Security considerations
If you want to collect all relevant z/OS® UNIX® data, you must have access to all UNIX® directories, including the root directory. This access ensures that all z/OS® UNIX® data is collected.
To allow the Inquisitor unrestricted read access to all z/OS® UNIX® files, consider using the UNIXPRIV RACF® Resource Class, which alleviates the need for UID(0).
The following sample definition can be used by your Security Administrator
to define, permit, activate, and RACLIST the RACF® UNIXPRIV Class:
RDEL UNIXPRIV SUPERUSER.FILESYS.**
RDEF UNIXPRIV SUPERUSER.FILESYS.** UACC(NONE) OWNER(IBMUSER)
PE SUPERUSER.FILESYS.** CLASS(UNIXPRIV) RESET
PE SUPERUSER.FILESYS.** CLASS(UNIXPRIV) ID(USERONE) ACCESS(READ)
SETR CLASSACT(UNIXPRIV)
SETR RACLIST(UNIXPRIV)
SETR RACLIST(UNIXPRIV) REFR