mount JRUserNotPrivileged

[plavjanik]

I am toying with zowe samples. While trying out one, I got this error

Mounting zFS filesystem USERID.ZOWE.SAMPLAPI.ZFS to /a/surgo01/zowe-rest-api-sample-spring
Executing z/OS UNIX command '/usr/sbin/mount -v -o aggrgrow -f USERID.ZOWE.SAMPLAPI.ZFS /a/userid/zowe-rest-api-sample-spring'
Error: 
$ FOMF0504I mount error: 8B 119B00B0
USERID.ZOWE.SAMPLAPI.ZFS
EPERM: The operation is not permitted 
JRUserNotPrivileged: The requester of the service is not privileged 

how do i get past this?

[plavjanik]

Hello,

you need the UPDATE access to the SUPERUSER.FILESYS.MOUNT resource in the UNIXPRIV class.

Ask the security admin to give you access to a profile that contains them. Broadcom specific instructions: https://github.gwd.broadcom.net/MFD/zowe-rest-api-service-sdk/blob/master/README.md

Commands for CA Top Secret for z/OS:

TSS PERMIT(userid) UNIXPRIV(SUPERUSER.FILESYS.MOUNT) ACCESS(UPDATE)

You will also need READ access to BPX.FILEATTR.PROGCTL and BPX.FILEATTR.APF in the facility class and update access to BPX.SERVER in order to run native code on z/OS successfully.

TSS PERMIT(userid) IBMFAC(BPX.FILEATTR.PROGCTL) ACCESS(READ)
TSS PERMIT(userid) IBMFAC(BPX.FILEATTR.APF) ACCESS(READ)
TSS PERMIT(userid) IBMFAC(BPX.SERVER) ACCESS(UPDATE)

https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-mainframe-software/security/ca-top-secret-for-z-os/16-0/using/z-os-unix-system-services/superuser-granularity.html

@dkelosky @VitekVlcek-Broadcom

[gopi2212]

@plavjanik , our security admin added the required profile & the problem is fixed. Thanks!