What are some the reasons a RACF id accessing a program in a LNKLSTed dataset would not appear on a zSecure access monitor report; reporting  access to that dataset?  Missing some ids that I think should be on report... scratching my head...

------------------------------
Peter Ten Eyck
------------------------------

oops, sorry for the redundant post, please ignore.

------------------------------
Peter Ten Eyck
------------------------------

Original Message:
Sent: Fri December 13, 2019 10:19 AM
From: Peter Ten Eyck
Subject: zSecure access monitor

What are some the reasons a RACF id accessing a program in a LNKLSTed dataset would not appear on a zSecure access monitor report; reporting  access to that dataset?  Missing some ids that I think should be on report... scratching my head...

------------------------------
Peter Ten Eyck
------------------------------

Ah, you used 2 words that you did not use in your previous post: program and LNKLSTed.
If a program was loaded from Linklist, and not from STEPLIB, the data set was not opened, no RACF access check performed, and therefore no ACCESS MONITOR event recorded.

------------------------------
Rob van Hoboken
------------------------------

Original Message:
Sent: Fri December 13, 2019 11:52 AM
From: Peter Ten Eyck
Subject: zSecure access monitor

oops, sorry for the redundant post, please ignore.

------------------------------
Peter Ten Eyck

Original Message:
Sent: Fri December 13, 2019 10:19 AM
From: Peter Ten Eyck
Subject: zSecure access monitor

What are some the reasons a RACF id accessing a program in a LNKLSTed dataset would not appear on a zSecure access monitor report; reporting  access to that dataset?  Missing some ids that I think should be on report... scratching my head...

------------------------------
Peter Ten Eyck
------------------------------

Original Message------

Ah, you used 2 words that you did not use in your previous post: program and LNKLSTed.
If a program was loaded from Linklist, and not from STEPLIB, the data set was not opened, no RACF access check performed, and therefore no ACCESS MONITOR event recorded.

------------------------------
Rob van Hoboken
------------------------------

That's right.  Linklist data sets are opened at IPL, or after an activate, so RACF does not check access to the DATASET profile for each program load.

------------------------------
Rob van Hoboken
------------------------------

Original Message:
Sent: Fri December 13, 2019 03:51 PM
From: Peter Ten Eyck
Subject: zSecure access monitor

Yes, I had my suspicions about that... if a program is load from the LNKLST, no access for its PDS is recorded?

 

//* Peter Ten Eyck

//* Senior Systems Programmer

//* American National

//

 

Original Message------

Ah, you used 2 words that you did not use in your previous post: program and LNKLSTed.
If a program was loaded from Linklist, and not from STEPLIB, the data set was not opened, no RACF access check performed, and therefore no ACCESS MONITOR event recorded.

------------------------------
Rob van Hoboken
------------------------------

Original Message------

That's right.  Linklist data sets are opened at IPL, or after an activate, so RACF does not check access to the DATASET profile for each program load.

------------------------------
Rob van Hoboken
------------------------------