Draft: Release notes for Model 204 version 7.8

From m204wiki
Jump to: navigation, search

These release notes list the enhancements and other changes contained in Model 204 version 7.8.

******THIS IS A DRAFT DOCUMENT.******

These release notes list the enhancements and other changes contained in Model 204 version 7.8, which is still in development. Until the commercial release of the software, Rocket reserves the right to add to, remove, or change anything described herein.

Contents

Overview

These release notes contain installation and features information for the Rocket Model 204 version 7.8 release. Before beginning your installation, please read through this information about product installation and changes.

SOUL enhancements

AmIndependent method

The AmIndependent method returns TRUE for daemons spawned by RunIndependently. (The action of AmDaemon remains unchanged.)

The following table shows the values returned by AmIndependent versus AmDaemon for different daemon types:

Type AmDaemon AmIndependent
$COMBG False False
Independent daemon False True
Other daemon True False
Web, etc. False False

$ProcOpn

$ProcOpn now supports the opening of a procedure with an all numeric name, and including a leading zero, e.g.

%result = $procOpn('0123', 'MYFILE')

Support for such procedures names was initially introduced at v7.7, and this feature of $ProcOpn is also enabled within v7.7 with the application of zap 77z054.

Allow parentheses to surround a boolean enumeration object

The following sample code

  begin                                       
  variables are undefined                  
  %isValid is boolean initial (True)       
  if (%isValid) then                  
     print 'in IF'                            
  end if                                   
  end         

will now compile and run successfully, as

if (%isValid) then

is logically equivalent to

if %isValid then

Prior to V7.8 the presence of parentheses surrounding the boolean enumeration object would have caused a compilation error. This change is enabled in V7.7 with the application of zap 77z370.

Support for copying Object class objects

The Object class now supports the copy and deepCopy methods. For example, and Object object can be copied as follows

  begin               
  %x is object object 
  %y is object object 
  %y = new            
  %x = %y:copy        
  end

This change is enabled in v7.7 with the application of zap 77z076, and within V7.6 with the application of zap 76z412.

Assignment of enumeration values to method variables

Enumerations values can now be assigned to method variables whose result is an enumeration.So for example the following code

  begin                                               
  enumeration colour                                  
     public                                           
        value red                                     
        value white                                   
        value blue                                    
     end public                                       
  end enumeration                                     
  %func    is function getColour is enumeration colour
  local function getColour is enumeration colour      
     return blue                                      
  end function                                        
  %func    = getColour                                
  %func    = (colour):red                             
  printText {~=%(Local):(%func)}                      
  end  

will produce the result

  %(Local):(%func)=red

whereas previously the line

  %func    = (colour):red    

would have been rejected with the message

  MSIR.0993: Assignment invalid: mismatch between method and method variable

This change is enabled in V7.7 with the application of zap 77z128.

External Call Facility enhancements

Managing ECF tables more efficiently

The are two new features to help manage ECF tables more efficiently, avoid conditions where the table can fill, and prevent the definition of further entities.

The first feature is the new DISPLAY ECF command, which displays the contents of ECF tables and also the current status of users accessing ECF modules. See more details of the DISPLAY ECF command below.

The second feature is a new EXTERNAL REMOVE statement with the syntax

EXTERNAL REMOVE modulename

This causes the entry for the named module to be removed from the module table. The table entry is then placed on a free chain of entries and can be reused by issuing the EXTERNAL MODULE statement. This allows the module table to be managed with redundant entries removed, without having to recycle the ONLINE.

A EXTERNAL REMOVE statement will return $status/$statusd values of 0/0, and most other status values that can be returned by the EXTERNAL REMOVE statement are already documented in the ECF return codes table. If an EXTERNAL REMOVE is attempted against a module that is currently being called ( in use ), then $status/$statusd will return the values 20/1 ( module unavailable).

System enhancements

New wait types for daemon/master waits

Two new wait types, viewable on the MONITOR USERS command output, have been implemented as follows:

57 - Means a daemon thread waiting for its master thread
58 - Means a master thread waiting for one of its daemon threads

This change is enabled in V7.7 with the application of zap 77z410.

Snap formatting changes

Date/time stamps in the page headers of snaps will now be shown normal format, rather than in julian format as in previous releases. Thus in the following example a particular snap header under v7.7 or previous releases would show as

  SNAPID    1   19226.060155  M204.0022: Bug .. nnnnn               PAGE     1

whereas the same snap header under v7.8 would show as

  SNAPID    1  2019/08/14 06:01:06   M204.0022: Bug .. nnnnn        PAGE     1

Also, due to improvements in handling trailing blanks in snap output, a snap generated under v7.8 should be marginally smaller than the same snap generated under previous releases, assuming the same SNAPCTL settings.

Call stack trace for problem diagnosis

A call stack trace is now provided to help diagnose and resolve common errors. To enable the stack trace, do either of the following:

  • Set the SIRFACT X'01' bit.
  • Set the DEBUGL parameter. Note that the DEBUGUL approach will introduce extra QTBL overhead.

    (DEBUGUL provides a similar facility with an include trace of procedures leading to the error, but this might not be potentially as useful as the call trace.)

The call stack trace can assist in diagnosing run-time errors that might occur, as illustrated by the following "Variable too small for result" and "MBSCAN exceeded" examples.

Variable too small for result

When the stack trace is enabled, a "variable too small" error results in the following message:

M204.2966: Error at line n, procedure procname in file procfile

which identifies the line within a procedure where the error is occurring, in addition to the usual message:

M204.0552: Variable too small for result

Any subsequent M204.2966 messages indicate the point in the code from where the code in error was called. For example, a stack of three subroutine calls leading to a "variable too small" error might result in the following messaging:

M204.0552: Variable too small for result M204.2966: Error at line 9, procedure MYPROC.LEVEL4 in file MYPROC M204.2966: Called from line 5, procedure MYPROC.LEVEL3 in file MYPROC M204.2966: Called from line 5, procedure MYPROC.LEVEL2 in file MYPROC M204.2966: Called from line 5, procedure MYPROC.LEVEL1 in file MYPROC

This information should help in diagnosing the problem.

If the error occurs within a command level program rather than a procedure, then the M204.2966 message is replaced by an M204.2967 message, and a similar error condition to the above with a preceding call stack might be audited as follows:

M204.0552: Variable too small for result M204.2967: Error at line 14 of command level program M204.2967: Called from line 5 of command level program M204.2967: Called from line 3 of command level program

If neither SIRFACT X'01' nor DEBUGUL is set, then the "variable too small" error produces the following messages:

M204.0552: Variable too small for result M204.2968: Error: no debug info

MBSCAN exceeded

Similarly to the handling of the "variable too small for result" error, the call stack can also be used to diagnose errors where the value of MBSCAN is exceeded as a result of a direct search of Table B records.

Again, under V7.8, with either the SIRFACT X'01' bit set or DEBUGUL set, if a long request occurs as a result of exceeding MBSCAN, then initially the following message is produced, as before:

M204.0569: File filename, Find: Table B records to be searched = nnnn

followed by a DYRWT prompt message. If the user replies 'N' to the prompt, or if the request is run in an environment (such as a batch job) where the default response is 'N', the following message is produced after the M204.0569 message:

Cancelling request: M204.2969: MBSCAN (mm) exceeded, records to be searched = nnnn

where mm is the current setting of MBSCAN. The M204.2969 message is followed by M204.2966 messages displaying the call stack trace. Thus, if the following code is run from procedure MYPROC.MBSCAN against the demo database, with an MBSCAN setting of 10:

b call sub1 sub1: subroutine fd1: in clients fd city = ONTARIO end find fr fd1 pai print end for end subroutine end

then the following messages are produced, assuming any prompts are responded to with an 'N':

M204.0569: File CLIENTS, Find: Table B records to be searched = 3415 Cancelling request: M204.2969: MBSCAN (10) exceeded, records to be searched = 3415 M204.2966: Error at line 6, procedure MYPROC.MBSCAN in file MYPROC M204.2966: Called from line 3, procedure MYPROC.MBSCAN in file MYPROC

appendJournalData

The AppendJournalData function is now more tolerant of an outstanding BUMP request. Previously, if AppendJournalData was called to inadvertently retrieve a large amount of journal data, typically when called implicitly from within SirScan, then any outstanding BUMP request wouldn't be honored until all of the data had been retrieved, at which point the BUMP request would be completed, and all data would be lost.

Now, the AppendJournalData process checks for outstanding BUMP requests before each track I/O is executed, thus avoiding excessive I/Os against the journal and long waits for the BUMP of such a process to complete.

AUDIT204 enhancements

FORMAT command

TIMEHH is a new parameter used with the FORMAT command of the AUDIT204 utility. It indicates that timestamps, printed at the beginning of each line of output, should include hundredths of a second. Requires no other arguments.

NOTE: This parameter and the 78 version (or later) of AUDIT204 may be used against a 77 (or later) CCAJRNL.

For example:

//CCAIN DD * FORMAT YEARFORM 4 TIMEHH TYPE ER MS LI

Recovery enhancements

Media Recovery in a multi-user environment

It is now possible to perform media recovery by issuing the REGENERATE command to roll forward selected files in a multi-user environment, with the media recovery being carried out by different users with system manager privileges. The new USING option allows for the specification of a ddname for the input journal stream to be used by the REGENERATE command. Previously media recovery was restricted to single user batch jobs, using the CCAGEN ddname for the input journal. For more details, see the REGENERATE command below.

Security enhancements

CA-Top Secret can disallow CCASTAT logins

The CA-Top Secret interface now recognizes the DEFACID=, setting and does not allow CCASTAT logins in the online if DEFACID is set to null. (There is no attempt to log on M204USR.) Therefore, to disallow CCASTAT logons, set DEFACID=, in TOPSPARM. CCASTAT will be opened because it contains file and group passwords, but it will not be used for logons if CCASTAT logons are not allowed.

CUSTOM=11 and mixed cased input

The CUSTOM parameter CUSTOM=11 setting no longer requires that a *LOWER command be issued prior to a LOGCTL command (to add or change a password) to preserve mixed case input. Prior to this release, with CUSTOM=11 in place, *LOWER had to be issued before a LOGCTL command, otherwise any mixed case password strings would automatically be translated into uppercase. This change is enabled within V7.7 with the application of zap 77z108.

DEFUSER can specify a jobname not authorized to access M204

When specifying DEFUSER=JOBNAME and VALIDAT=LOGON in the RACFGEN parms for an ONLINE, if the specified jobname ( the owning id for the ONLINE job ) isn't authorized to use Model 204 via RACF, any LOGIN commands specifying no userid will now succeed ( previously such a LOGON would have failed ). This enables users to submit jobs with USE $JOB, whereby the string USER=jobname will be added to the submitted JCL, and this in turn is useful if the specified jobname has dataset access privileges to datasets required by the submitted jobs, even if the jobname itself isn't authorized to use M204.

Janus product enhancements

Janus Web Server access rule

The automatic JANUS WEB ALLOW rule, which allowed any user to access the port without requiring a login, is changed for non-SSL ports to the following:

JANUS WEB portname DISALLOW *

This rule requires a system administrator to explicitly define ALLOW rules to enable users to access non-SSL ports. The rule applies unless overridden by user-added rules.

Note: To revert from this change in the JANUS DEFINE default and make the default non-SSL ALLOW rule as it was in version 7.5 and earlier (ALLOW *), turn on the 1 bit of the WEBDFLT parameter:

RESET WEBDFLT=1

Increase in pending accepts for Janus BPX ports

The default number of pending accepts for Janus BPX server ports has been increased from 3 to 12, thus reducing the likelihood that a pending accept may fail with the message

MSIR.0019 Connection request rejected for port (port), MAXCON exceeded

The actual number of pending accepts to be supported on the port can be set with the new parameter MAXPEND, set on the JANUS DEFINE command, where MAXPEND can vary from 3 up to a maximum value of 32. The change to the default value was enabled within V7.7 with the application of zap 77z269.

TCP listen backlog increased

The TCP_listen backlog has been increased from 16 to 1024 under z/OS.

This update tells the TCP stack to queue up to 1024 of such requests up before dropping them, thus reducing, or in most cases eliminating, the likelihood of a connection request drop, other than in exceptional circumstances, such as a denial of service attack. This change was enabled within V7.7 with the application of zap 77z340.

Defer the freeing of XMLSCREEN input XML

The freeing of XMLSCREEN input XML is now deferred until the next Read Screen or session termination. This means that if an application error is detected, the input XML can be retrieved with $Web_Input_Content and then logged for problem analysis.

Prior to this release the XML received from the client is freed immediately after being used to set the input data for a Read Screen, rendering it unavailable for problem determination.

This change is enabled in V7.7 with the application of zap 77z368.

XMLSCREEN and Janus Web Legacy blank stripping

xmlScreens and Janus Web Legacy screens now adhere to the same standard as standard screen processing in terms of stripping leading blanks from input fields defined as DEBLANK (either explicitly or implicitly).

This change is enabled in V7.7 with the application of zap 77z400.

SSL input buffer size

The default value of SSLIBSIZE has been increased to 16384 + 128, or 16512. This size should ensure correct communication with all TLS spec compliant applications. It is the maximum size allowed unless you use CUSTOM=18.

This changed is enabled within V7.7 with the application of zap 77z415.

Increasing LDAP buffers

The number of LDAP buffers allocated at startup can now be changed by setting the NLDAPBUF parameter in CCAIN. See below for details on NLDAPBUF.

Increase URL length returned with $web_form_action

With this release the maximum Janus Web Server incoming URL that can be handled by $web_form_action is increased from 512 bytes to 1024 bytes. This change is enabled within V7.7 with the application of zap 77z424.

Debugger enhancements

Access to exposed variables

The debuggers can now view or watch the values of variables exposed to local routines/methods. Previously, any attempts to access an exposed variable would have displayed "%varname has no value" in the debugger session. (This feature is enabled within V7.7 with the application of zap 77z363.)

Performance enhancements

MP/204 offload improvements

Application code issuing the following SOUL statements will now now be fully offloadable:

  • File Records In/On
  • Remember
  • Position
  • Sort Values
  • Reset Header/Trailer
  • Find and Print Count
  • Find All Values
  • For Each Value

the above improvements are also enabled within V7.7 with the application of zaps 77z419 and 77z420.

X3270OUT exit offloadable

When running MP/204 (AMPSUBS>0) and using the X3270OUT exit to convert a 3270 output data stream to the appropriate device protocol, the exit can now run in parallel mode to improve performance. This change was enabled in V7.7 with the application of zap 77Z313.

The X3270OUT exit must be written to be re-entrant.

New and changed commands

DISPLAY ECF

DISPLAY ECF {{ M | N | U } like ?}

This new command displays details from ECF tables, or the current status of users accessing ECF modules.

D ECF M displays the contents of the module table. For example:

D ECF M Module Loadlib Address:Length Loaded@ Lastused@ #Calls Flags QATUM13C PROGLIB 2FB91FB8:00000028 19023:121506 19023:121506 00000001 QATUM13B PROGLIB 2FE65000:00009C18 19023:121506 19023:121506 00000001 QATUM13A PROGLIB 2FE6EC18:00001CD8 19023:121506 19023:121506 00000001

(flags may be D=deleted; S=shared; H=halted; I=Idle)

D ECF N displays contents of the name table. For example:

D ECF N Module Logical-call-name QATUM13C MOD_QATUM13C QATUM13B MOD_QATUM13B QATUM13A MOD_QATUM13A

D ECF U displays details of users currently accessing ECF modules. This is also the default option, and so D ECF will display the same output as D ECF U. For example:

D ECF U User# Userid Module Parmlen 00002 ADMIN --none-- 00003 ADMIN COBSAMP1 00000002 00004 ADMIN COBSAMP1 00000002

D ECF LIKE ? (where ? is a valid pattern) displays details for entities that match the specified pattern.

REGENERATE

The REGENERATE command can now be run in a multi-user environment by multiple users with system manager privileges. A new option USING is provided to specify the ddname of the input journal, so that the full syntax is now as follows:

REGENERATE [USING ddname] FILE filename [FROM dumpname | IGNORE] [TO {LAST UPDATE [BEFORE yy.ddd hh:mm:ss.th] | LAST CHECKPOINT [BEFORE yy.dd hh:mm:ss.th] | UPDATE number OF yy.ddd hh:mm:ss.th | CHECKPOINT yy.ddd hh:mm:ss.th} ]

The default for the using ddname is CCAGEN, but any ddname may be used to allocate an input journal and used. For example:

ALLOCATE REGEN1 WITH SCOPE=SYSTEM DSN=PROD1.GDGJ OLD SEQUENTIAL GEN=+2 REGENERATE USING REGEN1 FILE TEST

It is the user's responsibility to ensure that the file being regenerated is not in use, and so prior to usage, BUMP FILE and STOP FILE should be used to isolate usage against the file. If the file is in use, the REGEN will fail with these messages:

M204.1430: Failed to open file TEST M204.1436: Stopped processing file TEST

$STATUS will now be set for REGENERATE with the following values:

0 - Success
1 - No files were processed
2 - At least one file stopped processing
4 - A serious error occurred, REGEN failed

Similarly, SETGRC may be used to get the return code and error message.

New and changed parameters

ECMODS

The new minimum value for ECMODS, the allowable number of ECF modules, is 1. Prior to V7.8 the minimum value was 0. This changed was enabled in V7.7 with the application of zap 77z306.

ECNAMES

The new minimum value for ECNAMES, the allowable number of ECF module names, is 1. Prior to V7.8 the minimum value was 0. This changed was enabled in V7.7 with the application of zap 77z306.

ECPSIZE

The new minimum value for ECPSIZE, the initial storage allocation for ECF parameters, is 1024. Prior to V7.8 the minimum value was 0. This changed was enabled in V7.7 with the application of zap 77z306.

ENQTIME

Millisecond duration of automatic record locking retry wait.

Prior to this change, if record locking conflicts occur frequently in a busy online, any user with a non-zero value for ENQRETRY will wait at least 3 seconds before the conflict is dealt with. This can degrade overall system performance.

The ENQTIME parameter specifies the number of milliseconds waited for each record locking retry wait. ENQTIME can be between 1 and 60000, corresponding to a minimum of 1 millisecond and a maximum of 1 minute. The default value of ENQTIME is 3000 (3 seconds).

For example, with ENQTIME = 100 and ENQRETRY = 7, after a record locking conflict occurs the thread will retry 7 times with wait intervals of .1 seconds, and so within at most .7 seconds either the lock becomes available or the conflict triggers an On unit or cancels the request.

The ENQTIME parameter may also be reset with $ResetN.

This new parameter was enabled within V7.7 with the application of zap 77z299.

EVALOPT

The new EVALOPT parameter controls the cancellation of a request on truncation of string data. The default value is 0, and currently there is just one setting, 1, which means "cancel a request if truncation of string data occurs."

For example, with the default of 0 in place, the following code

 %x is string len 1  %y is string len 2  %y = 'ab'  %x = %y printtext {~} = {%x}

would cause silent truncation, and give the result

%x = a

If EVALOPT is set to 1, then the above code produces the following message:

M204.0552: Variable too small for result

and the request is cancelled.

LFSCB

LFSCB, the length of the full screen buffer, now has a new minimum value of 8 ( the previous minimum was 0 ). This change has been enabled within v7.7 with the application of zap 77z042, and within V7.6 with the application of zap 76z393.

MAXPRE, MAXBOUT, MAXSUBT

Introduced in zap 77Z257.

The new MAXPRE, MAXBOUT, and MAXSUBT parameters can be used to cancel a runaway transaction and prevent it from filling the checkpoint data set.

  • MAXPRE: Maximum number of pre-images per transaction.
  • MAXBOUT: Maximum number of backout pages per transaction.
  • MAXSUBT: Maximum number of subtransaction checkpoints that a transaction can span.

Each new parameter defaults to unlimited.

If a parameter value is set, a transaction is cancelled if that value is exceeded, and the following message is displayed:

M204.0524: Maximum number (num) of parameter exceeded.

where num is the value set for parameter (MAXPRE, MAXBOUT, or MAXSUBT).

NLDAPBUF

This new parameter allows the number of LDAP buffers allocated during startup to be set in CCAIN. The default value is 2, and the settable value can range from 0 to 65535.

PUPDTH (new minimum value)

If a user sets the PUPDTH parameter to 0, it will now automatically be increased to 1, its minimum value.

SERV4G

This parameter allows testing of server tables that span a 4-gigabyte boundary. For example, if SERV4G is X'FFFFF000', each ATB server will begin at XX_FFFFF000. If SERV4G is X'FFFF0000', each ATB server will begin at XX_FFFF0000. XX is determined by the storage available on the system. The parameter is set in CCAIN.

The contents of the ATB server are specified by using the SERVGA parameter.

For example. if you want VTBL to span the 4G boundary, you can use these settings: SERV4G=X'FFFFF000', SERVGA=X'00040000', and LVTBL=200 (6400 bytes, X'1900'). This will force each server's VTBL to begin at XX_FFFFF000 and end at XX+1_00000900.

WEBDFLT

At V7.7, the default access rule for non-SSL ports was changed from ALLOW * to DISALLOW *, meaning that unless any ALLOW rules were in place resulting in a login/password prompt, the port couldn't be accessed. The new WEBDFLT parameter may be set to 1 for reversion to the old default of ALLOW *. Under V7.7, this new parameter was enabled with the application of zap 77z090.

RESET WEBDFLT requires system administrator privileges. It is recommended to reset the 1 bit of WEBDFLT to zero after issuing a series of JANUS DEFINE commands which need WEBDFLT=1, as in the CCAIN input stream.

New and changed statistics

MPR, MBO, MCP, and RCV

Introduced in zap 77Z257.

These statistics provide high water mark transaction information. (Since-last values will not be available until V78 GA.)

They are useful in conjunction with the MAXPRE, MAXBOUT, and MAXSUBT parameters.

User/system statistics:

  • MPR: High water mark of transaction pre-images.
  • MBO: High water mark of transaction backout pages.
  • MCP: High water mark of transaction chkpoint spans.

System statistics:

  • RCV: Number of blocks needed for subtransaction recovery

Notes: M204.0843 now displays the RCV statistic for subtransaction checkpoints. The size of recovery checkpoint must be greater than the sum of the last RCV value plus the number of records in RESTART and RESTARTS.

DKWTS and DKWTMICS

Introduced in zap 77z7289.

The new system statistics DKWTS (DisK WaiTs) and DKWTMICS (DisK WaiT MICroSeconds) collect data to provide rough disk I/O service time numbers.

DKWTS shows the number of disk I/O waits. DKWTMICS shows the total wait time for those waits in microseconds. Dividing the difference in DKWTMICS by the difference in DKWTS over an interval provides the average disk I/O wait time in microseconds.

Notes:

  • The wait time does include internal Model 204 scheduler delays, so on a CPU bound Model 204 system, the service times calculated from DKWTS and DKWTMICS are likely to be an overestimate of actual service times.
  • DKWTS and DKWTMICS are not available in SirMon; use MONITOR SYSTEM STATISTICS to view these statistics.

Compatibility issues

$ListNew cannot be used in Initial clause

It is now a compilation error if $ListNew is attempted to be used in the Initial clause of a declaration statement.

This change is propagated by zap maintenance to versions 7.5 (zap 75Z487), 7.6 (zap 76Z514), and 7.7 (zap 77Z281) of Model 204.

Note: Strictly speaking, this would not be considered a compilation error, because previously although .. Initial($ListNew) did not produce a compilation error, in almost all circumstances it would produce a snap if the initialized %variable were used with some other $Listxxx invocation.

Restricting the use of the CUSTOM=38 setting

The CUSTOM=38 parameter setting, introduced at V7.5, inadvertently provided System Manager privileges to all users via the RESET command. This CUSTOM setting is now restricted to the RESETting of the LAUDIT parameter.

Disabling of Closure support

Due to a number of bugs related to Closure support, introduced at V7.7, this feature, which can best be described as exposed methods assigned to method variables, has been disabled in this release. This change was also made to V7.7 with application of zap 77z119.

Password delimiter enforced

When using IFSTRTN to logon to a Model 204 online from an IFAM2 application, both the logonid and password must be followed by a semicolon - the delimiter. For example:

CALL IFSTRTN(RC,'logonid;password;'...)

If a semicolon does not follow the password string, the following message will now be issued

M204.2964: Password missing or too long

Previously, a semicolon following the password was not required and the first blank served as a password delimiter. However, as of V7.7, embedded blanks are valid password characters and a semicolon is now required to delimit the password.

This change has also been enabled within V7.7 with the application of zap 77z231.

PAGESZ parameter validated

Previously it was possible to set the PAGESZ parameter to any value, although Model 204 internally supports one page size of 6184, and any deviation from this value would have led to problems during file creation. The value of this parameter is now controlled, such that setting it to any value other than 6184 will generate an M204.1149 message with the parameter being reset to 6184.

ECPRIV and the IDCAMS facility

At V7.7 a security loophole was closed, whereby all ECF modules were run under external-authorizer profile of the calling user. Previously any ECF tasks were run under the owning job's external-authorizer profile, and in order for certain sites to retain that ability, a new setting of ECPRIV, value 4, was introduced to retain the ability to run ECF tasks using the job's security profile.

The ECPRIV 4 setting potentially introduced a security loophole when calling the IDCAMS interface, based upon what the IDCAMS utility is able to do at a system level. Consequently as of this release, the ECPRIV 4 setting will be ignored when calling the IDCAMS facility via ECF, and such IDCAMS processes will always use the calling user's security profile. Any existing jobs that use ECF to call the IDCAMS utility with the ECFPRIV 4 bit set should be checked to ensure that the calling user's security profile still satisfies the job's requirements.

TCPOPTS is view only

In previous releases the TCPOPTS parameter, which identifies the type of IP addressing in use ( v4 or v6 ), was resetable, although it was always documented as a view-only parameter. The parameter is now handled as a view-only parameter, and any attempts to reset the parameter will result in

  M204.1123: Parameter TCPOPTS not reset

ZHPF command can only be issued by a system manager

In previous releases it was possible to issue the ZHPF command without being logged on. From this release onwards, a user would have to be logged on with system manager privileges to be able to issue this command.

Additionally, the command output will now only display results for currently open files.

This changes has been enabled within v7.7 with the application of zap 77z264.

Terminal MODEL reset failure

If a reset of the terminal MODEL parameter fails due to an under sized output page buffer, then in addition to the existing messages that inform the user of this failure

   M204.1875 UNABLE TO RESET MODEL TO %C 
   M204.1123: Parameter MODEL not reset  

the following message will now be issued

   M204.1008: LOUTPB must be increased to at least <number> 
                                                        

where <number> is the minimum value of LOUTPB necessary to support the terminal model.

This change is enabled in V7.7 with the application of zap 77z309.

New and changed messages

See New and updated messages in Model 204 version 7.8 for details.