Security considerations
If you want to collect all relevant z/OS UNIX data, you must have access to all UNIX directories, including the root directory. This access ensures that all z/OS UNIX data is collected.
To allow the Inquisitor unrestricted read access to all z/OS UNIX files, consider using
the UNIXPRIV RACF Resource Class, which alleviates the need for UID(0). The
following sample definition can be used by your Security Administrator to define,
permit, activate, and RACLIST the RACF UNIXPRIV
Class:
RDEL UNIXPRIV SUPERUSER.FILESYS.**
RDEF UNIXPRIV SUPERUSER.FILESYS.** UACC(NONE)
OWNER(IBMUSER) PE SUPERUSER.FILESYS.** CLASS(UNIXPRIV)
RESET
PE SUPERUSER.FILESYS.** CLASS(UNIXPRIV) ID(USERONE) ACCESS(READ) SETR
CLASSACT(U
NIXPRIV)
SETR
RACLIST(UN
IXPRIV)
SETR RACLIST(UNIXPRIV)REFR