If a system is started with a first startup, a new user catalog SYSSRPM is created. By default, certain predefined user IDs have certain privileges:
Privilege | T | S | S | S | S | S | S | S | S | S | S | Others 2 |
ACS-ADMINISTRATION | X 3 | - 4 | - | - | - | - | - | - | - | - | - | - |
CUSTOMER-PRIVILEGE-1...8 | - | - | - | - | - | - | - | - | - | - | - | - |
FT-ADMINISTRATION | X | - | - | - | - | - | - | - | - | - | - | - |
FTAC-ADMINISTRATION | X | - | - | - | - | - | - | - | - | - | - | - |
GUARD-ADMINISTRATION | X | - | - | - | - | - | - | - | - | - | - | - |
HARDWARE-MAINTENANCE | - | X | - | - | - | - | - | - | - | - | - | - |
HSMS-ADMINISTRATION | X | - | - | X | - | - | - | - | - | - | - | - |
NET-ADMINISTRATION | X | - | - | - | - | - | - | - | - | - | - | - |
NOTIFICATION-ADMINISTRATION | X | - | - | - | - | - | - | - | X | - | - | - |
OPERATING | - | - | - | - | - | X | - | - | - | - | X | - |
POSIX-ADMINISTRATION | - | - | - | - | - | - | - | X | - | - | - | - |
PRINT-SERVICE-ADMINISTRATION | X | - | - | - | - | - | - | - | X | X | - | - |
PROP-ADMINISTRATION | X | - | - | - | - | - | - | - | - | - | - | - |
SAT-FILE-EVALUATION | - | - | X | - | - | - | - | - | - | - | - | - |
SAT-FILE-MANAGEMENT | - | - | X | - | - | - | - | - | - | - | - | - |
SECURITY-ADMINISTRATION | - | - | - | - | - | - | X | - | - | - | - | - |
STD-PROCESSING | X | - | - | X | X | X | - | X | X | X | X | X |
SUBSYSTEM-MANAGEMENT | X | - | - | - | - | - | - | - | - | - | - | - |
SW-MONITOR-ADMINISTRATION | X | - | - | - | - | - | - | - | - | - | - | - |
TAPE-ADMINISTRATION | X | - | - | - | X | - | - | - | - | - | - | - |
TAPE-KEY-ADMINISTRATION | - | - | - | - | X | - | - | - | - | - | - | - |
TSOS | X | - | - | - | - | - | - | - | - | - | - | - |
USER-ADMINISTRATION | X | - | - | - | - | - | - | - | - | - | - | - |
VIRTUAL-MACHINE-ADMINISTRATION | X | - | - | - | - | - | - | - | - | - | - | - |
VM2000-ADMINISTRATION | X | - | - | - | - | - | - | - | - | - | X | - |
Table 36: Allocation of privileges after first startup (default allocation of privileges)
1 If an ID other than SYSPRIV has been specified in the startup parameter file as the user ID for the security administrator, this column applies to precisely this user ID. In this case, the SYSPRIV user ID must be entered under “Others”.
2 the system IDs SYSDUMP, SYSGEN, SYSNAC, SYSSOPT, SYSSNAP, SYSUSER
3 X means: The privilege is assigned to the user ID by default
4 - means: The privilege is not assigned to the user ID by default
Allocation of privileges after non-first startup with SECOS
The default allocation of privileges can only be changed with SECOS.
If after a shutdown in a system with BS2000 a startup occurs in the system with the same version by means of cold start, warm start, selective start or ZIP start, the distribution of privileges is the same as before the last shutdown.
However, if simultaneously with the startup there is a first-time change of version from a lower version to the current version of BS2000 OSD/BC (version upgrade), the new privileges are distributed to the IDs to which they would also have been assigned on first start.
Privilege allocation after pubset import
Privilege allocation after a pubset import with ACTUAL-JOIN=*FIRST is the same as after a first startup; after a different type of pubset import it is the same as after a non-first startup.
If the user catalog is reconstructed at the same time, the privileges are restored to all users who are transferred from the old user catalog (saved in the $TSOS.SYSSRPM.BACKUP file) to the new one. When the restoration is complete, therefore, these users are assigned the same privileges as they had at the time of the save. Which user IDs are ultimately reconstructed depends on the reconstruction type.
If the old user catalog belongs to a system with SECOS functionality but is to be reconstructed on a system without SECOS, the corresponding default values for the privilege allocation are entered in the new user catalog for all users. This is the same as the privilege allocation after a first startup.