You're still auditing ADDLIBLE. I say audit the library, not the command.
Jobs using a library list from a job description
Some custom RPLLIBL which can replace your library list with that of a job
description, data area or user profile. (We have this)
Qualified commands: DEFUNCTLIB/THEIRCMD
Qualified calls: CALL DEFUNCTLIB/THEIRPGM
Commands dumped into QGPL or QUSRSYS from them which execute programs from
Proxy commands which are redirected to their library.
Here's a start up program from Infor:
DCL VAR(&USRLIB) TYPE(*CHAR) LEN(10)
DCL VAR(&INLIBL) TYPE(*CHAR) LEN(396)
DCL VAR(&SAVLIBL) TYPE(*CHAR) LEN(2750)
DCL VAR(&LIBL) TYPE(*CHAR) LEN(2750)
DCL VAR(&RPLIBL) TYPE(*CHAR) LEN(2760)
RTVJOBA USER(&USER) INQMSGRPY(&INQMSGRPY) +
OUTQ(&OUTQ) OUTQLIB(&OUTQLBR) DATE(&DATE) +
SWS(&SWS) USRLIBL(&LIBL) DATFMT(&DATFMT)
CHGVAR VAR(&SAVLIBL) VALUE(&LIBL)
RTVDTAARA DTAARA(&USRLIB/INLIBL) RTNVAR(&INLIBL)
CHGVAR VAR(&CMD) VALUE('CHGLIBL LIBL(' *CAT &INLIBL *TCAT ')')
CALL PGM(QCMDEXC) PARM(&CMD &LEN)
and when the programs ends it changes your library list back.
This kind of stuff is not uncommon.
This thread ...
RE: Identifying what job is calling QSH, (continued)
This mailing list archive is Copyright 1997-2019 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact