IOF Diagnostic Tools

Introduction

Then, press PFKey 1 (HELP) to display the long message which includes the date and time the user options module was link-edited. The link-edit time allows you to verify that you are running the correct version of the IOFxxxU user options module.

------------------------------- IOF Option Menu --------------< VER7D.0 >- COMMAND ===> Product level: 7D.0 Date: 03/13/98 Time: 12.38 Select an option. To get a detailed option menu, follow the option with "?". blank - Your jobs G - Output Groups M - System Monitor I - Input jobs H - Held Groups INIT - Initiators R - Running jobs L - System Log APPC - APPC tasks/output O - Output jobs PR - Printers MAS - MAS system display J - All jobs menu D - Device Options CMDS - Global Commands P - IOF Profile NEW - What's New in IOF QT - Quick Trainer JOBNAMES ===> Enter 1 to 8 generic jobnames above SCOPE ===> ALL, ME or another user's USERID Enter HELP to see all valid SCOPE values DEST ===> Enter 1 to 8 destinations above SORT ===> INVNULL Enter HELP to see all valid SORT values

For IOF/TSO, the IOF and IOFSPF load modules can reside in a STEPLIB, LINKLIB, or LPALIB. For IOF/CICS, the IOFCIC module must reside in a CICS load library that is part of the CICS DFHRPL concatenation. All other IOF modules must reside in a LINKLIB or LPALIB.

The IOFWHERE command can be issued from TSO READY or from ISPF Option 6 to list the libraries where all the active IOF load modules reside. From TSO READY or ISPF Option 6 enter:

%IOFWHERE

The IOF load modules you are using reside in the following libraries: IOF in STEPLIB IOF.IOFT7D0.LOAD IOFSPF in STEPLIB IOF.IOFT7D0.LOAD IOFT7D0M LINK APF(Y) SYS1.TRISYS.LINKLIB IOFT7D0U LINK APF(Y) SYS1.TRISYS.LINKLIB IOFT7D0A LINK APF(Y) SYS1.TRISYS.LINKLIB IOFT7D0P LINK APF(Y) SYS1.TRISYS.LINKLIB Cpu Serial number is: 0001 Cpu Model number is: 7490 MVS Product name: SP5.3.0 MVS FMID value: HBB6601 IPL Date and Time: 1998.098 - 08:13:08

IOFWHERE is a CLIST which must reside in a clist library concatenated to SYSPROC. The 7D version of IOFWHERE invokes the release 7D IOF command.

IOF/CICS users must invoke IOF with the FINDMOD parameter to determine where IOF/CICS modules reside. From CICS enter:

IOF /FINDMOD or

IOF /FINDMOD(M) to locate the "main" module.

IOF /FINDMOD(A) to locate the "auxiliary" module.

IOF /FINDMOD(U) to locate the "user options" module.

IOF /FINDMOD(P) to locate the "panel" module.

TRACE is a switch. The first time TRACE is entered it allocates a SYSOUT trace data set and enables tracing. The second time TRACE is entered it disables tracing, frees the trace data set and browses the trace data set.

The trace data set is allocated to the users TSO session with DDNAME of $IOFLOG$. Multiple traces can be done on a single session. Each trace will allocate a new $IOFLOG$ data set.

Example 1.

       TRACE  START

From IOF/TSO Release 7C you must explicitly nest the new IOF session. The command sequence below performs the TRACE START function described above.

       TRACE  
       IOFNEST 
       TRACE

**************** User Attributes Used for Group Assignment **************** Userid................. ISINRM UADS Attributes........ JCL Current RACF Group..... List of RACF Groups.... TRISYS Logon Procedure........ Terminal Name.......... User ASCB Type......... TSU User Account Number.... ACF2 UID String........ **************** User Not Assigned to this Group **************** Group....................................... STCGROUP Session attribute that excludes this user... ASCBTYPE **************** User Not Assigned to this Group **************** Group....................................... OPERATOR Session attribute that excludes this user... UADS **************** User Assigned to Group **************** Group...... ENDUSER ****** Start of Eligible ALLOW Macro table ***************************** Macro.... USRJOBS ALLOW 3,2,JOBS,JOBNAME,/U* Macro.... USRGRPS ALLOW 3,2,GROUPS,JOBNAME,/U* Macro.... OWNJOBS ALLOW 3,2,JOBS,OWNER,/U Macro.... OWNGRPS ALLOW 3,2,GROUPS,OWNER,/U Macro.... MAILGRPS ALLOW 3,2,GROUPS,MAILID,/U Macro.... CURJOBS ALLOW 3,2,JOBS,CURRENT,YES Macro.... CURGRPS ALLOW 3,2,GROUPS,CURRENT,YES Macro.... ALLJOBS ALLOW 1,0,JOBS,JOBNAME,* Macro.... ALLGRPS ALLOW 1,0,GROUPS,JOBNAME,* Macro.... ALLPRTS ALLOW 1,0,DEVICES,DEVCOMBO,+P+.* Macro.... LOGCMDAC ALLOW 3,0,JOBS,LOGCMD,YES ****** End of Eligible ALLOW Macro table *****************************

The userid, UADS attributes, logon procedure, terminal name and security system information is listed first in the trace data set. The values of attributes that are referenced on IOF GROUP, ALLOW or LIMIT macro are listed.

IOF initialization attempts to place the user in each IOF group. The trace shows the reason the user is not assigned to each group. In the example above, user ISINRM is not assigned to the STCGROUP because of ACBTYPE (this user is not a started task). ISINRM is not assigned to the OPERATOR group because of the UADS attribute.

ISINRM is assigned to the ENDUSER group, so the list of ALLOW and LIMIT macros that apply to the ENDUSER group are listed.

Example 2.

      TRACE 
      C       line command for the job 
      TRACE

The trace lists each IOF ALLOW and LIMIT macro that could control access to the job. If any LIMIT macro prevents access, checking terminates and access is denied. Otherwise all ALLOW macros are checked to determine if any grant access. SAF profile and class names are traced for security system calls along with return codes from the security system. A sample trace is shown below.

================ Start Validation for User Function ================ Function..... Cancel a job **************** ALLOW Macro Fails to Permit Requested Function ******** Macro.... USRJOBS ALLOW 3,2,JOBS,JOBNAME,/U* Reason... JOBNAME value for selected JOB is CALLRSET **************** ALLOW Macro Fails to Permit Requested Function ******** Macro.... OWNJOBS ALLOW 3,2,JOBS,OWNER,/U Reason... OWNER value for selected JOB is ISIJFW **************** ALLOW Macro Fails to Permit Requested Function ******** Macro.... CURJOBS ALLOW 3,2,JOBS,CURRENT,YES Reason... CURRENT value for selected JOB is C* **************** ALLOW Macro Fails to Permit Requested Function ******** Macro.... ALLJOBS ALLOW 1,0,JOBS,JOBNAME,* Reason... Access level not high enough to permit requested function **************** ALLOW Macro Fails to Permit Requested Function ******** Macro.... LOGCMDAC ALLOW 3,0,JOBS,LOGCMD,YES Reason... LOGCMD value for selected JOB is NO ++++++++++++++++ ACF Validation Call ++++++++++++++++ Resource......... TRISYS.ISIJFW.CALLRSET.JOB02026 Resource Class... JESSPOOL Access Level..... Alter Return Code...... 4 ======== Function and/or Operands Not Allowed for This User ======== Function....... Not Authorized Operands....... None specified

Note that all IOF ALLOW and LIMIT macros are traced. Also note the JESSPOOL ACF validation call that is made. In this case the JESSPOOL class is inactive as shown by the return code 4.

No ALLOW macro permitted user ISINRM sufficient access to job CALLRSET which is owned by user ISIJFW. Therefore, the cancel is REFUSED.

Example 3.

       TRACE
       R          line command for the group
       TRACE

Displaying IOF Options and Variables

--------------------- Display of Current Variable Values --------------------- COMMAND ===> 3 1 SESSION environment attributes 2 SYSTEM environment attributes 3 GROUP attributes defined for your IOF Group 4 Miscellaneous attributes 5 Job Archival and Retrieval Attributes ( JAR ) 6 System Log Access Management Attributes ( SLAM ) 7 IOF APPC Servers and Alias Names Listing( APPC ) 8 Sysids (and alias) with Printers Attached( PRINTERS ) 9 IOF Logical Console Usage Attributes ( CONSOLE ) 10 IOF Logical Console Initial Commands ( CONSOLE ) 11 Print all variable values ENTER - Scan All Items n - Select Specific Item Q - Quit HELP

Select a menu number from the list of variable types. For example, display GROUP variables by entering 3.

--------------------------- GROUP Variables Display -------------------------- COMMAND ===> Name--------Value-----From-----Option---Description------------------ GRPNAME ENDUSER SESSION B23ALLOW IOF Group name GRPPANEL OPTOPT SESSION B23ALLOW IOF Option Menu name GRPICMD INITCMD SESSION B23ALLOW Initial command GRPPAUSE 5 SESSION B23ALLOW Minimum pause GRPCMD31 NO SESSION B23ALLOW Command type 31 GRPCMD32 NO SESSION B23ALLOW Command type 32 GRPEXTND YES SESSION B23ALLOW EXTEND option GRPFINDD 0 SESSION B23ALLOW Findlim default GRPFINDM 0 SESSION B23ALLOW Findlim maximum GRPLOGTY SYSLOG SESSION B23ALLOW Default log type GRPSYSID NONE SESSION B23ALLOW Default log system id GRPDSCOP USER SESSION B23ALLOW Default scope GRPMSCOP USER SESSION B23ALLOW Maximum scope GRPDRCMD YES SESSION B23ALLOW DR command allowed GRPINP YES SESSION B23ALLOW GROUP INPCMD parm DOWN/UP - Scroll Display ENTER - Next END - Back to Menu

DVAR displays several columns of information for each variable:

NAME          The IOF variable name  
VALUE         The current value of the variable
FROM          The pool from which the variable is fetched   
OPTION        The IOF OPTION member in which the variable is set
               (All the GROUP variables shown are defined in the
                B23ALLOW option member)
Description   A description of the variable

Remote Definition Table (RDT) Listing

--------------------- JES2 Remote Descriptor (RDT) Table ---------------------- COMMAND ===> Address Destid Node Remote Destid RDT Destid RDT Ent Name # # USERID FLG Type Bits ------------------------------------------------------------------ 1 04B87EB0 WESTPARK 0 255 U255 28 Un D 2 04B87F32 NAPLES 1 18 R18 C8 Nn.Rnn D 3 04B87F80 RALEIGH 9 0 90 Nn N 4 04B87ECA TRIANGLE 0 200 U200 28 Un D 5 04B87FCE TRITEST 1 0 90 Nn N 6 04B87FB4 TRITEST2 2 0 90 Nn N 7 04B87F9A TRITEST3 8 0 90 Nn N 8 04B87F18 TRIEEW 1 1 R1 C8 Nn.Rnn D 9 04B87EFE TRIFVS 1 2 R2 C8 Nn.Rnn D 10 04B87F66 TRIJFP 1 3 R3 C8 Nn.Rnn D 11 04B87EE4 TRIJFW 1 4 R4 C8 Nn.Rnn D 12 04B87F4C TRIJWO 1 4 R5 C8 Nn.Rnn D ------------------------------------------------------------------

If you are making modifications to IOF exits or source code, knowledge of the diagnostic area format also will be useful to you.

IOF 7DABEND    DIAGNOSTIC AREA                           97311.1423
1 0000   840C4000  041107E2  0411050C  000CFFFF   *d......S........* <--- abend, coded PSW/R14 2 0010 05985DDC D01407FE 000090EC D00C0700 *.q) :.......:...* <--- PSW addr, 12 PSW bytes 3 0020 071C0000 85985DE2 00020001 00054F00 *....eq)S......|.* <--- PSW, lng, intcode, xadr 4 0030 00000000 05A6FE66 05A6FE28 05A6FE28 *.....w...w...w..* <--- R0 R3 Regs at time 5 0040 00000001 00000000 05A98250 05A982BC *.........zb&.zb.* <--- R4 R7 of abend. 6 0050 0598586C 8598BEFC 8598BDCE 05A6EE80 *.q.%eq..eq...w..* <--- R8 R11 7 0060 0598BD08 05A6F50C 8598C214 05985DE0 *.q...w5.eqB..q):* <--- R12-R15 

Line 2 contains the twelve bytes of data surrounding the PSW. Lines 3 through 7 contain the PSW, instruction length, interrupt code, translation exception address, and the 16 registers in effect at the time of the abend. If the abend occurs inside an SVC, there will be five additional lines containing another set of PSW and registers that looks like lines 3 through 7.

The following list provides some of the more common csect codes for user modifiable code:

       JOBACESS    0704xxxx   
       JESCTL      0411xxxx   
       SELSETUP    0420xxxx
       DSNQUAL     0206xxxx
       

The format of the IOF Diagnostic Area for release 7C is slightly different from the format described above.