entity. A user, group, or resource (for example, a
DASD data set) that is defined to RACF.
EXTRACT request. The issuing of the RACROUTE
macro with REQUEST=EXTRACT specified. An
EXTRACT request retrieves or replaces certain
specified fields from a RACF profile or encodes certain
clear-text (readable) data. The EXTRACT request
replaces the RACXTRT function.
FFASTAUTH request. The issuing of the RACROUTE
macro with REQUEST=FASTAUTH specified. The
primary function of a FASTAUTH request is to check a
user's authorization to a RACF-protected resource or
function. A FASTAUTH request uses only in-storage
profiles for faster performance. The FASTAUTH request
replaces the FRACHECK function. See also
authorization checking
.
Ggeneral resource. Any system resource, other than an
MVS data set, that is defined in the class descriptor
table (CDT). General resources are DASD volumes,
tape volumes, load modules, terminals, IMS and CICS
transactions, and installation-defined resource classes.
general resource profile. A profile that provides
RACF protection for one or more general resources.
The information in the profile can include the general
resource profile name, profile owner, universal access
authority, access list, and other data.
general-use programming interface (GUPI). An
interface that IBM makes available for use in
customer-written programs with few restrictions and that
does not require knowledge of the detailed design or
implementation of the IBM software product. See also
product-sensitive programming interface (PSPI)
.
generic profile. A resource profile that can provide
RACF protection for one or more resources. The
resources protected by a generic profile have similar
names and identical security requirements. For
example, a generic data-set profile can protect one or
more data sets.
GID. See
group identifier
.
group. A collection of RACF-defined users who can
share access authorities for protected resources.
group authority. An authority specifying which
functions a user can perform in a group. The group
authorities are USE, CREATE, CONNECT, and JOIN.
group identifier (GID). (1) In OpenEdition MVS, a
unique number assigned to a group of related users.
The GID can often be substituted in commands that
take a group name as an argument. (2) A
non-negative integer, which can be contained in an
object of type
gid_t,
that is used to identify a group of
system users. Each system user is a member of at
least one group. When the identity of a group is
associated with a process, a group ID value is referred
to as a real group ID, an effective group ID, one of the
(optional) supplementary group IDs, or an (optional)
saved set-group-ID.
group profile. A profile that defines a group. The
information in the profile includes the group name,
profile owner, and users in the group.
GUPI. See
general-use programming interface
.
HHFS. See
hierarchical file system
.
hierarchical file system (HFS). Information is
organized in a tree-like structure of directories. Each
directory can contain files or other directories.
IICB. See
inventory control block
.
inventory control block (ICB). The first block in a
RACF database. The ICB contains a general description
of the database.
Kkernel. (1) In OpenEdition MVS, the part of an
operating system that contains programs for such tasks
as I/O, management, and control of hardware and the
scheduling of user tasks. (2) The part of the system
that is an interface with the hardware and provides
services for other system layers such as system calls,
file system support, and device drivers. (3) The part of
an operating system that performs basic functions such
as allocating hardware resources. (4) A program that
can run under different operating system environments.
See also
shell
. (5) A part of a program that must be in
central storage in order to load other parts of the
program.
Glossary 41