When using a USS Base Library, Endevor source management accesses the library using the alternate ID. Endevor also uses the alternate ID when it accesses a USS Source Output Library in the Endevor reserved processors BASICGEN and BASICDEL.
Release: 18.0 18.1
Component: Endevor Software Change Manager
When using a USS Base Library, Endevor source management accesses the library using the alternate ID.Endevor also uses the Alternate ID when it accesses a USS Source Output Library in the Endevor reserved processors BASICGEN and BASICDEL.
Processor Step Execution Security Context
The security context used for USS file access in processor steps is determined by the above. USS data sets created in processor steps using PATHOPTS=(OCREAT) are created using the security context of the user ID, prior to the invocation of the processor program. When used in the processor step, these data sets are opened using the security context of the processor step.
Using EXEC PGM=BPXBATCH in a processor step
The security context of a processor step executing the IBM USS utility program BPXBATCH depends on the following factors:
We recommend BPXBATCH be invoked directly as processor step.
Table-1 shows combinations of these parameters and settings with the resulting security context of the processor step executing BPXBATCH:
|BPXBATCH parameter||_BPX_BATCH_SPAWN||_BPX_SHAREAS||Security context|
Calling BPXBATCH in an IKJEFT01 processor step
Note: We do not recommend the use of BPXBATCH in an IKJEFT01 step, because the results can be unpredictable.
Whether BPXBATCH invoked by a CLIST or REXX in a processor step executing IKJEFT01 executes under the context of the alternate ID depends on the following two additional factors:
Table-2 shows the Security context results from these two additional factors when calling BPXBATCH from a processor step that executes IKJEFT01:
|LGNT$$$I swap performed||Prior USS Service call made||Security context|
Use of BPXBATSL, BPXBATA2 and BPXBATA8
These three programs always run under the context of the user ID, because they process requests in the same manner as the last row in table-1 (_BPX_BATCH_SPAWN=YES, _BPX_SHAREAS=YES).