On Wed, 13 Aug 2008 14:32:42 -0400, Fletcher, Kevin <[EMAIL PROTECTED]> wrote: >We have a job running a db2 utility DSNUTILB and we are getting the >generic db2 abend of S04E. Further probing determines this module is not >APF'd. The SDSNLOAD lib is APF'd and is in the linklst. The job has a >JOBLIB with non APF'd libraries and the db2 lib SDSNLOAD is not in the >JOBLIB concatenation. I have scanned the libs in the JOBLIB and the >DSNUTILB does not exist. > >When we use it in a stand alone STEPLIB the job works fine. My question >is, is this working how it should? > >Does a JOBLIB invalidate APF authorization of a module pulled from the >link list (remember no STEPLIB) when first tried? It appears there are >no calls to sub modules. Any feedback would be appreciated. >
No, a JOBLIB does not generally invalidate APF authorization when you pull a module from the linklist. But authorization is a complex topic. Showing us your JCL and the invocation of DSNUTILB may shed some light on the issue. -- Walt Farrell, CISSP IBM STSM, z/OS Security Design ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
