Hello Chris , This is a very good explanation . But that still leaves OP's last question
"If IDCAMS requires APF authorization for called modules, why does IDCAMS work when the JOBLIB is supposedly not authorized by introducing a non-authorized library to the JOBLIB? " I assume OP ran the job by APF authorizing the JOBLIBS first , and then tried another run by adding an unauthorized library to the JOBLIB concatenation . TIA , Bob > Date: Thu, 19 Dec 2013 00:58:00 +0000 > From: [email protected] > Subject: Re: APF authorization and JOBLIB DD card > To: [email protected] > > I will answer the APF questions, but I strongly suggest that you call > SyncSort Support in the morning if you continue to have ABEND 306 problems. > > The short answer is that any module loaded by an authorized program must come > from an authorized library. Loaded modules don't have to be authorized > (AC=1), they just have to come from an authorized library. Now it gets more > complicated. > > Most people think that all LINKLIST libraries are authorized, but that isn't > always true. If your site has LNKAUTH=APFTAB as a parm in IEASYSxx rather > than taking the default or specifying LNKAUTH=LNKLST, then only those > libraries that are in the APF table are considered authorized. > > JOBLIB and STEPLIB libraries are handled a little differently. They are > either all authorized or all not authorized. So, if you have a three library > concatenation and they are all authorized, life is good. If you add a > non-authorized library to then, then they are all considered un-authorized. > > When you ran an IDCAMS job with all modules used in the linklist, it was OK > because it didn't get any modules from JOBLIB. Your site must be taking the > default or specifying LNKAUTH=LNKLST. When you put the same libraries in the > JOBLIB concatenation, and any one of them isn't in the APF table, then all of > the JOBLIB libraries become un-authorized, even if the libraries are still in > the LINKLIST. Because the search is STEPLIB first, JOBLIB second (or first > if no STEPLIB) and then the LINKLIST and it found the module it wanted in the > JOBLIB and the JOBLIB concatenation was not authorized because one or more > libraries weren't, then you get the ABEND 306. > > Confused enough? > > Chris Blaicher > Principal Software Engineer, Software Development > Syncsort Incorporated > 50 Tice Boulevard, Woodcliff Lake, NJ 07677 > P: 201-930-8260 | M: 512-627-3803 > E: [email protected] > > > -----Original Message----- > From: IBM Mainframe Discussion List [mailto:[email protected]] On > Behalf Of Pommier, Rex > Sent: Wednesday, December 18, 2013 6:07 PM > To: [email protected] > Subject: APF authorization and JOBLIB DD card > > Hi list, > > I'm confused - again. I thought I knew how APF authorization works with > JOBLIB statements but apparently I don't. Here's the background. I'm > installing a new maintenance level of SyncSort. According to the SyncSort > manual, the only library that needs APF authorization is the SYNCAUTH library > which contains the Dynamic Storage Management modules. > > In addition, IDCAMS internally calls a SORT module by default when performing > a BuildIndeX function. > > Here's my scenario. I have batch jobs with JOBLIB statements in them. In > order to test my SyncSort upgrade, I have added the SYNCLINK and SYNCRENT > libraries to the JOBLIB concatenation. > > Where I'm hitting the problem is IDCAMS BIX function. When I run the IDCAMS > job with just the normal JOBLIB without the SyncSort libraries in it, the job > runs fine - presumably using the SyncSort currently in the LinkList. The > JOBLIB is not APF authorized because it has a mixture of authorized and not > authorized libraries in it. I add the new SyncSort libraries to the JOBLIB > and the IDCAMS fails with a S306-0C abend and message "CSV019I REQUESTED > MODULE SS14RC02 NOT ACCESSED, IS IN NON-APF LIBRARY/CONCATENATION". Module > SS14RC02 is linked AC=0 and is in the SYNCRENT library. I added all the > JOBLIB libraries to the APF list and the IDCAMS step runs fine. I then add a > non-APF authorized library to the JOBLIB and the IDCAMS step STILL runs fine! > > > Why is IDCAMS demanding that non-APF module SS14RC02 be loaded from an APF > authorized library? > > If IDCAMS requires APF authorization for called modules, why does IDCAMS work > when the JOBLIB is supposedly not authorized by introducing a non-authorized > library to the JOBLIB? > > TIA > > Rex > > The information contained in this message is confidential, protected from > disclosure and may be legally privileged. If the reader of this message is > not the intended recipient or an employee or agent responsible for delivering > this message to the intended recipient, you are hereby notified that any > disclosure, distribution, copying, or any action taken or action omitted in > reliance on it, is strictly prohibited and may be unlawful. If you have > received this communication in error, please notify us immediately by > replying to this message and destroy the material in its entirety, whether in > electronic or hard copy format. Thank you. > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, send email to > [email protected] with the message: INFO IBM-MAIN > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
