BS2000 knows the following privileges.
They are described after this table.
Administration area | Name of the privilege |
ACS administration | ACS-ADMINISTRATION |
(Not predefined; | CUSTOMER-PRIVILEGE-1 |
File transfer administration | FT-ADMINISTRATION |
FTAC administration | FTAC-ADMINISTRATION |
Global guard administration | GUARD-ADMINISTRATION |
Online hardware maintenance | HARDWARE-MAINTENANCE |
HSMS administration | HSMS-ADMINISTRATION |
Network administration (obsolete) | NET-ADMINISTRATION |
Notification service administration | NOTIFICATION-ADMINISTRATION |
Operating | OPERATING |
POSIX user management | POSIX-ADMINISTRATION |
SPOOL administration | PRINT-SERVICE-ADMINISTRATION |
PROP-XT administration | PROP-ADMINISTRATION |
Audit file analysis | SAT-FILE-EVALUATION |
Audit file administration | SAT-FILE-MANAGEMENT |
Security administration | SECURITY-ADMINISTRATION |
Execution of user commands | STD-PROCESSING |
Subsystem management | SUBSYSTEM-MANAGEMENT |
Software monitor administration | SW-MONITOR-ADMINISTRATION |
Tape administration | TAPE-ADMINISTRATION |
Encryption key administration for tapes | TAPE-KEY-ADMINISTRATION |
TSOS | TSOS |
User administration | USER-ADMINISTRATION |
VM administration | VIRTUAL-MACHINE-ADMINISTRATION |
VM2000 administration | VM2000-ADMINISTRATION |
ACS administration
The user ID which has the ACS-ADMINISTRATION privilege may exercise the following rights within the scope of the ACS (Alias Catalog Service) function:
define system-wide preset values and restrictions for the use of an alias catalog
make and amend the declarations relating to the ACS system files
exercise the extended functions of individual ACS commands
By default this privilege is assigned to the TSOS ID.
The extent of the rights and functions for the user ID with the ACS-ADMINISTRATION privilege are described in section "ACS: Alias catalog system".
CUSTOMER-PRIVILEGE-1..8
By assigning the privileges CUSTOMER-PRIVILEGE-1 or CUSTOMER-PRIVILEGE-2 or CUSTOMER-PRIVILEGE-3 etc. up to CUSTOMER-PRIVILEGE-8, systems support can make access to commands and statements flexible for certain user IDs.
By default, these privileges are not assigned to any ID.
File transfer administration
The file transfer administration (the user ID with the privilege FT-ADMINISTRATION) may manage the job and network description journal of the software product openFT (see the “openFT” manual [23]).
FTAC administration
The FTAC administration (the user ID with the privilege FTAC-ADMINISTRATION) may manage the protection functions of the software product openFT-AC (see the “openFT” manual [23]).
Global guard administration (GUARD-ADMINISTRATION)
The global guard administration with the GUARD-ADMINISTRATION privilege has the right to administer guards of any type on all local pubsets and to save and restore guards for any number of users using the GUARDS-SAVE program. This means that a user ID with this privilege is co-owner of all guards in the system.
By default this privilege is assigned to the TSOS ID.
Online hardware maintenance
The HARDWARE-MAINTENANCE privilege includes the right to execute online hardware maintenance. In particular, it covers the following functions:
maintenance of the hardware fault statistics file
running of statistics and trace programs under the control of BS2000 simultaneously with the user programs
By default this privilege is assigned to the user ID SERVICE.
If the HARDWARE-MAINTENANCE privilege is assigned to any chosen user ID, the following applies:
- A user ID with the HARDWARE-MAINTENANCE privilege is authorized to access files of other user IDs when the following applies:
If the file is protected by guards, then access conditions must be specified in the guard that allow the privileged user ID access.
If the file is not protected by guards but is protected by a basic access control list, then this list must allow the privileged user ID access.
When the file is not protected by guards or BACL, then USER-ACCESS=*SPECIAL must be set.
- Make sure that this user ID has all the necessary access rights.
For further information on online hardware analysis, see the “Diagnostics Handbook” [14].
HSMS administration
The user ID with the HSMS-ADMINISTRATION privilege may perform actions in BS2000 relating to the administration of the Hierarchical Storage Management System (see the “HSMS” manual [24]).
By default this privilege is assigned to the user IDs TSOS and SYSHSMS.
Network administration
A user job with the NET-ADMINISTRATION privilege may perform network administration functions, including the redefinition of station names.
By default this privilege is assigned to the TSOS ID.
Notification service administration
The NOTIFICATION-ADMINISTRATION privilege enables the Notification Service to be configured, i.e. it permits definition of the products which may use the Notification Service and of which methods are supported here for notification.
By default this privilege is assigned to the TSOS and SYSSNS user IDs.
The Notification Service in BS2000 is a mechanism which can be employed to notify users when certain events occur. Currently this functionality is used by SPOOL. Users can be notified by e-mail if certain events occur with their print jobs, for example job termination. See also the SNS manual [51].
Operating
The OPERATING privilege allows operator tasks to be performed. This means that operator functions can be performed from user workstations. For basic system operation, however, operation from the (normal) console is still essential.
By default this privilege is assigned to the user ID SYSOPR. See also the section "Privileges for operating".
POSIX user management
The POSIX-ADMINISTRATION privilege guards against access to POSIX attributes which are managed by BS2000 user administration and to the tool for installing additional products in POSIX. The POSIX attributes can be protected as follows:
by managing the POSIX user attributes of all the user IDs on all local pubsets. This authorization is a subset of the USER-ADMINISTRATION privilege.
by using privileged subfunctions of POSIX-SVC
By default this privilege is assigned to the user ID SYSROOT and cannot be withdrawn from it.
See also the chapter "POSIX user administration".
SPOOL administration
The PRINT-SERVICE-ADMINISTRATION privilege allows SPOOL administration tasks to be performed. These include:
starting and stopping SPOOL devices such as printers or tapes
changing the SPOOL parameters with the SPSERVE utility routine
changing print control files with the PRM utility routine
distributed access to networked printed with Dprint
managing the print jobs of all users
By default this privilege is assigned to the TSOS, SYSSNS and SYSSPOOL IDs.
PROP-XT administration
The PROP-ADMINISTRATION privilege allows PROP-XT system commands to be executed. For PROP-XT administration, see also the “PROP-XT” manual [40].
By default this privilege is assigned to the TSOS ID.
Evaluation of the audit files
The SAT-FILE-EVALUATION privilege grants the right to evaluate the SATLOG files and the CONSLOG files. SAT logging is always active for the owner of the SAT-FILE-EVALUATION privilege but can be explicitly disabled.
By default this privilege is assigned to the user ID SYSAUDIT.
Management of the audit files
The management of audit files requires the privilege SAT-FILE-MANAGEMENT which permits the user:
to manage the files generated by SAT (Security Audit Trail) (in particular, to switch the SATLOG file using the CHANGE-SAT-FILE command)
to request the current status of the REP logging file, using the SET-REPLOG-READ-MARK command
to call up information about the current status of the EVENTING selection
to evaluate the SATLOG files and the CONSLOG files.
SAT logging is always active for the owner of the SAT-FILE-MANAGEMENT privilege but can be explicitly disabled.
By default this privilege is assigned to the user ID SYSAUDIT.
Security administration
Security administration (the security administrator) is authorized to manage privileges, to manage the operator roles and to control SAT logging (auditing). For the user ID with the SECURITY-ADMINISTRATION privilege, logging via SAT is always active, and cannot be deactivated.
The privilege administration may manage the individual privileges, i.e.:
assign privileges to user IDs on all pubsets
withdraw privileges from user IDs on all pubsets
assign and withdraw privilege groups on all pubsets
request information on the current allocation of privileges to privilege groups
In connection with the management of operator roles, the security administrator can:
define, modify and delete operator roles
assign operator roles to user IDs, and withdraw them
request details of the current definition and distribution of the operator roles
The SECURITY-ADMINISTRATION privilege cannot be assigned to or withdrawn from a user ID by a command. In a system which does not have SECOS, the privilege is permanently linked to the SYSPRIV user ID (which, like TSOS, is always contained in the SYSSRPM user catalog); in a system with SECOS, the startup parameter service can be used to assign the privilege to any required user ID (see the “SECOS” manual “Access Control” [46]).
Execution of user commands
The STD-PROCESSING privilege assigns the right to execute the commands described in the “Commands” manual [27], and the nonprivileged commands of software products which do not form part of BS2000 OSD/BC.
When a user ID is first set up (using ADD-USER), the system assigns it the STD-PROCESSING privilege by default. The STD-PROCESSING privilege is also issued by default to the user IDs created by the system at the time of first startup (except for the SERVICE, SYSAUDIT and SYSPRIV user IDs).
Although it is a valid rule that a user ID which has a privilege cannot be deleted, when a user ID is deleted (using REMOVE-USER) the fact that it “possesses” the STD-PROCESSING privilege is disregarded; i.e. a user ID can be deleted if there is no privilege other than this one assigned to it.
Subsystem management
The user ID which has the SUBSYSTEM-MANAGEMENT privilege may perform the tasks for global management of the subsystems of the dynamic subsystem management DSSM system:
By default this privilege is assigned to the TSOS ID.
Software monitor administration
Any user ID which has the SW-MONITOR-ADMINISTRATION privilege may start, terminate and administer the software monitors openSM2 and COSMOS (see the “openSM2” manual [49]).
By default this privilege is assigned to the TSOS ID.
Tape administration
The tape administration (the user ID which has the TAPE-ADMINISTRATION privilege) may execute the administrative functions for the tape software product MAREN. I.e. it may manage the MAREN catalog (see the “MAREN” manual [31]).
By default this privilege is assigned to the user IDs TSOS and SYSMAREN.
Encryption key administration for tapes
The encryption key administration (this is the user ID which has the TAPE-KEY-ADMINISTRATION privilege) may execute the statements of the MARENEKM (MAREN Encryption Key Manager) program. This means that it may administer the encryption keys for tapes (see the “MAREN” manual [31]).
By default this privilege is assigned to the user ID SYSMAREN.
TSOS
The TSOS privilege enables the TSOS user ID to execute system administration functions.
The TSOS privilege is immutably linked to the user ID TSOS and can neither be withdrawn from this user ID nor assigned to another user ID.
User administration
The system-global user administration (i.e. all the user IDs with the USER-ADMINISTRATION privilege) may perform actions relating to user or user-group administration on all local pubsets (for all users or user groups).
There are no restrictions on the allocation of resources and privileges of the user catalog entry (e.g. START-IMMEDIATE, NO-CPU-LIMIT,...) to user IDs and user groups.
By default this privilege is assigned to the TSOS ID.
VM administration
The VIRTUAL-MACHINE-ADMINISTRATION privilege gives the right to operate a virtual machine (VM), except for the monitor VM. It is allowed to issue VM administrator commands for the privilege owner's own VM (see the “VM2000” manual [60]).
By default this privilege is assigned to the TSOS ID.
VM2000 administration
The VM2000-ADMINISTRATION privilege gives the right to administer the monitor VM and to enter all the VM2000 commands (see the “VM2000” manual [60]).
By default this privilege is assigned to the TSOS ID.