With z/OS version 1.9, the default setting of the ALLOWUSERKEYCSA parameter has been changed to NO, prohibiting the allocation of CSA storage in a non-privileged storage key. In past releases of Adabas Cluster Services and Adabas Parallel Services, its data structures in common storage (PLXCB and subordinate control blocks) were stored in user key storage. Due to the change of the ALLOWUSERKEYCSA default, you must either:
Change the ALLOWUSERKEYCSA setting in z/OS 1.9 to YES. In this case, you need do nothing more, but you incur the security risk that unauthorized programs might modify storage owned by Adabas Cluster Services and Adabas Parallel Services.
Accept the ALLOWUSERKEYCSA default setting in z/OS 1.9 (NO), thus eliminating the security risk. If you choose this option, however, you will need to modify your Adabas Cluster Services or Adabas Parallel Services installation and the Adabas Cluster Services, Adabas Parallel Services, and ADACOM startup procedures to use a system key. This document provides information on modifying the Adabas Cluster Services and the startup procedures to use a system key and on the prerequisites for doing so.
This document covers the following topics:
The following requirements and recommendations apply when modifying the CSA storage key:
The Adabas version 8 ADASVC is required. This procedure, when used with the Adabas 8 ADASVC, supports Adabas 7 and 8 used with Adabas Cluster Services versions 7.4 and 8, and with Adabas Parallel Services versions 7.4, 7.5 and 8. Older releases of Adabas Cluster Services or Adabas Parallel Services may require that some fixes be applied before attempting this, so be sure to check the Knowledge Center of Software AG's Empower (at https://empower.softwareag.com) web site for them.
APF authorization is required to be assigned a system key. Adabas Parallel Services and Adabas Cluster Services nuclei must run authorized, but utilities and classic nuclei may bypass APF authorization by applying an optional fix to ADASVC. If APF authorization is not in effect and the execution JCL has been modified as described below, the following message will appear during initiation:
IEF188I PROBLEM PROGRAM ATTRIBUTES ASSIGNED
In general, you can modify the CSA key one system at a time for each database. On each system, you can apply the modifications to each DBID/SVC combination independently. One exception to this is when ADACOM controls more than one DBID/SVC pair. In this case, you must modify all DBID/SVC combinations defined to that ADACOM at the same time. All database member nuclei on the system using that ADASVC or ADACOM must be stopped and restarted.
The modification to the CSA storage key involves the use of program name
ADARUNK, which is an alias for ADARUN. When your modifications are complete
(see the steps below), your installation and all of the appropriate execution
JCL will have been changed to use ADARUNK (PGM=ADARUNK) instead of
ADARUN. Once this is done, z/OS will assign a system key to all tasks for the
nuclei or ADACOM processes. Although only ADACOM tasks and nuclei associated
with Adabas Cluster Services or Adabas Parallel Services obtain CSA storage and are required to perform these
modification steps to avoid using a user key, the ADARUNK program can also be
used for classic Adabas nuclei and utilities.
To modify the CSA storage key to a system key:
Add the following entry for program ADARUNK to an active Program Properties Table description in SYS1.PARMLIB(SCHEDxx):
PPT PGMNAME(ADARUNK) KEY(4)
Activate the new PPT entry. This will occur automatically at the next
IPL, or you can use the z/OS operator command SET
SCH(xx) to activate it without an IPL.
Optionally, create permissions for the FACILITY class resource IEAABD.DMPAKEY to allow SYSUDUMP to include system key storage.
When executing with a system key, SYSUDUMP will not contain the system key storage. The following message will appear:
IEA848I DUMP SUPPRESSED - ABDUMP MAY NOT DUMP STORAGE FOR KEY 0-7
Since cluster nuclei and ADACOM may obtain large storage objects, we
suggest including a //SVCDUMP DD statement in the execution JCL
instead of a //SYSUDUMP DD statement. Otherwise, enable SYSUDUMP
for system key tasks by permitting the user to have read access to the
IEAABD.DMPAKEY resource in the FACILITY class. For more information, refer to
your z/OS Security Server (RACF) Security Administrator’s
Guide.
Examine the Adabas load library to see if an entry exists for ADARUNK. If it does not, create an alias ADARUNK for member ADARUN. You can do this using programs such as PDSTOOLS or the freeware PDS or use the Linker/Binder to relink ADARUN and create the alias:
//LINK EXEC PGM=IEWL,PARM=’Map,Let,List(All),Ncal’
//SYSPRINT DD SYSOUT=*
//SYSLMOD DD DSNAME=<Adabas load library>,DISP=SHR
//SYSLIN DD *
Include SYSLMOD(ADARUN)
Order RUNMVS,USRZAP,RUNIND
Mode AMode(31),RMode(24)
Setcode AC(1)
Entry RUNMVS
Alias ADARUNK
Name ADARUN(R)
/*
Stop all Adabas Parallel Services and Adabas Cluster Services member nuclei that use the same DBID/SVC pair.
Any existing user key PLXCB structures for a DBID/SVC combination must be deleted. This happens automatically at the next IPL or if ADASVC is reinstalled using ADASIP.
ADACOM may be used to deallocate the PLXCB without an IPL by specifying NU=0 for every DBID/SVC pair, and then stop and restart ADACOM.
The following sequence of operator commands may also be used to deallocate a PLXCB after stopping all nuclei but before stopping ADACOM:
F <ADACOM job>,DBID=<dbid>,SVC=<svc>,ADAEND F <ADACOM job>,DBID=<dbid>,SVC=<svc>,NU=0
If ADACOM is running and controlling the database, it must be stopped.
Caution:
If ADACOM is controlling more than one DBID/SVC pair, all pairs
must be processed at the same time.
Modify the startup JCL for each Adabas Parallel Services or Adabas Cluster Services member nucleus and ADACOM to specify program ADARUNK instead of ADARUN. For example, for an Adabas Parallel Services or Adabas Cluster Services nucleus you might specify:
//NUC240 EXEC PGM=ADARUNK
For an ADACOM startup procedure, you might specify:
//ALSvrs EXEC PGM=ADARUNK,REGION=4M,TIME=nnnnn
Modify the JCL for each Adabas Parallel Services or Adabas Cluster Services member nucleus and ADACOM to
include a //SVCDUMP DD DUMMY statement.
Restart all ADACOM jobs and Adabas Parallel Services and Adabas Cluster Services nuclei that you stopped in Step 5.
Repeat steps 5 through 10 for each DBID/SVC pair.
Caution:
If ADACOM is controlling more than one DBID/SVC pair, all pairs
must be processed at the same time.