Is the user trying to debug the program listed individually in the
dspobjaut?  If so that will override the group.

What is the value you have in DSPPGM for
Program state  . . . . . . . . . . . . . . . . :   *USER or *SYSTEM?  If it
is *SYSTEM you'll need *SERVICE authority.

Rob Berendt
--
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
Benjamin Franklin



                    "David Morris"
                    <David.Morris@plumcr       To:     
<security400@midrange.com>
                    eek.com>                   cc:
                    Sent by:                   Fax to:
                    security400-admin@mi       Subject:     Re: [Security400] 
Debug anomaly
                    drange.com


                    03/14/2002 05:33 PM
                    Please respond to
                    security400






Rob,

Here is some more information. First, this is on a V5R1 system.
In this case the group profile is set using the Set Effective Group
API. It did not work with a swap to a profile with the group either.
Here is the authority taken from an edtobjaut for the program:

*GROUP       MYGRP        *ALL        X   X   X   X   X   X   X   X   X
  X

The library:

*GROUP       MYGRP        *ALL        X   X   X   X   X   X   X   X   X
  X

The service program:

*GROUP       MYGRP        *ALL        X   X   X   X   X   X   X   X   X
  X

Running STRDBG on the program results in the following messages:

strdbg mylib/mypgm
Not authorized to debug program MYPGM in library MYLIB.
Errors occurred on command.

The not authorized message is CPF1910.

Running STRDBG on the service program works fine:
strdbg srvpgm(mylib/mysrvpgm)

Running STRDBG without a program name and then hitting F14,
placing a 1 in the add program option, specifying the program
works as expected.

Hopefully this helps clarify what I did.

David Morris

>>> rob@dekko.com 03/14/02 02:57PM >>>

Joblog please.

Rob Berendt

_______________________________________________
This is the Security Administration on the AS400 / iSeries (Security400)
mailing list
To post a message email: Security400@midrange.com
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/cgi-bin/listinfo/security400
or email: Security400-request@midrange.com
Before posting, please take a moment to review the archives
at http://archive.midrange.com/security400.







This thread ...


Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2020 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].