The fix is shipped as file IBM.HHOP750.UK45253
Steps required to install the fix:
A sequential data set must be allocated on the z/OS system to receive the fix that you will upload from your workstation. You can do this by submitting the job below. Add a job card and modify the parameters to meet your site's requirements before submitting.
//ALLOC EXEC PGM=IEFBR14 //* //UK45253 DD DSN=hlq.IBM.HHOP750.UK45253, // DISP=(NEW,CATLG,DELETE), // DSORG=PS, // RECFM=FB, // LRECL=80, // UNIT=SYSALLDA, //* VOL=SER=volser, //* BLKSIZE=6160, // SPACE=(TRK,(60,5)) //*
Upload the file in binary format from your workstation to the z/OS data set. On a Windows system, you can use FTP from a command prompt to upload the file. In the sample dialog shown below, commands or other information entered by the user are in bold, and the following values are assumed:
| User enters: | Values |
|---|---|
| mvsaddr | TC P/IP address of the z/OS system |
| tsouid | Your TSO user ID |
| tsopw | Your TSO password |
| d: | Your drive containing the fix files |
| hlq | High-level qualifier that you used for the data set that you allocated in the job above |
C:\>ftp mvsaddr Connected to mvsaddr. 220-FTPD1 IBM FTP CS %version% at mvsaddr, %time% on %date%. 220 Connection will close if idle for more than 60 minutes. User (mvsaddr:(none)): tsouid 331 Send password please. Password: tsopw 230 tsouid is logged on. Working directory is "tsouid.". ftp> cd .. 250 "" is the working directory name prefix. ftp> cd hlq 250 "hlq." is the working directory name prefix. ftp> binary 200 Representation type is Image ftp> put d:\IBM.HHOP750.UK45253 200 Port request OK. 125 Storing data set hlq.IBM.HHOP750.UK45253 250 Transfer completed successfully 3346160 bytes sent in 0.28 seconds ftp> quit 221 Quit command received. Goodbye.
****************************************************************
* Affected function: JES Job Monitor *
****************************************************************
* Description: embedded LE options *
****************************************************************
* Timing: post-APPLY *
****************************************************************
* Part: SFEKSAMP(FEJJJCL) *
****************************************************************
This maintenance adds embedded LE options to the JES Job
Monitor load module;
* ALL31(ON)
* HEAP(32K,32K,ANY,KEEP,8K,4K)
* POSIX(ON)
* STACK(128K,128K,ANYWHERE,KEEP)
* THREADHEAP(4K,4K,ANY,KEEP)
* THREADSTACK(OFF)
* STORAGE(NONE,NONE,NONE,0)
If need be, these options can be changed by providing alternate
values in the startup JCL, as shown in the updated sample JCL,
FEK.SFEKSAMP(FEJJJCL).
//*
//* JES JOB MONITOR
//*
//JMON PROC PRM=, * PRM='-TV' TO START TRACING
// LEPRM='RPTOPTS(ON)',
// HLQ=FEK,
// CFG=FEK.#CUST.PARMLIB(FEJJCNFG)
//*
//JMON EXEC PGM=FEJJMON,REGION=0M,TIME=NOLIMIT,
// PARM=('&LEPRM,ENVAR("_CEE_ENVFILE=DD:ENVIRON")/&PRM')
//STEPLIB DD DISP=SHR,DSN=&HLQ..SFEKAUTH
//ENVIRON DD DISP=SHR,DSN=&CFG
//SYSPRINT DD SYSOUT=*
//SYSOUT DD SYSOUT=*
// PEND
//*
****************************************************************
* Affected function: JES Job Monitor *
****************************************************************
* Description: Show JCL (SJ) support *
****************************************************************
* Timing: post-APPLY *
****************************************************************
* Part: n/a *
****************************************************************
This maintenance adds support for the Show JCL (SJ) command,
avaialable if the client is at a matching service level.
Similar to the SDSF SJ action character, JES Job Monitor
supports the Show JCL command to retrieve the JCL that created
the selected job output, and show it in an editor window. The
JCL is retrieved from JES, so there is no need to locate to
the original JCL member.
Like the other JES Job Monitor commands, authorization for the
Show JCL command is controlled by the LIMIT_COMMANDS directive
in FEJJCNFG, and profiles in the JESSPOOL class of you security
product.
Note that Show JCL is not an operator command like the other
JES Job Monitor commands (Hold, Release, Cancel and Purge),
so no profile is needed in the OPERCMDS class.
Command JESSPOOL profile Required access
Hold nodeid.userid.jobname.jobid ALTER
Release nodeid.userid.jobname.jobid ALTER
Cancel nodeid.userid.jobname.jobid ALTER
Purge nodeid.userid.jobname.jobid ALTER
Show JCL nodeid.userid.jobname.jobid.JCL READ
****************************************************************
* Affected function: rexec/ssh connection method *
****************************************************************
* Description: add client ID *
****************************************************************
* Timing: post-APPLY *
****************************************************************
* Part: /etc/rdz/server.zseries *
* (usr/lpp/rdz/bin/server.zseries) *
****************************************************************
A v7510 or higher Developer for System z client using the rexec
or ssh connection method will now pass the user ID as a
startup parameter. The server.zseries server startup script has
been updated to use this parameter.
server.zseries was copied from /usr/lpp/rdz/bin/server.zseries
to /etc/rdz/server.zeries during the customization of the
product.
This copy must be repeated manually if you have Developer for
System z clients connecting to the host via rexec/ssh.
****************************************************************
* Affected function: client authentication *
****************************************************************
* Description: additional client authentication support *
****************************************************************
* Timing: post-APPLY *
****************************************************************
* Part: /usr/lpp/rdz/samples/rsed.envvars *
* /usr/lpp/rdz/samples/ssl.properties *
****************************************************************
Rational Developer for System z now supports the following
client authentication methods:
- User ID & password
- User ID & one-time password
- X.509 certificate
The X.509 authentication requires updates to your security
product, and optionally to these RDz configuration files:
- /etc/rdz/rsed.envvars
- /etc/rdz/ssl.properties
Refer to the readme included with the download of this PTF
(v7510) for complete setup instructions:
http://www-01.ibm.com/support/docview.wss?rs=2294&context=SS2QJ2
&uid=swg27006335#11
Included a brief overview of RDz specific changes.
console messages:
FEK004I = RseDaemon: Max Heap Size={0}MB and private AS Size={1}
MB
FEK143E = gsk_attribute_set_enum(GSK_CLIENT_AUTH_TYPE) failed. r
eason=({0})
FEK144E = gsk_get_cert_info failed. reason=({0})
FEK145E = gsk_secure_socket_read() failed. reason=({0})
FEK146E = gsk_secure_socket_write() failed. reason=({0})
ssl.propeties :
#-------------------------------------------------------------
# JKS: Java keytool, JCERACFKS: security product
#-------------------------------------------------------------
#server_keystore_type=JCERACFKS
rsed.envvars :
#-------------------------------------------------------------
# X.509 authentication, true: security product, false: RSE
#-------------------------------------------------------------
#_RSE_JAVAOPTS="$_RSE_JAVAOPTS -Denable.certificate.mapping=fals
e"
#-------------------------------------------------------------
# Specify LDAP variables for X.509 validation with CRL
#-------------------------------------------------------------
#GSK_CRL_SECURITY_LEVEL=HIGH
#GSK_LDAP_SERVER=ldap_server_url
#GSK_LDAP_PORT=ldap_server_port
#GSK_LDAP_USER=ldap_userid
#GSK_LDAP_PASSWORD=ldap_server_password
SMP/E RECEIVE and APPLY the fix.
Refer to readme7.5.1_host\nl\en\readme7.5.1_host.html for the release notes that describe this fix, and pre-req PTF's.
Notes: