Use this task to create a dedicated file system, set up
the file system security, and set up FTP security for access from CICS Explorer®.
Before you begin
Before you can create and deploy a platform, you must configure
your platform home directory in zFS.
Procedure
- Create a z/OS® UNIX file system data set to use
as the zFS platform home directory. The purpose of this
is to create a dedicated file system for use by all CICS® regions in the platform.
Note: The default
platform home directory is /var/cicsts/CICSplex/platform1 .
- If you are using a shared file system in a multisystem sysplex
environment, mount the data set onto the root file system (/) as /cicsts,
and then for each system that requires access, create a symbolic link
from /var/cicsts to the shared /cicsts directory.
- If you are using non-shared zFS, mount the data set onto /var as /var/cicsts,
as a r/w file system.
- If the directories do not already exist, create the /var/cicsts/CICSplex and /var/cicsts/CICSplex/platform1 subdirectories. If you are using CICS
Explorer these directories are created for you. If you are not
using CICS Explorer you
must create the /CICSplex and /platform1 directories.
- Set up file system security. This file system
security ensures that all CICS regions
in the platform, including the CICSPlex® SM CMAS
regions, are able to read the bundle files in the platform home directory.
- Change the owner of the directories in /var/cicsts to
the user ID that is used to create the bundle files.
- Change the group ownership of the directories in /var/cicsts to
a group that all the CICS regions
in the platform belong to.
- Give the owner of the directories read, write, and execute
permissions, and give the group read and execute permissions. For example, rwxr-x---.
- Optional: If write access is required by
multiple administrator user IDs, or read access is required by different
groups, you can use UNIX System
Services (USS) access control list (ACL) entries to add additional
group or owner permissions. You can achieve this by activating the FSSEC resource
class and by using the setfacl command.
- Set up FTP security. This level of security
ensures that bundles exported from CICS Explorer can be written to the
platform home directory on zFS, and read by all the CICS regions in the platform.
- Set the file mode creation mask for the z/OS FTP daemon to ensure that the owner has
write permissions and the group has read permissions. This
is configured by using the UMASK statement in
the FTP.DATA configuration file.
- Optional: If you are also using ACL entries
to control security you must ensure that the default ACLs are inherited
from the /var/cicsts/CICSplex/platform1 directory. Where CICSplex is the name of the users cicsplex
and platform1 is an example platform name.
Results
Your zFS environment is now configured with the correct directories
and permissions.
What to do next
You can now create a platform bundle using a CICS Platform
project in CICS Explorer.