be located in any data set. You are no longer required to be in the logical SYS1.PARMLIB concatenation.
The data set specified on the new DDname GSVXSCFG references the system configuration options member. The DDname GSVXSCFG must be added to all server address space procedures and utility jobs.
//GSVXSCFG DD DISP=SHR,DSN=sysview.CNM4SCFG
As a result, there are some additional Security Requirements to implement this change:
CA SYSVIEW® Performance Management Security has been enhanced.
Required Access to New SAF Resource
As part of migrating to the use of the GSVXSCFG DDname in the server address spaces, it became necessary to add additional security measures. These measures prevent unauthorized users from overriding configuration options. This release now requires that all of the CA SYSVIEW® Performance Management server address spaces have access to the following resource:
- <smfid> is the SMF ID of the system where the server address space is executing.
- <ssid> is the Subsystem ID that was specified for the SSID= parameter during installation. The default SSID is GSVX.
Optionally define the SAF Entity as a generic resource in your External Security Manager:
Starting a server address space that does not have access to this SAF resource fails with the following error message:
GSVX205E Nucleus load failed, reason 30 not authorized to create or update subsystem