Tape job receives s913-60 ABEND
search cancel

Tape job receives s913-60 ABEND

book

Article ID: 29188

calendar_today

Updated On:

Products

ACF2 ACF2 - DB2 Option ACF2 for zVM ACF2 - z/OS ACF2 - MISC PanApt PanAudit

Issue/Introduction

 

Tape job receives s913-60 ABEND with  the following error messages.

IEC518I SOFTWARE ERRSTAT: RACFPROT dev,volser,SL,jobname,stepname 

IEC502E K dev,volser,SL,jobname,stepname                  
IEC150I 913-60,IFG0194F,jobname,stepname, ddname,dev,,dsname

 

 

 

Environment

Release: ACF2..001AO-15-ACF2
Component:

Resolution

DFSMS provides additional security functions for tape data sets through the DEVSUPxx parmlib options.

DFSMSdfp can now issue RACROUTE in the DATASET class to enable tape data sets to be authorized in the same way that DASD data sets are authorized.

To help you implement the new tape data set security function of DFSMSdfp, additional options allow access to tape data sets that either CA ACF2 does not protect or you are not authorized to access. The TAPEAUTHRC4 and TAPEAUTHRC8 options allow you this control.

TAPEAUTHRC4 = { ALLOW|FAIL }
TAPEAUTHRC8 = { FAIL|WARN }

specifying TAPEAUTHRC4=FAIL will cause the above S913-60 abend to occur if the following default safdef is in use.... 

 DSNSVC19 JOBNAME=********   USERID=********   PROGRAM=********   RB=SVC019  
          RETCODE=4          SAFDEF=INTERNAL   MODE=IGNORE        SUBSYS=ACF2
          FUNCRET=4          FUNCRSN=0                                       
                                                                             
          RACROUTE REQUEST=AUTH,CLASS='DATASET'                              
                                                                             

This safdef causes return code 4 to be issued for the racroute request=auth that is issued by open/close/eov processing.

SMFID= ssss         TOD= 07:44:08.97    TRACEID= TEST       USERID= xxxxxxx
JOBNAME= xxxxxxx    ASID= 00B8          PGM= xxxxxxxx       CURR RB= SVC019
  SFR/RFR= 4/4:0      MODE= TASK          APF= AUTHORIZED     LOCKS= NONE 
  SAFDEF= DSNSVC19 INTERNAL MODE= IGNORE                                  
                                                                          
  RACROUTE REQUEST=AUTH,REQSTOR='TAPEOPEN',SUBSYS='OCEOV',                
           CLASS='DATASET',RELEASE=1.9,STATUS=ERASE,ATTR=UPDATE,          
           DSTYPE=N,ENTITY=('dataset.name.on.tape'),                      
           FILESEQ=0,GENERIC=ASIS,LOG=ASIS,MSGSP=0,TAPELBL=STD,           
           VOLSER='vvvvvv',WORKA=                                         

 

If you specify TAPEAUTHRC4=ALLOW the validation will be allowed and then the standard ACF2 intercept will continue to validate the request correctly.

There is no need to fail the racroute request with TAPEAUTHRC4=FAIL  because standard ACF2 processing will validate the access after the racroute request.

 

 

 

 

Powered by Wolken Software