CHKPGMOWN -- Check Program Owner

CHKPGMOWN CHECK PROGRAM OWNER TAASEEF
The Check Program Owner command is intended to be included in programs which must adopt authority (USRPRF = OWNER). The command allows the program to be checked to ensure that the program still uses adopt and that the owner has the specified required special authorities. Programs which adopt do so for a reason. It is possible to restore a program that adopts and lose the adopt function or to change the program using CHGPGM and remove the adopt function (CHGPGM USRPRF parameter). It is also possible to change the ownership of a program so the assumed adopted authority will not be present. For example, if the program was created by a user who has ALLOBJ special authority, an ALLOBJ authority user can change the ownership to a user who does not have ALLOBJ authority. This can cause run time errors that can be difficult to debug. The CHKPGMOWN command would be placed inside a program that adopts as one of the first commands. A typical command has no parameters and would be entered as: CHKPGMOWN By default the program would be ensured to still use the adopt function and that the current owner has all special authorities. Using the typical command, the default of CURRENT for the PGM parameter on CHKPGMOWN was used. This requires that the program be found using the library list. Note that if multiple programs of the same name exist on the library list, the first will be assumed. It is possible to specify a list of special authorities rather than use the default of all special authorities. It is possible to use CHKPGMOWN outside of the program to be checked by using the PGM parameter. Because a normal user may be running a program that is not owned by a user such as QSECOFR, the CPP for CHKPGMOWN (TAASEEFC) must use the program adopt function to access the user profile of the owner. CHKPGMOWN escape messages you can monitor for --------------------------------------------- TAA9893 The 'program adopt' function is not used. TAA9894 The owner does not have the specified special auths. Escape messages from based on functions will be re-sent. Command parameters CMD ------------------ PGM The qualified name of the program. The default is CURRENT. The default should be used if the program is on the library list and was either called using the library list or is the first program of that name on the library list. The system does not support a foolproof method of determining the actual program that is in execution. The CHKPGMOWN internal logic determines the name of the program by sending a message, receiving the message, and determining the name of the program that sent the message. Only the program name is available with this technique (not the library where the program exists). The TAA Tool RTVPGMA is used with the program name and LIBL to determine the owner and whether the program uses the adopt function. A qualified program name must be used if the program that is in execution is not on the library list (or is not the first program of the same name on the library list). However, this is no guarantee that the program specified is the program that is in execution. For example, the program could have been written as PGMA and uses the correct qualified name for PGMA. However, if the program is renamed to PGMB and a different PGMA is created, the CHKPGMOWN command would be checking the wrong program. SPCAUT The special authority required (if any) of the owner in order for the program to execute properly. The default is ALL meaning the owner must have all special authorities which would be the case if QSECOFR was the expected owner. NONE may be specified if the special authorities of the owner need not be checked. A list of up to 8 special authorities may be entered with the values ALLOBJ, AUDIT, IOSYSCFG, JOBCTL, SAVSYS, SECADM, SERVICE, and SPLCTL. If the user does not have the specified authority, TAA9894 is sent as an escape message. CHKADOPT Whether to check if the program uses the 'program adopt' function (USRPRF = OWNER). YES is the default. If the program does not have the adopt function, TAA9893 is sent as an escape message. NO may be specified to avoid checking for 'program adopt'. Restrictions ------------ See the discussion of the PGM parameter for how the program is identified. Prerequisites ------------- The following TAA Tools must be on your system: EXTLST Extract list RSNLSTMSG Resend last message RTVPGMA Retrieve program attributes RTVTAAD Retrieve TAA member description SNDESCMSG Send escape message Implementation -------------- None, the tool is ready to use. Objects used by the tool ------------------------ Object Type Attribute Src member Src file ------ ---- --------- ---------- ---------- CHKPGMOWN CMD TAASEEF QATTCMD TAASEEFC *PGM CLP TAASEEFC QATTCL

CHKPGMOWN       CHECK PROGRAM OWNER                    TAASEEF


The  Check  Program  Owner  command  is  intended  to  be  included  in
programs  which must adopt  authority (USRPRF  = *OWNER).   The command
allows  the  program to  be checked  to ensure  that the  program still
uses adopt  and  that  the owner  has  the specified  required  special
authorities.

Programs which adopt do  so for a reason.  It is  possible to restore a
program  that  adopts and  lose  the adopt  function or  to  change the
program using  CHGPGM  and remove  the  adopt function  (CHGPGM  USRPRF
parameter).

It  is also  possible  to change  the  ownership of  a  program so  the
assumed  adopted authority will  not be present.   For example,  if the
program was created  by a user  who has *ALLOBJ  special authority,  an
*ALLOBJ authority  user can  change the  ownership to a  user who  does
not have  *ALLOBJ authority.  This  can cause run time  errors that can
be difficult to debug.

The  CHKPGMOWN command would be placed  inside a program that adopts as
one of the  first commands.   A typical command  has no parameters  and
would be entered as:

             CHKPGMOWN

By  default  the  program would  be  ensured  to  still use  the  adopt
function and that the current owner has all special authorities.

Using  the  typical  command,  the  default  of  *CURRENT  for the  PGM
parameter on CHKPGMOWN  was used.   This requires that  the program  be
found using the  library list.  Note  that if multiple programs  of the
same name exist on the library list, the first will be assumed.

It  is possible to  specify a list  of special authorities  rather than
use the default of all special authorities.

It is possible to  use CHKPGMOWN outside of  the program to be  checked
by using the PGM parameter.

Because a normal user may  be running a program that is not  owned by a
user  such as QSECOFR,  the CPP for  CHKPGMOWN (TAASEEFC) must  use the
program adopt function to access the user profile of the owner.

CHKPGMOWN escape messages you can monitor for
---------------------------------------------

      TAA9893    The 'program adopt' function is not used.
      TAA9894    The owner does not have the specified special auths.

Escape messages from based on functions will be re-sent.

Command parameters                                    *CMD
------------------

   PGM           The  qualified name  of the  program.   The default is
                 *CURRENT.

                 The default should  be used if  the program is on  the
                 library list  and was either called  using the library
                 list  or  is the  first program  of  that name  on the
                 library list.

                 The system  does  not support  a foolproof  method  of
                 determining the  actual program that is  in execution.
                 The  CHKPGMOWN internal  logic determines the  name of
                 the  program  by  sending  a  message,  receiving  the
                 message,  and  determining the  name  of  the  program
                 that  sent the  message.    Only the  program  name is
                 available  with this technique  (not the library where
                 the program  exists).   The TAA Tool  RTVPGMA is  used
                 with  the  program name  and  *LIBL  to determine  the
                 owner   and  whether   the  program  uses   the  adopt
                 function.

                 A qualified program name must  be used if the  program
                 that is  in execution is not  on the library  list (or
                 is  not the  first  program of  the same  name  on the
                 library list).   However,  this is  no guarantee  that
                 the  program  specified  is the  program  that  is  in
                 execution.

                 For  example, the program  could have been  written as
                 PGMA  and uses  the correct  qualified name  for PGMA.
                 However, if  the  program is  renamed  to PGMB  and  a
                 different  PGMA  is  created,  the  CHKPGMOWN  command
                 would be checking the wrong program.

   SPCAUT        The  special authority required (if  any) of the owner
                 in order for  the program  to execute  properly.   The
                 default  is  *ALL  meaning  the owner  must  have  all
                 special  authorities   which  would  be  the  case  if
                 QSECOFR was the expected owner.

                 *NONE may be specified  if the special authorities  of
                 the owner need not be checked.

                 A list of up  to 8 special authorities may  be entered
                 with the  values *ALLOBJ, *AUDIT,  *IOSYSCFG, *JOBCTL,
                 *SAVSYS, *SECADM, *SERVICE, and *SPLCTL.

                 If  the user  does not  have the  specified authority,
                 TAA9894 is sent as an escape message.

   CHKADOPT      Whether to  check  if the  program  uses the  'program
                 adopt'  function  (USRPRF  =  *OWNER).   *YES  is  the
                 default.    If the  program  does not  have  the adopt
                 function, TAA9893 is sent as an escape message.

                 *NO may be  specified to  avoid checking for  'program
                 adopt'.

Restrictions
------------

See  the  discussion of  the  PGM  parameter  for  how the  program  is
identified.

Prerequisites
-------------

The following TAA Tools must be on your system:

     EXTLST          Extract list
     RSNLSTMSG       Resend last message
     RTVPGMA         Retrieve program attributes
     RTVTAAD         Retrieve TAA member description
     SNDESCMSG       Send escape message

Implementation
--------------

None, the tool is ready to use.

Objects used by the tool
------------------------

   Object        Type    Attribute      Src member    Src file
   ------        ----    ---------      ----------    ----------

   CHKPGMOWN     *CMD                   TAASEEF       QATTCMD
   TAASEEFC      *PGM       CLP         TAASEEFC      QATTCL

Added to TAA Productivity tools May 1, 2000

Home Page

Up to Top