What security definition is needed to see ALL USS threads within the OPSOSF address space by using the OPSUSS built-in Function?

book

Article ID: 7027

calendar_today

Updated On:

Products

CA OPS/MVS Event Management & Automation

Issue/Introduction

We use the following OPSUSS built Function to display the z/OS job name of the address space in which the process is running:


Var = OPSUSS('PROCESS','JOBNAME','ABCD%','PREFIX')

But tis function is not returning information.

 

When we use the ALLDATA Subfunction instead JOBNAME the only the own thread of OPSOSF is found so it seems to be a security issue.

What is the authorization required to allow ops to access the processes it does not own?

Environment

Release: PVLA2.00200-12.2-OPS/MVS-Event Management & Automation-for JES2
Component:

Resolution

You need SUPERUSER.PROCESS.GETPSENT authority in order for ops to "see" processes it does not own.

It is in the UNIXPRIV class and you need READ access to it.

Additional Information

Detailed information about the OPSUSS buit-In function can be found at the following link:

 

https://docops.ca.com/ca-opsmvs/122-EN/reference-information/command-and-function-reference/ops-rexx-built-in-functions/opsuss-function