On Sat, 8 Dec 2018 21:09:42 +0200, Binyamin Dissen
wrote:
>I don't believe this tool would be appropriate for the OP as it detects system
>objects (for the lack of a better term) that allow inappropriate privilege
>elevation or storage access. Application code would not benefit from this
>tool.
On Thu, 24 Jan 2019 15:25:45 +, Steve Austin
wrote:
>Hi, I'm using the 'shmat' syscall to attach a shared memory object, but using
>the REXX storage function to alter it causes the dirty bit to be set. Any idea
>why this is or how to prevent it?
As Ed said, because you're loading somethin
On Sun, 10 Feb 2019 14:08:15 -0800, Charles Mills wrote:
>A kind soul offline points out S99NORES.
>
>(No wonder I couldn't find it in the TCB.)
It also would have helped if you'd said you were interested in -dynamic- data
set allocation, rather than simply data set allocation. It changes the a
On Mon, 11 Feb 2019 09:06:21 -0800, Charles Mills wrote:
>I did not recall the exact operation of the bit flag. If I'd recalled that it
>was an SVC 99 flag rather than some sort of global flag I might well have
>found it myself.
>
>Why criticize people for asking a question? If they knew the an
On Sun, 17 Feb 2019 18:05:59 +0200, Steff Gladstone
wrote:
>Ok. We have been playing around with program control.If PROG1 (a COBOL
>program incidentally) is to be allowed exclusively to update file MY.FILE,
>then we:
>
>1. introduced PROG1 into the list of programs in AUTHPGM in member IKJEF
On Wed, 20 Feb 2019 15:51:23 +0200, Steff Gladstone
wrote:
>Do I understand correctly that TSOEXEC CALL creates a new subtask
>environment which is "insulated" from the goings-on in the mother task?
Yes. The parallel environment established by TSO/E via TSOEXEC would be clean,
even if the orig
On Thu, 21 Feb 2019 15:22:33 +, Seymour J Metz wrote:
>AFAIK it won't reset the dirty bit. It does isolate AC(0) from AC(1).
Yes, it will, for that isolated parallel environment.
--
Walt
--
For IBM-MAIN subscribe / signof
On Mon, 4 Mar 2019 16:53:24 +, Jesse 1 Robinson
wrote:
>On two different RACF plexes, we have these two profiles in the SDSF class:
>
>ISFCMD.ODSP.* (G)
>ISFCMD.ODSP.** (G)
>
>I'm confounded to explain the difference between one or two asterisks. Help?
The two differences:
(1) ISFCMD.ODSP.*
On Wed, 6 Mar 2019 19:01:25 +0200, Steff Gladstone
wrote:
>
>The COBOL I/O routine is called by a fairly complex TSO/ISPF application.
>So we decided to communicate to the I/O routine via a subtask in order to
>simplify the environment (as per Walt Farrell's claim that a new TCB
>creates a paral
On Wed, 6 Mar 2019 19:01:25 +0200, Steff Gladstone
wrote:
>
>This works ok for privileged users (i.e., the subtasking and I/O logic
>works fine, the COBOL I/O routine is not reintiaiized on each call, and of
>course there are no RACF issues). But for non-privileged users RACF issues
>the follo
On Wed, 6 Mar 2019 19:29:05 +0200, Steff Gladstone
wrote:
>One further question:
>
>Would use of IKJEFTSI/IKJEFTSR/IKJEFTST work here? I.e., provide an
>isolated eenvironment for RACF while maintaining continuity within the I/O
>routine without re-initializing its working storage on each call?
On Wed, 6 Mar 2019 17:26:56 +, Seymour J Metz wrote:
>ATTACH by an unprivileged application cannot change the authority and
>privileges of the address space. TSOEXEC passes the request to the Terminal
>Monitor
>Program (TMP), which sets the unauthorized tasks nondispatchable before
>attac
On Thu, 7 Mar 2019 15:45:14 +0200, Steff Gladstone
wrote:
>But if I TSOEXEC CALL the Cobol I/O routine, will it retain the context
>between calls? Won't the DCBs and ACBs and working storage be reinitialized
>on every call?
You need to TSOEXEC CALL the main COBOL program. It must run isolated,
On Thu, 7 Mar 2019 19:33:31 +, Seymour J Metz wrote:
>My understanding is that he needs ISPF services in his application.
Then he is probably not going to be able to get it to run, safely and with
integrity, under TSO/E. It will need a multi-address space implementation
unless he's very lu
On Wed, 13 Mar 2019 11:39:30 -0700, Lizette Koehler
wrote:
>Dear List -
>
>I am trying to run a batch REXX that issues CONSPROF or CONSOLE commands.
>
>I have set up everything in IKJTSO00 for CONSOLE, I have updated the RACF
>TSOAUTH for the ID issuing the commands
>
>The process will VARY OFFL
On Wed, 24 Apr 2019 12:10:59 -0500, John McKown
wrote:
>>
>>
>> Why are passwords restricted to a maximum length of 8, and passphrases
>> restricted to a minimum length of 9?
>>
>
>Passwords are restricted to a max of 8 for historical reasons. They were
>once kept in SYS1.UADS -- the TSO reposi
On Sat, 13 Jun 2020 23:32:02 -0400, Bob Bridges wrote:
>Gil, you mustn't think I plan to make it a habit but I think I'm going to
>disagree with you on every point, here:
>
>o Well, maybe not on the first one: What's "TOCTTOU"?
Time Of Check To Time Of Use. As you're making the check, a securi
On Mon, 3 Aug 2020 04:16:38 +, Gadi Ben-Avi wrote:
>But that would mean checking if the user has access, or if the user has access
>through any of the groups it is connected to.
If I remember correctly, if the user can see anything from the profile that
protects the resource then he has a
On Wed, 11 Sep 2019 12:15:11 -0500, Paul Gilmartin wrote:
>As I follow this thread, I wonder why CICS doesn't submit batch jobs
>with the credentials of the requesting individual rather than the CICS
>region.
Some of the IBM CICS designers over the years have wanted to allow that. The
IBM z/OS
On Fri, 25 Oct 2019 09:30:27 -0500, Steve Horein wrote:
>However, with the name, I can leverage some tools to open and read the data
>set to get pertinent info. For example, this NetView PIPE recipe can get
>what appears to be the TITLE and JOBNAME from the first record at columns
>89 and 1151:
>
On Sat, 16 Nov 2019 15:30:01 +, Leonardo Vaz wrote:
>I am curious now, does a custom homegrown program have to take extra
>precautions to be placed under AUTHPGM? What would those be?
>
Usually, no.
Sometimes, depending on what the program does, yes.
For example, consider a program which
On Sun, 17 Nov 2019 00:33:29 +, Leonardo Vaz wrote:
>
>But wouldn’t that program be system integrity even if not placed on AUTHPGM?
>The user could execute it batch first example and
>change his ACEE or anything else.
No, that wouldn't be a problem, because if the user wrote his own progr
On Sun, 17 Nov 2019 19:10:16 -0600, Paul Gilmartin wrote:
>On Sun, 17 Nov 2019 15:50:53 -0600, Walt Farrell wrote:
>
>>On Sun, 17 Nov 2019 00:33:29 +, Leonardo Vaz wrote:
>>>
>>>But wouldn’t that program be system integrity even if not placed on AUTHPGM?
>
On Mon, 18 Nov 2019 10:54:06 -0500, scott Ford wrote:
>So guys, stupid question what about a STC that provisions for RACF, etc.
>But the design is as a normal generalized user, but with a id
>with SPECIAL that is invoked only during the time of passing the command to
>RACF ? Does it have to be AP
On Thu, 19 Jan 2023 15:02:06 +, Robert Prins
wrote:
>And then you realise that the question should have been, "How do I get at
>it (control-block chasing-wise) in REXX?".
>
At what time in the user's logon, and where is the REXX exec running?
And why are you trying to do this from REXX? Wh
On Wed, 8 Feb 2023 14:31:02 -0600, Tom Longfellow
wrote:
>Excellent procedure and approach. And a good path to maybe resurrecting the
>application someday.
>
>I am still trying to sell the concept that a successful migration consists of
>not only the data, But a least someway to CRUD (Create
On Thu, 23 Mar 2023 09:34:02 -0500, John McKown
wrote:
>I got curious about how many possible different values could exist in a
>dataset "node". A node can be 1 to 8 characters long. The first character
>must be A-Z @#$ or 29 characters. Subsequent characters are those 29 plus
>digits 0-9 and a
On Thu, 27 Apr 2023 10:01:06 -0400, David Spiegel
wrote:
>Had I thought (originally) that "Pull" was the issue,. I would've
>figured it out on my own.
Using the tracing functions in REXX to do the debugging, rather than browsing
the data set itself, would also have been helpful.
--
Walt
---
On Sun, 30 Apr 2023 09:49:30 -0400, Joseph Reichman
wrote:
>Do the keywords have to be enter the way they are laid out in the PCL
>
>I would think not
>
>Because that's why they are keywords
>
>However when I don't enter them that way it does not hit the validity exit
From earlier in the thr
On Thu, 8 Jun 2023 05:29:41 -0500, Michael Babcock
wrote:
>
>And I simply don't see why RACF could not be made to generate more than
>one SAN. Will that change with z/OS 3.1?
The RACF-L mailing list would be a better place for that part of your question,
and (perhaps) for the complete questio
On Thu, 29 Jun 2023 18:10:06 -0500, Hobart Spitz wrote:
>https://chat.openai.com/share/1718b445-7a89-47a3-ab23-b670aa8c2211
That URL gives a 404 error, for me.
Perhaps you could have your conversation again, and quote the conversation here
directly next time?
--
Walt
---
Thanks, Hobart.
--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
There are a number of hits that seem relevant when I do a search for "android
version of dosbox", and once you have dosbox installed you should have access
to a bunch of old DOS-based text games, including versions of Colossal Cave, I
believe. I have not tried this personally, but I use dosbox o
On Tue, 22 Aug 2023 13:07:01 +0100, Lennie Dymoke-Bradshaw
wrote:
>I am trying to determine which users are using the TSO CONSOLE command.
>
>This is controlled one of those TSOAUTH checks that are done at LOGON time
>and the results of the RACF check are stored in the PSCB in bit PSCBCNAU. So
>
On Wed, 23 Aug 2023 19:58:07 +0100, Lennie Dymoke-Bradshaw
wrote:
>Excellent. Now why didn't I think of that?
>Thank you Walt.
You're welcome, Lennie :)
--
Walt
--
For IBM-MAIN subscribe / signoff / archive access instructi
On Mon, 28 Aug 2023 15:21:55 -0500, Paul Gilmartin wrote:
>I use the WWW interface to post to IBM-MAIN. At times it tells me I have
>lingering drafts. Each shows a trashcan icon. Clicking it usually fails
>or causes a window hang. Is there a trick?
>
>I may have just discovered that it work
On Sat, 11 Nov 2023 08:59:07 -0500, David S. wrote:
>To help resolve a question posted to a LinkedIn group I manage:
>www.linkedin.com/feed/update/urn:li:groupPost:910927-7128598004344786944
>... I'd like to find out if there's any way to achieve *true*
>Skip-Sequential processing with a Fixed Bl
IBM used to, and may still, supply an unofficial REXX exec that I wrote named
DBSYNC. One of its operational modes allows cloning a user, though I don't
recall if that is described in the documentation or only anecdotally on RACF-L.
And I have no idea where such tools & toys are distributed toda
On Tue, 21 Nov 2023 12:23:24 +0400, Peter wrote:
>Cloning and creating one user is easy but
>
>I want to clone and create 10 userid at once .
>
>Is it possible to achieve it through DBSNC.?
DBSYNC can give you the commands to create 1 user based on another one.
Copy/Paste of those commands fol
On Sat, 25 Nov 2023 20:38:43 -0600, Paul Gilmartin wrote:
>I believe that several years ago IBM Pubs decreed that "data set"
>rather than "dataset" was preferred style and swept documentation
>emending the latter form. It seems to be creeping back. I just
>did a crude scan of the 3.1 .pdfs a d
On Mon, 11 Dec 2023 09:50:34 -0600, John Blythe Reid
wrote:
>The client never got the RACROUTE macro to work. Instead they've opted to use
>the CICS command EXEC CICS QUERY SECURITY and that works ok. Does anyone think
>that the problem may be due to issuing a RACROUTE macro inside a CICS
>tr
Have you looked at the descriptions of the two fields?
From https://www.ibm.com/docs/en/zos/2.1.0?topic=us-important-fields-in-sdwa I
see:
SDWAEC1
This field contains the PSW that existed at the time of the error.
SDWAEC2
The contents of this field vary according to the type of recovery
On Mon, 18 Nov 2019 20:03:59 +, Seymour J Metz wrote:
>What do you mean by "the initial program"? The TMP doesn't need to be in any
>list.
>
>There are a few caveats on authorization.
>
> Whether the entire linklist is autoorized depends on what you have in
> PARMLIB.
>
> Anything in th
On Wed, 4 Dec 2019 01:28:39 +, Lennie Dymoke-Bradshaw
wrote:
>Jesse / Skip,
>
>This is actually defined as being a requirement in "DFSMS Access Method
>Services Commands" SC23-6846-30. See Page 6, or just search for AUTHCMD and
>you will quickly find it. It states the following,
>
>"To use
On Sun, 12 Jan 2020 09:27:52 +, Jeremy Nicoll
wrote:
>On Sun, 12 Jan 2020, at 04:24, Phil Smith III wrote:
>> From a book:
>>
>> "... located a Trojan virus during a routine mainframe defrag."
>
>I dunno about the first bit, but "routine mainframe defrag" is fine.
>DFDSS has a DEFRAG verb.
On Thu, 26 Mar 2020 13:10:18 -0500, Paul Gilmartin wrote:
>On Thu, 26 Mar 2020 17:54:58 +, Seymour J Metz wrote:
>
>>ObSchiller IPCS is part of z/OS. All dangerous facilities of IPCS are
>>controlled by SAF. If your management capriciously prohibits you from using
>>it, the responsibility i
On Thu, 30 Apr 2020 19:46:04 +, Frank Swarbrick
wrote:
>Is z/OS still limited in all cases to 8 upper case characters? I am curious
>if a user that only has access to MQ might be able to have a longer and
>ideally mixed case user ID. They wouldn't have access to TSO or CICS or IMS.
It is
On Mon, 4 May 2020 16:29:48 -0400, Tony Harminc wrote:
>On Mon, 4 May 2020 at 04:23, Barbara Nitz wrote:
>
>> Doesn't matter. With an IMS region, you cannot use cancel (z/OS:
>> "non-cancelable, use force arm"). You cannot use force arm (z/OS: "cancel
>> first, please"). And you cannot use for
On Sun, 19 Mar 2017 07:00:27 +, Mark Wilson wrote:
>Just following up on your comment re your curiosity re IEFOPZxx debate on the
>GSE UK LSG Agenda.
>
>We will debate IEFOPZ from two perspectives:
>
>The first being how, why and when to use it, as its one of those topics that
>can potentia
On Tue, 11 Apr 2017 13:40:32 +, william janulin wrote:
>To answer the question about what sort of portal, I would say all of the
>above. I thought this was a somewhat general question as to
>whether or not z/OS will support both non-ascii and ascii at the same time.
It's not really a z/OS
On Fri, 14 Apr 2017 20:19:08 +, Nims,Alva John (Al) wrote:
>A slightly different answer might be found at CBTTAPE.ORG, file 248. It does
>not lock the screen, but disconnects and then cancels if
>not reconnected within a follow-on time period. File 325 from Wells Fargo
>does something si
On Tue, 18 Apr 2017 08:19:05 -0500, Elardus Engelbrecht
wrote:
>Steve Horein wrote:
>
>>I find the following at: http://listserv.vt.edu/cgi-bin/wa?A0=JES2-L
>
>Close, but no cigar for me... oh well. But thanks for telling us.
>
>After going all the trouble to logon, enter psw, receiving a confir
On Fri, 21 Apr 2017 11:12:25 +, Vernooij, Kees (ITOPT1) - KLM
wrote:
>You don't mention what you want to use it for, but with SMS managed datasets
>part of the problem was eliminated, because SMS
>managed datasets automatically get an EOF. You can't anymore simply allocate a
>dataset and
On Mon, 24 Apr 2017 08:17:55 -0500, Ron Thomas wrote:
>i executed the below script from Linux VM and the below is what it says.
>Looks like site command is not supported . So any idea on how this could be
>resolved or is there any work around ?
>
>Script
>---
>sftp to1c...@cray.cps.se.
On Mon, 24 Apr 2017 21:30:28 -0500, Paul Gilmartin wrote:
>... so I tried:
>
>548 $ sudo cat ~wombat/.ssh/rc
>/bin/id
>/bin/uname
>/bin/date
>
>... I see no evidence that the commands in ~wombat/.ssh/rc were executed.
>I can't tell exactly what happened. Nor does the man page tell what processor
On Wed, 26 Apr 2017 09:32:35 -0700, Charles Mills wrote:
>In our documentation we say datasets or legacy MVS datasets; and files or zFS
>files.
>
"zFS files" is, in my opinion, incorrect terminology and risks confusion.
First, zFS is but one kind of file system that can contain UNIX files. Bef
On Mon, 15 May 2017 15:18:38 +0700, Robin Atwood wrote:
>We have a requirement to attach user modules from an unauthorised library
>and execute them from an STC which
>
>runs APF authorised. Calling ATTACH with RSAPF=YES seems to do exactly what
>I want ...
It _can_ do what you want, Robin, but
On Tue, 16 May 2017 14:09:49 +0700, Robin Atwood wrote:
>Thanks to everyone for replying, I would never realised you had to flip
>JSCBAUTH from the macro documentation.
>The actual business requirement is that we run Rexx execs that call ISPF
>services on behalf of workstation users
>running an I
On Tue, 16 May 2017 20:42:42 +0700, Robin Atwood wrote:
>>However, as you're running work on behalf of various end-users, I hope you're
>>authenticating those users and >running the work under the proper end-user
>>identity in each case. And that would probably require authorization >of the
>>
On Tue, 16 May 2017 09:57:16 -0400, Sam Golob wrote:
> That having been said, the system doctor sometimes has to deal with
>things that go wrong. It's nice when the system is working as
>designed. But sometimes, the NON-CANCELABLE job or STC goes awry, and
>it has to be restarted. In such
On Fri, 19 May 2017 14:32:27 +0700, Robin Atwood wrote:
>The situation would be that the client routes a command to the server on the
>host which routes it to a dependent ASID. The DA gets the ACEE of the user and
>executes the command via IJKEFTSR. The command is one of a suite of
>Rexx execs
On Fri, 19 May 2017 20:05:43 +0700, Robin Atwood wrote:
>(2) is interesting. Actually my first thought was to use ASCRE to spawn a new
>ASID to execute the command but
>I have heard that address space creation/destruction is a major overhead and
>so focused on ATTACH.
My first question would b
On Sun, 21 May 2017 14:19:39 -0500, Paul Gilmartin wrote:
>On Sun, 21 May 2017 05:12:00 -0500, Elardus Engelbrecht wrote:
>>
>>>RACF (I'm less sure) is VSAM.
>>
>>No, it is PSU (PS and Unmovable). Other attributes are mandated by IBM.
>>
>"Unmovable" would seem to imply uncopyable; the copy wou
On Thu, 25 May 2017 08:11:31 -0500, John McKown
wrote:
>On Wed, May 24, 2017 at 2:28 PM, Peter Hunkeler wrote:
>
>> > The above is why I really "push" the UNIX fork() alternative.
>> [snip]
>>
>> >If a "steplib" is needed, the initial child program can simply DYNALLOC
>> the DSNs and then use a
On Thu, 25 May 2017 11:46:20 -0500, John McKown
wrote:
>On Thu, May 25, 2017 at 10:44 AM, Walt Farrell
>wrote:
>> execmvs() would be better than LINKX or ATTACHX for this scenario, in
>> general, as it handles all the environmental cleanup and handles any
>> necess
On Thu, 25 May 2017 12:14:46 -0400, scott Ford wrote:
>In reading through the RACF manual I have a question about STC definitions.
>We have a STC that is doing RACF provisioning. The question is if I change
>the below RDEFINE from TRUSTED(YES) to TRUSTED(NO) will still be able to
>issue RACF com
On Thu, 25 May 2017 14:24:05 -0500, John McKown
wrote:
>Well, from what I vaguely gather, this entire thread started off with the
>question of "how does an APF authorized program run a non-APF authorized
>program from a library not on the APF list?". Apparently the OP was trying
>this and got a
On Thu, 25 May 2017 19:33:22 -0500, John McKown
wrote:
>Thanks. I may put in an RFC on the BPX1FRK documentation to ask that it
>explicitly state that the APF status is maintained. Granted, in the Usage
>Notes, there is the sentence: "In other respects, for z/OS UNIX the child
>is identical t
On Fri, 26 May 2017 09:02:14 -0500, John McKown
wrote:
>This question related back to the thread "ATTACH with RSAPF=YES" in which
>the OP apparently wants a way to invoke a module from a non-APF authorized
>library from a program which is running APF authorized. In today's
>environment, the "sim
On Fri, 26 May 2017 16:25:57 -0700, Lizette Koehler
wrote:
>Okay, I yield - this time as I did not read the SDSF panel closely enough.
>
>So the COMMAND section on the PS panel shows only so much of the command
>(which is what I was really after this whole time).
>
>I know when I do the D OMVS,
On Sun, 28 May 2017 14:53:34 -0500, Paul Gilmartin wrote:
>On Sun, 28 May 2017 11:31:41 -0700, Lizette Koehler wrote:
>
>>Note: Once you turn on the SMF collection, you will only get data from that
>>point in time forward. So if you have something that connects only once a
>>month, you will n
On Sat, 10 Jun 2017 16:41:16 -0700, Charles Mills wrote:
>A refreshable program may modify itself, right? REFR does not say "I don't
>modify myself" it says "you can reload me if you want." Almost >the same
>thing, but not quite.
The key, I think, is that the system may reload the program at _
On Sun, 11 Jun 2017 15:40:49 -0500, Paul Gilmartin wrote:
>In the Program Management UG and Ref, I see:
>RENT
>... A reenterable module is ordinarily expected not to modify
>its own code. In some cases, MVS protects the reentrant module's
>virtual storage so that it cannot be modified
On Mon, 12 Jun 2017 02:24:30 +, Jesse 1 Robinson
wrote:
>I got tired of guessing. I wrote a little program that saves registers into
>itself via STM. I linked it with AC(1) and RENT. Did not specify >either REUS
>or REFR. The result according to StarTool is
>-- ATTRIBUTES - APF
>RE
On Sun, 11 Jun 2017 20:52:10 -0400, Steve Thompson wrote:
>Question: Wasn't REFR for a program where, say a double-bit
>parity error could occur, and it would then get loaded to a new page?
I can't comment on the double-bit parity error, but I think that someone
(Peter, Jim?) mentioned earlier
On Fri, 30 Jun 2017 00:53:29 GMT, esst...@juno.com wrote:
>I am not a RACF Security Administrator by any means, after reading several
>documents
>I need some help setting up a RACF Facility Class and Permitting Access To a
>Started Task Userid (STCUSRID) and My Userid (PAULD01).
>
>Do the follow
The
>syntax is typically the same for any of the classes (dataset, opercmds,
>etc)/
>
>But if Walt Farrell says otherwise, believe him, not me! Even though he's
>retired.
Good point about terminology, Peter. Thanks. I
On Fri, 7 Jul 2017 09:59:01 -0500, Donald Likens wrote:
>We run our product on somewhere around 15 client site. We have had this
>problem on one client site (multiple LPARs) since we started running there. We
>have only seen this problem on one other system during a trial (they did not
>keep t
On Fri, 7 Jul 2017 16:56:09 +0200, R.S. wrote:
>W dniu 2017-07-07 o 15:29, Lizette Koehler pisze:
>> As far as I know, the statistics have always worked that way. That as long
>> as you had the ability to edit (change/alter/del/create) the PDS you could
>> use 3.5 to change the ID field to any
On Sat, 8 Jul 2017 09:50:00 -0500, Donald Likens wrote:
>Walt... Thanks for asking questions. I will answer you questions as best as I
>can.
>
>Does that duplication include number of CPs and processor speed? I have seen
>test environments that were setup as single CP, which
> does little to
On Mon, 10 Jul 2017 00:49:13 -0500, Barbara Nitz wrote:
>That's what I mean by 'used as evidence'. And I wondered if it is just my
>ignorance or if there really is no way (as I suspected) to
>prevent unauthorized changing of the statistics.
There is no way to do that without installing an add
On Sat, 15 Jul 2017 22:52:47 -0500, Edward Gould
wrote:
>> On Jul 15, 2017, at 10:39 PM, Sri h Kolusu wrote:
>>
>> Edward,
>>
>> Here is a DFSORT JCL which will give you the desired results. I assumed
>> that your input file is FB and 80 bytes in length. I also assumed that
>> your name a
On Mon, 27 Jun 2022 10:20:43 -0500, Mike Cairns wrote:
>One important difference you might need to be aware of is between a normal
>RACROUTE call that executes under the authority of the current user associated
>with the running address space (a First Party call - i.e. checking your own
>curre
On Fri, 1 Jul 2022 00:07:27 -0400, Gabe Goldberg wrote:
>www.destinationz.org isn't quite what one would expect for IBM's
>mainframe community website.
>
>Did someone let domain registration expire, was it hacked or redirected?
Was it ever used for that purpose? I see no Google references to tha
On Fri, 1 Jul 2022 10:07:34 -0700, Tom Brennan
wrote:
>archive.org shows it was used by IBM, but years ago.
Thanks.
Looks like it was still in use on Feb. 18, 2020, but it became a redirect to
community.ibm.com by Aug. 1, 2020, according to the Wayback Machine.
--
Walt
On Tue, 16 Aug 2022 19:49:16 -0700, Lizette Koehler
wrote:
>I am actually using LINKMVS and that is getting the error
>
>I want my general user to be able to do things without knowing idcams
What, exactly, does your code do, Lizette? What are you invoking with LINKMVS,
and what are you passin
On Sat, 20 Aug 2022 13:28:29 -0700, Lizette Koehler
wrote:
>I think what I am having a challenge with is the STGADMN.IDC.DCOLLECT in
>Facility Class
>
>The UACC is NONE but the ACL has * READ
>
>The process creates the JCL Statements in ALLOC statements. SYSIN will
>contain the DCOLLECT co
On Mon, 22 Aug 2022 14:01:46 +0100, Jack Zukt wrote:
>I forgot to mention that "IDCAMS" is included on the
>SYS1.PARMLIB(IKJTSOxx)) AUTHPGM NAMES list
Yes, that would be required in order for your TSO CALL command to invoke IDCAMS
with APF-authorization.
--
Walt
-
On Mon, 22 Aug 2022 15:39:52 +, Seymour J Metz wrote:
>Why do you say that? The CALL command is a very different animal from ADDRESS
>LINKMVS.
As I recall, Lizette said she was mandated to use LINKMVS. And as we have
pointed out, for her purposes, LINKMVS will not work.
I think Jack was s
On Mon, 22 Aug 2022 09:47:44 -0500, Paul Gilmartin wrote:
>On Mon, 22 Aug 2022 09:42:25 -0500, Walt Farrell wrote:
>
>>>I forgot to mention that "IDCAMS" is included on the
>>>SYS1.PARMLIB(IKJTSOxx)) AUTHPGM NAMES list
>>
>>Yes, that would be require
On Mon, 22 Aug 2022 16:16:06 -0500, Paul Gilmartin wrote:
>Why is there an AUTHPGM NAMES list at all? Why shouldn't it just be
>* (everything)
>???
>
>I can imagine several reasons: Even some authorized programs might not
>be trusted not to modify the WAITing TSO task (IKJEFTT09?), perhaps
On Wed, 24 Aug 2022 09:55:56 -0500, Michael Babcock
wrote:
>I’m trying to define the MVS.MCSOPER.&RACUID*/READ profile global class.
>
>I issued the following in batch:
>
> RDEF GLOBAL OPERCMDS OWNER(PXX) UACC(NONE)
>ADDMEM(MVS.MCSOPER.&RACUID*/READ)
>
>READY
>
> SETROPTS GLOBAL(OPERCMDS)
>REFRE
On Wed, 31 Aug 2022 10:03:21 -0500, Paul Gilmartin wrote:
>
>"[^abc]" matches any string containing a character
>other than a, b, or c. It matches "wombat". However,
>"^[^abc]*$" matches strings containing no character
>other than a, b, or c. It does not match "wombat".
Was that something yo
On Wed, 31 Aug 2022 16:35:27 +, Sri h Kolusu wrote:
>>>The DFSORT manual (and others) should not attempt to explain regular
>>>expressions. They should defer to citing a single publication with such an
>>>explanation.
>
>I completely agree, however each component within IBM is implementin
On Wed, 31 Aug 2022 11:13:57 -0500, Paul Gilmartin wrote:
>>In any case, "[^abc]" does not match "wombat". It matches only a single
>>character of a string. So, it might match the "w" in "wombat", or the "o", or
>>the "m", or the "t", depending on other details of the input string being
>>pro
On Fri, 2 Sep 2022 07:33:27 -0500, Paul Gilmartin wrote:
>In DFSORT Application Programming Guide:
>INCLUDE Control Statement
>Regular expressions
>...
>Two versions of regular expressions are supported:
>• Basic Regular expressions (BRE)
>• Extended Regular expressions (ERE)
>
..
On Fri, 2 Sep 2022 14:39:22 +, Sri h Kolusu wrote:
>>> How can the programmer select which of the two supported versions DFSORT
>>> will use? The later examples seem to show only EREs or to be neutral. An
>>> example showing a BRE instead would be useful.
>
>Paul,
>
>Since both versions a
On Tue, 27 Sep 2022 13:50:14 -0500, Paul Gilmartin wrote:
>
>Breaking an existing authorized program in that fashion could be a buffer
>overrun leading to escalation of privilige; an integrity threat that I'd
>consider
>an incompatibility.
But are you talking about PARM=, which Peter has covere
On Wed, 12 Oct 2022 09:51:36 +0100, Lennie Dymoke-Bradshaw
wrote:
>It was Pierre's previous posts about replacing a password using ICHEINTY and
>R-admin.
>Maybe I have mixed up two distinct issues.
Perhaps, but that earlier/ongoing thread talking about "having a RACF encrypted
password" and "
On Sat, 22 Oct 2022 10:03:49 -0500, Paul Gilmartin wrote:
>On Sat, 22 Oct 2022 04:09:43 +, Sri h Kolusu wrote:
>>...
>> %03=(ENDBEFR=C'.',FIXLEN=8), # Node 3
>> ...
>Thanks. I've wished for something line FIXLEN in regular expressions.
Got an example of what
1 - 100 of 482 matches
Mail list logo
