I'm not sure if Attila was saying to try this, but if you can change the
port to something higher than 1024 and the bind works, that would
indicate you're not really root at the time of the bind. Then if the
userid starting the task is root, maybe somebody is doing a setuid() or
similar before the bind.
On 6/17/2024 1:26 AM, Attila Fogarasi wrote:
Is INETD configured correctly? Your config is in etc/inetd/conf*. *TELNET
is delivered specifying an ID of OMVSKERN and must be defined with both
superuser and daemon authority. Guessing you are using OMVSKERN based on
uid(0). Your port 722 is presumably defined in the /etc/services file
On Mon, Jun 17, 2024 at 6:10 PM Attila Fogarasi <[email protected]> wrote:
Brave man running uid(0) for other than the OMVS kernel ... usually uid(0)
does give superuser authority, but you may need to be in group(SYS1) and
have a GID. Another possibility is having root as HOME('/'). good luck,
its frustrating that simply things like getting a reason code for
"permission denied" is not so easy.
On Mon, Jun 17, 2024 at 5:19 PM Binyamin Dissen <
[email protected]> wrote:
Took a dump of the address space, and the associated userid has UID(0)
What else would be required for root access?
On Mon, 17 Jun 2024 06:29:01 +1000 Attila Fogarasi
<[email protected]> wrote:
:>port 722 is a privileged port, usually means your program needs root
:>access, all of that is configured outside of RACF.
:>
:>On Mon, Jun 17, 2024 at 6:16?AM Binyamin Dissen <
:>[email protected]> wrote:
:>
:>> On Sun, 16 Jun 2024 09:47:20 -0500 Walt Farrell
:>> <[email protected]> wrote:
:>>
:>> :>On Sun, 16 Jun 2024 17:20:34 +0300, Binyamin Dissen <
:>> [email protected]> wrote:
:>>
:>> :>>Getting
:>>
:>> :>>BPXF024I (TCPIP) Jun 16 06:38:15 inetd 65583 : FOMN0091
*:otelnet/tcp:
:>> :>>722 bind: EDC5111I Permission denied., rsn=744C7246
:>>
:>> :>>Not sure where it got 722 - looked in all the /etc places.
:>>
:>> :>>Also, what permission would be required to all;ow access to 722?
Don't
:>> seer
:>> :>>anything obvious.
:>>
:>> :>What evidence do you have that it's a RACF issue?
:>>
:>> I am guessing from "permission denied"
--
Binyamin Dissen <[email protected]>
http://www.dissensoftware.com
Director, Dissen Software, Bar & Grill - Israel
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
