Creating a platform home directory in zFS

Use this task to create a dedicated file system, set up the file system security, and set up FTP security for access from CICS Explorer®.

Before you begin

Before you can create and deploy a platform, you must configure your platform home directory in zFS.

Procedure

  1. Create a z/OS® UNIX file system data set to use as the zFS platform home directory. The purpose of this is to create a dedicated file system for use by all CICS® regions in the platform.
    Note: The default platform home directory is /var/cicsts/CICSplex/platform1 .
    • If you are using a shared file system in a multisystem sysplex environment, mount the data set onto the root file system (/) as /cicsts, and then for each system that requires access, create a symbolic link from /var/cicsts to the shared /cicsts directory.
    • If you are using non-shared zFS, mount the data set onto /var as /var/cicsts, as a r/w file system.
    1. If the directories do not already exist, create the /var/cicsts/CICSplex and /var/cicsts/CICSplex/platform1 subdirectories. If you are using CICS Explorer these directories are created for you. If you are not using CICS Explorer you must create the /CICSplex and /platform1 directories.
  2. Set up file system security. This file system security ensures that all CICS regions in the platform, including the CICSPlex® SM CMAS regions, are able to read the bundle files in the platform home directory.
    1. Change the owner of the directories in /var/cicsts to the user ID that is used to create the bundle files.
    2. Change the group ownership of the directories in /var/cicsts to a group that all the CICS regions in the platform belong to.
    3. Give the owner of the directories read, write, and execute permissions, and give the group read and execute permissions. For example, rwxr-x---.
    4. Optional: If write access is required by multiple administrator user IDs, or read access is required by different groups, you can use UNIX System Services (USS) access control list (ACL) entries to add additional group or owner permissions. You can achieve this by activating the FSSEC resource class and by using the setfacl command.
  3. Set up FTP security. This level of security ensures that bundles exported from CICS Explorer can be written to the platform home directory on zFS, and read by all the CICS regions in the platform.
    1. Set the file mode creation mask for the z/OS FTP daemon to ensure that the owner has write permissions and the group has read permissions. This is configured by using the UMASK statement in the FTP.DATA configuration file.
    2. Optional: If you are also using ACL entries to control security you must ensure that the default ACLs are inherited from the /var/cicsts/CICSplex/platform1 directory. Where CICSplex is the name of the users cicsplex and platform1 is an example platform name.

Results

Your zFS environment is now configured with the correct directories and permissions.

What to do next

You can now create a platform bundle using a CICS Platform project in CICS Explorer.