[Documentation] [zos_backup_restore] Document RACF auth needed for facility class when `recover:true`

[ddimatos]

Is there an existing issue for this?

• [X] There are no existing issues.

Enhancement or feature description

When reviewing ADRDSSU DUMP keyword TOLERATE(ENQF) or TOL(ENQF), RACF authority READ access is needed for STGADMIN.ADR.DUMP.TOLERATE.ENQF.

Review document Protecting DFSMSdss functions with RACF FACILITY class profiles.

Note that when reviewing the keyword doc, there is no mention of the RACF authority needed which is not consistent with other keywords, see the TOLERATE(ENQF) documentation.

This issue will track the work needed to update the zos_backup_restore module to identify the RACF authority needed when recover:true , because the recover option causes a TOL(ENQF) to be added to the command.

Ansible module

zos_backup_restore

[ddimatos]

See issue #1538 where work has been moved to.

[ddimatos]

I have added to the notes section of the module:

notes:
    - It is the playbook author or user's responsibility to ensure they have
      appropriate authority to the RACF FACILITY resource class. A user is
      described as the remote user, configured to run either the playbook or
      playbook tasks, who can also obtain escalated privileges to execute as
      root or another user.
    - When using this module, if the RACF FACILITY class
      profile B(STGADMIN.ADR.DUMP.TOLERATE.ENQF) is active, you must
      have READ access authority to use the module option I(recover=true).
      If the RACF FACILITY class checking is not set up, any user can use
      the module option without access to the class.
    - If your system uses a different security product, consult that product's
      documentation to configure the required security classes.