You should make your own class. Classes can be dynamically added by adding to the CDT class.
On Sun, 12 Nov 2023 05:40:03 -0500 David Cole <[email protected]> wrote: :>I've got a problem. Decades ago, I made some assumptions about RACF's :>FACILITY class that have turned out to be wrong. :>Currently, I'm working on implementing a new security rule for z/XDC, :>and the individual rules ("entities") can be up to 59 characters long. :>Decades ago, when I was porting z/XDC's security rules from ACF2 to :>RACF, I made the decision to piggy-back my security rules into RACF's :>FACILITY class. I didn't know much about RACF then (and I still :>don't), and it did not occur to me that rule length would be an :>issue. I was wrong. It is an issue. :>Yesterday, I was testing with an instance of the new rule that was 44 :>characters long. Boom! My "RACROUTE REQUEST=AUTH" (racheck) call :>failed with "ICH409I 282-054 ABEND DURING RACHECK PROCESSING". This :>basically means that the entity I passed (my 44-character rule) was :>too long for its class (FACILITY). :>Ouch! :>So now I have several questions that I'm hoping someone here can :>provide answers to. :> * What is the longest entity the FACILITY class will accept? :> * Where do I find that specific fact doc'd? :> * Is there a command that will display that information? :> * Is there a catch-all class that z/XDC can use for its rules :>other than FACILITY? :> * Where do other vendors put their rules? -- Binyamin Dissen <[email protected]> http://www.dissensoftware.com Director, Dissen Software, Bar & Grill - Israel ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
