TAA Tools
CHKCMDQLFN      CHECK COMMAND QUALIFIED NAME           TAASEID

The Check  Command Qualified  Name command  checks the parameters  from
CRTCMD  that support  qualified names to  ensure that  if a  program is
specified  that the library  qualifier is not *LIBL.   Using *LIBL from
a command that is  used in a program  that adopts authority presents  a
security exposure where a bogus program could be used.

An *ALLOBJ user is required to run CHKCMDQLFN.

The  following qualified  parameters are  checked because  they  may be
used as bogus programs:

         - PGM         Command processing program
         - PMTOVRPGM   Prompt override program
         - VLDCKR      Validity checker program

The  following  qualified  parameters  are  also  checked,  but do  not
represent security  exposures.    An unqualified  parameter  may  cause
confusion if a different version is found on the library list:

         - MSGF        Message file
         - PMTFILE     Prompt text file
         - HLPPNLGRP   Help panel group
         - HLPSCHIDX   Help search index

A typical command would be:

             CHKCMDQLFN   LIB(xxx)

All commands  in the specified library  would be checked.   The default
is  to list  only those  commands with  exceptions.   Any use  of *LIBL
would be flagged for  one of the parameters  that supports a  qualified
name.

Because the  default for  CRTCMD is  MSGF(*LIBL/QCPFMSG), an  exception
is only noted  if a message file name other  than QCPFMSG is found with
*LIBL.

Additional considerations
-------------------------

During  SEU  syntax  checking  and CL  program  compilation,  a command
validity checking  program would  be run  if specified  with a  library
qualifier  of *LIBL.   A  prompt override  program could  also  be used
during SEU.  This may also represent a security exposure.

Specifying  *CURLIB  as the  library qualifier  for  command parameters
that support a qualified  name causes the current  library at the  time
of  command creation  to be  the qualified  library name.   Because  of
this  approach, using *CURLIB can  be considered the same  as an actual
library name.

CHKCMDQLFN escape messages you can monitor for
----------------------------------------------

      TAA9892    No command objects were found in the libraries

Escape messages from based on functions will be re-sent.

CHKCMDQLFN Command parameters                         *CMD
-----------------------------

   LIB           The list  of libraries  to be  processed.   Up to  300
                 libraries  may be  entered  (including generic  names)
                 or  the   special  values  *LIBL,  *USRLIBL,  *CURLIB,
                 *ALLUSR, *ALLUSR2, *ALLNONQ, *IBM, or ALL.

                 For  *LIBL and *USRLIBL, if  a current library exists,
                 it will  be written  as  a record  before the  records
                 for  the user  portion of  the library  list.   If the
                 current  library is also  part of the  user portion of
                 the library  list, it  will only  appear  once (it  is
                 removed from the user portion list).

                 *ALLUSR  omits certain  # libraries  such as  #RPGLIB.
                 *ALLUSR  also  omits  all  Q  libraries  with  certain
                 exceptions such as QGPL.   See the  help text for  the
                 SAVLIB command  for  a complete  list.   Note that  if
                 you have  your own library which begins  with Q, it is
                 omitted.

                 *IBM  causes  all libraries  to  be included  based on
                 the definition for DSPOBJD LIB(*IBM).

                 *ALLUSR2 is similar to  *ALLUSR.  It omits the  same #
                 libraries, but  also omits any  library beginning with
                 Q.    Note that  if you  have  your own  library which
                 begins with Q, it is omitted.

                 *ALLNONQ means any  library that  does not begin  with
                 the  letter  Q.    If *ALLNONQ  is  used,  the  ASPDEV
                 parameter must use the default.

   CMD           The  command  name   to  be  checked.    *ALL  is  the
                 default.

                 A specific command name may be entered.

   ASPDEV        Specifies the  auxiliary  storage  pool  (ASP)  device
                 name  where storage  for  the library  containing  the
                 object  is allocated.   If the  library resides  in an
                 ASP  that  is not  part of  the thread's  library name
                 space, this  parameter  must  be specified  to  ensure
                 the correct library is searched.

                 The  parameter  can be  specified  as  a  list of  two
                 values   (elements)  or  as  a   single  value.    The
                 possible single values are:

                 * = The ASPs that  are currently part of the  thread's
                 library  name space  will  be searched  to locate  the
                 library.   This includes  the system ASP  (ASP 1), all
                 defined basic  user  ASPs  (ASPs 2-32),  and,  if  the
                 thread has  an ASP  group, the  primary and  secondary
                 ASPs in the thread's ASP group.

                 *ALLAVL =  All available ASPs will be  searched.  This
                 includes  the system  ASP (ASP  1), all  defined basic
                 user ASPs (ASPs  2-32), and all available  primary and
                 secondary  ASPs,  (ASPs  33-255)   with  a  status  of
                 'Available'.

                 *CURASPGRP  =  If the  thread  has an  ASP  group, the
                 primary and secondary ASPs  in the thread's ASP  group
                 will  be  searched.    The  system  ASP  (ASP  1)  and
                 defined  basic  user  ASPs  (ASPs  2-32)  will not  be
                 searched.   If no  ASP group  is associated  with  the
                 thread, an error will be issued.

                 *SYSBAS  = The  system  ASP (ASP  1)  and all  defined
                 basic  user  ASPs  (ASPs  2-32)  will be  searched  to
                 locate  the  library.   No  primary or  secondary ASPs
                 will  be searched  even  if  the  thread  has  an  ASP
                 group.

                 Element 1: Device

                 The  device name of  the primary  or secondary  ASP to
                 be  searched.  The primary or  secondary ASP must have
                 been activated  (by  varying on  the ASP  device)  and
                 have a  status of  'Available'.   The system  ASP (ASP
                 1)  and defined user  basic ASPs (ASPs  2-32) will not
                 be searched.

                 Element 2: Search type

                 *ASP  =  Specifies  that  only  the  single  auxiliary
                 storage pool  (ASP) device  named in  element 1 is  to
                 be searched.

                 *ASPGRP  =  Specifies that  the  entire  group of  the
                 primary  auxiliary storage pool  (ASP) device named in
                 element 1 is to be searched.

   ASPNBR        The  ASP number  for  the  libraries that  are  to  be
                 converted.  The default is *ALL.

                 A  number in  the  range  of 1-99  may  be entered  to
                 subset  the libraries that  are output by  the LIB and
                 ASPDEV parameters.

   OMITLIB       A list  of  up to  300  libraries or  generic  library
                 names that should  be omitted.  *NONE  is the default.

                 The TAATOOL library is implicitly omitted.

                 An omit list may not be entered for LIB(*CURLIB).

                 If  ESCAPE(*YES) is specified, any  library entered is
                 checked for existence  unless a  non-default value  is
                 used for the ASPDEV parameter.

                 No check occurs to  see if an omit library  would have
                 been  selected.     For  example,   if  LIB(*LIBL)  is
                 entered  with OMITLIB(ABC)  and library ABC  is not on
                 the library list, no error occurs.

   EXCPTONLY     A  *YES/*NO   parameter  for  whether   to  list   all
                 commands or only those with exceptions.

                 *YES  is   the  default   to  list  only   those  with
                 exceptions.

                 *NO may be specified to list all commands.

   OUTPUT        How  to  output the  results.    * is  the  default to
                 display the  spooled file  if the  command is  entered
                 interactively.  The  spooled file is deleted  after it
                 is displayed.

                 If  the  command  is entered  in  batch  or *PRINT  is
                 specified, the spooled  file is  output and  retained.

Restrictions
------------

An *ALLOBJ user is required to run CHKCMDQLFN.

REXX programs are not considered.

Prerequisites
-------------

The following TAA Tools must be on your system:

     CHKALLOBJ       Check *ALLOBJ special authority
     CHKDUPLST       Check duplicates in list
     CHKGENERC       Check generic
     CHKGENOBJ       Check generic object
     CHKOBJ3         Check object 3
     CMPLSTPARM      Compare list parm
     CRTDUPPF        Create duplicate PF
     CVTCMDA         Convert command attributes
     EDTVAR          Edit variable
     EXTLST          Extract list
     EXTLST2         Extract list 2
     RTVSYSVAL3      Retrieve system value 3
     SNDCOMPMSG      Send completion message
     SNDESCINF       Send escape information
     SNDESCMSG       Send escape message
     SNDJLGMSG       Send job log message
     SNDSTSMSG       Send status message

Implementation
--------------

None, the tool is ready to use.

Objects used by the tool
------------------------

   Object        Type    Attribute      Src member    Src file
   ------        ----    ---------      ----------    ----------

   CHKCMDQLFN    *CMD                   TAASEID       QATTCMD
   TAASEIDC      *PGM       CLP         TAASEIDC      QATTCL
   TAASEIDR      *PGM       RPG         TAASEIDR      QATTRPG
					

Added to TAA Productivity tools July 15, 2009


Home Page Up to Top