COMMLOG parameter: Difference between revisions
m (1 revision) |
m (1 revision) |
||
Line 30: | Line 30: | ||
</dl> | </dl> | ||
If COMMLOG is set to zero, the | If COMMLOG is set to zero, the <var class="product">Sirius Mods</var> attempts to determine if the external | ||
authorizer (if any) supports trusted login (RACF, ACF2, and Top Secret all | authorizer (if any) supports trusted login (RACF, ACF2, and Top Secret all | ||
support trusted login): | support trusted login): | ||
<ul> | <ul> | ||
<li>If the authorizer does, the | <li>If the authorizer does, the <var class="product">Sirius Mods</var> sets COMMLOG to X'02' and then does all | ||
trusted logins via the external authorizer. | trusted logins via the external authorizer. | ||
<li>If the authorizer does not, the flag is set to | <li>If the authorizer does not, the flag is set to |
Revision as of 00:45, 30 October 2012
Summary
- Default value
- X'00'
- Parameter type
- System
- Where set
- User 0 CCAIN parameters
- Related products
- All
- Introduced
- Before Sirius Mods 6.7
Description
This is a bitmask parameter that affects the type of login performed by daemon threads when logged in via a $comm function ($command, $commndl, or $commbg), or via a New method for a daemon class object.
The bits in this parameter mean:
- X'01'
- A login that bypasses external authorizer (RACF, ACF2, Top Secret) validation is performed.
- X'02'
- A trusted login is performed via the external authorizer.
- X'04'
- This activates support for daemon login improvements when used in conjunction with the X'02' bit. COMMLOG=6 activates an additional layer of processing between Model 204 and ACF2 for processing daemon logins (including $COMMBG and related functions). With COMMLOG=6, each user that performs a login passing a password will get a UUP block, that will be shared with any of its daemons.
If COMMLOG is set to zero, the Sirius Mods attempts to determine if the external authorizer (if any) supports trusted login (RACF, ACF2, and Top Secret all support trusted login):
- If the authorizer does, the Sirius Mods sets COMMLOG to X'02' and then does all trusted logins via the external authorizer.
- If the authorizer does not, the flag is set to X'01', and all logins for $comm and daemon objects do not use the external authorizer.
Generally, this parameter should be left as 0, though it might make sense to set it to X'01' for efficiency — there is considerable overhead in an external authorizer login, even a trusted one.
The downside of setting this parameter to X'01' is that no external authorizer logging will be performed for the daemon login (this might be viewed as a benefit), and things that required external authorizer validation (such as sequential file access) will not be correctly controlled by the external authorizer.