Re: ENDSBS, STRSBS validity checker programs -- MIDRANGE-L

Jorge

The *SYSTEM domain thing is the attribute I see under the command-processing program when I DSPCMD - it speaks of the domain it uses to call the CPP. I did some kind of change once that modified this attribute. I think that the CPP then could not run correctly, because it probably used a protected MI function. I don't remember the details. Maybe I changed the CPP.

I just made a dupe object of STRDBG into my library - the attributes stayed the same. Then I changed it to use some program I had as VCP - there is a state attribute there, and it is *USER. That might not be an issue, however.

But I avoid changes to that kind of thing - CHGCMDDFT - no problem - the system knows what to do.

So it seems you want something different than what a validity checker is intended for - auditing the use is not a validity-checking function to my mind.

If all you want to know is who used the command, there is security auditing you can set up. I don't remember details - but it's only for use of the command - not for parameter values.

There are also the exit points for commands - here you can get the command string as entered, along with other information, that you could log. This has been discussed here many times.

I also wonder if what you need is already in the history log. There will always be a message there about a subsystem starting or ending. But those messages do not say who started it - nor does the job log of the subsystem job.

HTH
Vern

On 6/13/2012 5:14 PM, jmoreno@xxxxxxxxxxxxxxxx wrote:

Thanks Vern,

And, why is it that by introducing a validity checker that it takes the
object from the *SYSTEM domain?
How else could I plausibly audit the command use ?

Thanks for your information

Jorge A Moreno
MIS - Database/Security Manager
Military Car Sales, Inc

This email, including its attachments, may contain information that is
confidential and may be protected by federal and/or state laws and
regulations, or other confidentiality privileges. This email, including
its attachments, may contain non-public information, therefore it is
intended to be conveyed only to the designated recipient(s). If you are
not an intended recipient, please delete this email, including its
attachments, and notify the sender. The unauthorized use, dissemination,
distribution or reproduction of this email, including its attachments, is
prohibited and may be unlawful.

From: Vern Hamberg<vhamberg@xxxxxxxxxxx>
To: Midrange Systems Technical Discussion<midrange-l@xxxxxxxxxxxx>
Date: 06/13/2012 05:42 PM
Subject: Re: ENDSBS, STRSBS validity checker programs
Sent by: midrange-l-bounces@xxxxxxxxxxxx

Jorge

On my system there is no validity checker for either command - and I
hope you won't be modifying these commands directly - that could take
them out of the *SYSTEM domain, I believe.

You might be running into hidden parameters - you want to run the
Retrieve Command Definition (QCDRCMDD) API in order to see what the
parameters really are. You can see documentation at

http://publib.boulder.ibm.com/infocenter/iseries/v5r4/index.jsp?topic=%2Fapis%2Fqcdrcmdd.htm

It's pretty easy to run, you can specify an IFS path to save the
definition in.

HTH
Vern

On 6/13/2012 2:38 PM, jmoreno@xxxxxxxxxxxxxxxx wrote:

Hello group,

Does anyone have an example of validity checkers for the

ENDSBS and STRSBS commands

my parameters are giving me *trouble*

Thanks for your responses

Jorge A Moreno
MIS - Database/Security Manager
Military Car Sales, Inc