System queue security

Many of the system queues are accessed by the ancillary parts of WebSphere MQ:

The user IDs under which these run must be given RACF access to these queues, as shown in Table 42.

Table 42. Access required to the SYSTEM queues by WebSphere MQ
SYSTEM queue CSQUTIL Operations and control panels Channel initiator for distributed queuing
SYSTEM.ADMIN.CHANNEL.EVENT - - UPDATE
SYSTEM.CHANNEL.INITQ - - UPDATE
SYSTEM.CHANNEL.SYNCQ - - UPDATE
SYSTEM.CLUSTER.COMMAND.QUEUE - - ALTER
SYSTEM.CLUSTER.REPOSITORY.QUEUE - - UPDATE
SYSTEM.CLUSTER.TRANSMIT.QUEUE - - ALTER
SYSTEM.COMMAND.INPUT UPDATE UPDATE UPDATE
SYSTEM.COMMAND.REPLY.MODEL UPDATE UPDATE UPDATE
SYSTEM.CSQOREXX.* - UPDATE -
SYSTEM.CSQUTIL.* UPDATE - -
SYSTEM.CSQXCMD.* - - UPDATE
SYSTEM.QSG.CHANNEL.SYNCQ - - UPDATE
SYSTEM.QSG.TRANSMIT.QUEUE - - UPDATE