When running the TSSOERPT, we noticed the following entries:
initUSP *BYPASS* * 999997 99 0 0 0 04/20/14 14.110 4.53.45 CEA A580 Successful - UID or GID came from BPX.DEFAULT.USER Home : /u/oedflta Program : /bin/sh ck_access *BYPASS* * 999997 99 8 8 4 04/20/14 14.110 4.53.45 CEA A580 Failed - User not authorized to access file Function: mknod User Type: Local Requested Access: Write Name flag: Use CRED_name_flag to determine pathname Pathname: /var/CEAServer Filename: var File Permissions: Owner: rwx Group: rwx Other: r-x Owning UID: 0 Owning GID: 20 Volume : OMVS0F File Identifier: 01D6D4E5E2F0C600012D000000000003
Is the CEA address space something new?
Is this task something that requires a definition in CA Top Secret?
CEA is for Common Event Adapter (CEA) which is a z/OS component that enables the delivery of z/OS management data to clients, such as the CIM server.
Just like any other started task, an acid needs to be created for the started task and given a valid OMVS segment and the user authorized accordingly. Please refer to the IBM manuals for the security requirements.
Then the acid needs to be associated with the started task by adding it to the STC table.
TSS ADD(STC) ACID(CEAACID) PROCN(CEA) Listing of acid CEAACID ACCESSORID = CEAACID NAME = CEAACID TYPE = USER SIZE = 512 BYTES FACILITY = STC FACILITY = APPC DEPT ACID = DEPT DEPARTMENT = DEPT DIV ACID = DIV DIVISION = DIV CREATED = 04/15/97 00:00 LAST MOD = 01/05/09 15:45 LAST USED = 05/02/14 06:54 CPU(ABCD) FAC(STC ) COUNT(04923) DFLTGRP = OMVSGRP XA DATASET = OMVS. OWNER(DSNDEPT ) ACCESS = ALL XA SERVAUTH= EZB. OWNER(DSNDEPT) ACCESS = READ ----------- SEGMENT OMVS UID = 0000000000