Information Security Training
from the Henderson Group 		This page is: INFOSEC RACF TRAINING:
HG06: UNIX (USS) FOR RACF ADMINS

Quick Links:

HOME PAGE

CONTACT US

INFOSEC and RACF TRAINING

IT ande z/OS AUDIT TRAINING

NEWSLETTERS AND USER GROUPS

ARTICLES

PRIVACY STATEMENT

ABOUT US

OTHER INFO
SOURCES


HG06: UNIX (USS) for RACF Administrators


(1 day, 8 CPE credits; $460)


  • May 19, 2008 in Bethesda, MD

For more information on seminar dates, locations, and hotels, and how to register, please click here:
Schedule/Registration/Locations/Hotels


If you are a RACF administrator who doesn't administer USS security too, this course is a must. Now that IBM gives us USS (UNIX under MVS, also known as OMVS) for free with MVS, RACF administrators need to know how to administer USS security. This means learning UNIX security administration, and understanding how USS works with RACF. Securing USS is essential to securing TCP/IP on the mainframe, as well as the Websphere web server software.

This seminar teaches RACF administrators how to administer USS security, including userids, UIDs, GIDs, and file security. You will learn how to use the UNIXPRIV, FACILITY, SURROGAT, and UNIXMAP resource classes to support USS security. You will learn how UNIX security works, how USS security is different, how USS security works with RACF, and how to include USS security administration under the RACF administration umbrella.

You will also learn how to administer ACLs (Access Control Lists) for enhanced USS file security. All of this material is presented in a clear, easy-to- understand format, with simple exercises to demonstrate what you have learned.



Return to Top of Page

Return to Home Page


Who Should Attend HG06?

  • RACF Administrators Responsible for USS Security

  • Mainframe Practitioners Who Want to Learn About UNIX and USS



Return to Top of Page

Return to Home Page


HG06: This Course Will Teach You How:
  • Native UNIX Security Works
  • IBM Changed UNIX Security for USS
  • To Log on to USS and Execute Basic Commands
  • To Administer USS Userids and Groups
  • To Administer USS File Security
  • To Delegate USS Security
  • To Administer RACF Resource Classes for USS
  • To Administer ACLs (Access Control Lists)

Please note that you can save money by holding these classes in-house. Call Stu at (301) 229-7187 for details.

Note also the classes we offer for Information Technology Audit Training, as listed on the left under QUICK LINKS.

Return to Top of Page

Return to Home Page



"A must course for RACF shops" --- Steve Sheridan, Crestar Bank


"Stu's knowledge of RACF is phenomenal. He's very friendly. Stu is a first class instructor. "
--- Bob Dickinson, Foremost Insurance Company 


                          HG06 Seminar Workbook
                            TABLE OF CONTENTS
                                                                 Page
I   Concepts and Keywords                                           4
        A      Introduction                                         4
                   A Working Example                                6
        B      What UNIX Is and What USS Is                         8
        C      How UNIX Security Works                             12
        D      How USS Security Is Different                       17
        E      Why UNIX Is Really Neat                             35
        F      A Simple Way to Understand UNIX C Commands          36
        G      What Are ACLs (Access Control Lists)                41
        H      How Resource Rules Support USS Security             43
        I      Why USS Is More Secure Than Most UNIXes             44

II    Action Plan                                                  45
        A      How To Administer Userid and Group Security         46
                   Checklist for USS User and Group Security       68
        B      How To Administer File Security                     69
                   Checklist for USS File Security                 85
        C      How To Administer ACLs (Access Control Lists)       86
                   Checklist for USS ACL Security                  92
        D      How To Delegate Security Authority in USS           93
                   Checklist for USS Security Delegation           97
        E      How To Administer Resource Rules For USS            98
                   Checklist for USS Resource Security            109
        F      How To Administer Auditing of USS Events           110
                   Checklist for USS Auditing                     110
        G      How To Pull All of USS Security Together           111

III   Forms and Reference                                         118
        A      Basic Security Model                               119
        B      SYS1.PARMLIB(BPXPRMxx) Security Operands           124
        C      RACF FACILITY Class Rules for USS                  126
        D      RACF UNIXPRIV Class Rules                          130
        E      USS Security Command Reference                     135
                   cat                                            137
                   cd                                             138
                   chaudit                                        138
                   chgrp                                          140
                   chmod                                          141
                   chown                                          145
                   cp                                             146
                   date                                           146
                   df                                             146
                   extattr                                        147
                   getfacl                                        148
                   ln                                             150
                   ls                                             151
                   lp                                             155
                   man                                            155
                   mkdir                                          155
                   mount                                          156
                   mv                                             157
                   pwd                                            158
                   r                                              158
                   rm  and rmdir                                  158
                   setfacl                                        159
                   su                                             161
                   umask                                          162
                   unmount                                        162
                   who and whoami                                 163
                   write                                          163
                                                                  
INDEX                                                             164


Return to Top of Page

Return to Home Page












Stu Henderson offers consulting, seminars, articles, and other information sharing related to information security and auditing. His consulting includes: security reviews, risk assessments, RACF implementation assistance, and Information Technology audit technical counseling.

His most popular seminars provide: RACF training, mainframe audit training including MVS and z/OS audit training. His RACF seminars include: "Effective RACF Administration", "Advanced RACF Administration", and "UNIX (USS) for RACF Administrators".

His audit seminars include: "How to Audit MVS, RACF, ACF2, TopSecret, CICS, DB2, and MQ Series Security" and the follow-on "How to Audit z/OS with USS, TCP/IP, FTP, and the Internet"

Information on class location and schedules, as well as articles, links and other useful information sharing may be found on his website at www.stuhenderson.com