Setting up security for Infoprint Server daemons
Infoprint Central lets users display the status of Infoprint Server daemons to see whether they are started. You can define profile AOP.DAEMON to restrict who can display daemons. If you do not define profile AOP.DAEMON, any Infoprint Central user can display the status of daemons. Infoprint Central does not let users start and stop daemons.
Table 1 lists the daemon
action that users can do in Infoprint Central and the minimum access
that is required to the AOP.DAEMON profile in the PRINTSRV class.
| To do this action in Infoprint Central | Access to this profile in the PRINTSRV class is required | This minimum access is required |
|---|---|---|
| Display | AOP.DAEMON | READ |
Steps for defining the AOP.DAEMON profile to protect daemons
- Define the AOP.DAEMON resource profile in the PRINTSRV class.
Guideline: For information about specifying the NOTIFY and AUDIT parameters on the RDEFINE command, see Requesting RACF notification and auditing.Example: To define AOP.DAEMON with universal NONE access, enter this RACF® command:
RDEFINE PRINTSRV (AOP.DAEMON) UACC(NONE) - Give users access to the AOP.DAEMON resource profile. Example: Give users READ access:
PERMIT AOP.DAEMON CLASS(PRINTSRV) ACCESS(READ) ID(userid or groupid) - Refresh the PRINTSRV class. Example: SETROPTS RACLIST(PRINTSRV) REFRESH