A large amount of failed ck_process_owner entries appear on the ACFRPTOM report which are for normal operation of batch jobs:
ck_process_owner TSTUSER TEST 123 4567 8 8 4
05/11/21 21.131 11.26.16 JAVATST ABCD ABCD
Failed - Caller not authorized to use this callable service
Real Uid : 0 Effective UID: 0
Saved UID : 0
Target PID : 0
Signal code : Signal n/a for type 3 (getpsent) requests
Signal code : 0
UNIXOPTS NOPROCACT is specified, but there are still thousands of these records on the OM report. How can these entries be excluded from the report?
ck_process_owner is a check made to see if the calling process is the owner of a process being called. The call is normal and can be ignored if there are no problems when running the batch job.
The UNIXOPTS parameters PROCACT/NOPROCACT to control the audit flags for this check are only to control whether or not SMF records are cut for access calls that are allowed. This means that to get rid of the denied ck_process_owner entries on the OM report, either the batch jobs need permission to the resources they are trying to access (which could have an undesired effect on how the batch job works) or the EXCLUDE parameter can be used in the OM report JCL.
Sample OM report JCL:
//REPORT EXEC PGM=ACFRPTOM
//SYSPRINT DD SYSOUT=*
//RECMAN1 DD DISP=SHR,DSN=SYS1.MAN1
//RECMAN2 DD DISP=SHR,DSN=SYS1.MAN2
//RECMAN3 DD DISP=SHR,DSN=SYS1.MAN3
//SYSIN DD *
At this time, there is not a way to prevent failed ck_process_owner attempts from cutting an SMF record.