How can the IND$FILE program be protected in ACF2?

Document ID : KB000009811
Last Modified Date : 14/02/2018
Show Technical Document Details
Introduction:

I have the IND$FILE program protected in RACF. How can I replicate this protection in CA ACF2 ?

Background:

Using the following setup in RACF but have no idea how to transpose this into CA ACF2.

RDEF PROGRAM IND$FILE UACC(READ) OWNER(HFNADMDS)
DATA('THIS PROGRAM IS THE IBM UTILITY PROGRAM WHICH UPLOADS/DOWN-
LOADS DATA') AUDIT(ALL(READ))

RALT PROGRAM IND$FILE ADDMEM('SYS1.PPLIBXA'/MVSYS4/NOPADCHK)
SETROPTS WHEN (PROGRAM ) REFRESH

 

Environment:
z/OS
Instructions:

If you don't already have a resource rule for TYPE(PGM) in place, create one before creating one for protecting the IND$FILE program.

To allow all Users access to all Programs:
$KEY(********) TYPE(PGM)
UID(*) ALLOW

Then, to allow all Users beginning with 'USERX' access to IND$FILE, create the following (PGM) resource rule.

$KEY(IND$FILE) TYPE(PGM)
UID(USERX) ALLOW
UID(*) PREVENT

Please note, in the above example, ONLY user with UID USERX will be allowed access to IND$FILE.
All other Users will be prevented from accessing IND$FILE by default.

Once the Resource rule is compiled and stored, make sure to run the ACF2 command,  F ACF2,REBUILD(PGM), to activate resource rule validation.