Security violations when putting maintenance to a CA product
Article ID: 52251
Updated On:
Products
Compress Data Compression for MVS
Compress Data Compression for Fujitsu
Datacom
DATACOM - AD
Mainframe Software Manager (Chorus Software Manager)
MICS Resource Management
CIS
COMMON SERVICES FOR Z/OS
90S SERVICES
DATABASE MANAGEMENT SOLUTIONS FOR DB2 FOR Z/OS
COMMON PRODUCT SERVICES COMPONENT
Common Services
CA ECOMETER SERVER COMPONENT FOC
Easytrieve Report Generator for Common Services
INFOCAI MAINTENANCE
IPC
UNICENTER JCLCHECK COMMON COMPONENT
Mainframe VM Product Manager
CHORUS SOFTWARE MANAGER
CA ON DEMAND PORTAL
CA Service Desk Manager - Unified Self Service
PAM CLIENT FOR LINUX ON MAINFRAME
MAINFRAME CONNECTOR FOR LINUX ON MAINFRAME
GRAPHICAL MANAGEMENT INTERFACE
WEB ADMINISTRATOR FOR TOP SECRET
Xpertware
Issue/Introduction
When putting maintenance to a CA product you can get the following security errors:
BPXP024I BPXAS INITIATOR STARTED ON BEHALF OF JOB MSMMKDIR RUNNING IN ASID 0059
ICH408I USER(xxxxxxx ) GROUP(yyyyyyy ) NAME( zzzzzzz zzzzzzz ) 835
/extractorGimapiTrace
CL(DIRACC ) FID(00000001000000010000000000000000)
INSUFFICIENT AUTHORITY TO MKDIR
ACCESS INTENT(-W-) ACCESS ALLOWED(OTHER R-X)
EFFECTIVE UID(0000010033) EFFECTIVE GID(0000000112)
ICH408I USER(xxxxxxx ) GROUP(yyyyyyy ) NAME( zzzzzzz zzzzzzz ) 845
/extractorTrace CL(DIRACC ) FID(00000001000000010000000000000000)
INSUFFICIENT AUTHORITY TO UNLINK
ACCESS INTENT(-W-) ACCESS ALLOWED(OTHER R-X)
EFFECTIVE UID(0000010033) EFFECTIVE GID(0000000112)
Environment
Release:
Component: MSM
Component: MSM
Resolution
This sample shows RACF security violations, but to solve it you will need to add the UID(0) to the user you are using.
Or use BPX.SUPERUSER profile of FACILITY class, instead of UID(0).
Or use BPX.SUPERUSER profile of FACILITY class, instead of UID(0).
Feedback
Yes
No
Powered by
