General
Application area: | Requesting and accessing lists and tables; see "Requesting and accessing lists and tables" |
Macro type: | Type S, MF format 2: standard/E/L/M/C/D form; see "S-type macros" |
Macro description
In order to provide better protection for privileged system services against unauthorized access the SECOS software product allows privileges possessed by the holder of the
TSOS user ID (system administration) in earlier versions to be assigned to various management facilities, each responsible for a subarea of the system administration. Each of these facilities possesses only the system privileges which it requires for its tasks. Details of how these privileges are distributed can be found in the “SECOS” manual [14 (Related publications)].
Using the CHKPRV macro, users can check in their program whether the job running the program possesses one or more of these system privileges. 31 system privileges can be checked. The result of the check is entered in the standard header of the data area as a return code (see return code table following the operand description).
Macro format and description of operands
CHKPRV |
PRIV=(priv[,priv]...) ,MF=S / E / L / C / D / M [,PARAM=addr / (r)] ,PREFIX=S / p ,MACID=RMC / macid |
PRIV=
Specifies the system privilege to be checked.
(priv[,priv]...)
Descriptions of the privileges to be checked. If several privileges are specified, the return code “No error” is given if the job possesses at least one of these privileges.
The following overview lists the possible values for priv with the corresponding system privileges:
|
|
CUPRV001 | Flexibly assigned by system administration |
FTACADM | FTAC administration |
FTADM | File transfer administration |
GUAADM | System global guard administration |
HSMSADM | HSMS administration |
HWMAINT | Hardware online maintenance |
NETADM | Network administration |
NOTIFADM | Notification service administration |
OPERATING | BS2000 system operation |
POSIXADM | POSIX user administration |
PROPADM | Programming of administration procedures |
PRSRVADM | SPOOL administration |
SATFEVAL | SAT file evaluation |
SATFMGMT | SAT file management |
SECADM | Security administration |
STDPROC | Using user commands |
SUBSMGMT | Subsystem management |
SWMONADM | Software monitor administration |
TAPEADM | Tape administration |
TAPEKEYADM | Encryption Key management for tapes |
TSOS | TSOS privileges which are not assigned to any of the other management |
USERADM | User administration |
VMPRIV | Virtual machine administration |
VM2ADM | VM2000 administration |
MF=
For a general description of the MF operand, its operand values and any subsequent operands (e.g. PREFIX, MACID and PARAM), see section “S-type macros”. The valid MF values are given at the start of the macro description under “Macro type” and are included in the macro format.
A PREFIX can be specified in the C form, D form or M form of the macro and a MACID in the C form or M form (see section “S-type macros”).
Return information and error flags
Standard header:
+---------------+ | | | | | |0|0|b|b|a|a|a|a| +---------------+
The following return code relating to the macro CHKPRV is transferred in the standard header (bb=Subcode1, aaaa=Maincode):
X'bb' | X'aaaa' | Meaning |
X'00' | X'0000' | Function successfully executed. The task possesses at least one of the specified |
X'00' | X'0002' | The task possesses none of the specified privileges |
X'01' | X'0003' | Operand error: illegal specification for privileges |
X'20' | X'00FF' | System error |
Other return codes which, in accordance with conventions, apply to all macros are given in the table “Standard return codes” (Standard header).
The calling program is terminated when the following errors occur:
The data area is not assigned to the caller.
The data area is not aligned on a word boundary.
The data area is protected against write access.