Security considerations

If you want to collect all relevant z/OS UNIX data, you must have access to all UNIX directories, including the root directory. This access ensures that all z/OS UNIX data is collected.

To allow the Inquisitor unrestricted read access to all z/OS UNIX files, consider using the UNIXPRIV RACF Resource Class, which alleviates the need for UID(0). The following sample definition can be used by your Security Administrator to define, permit, activate, and RACLIST the RACF UNIXPRIV Class:

RDEL UNIXPRIV SUPERUSER.FILESYS.**
RDEF UNIXPRIV SUPERUSER.FILESYS.** UACC(NONE) 
OWNER(IBMUSER) PE SUPERUSER.FILESYS.** CLASS(UNIXPRIV)
RESET
PE SUPERUSER.FILESYS.** CLASS(UNIXPRIV) ID(USERONE) ACCESS(READ) SETR 
CLASSACT(U
NIXPRIV) 
SETR 
RACLIST(UN 
IXPRIV)
SETR RACLIST(UNIXPRIV)REFR