PQ60198: AFTER DELETING AN APPLICATION USING THE SMEUI, THE WORKING DIR FOR THAT APPLICATION AND ITS CONTENTS REMAIN ON THE HFS | |||||||||||||||||||||||||||||||||||||||||
![]() |
|||||||||||||||||||||||||||||||||||||||||
![]() APAR status Closed as program error. Error description User had an app that contains several JSP 's. After running the app the working dir for that app contains the usual directories and the dat and class files associated with compiling JSP 's. After using the SMEUI to delete that app, the app directories are correctly removed but that app's working directory and files are left on the hfs. It appears there may be a mismatch between the group-id or permissions that the working directory and files were created with and the group-id/permissions the delete is attempted under. User may experience RACF errors ( ICH408I ) to this effect.Local fix Problem summary **************************************************************** * USERS AFFECTED: All users of WebSphere Application Server * * V4.0.1 for z/OS and OS/390 * **************************************************************** * PROBLEM DESCRIPTION: When an application is deleted from a * * J2EE server or when the J2EE server * * itself is deleted, the working * * directory that contains the compiled * * JSP files is not deleted. * **************************************************************** * RECOMMENDATION: * **************************************************************** When a user defines a J2EE application server, the system creates an HFS directory under the path $CBCONFIG/working/<server_name>. For each J2EE application installed on the server, the system will create directories of the form $CBCONFIG/working/<server_name>/temp/<plex_name>/ <server_instance_name>/<application_name>. At runtime, the system uses these working directories to store all .class and .dat files created for the application when JSPs are compiled. When the user deletes a J2EE application, the working directories for that application should be deleted. The current product, however, does not contain any logic to do this. Furthermore, when the user deletes the entire J2EE server, the $CBCONFIG/working/<server_name> working directory and all of its contents should be deleted. While there is logic in the current product to perform this delete, it does not work in practice. The J2EE application server creates all the sub- directories and files in this working directory using the default UMASK setting for the system. On most systems, this default UMASK value is 022, which means the directories and files are created with 755 permission bits. Since the System Management (SM) server is trying to delete the working directory when the application server is deleted but does not possess write access to the directory and its contents, the delete fails. The console will report RACF error messages simila of the following: ICH408I USER(CBSYMSR1) GROUP(CBSR1 ) NAME(CB390 SMGT SERVER ) /WebSphere390/CB390/working/BBOASR4/temp/PLEX1/ BBOASR4A/PolicyIVP CL(DIRACC ) FID(x) INSUFFICIENT AUTHORITY TO RMDIR ACCESS INTENT(-W-) ACCESS ALLOWED(GROUP R-X)Problem conclusion The product code was modified to delete the working directory at the application level when a J2EE application is deleted. Changes to the product documentation were also made to instruct customers to modify the application server startup procedure to explicitly set the UMASK to a value that grants write permissions to the group to which the application server belongs. In addition, the documentation was updated to instruct customers to add the System Management (SM) user to all RACF groups defined for J2EE application servers. APAR PQ60198 requires changes to documentation. NOTE: Periodically, we refresh the documentation on our Web site, so the changes might have been made before you read this text. To access the latest on-line documentation, go to the product library page at: http://www.ibm.com/software/webservers/appserv/zos_os390/ WebSphere Application Server V4.0.1 for z/OS and OS/390 Assembling J2EE Applications (SA22-7836-04) will be changed as follows: Chapter 8. Creating a J2EE server run-time environment Subtopic "Steps for completing manual z/OS or OS/390 tasks" In Step 4 on page 140, add the following guideline: To enable WebSphere for z/OS to delete temporary, application-created files when an application is uninstalled from a J2EE server, you need to define both of the following to the same RACF group: The server region identity that you specify when you create the J2EE server; this identity is the user ID under which the server region runs. This user ID must match an entry in the RACF STARTED class and have appropriate RACF authorizations for a server region. Any systems management user IDs (for example, CBADMIN) that might be used to start the WebSphere for z/OS Administration application to uninstall applications from this J2EE server. You also must change the default umask value that sets permission bits for application-created files, as instructed in "Steps for creating JCL procedures for the control and server regions" on page 141. For further information about RACF authorizations for server regions, systems management user IDs, and file permissions, see the section on setting up security in Chapter 2 of WebSphere Application Server V4.0.1 for z/OS and OS/390: Installation and Customization. Chapter 8. Creating a J2EE server run-time environment Subtopic "Steps for creating JCL procedures for the control and server regions" Change Step 2 on page 141, as follows: Also in your PROCLIB, create a new member named J2SERV1 (the JCL procedure name you will later specify to WLM). Copy the BBOASR2S sample member from BBO.SBBOJCL into this new member, and make appropriate updates according to comments in the file. For example: - Edit the IWMSSNM parameter to use the server instance name you will specify in the WebSphere for z/OS Administration application: IWMSSNM= J2SERV1 - Change the default umask value so that the user IDs for the server region and systems management user IDs (such as CBADMIN) have write permission to remove temporary, application-created files when the application is uninstalled from the J2EE server. On the JCL EXEC statement, specify the following: PARM= ENVAR("_EDC_UMASK_DFLT=xxx") where xxx is the umask value to use. Recommendation: IBM recommends that you use a umask value of 007, which means that files created by applications running in the server region will have permission bits set to 770. Other umask values of the form x0x are acceptable. For further information about RACF authorizations for server regions, systems management user IDs, and file permissions, see the section on setting up security in Chapter 2 of WebSphere Application Server V4.0.1 for z/OS and OS/390: Installation and Customization. APAR PQ60198 is associated with SERVICE LEVEL W401096 of WebSphere Application Server V4.0.1 for z/OS and OS/390.Temporary fix Comments
APAR is sysrouted FROM one or more of the following: APAR is sysrouted TO one or more of the following: UQ69549 Modules/Macros
|
Document Information |
Product categories: Software > Application Servers >
Distributed Application & Web Servers > WebSphere Application
Server for z/OS
Operating system(s):
Software version: 401
Software edition:
Reference #: PQ60198
IBM Group: Software Group
Modified date: Oct 2, 2002
(C) Copyright IBM Corporation 2000, 2006. All Rights Reserved.