The following is an example of RACF commands which can be used to protect BSM resources.
If enhanced generic naming (EGN) is switched on, use two asterisks instead of a single asterisk in resource names.
For example, specify B04.** instead of B04.* in an installation where EGN is active.
To lock all BSA Service Manager functions, enter the following definition:
RDEFINE $BETA (B04.*) UACC(NONE)
To allow user/group USER1 to use the keyword READ function, specify the following:
RDEFINE $BETA (B04.*) UACC(NONE)
RDEFINE $BETA B04.*.LST.KWDLST UACC(NONE)
PERMIT B04.*.LST.KWDLST CLASS($BETA) ID(USER1)
ACCESS(READ)
To allow user/group ADMIN to use the keyword UPDATE function, enter the following:
RDEFINE $BETA (B04.*) UACC(NONE)
RDEFINE $BETA B04.*.LST.KWDUPD UACC(NONE)
PERMIT B04.*.LST.KWDUPD CLASS($BETA) ID(ADMIN)
ACCESS(UPDATE)