New Informational Displays in OS/390
Mark S. Hahn, Consul Risk Management
OS/390 is making security and audit’s job much easier -- while simultaneously making it more challenging! The depth of this article is introductory: there are many more levels of information available. It is hoped this introduces readers to some of the newer displays provided by OS/390.
For those of us who grew up with the TSO command: TOD, the operator DISPLAY IPLINFO is an old friend.
| DISPLAY IPLINFO IEE254I hh.mm.ss IPLINFO DISPLAY nnn SYSTEM IPLED AT hh.mm.ss ON date RELEASE SP6.0.n USED LOADxx IN SYS1.PARMLIB ON uuuu IEASYM LIST = xx IEASYS LIST=(xx,yy) (OP) |
In OS/390 Release 2 concatenated parmlibs made the scene. GREAT! Not content to make us secure a singular data set (SYS1.PARMLIB), we now have up to 10 more! Not only can the members come from a multitude of data sets, but that list is dynamic and can change! What’s a security administrator to do? Simple: use the DISPLAY PARMLIB operator command, and scan SYSLOG for IEE252I messages. (There are other alternatives for assembler and REXX programmers).
| D PARMLIB IEE251I 06.13.53 PARMLIB DISPLAY 053 PARMLIB DATA SETS SPECIFIED AT IPL -OR- AT 11.05.14 ON 02/13/1998 ENTRY FLAGS VOLUME DATA SET 1 S V98SYS MARK.PARMLIB1 2 S DEFVOL SYS1.PARMLIB 3 S V98SYS MARK.PARMLIB2 |
Another parmlib informational display, in SYSLOG without any effort on your part, is the message detailing which member was used by OS/390 and in which logical parmlib data set it was found. Much of the IPL information remains in SYSLOG as well.
| IEE252I MEMBER LPALST09 FOUND IN
MARK.PARMLIB2 IEE252I MEMBER IEAPAK00 FOUND IN SYS1.PARMLIB IEE252I MEMBER IEAFIXRF FOUND IN MARK.PARMLIB1 |
DISPLAY PROG,LNKLST and D PROG,LNKLST,NAMES are probably the two most useful commands for displaying the new (OS/390 R3) Dynamic Linklist information. The first command displays the Linklist currently in use while the second displays the names (and data set names) of all active Linklist sets in the system.
| D PROG,LNKLST LNKLST SET LNKLSTA LNKAUTH=APFTAB ENTRY APF VOLUME DSNAME 1 A volum1 SYS2.LINKLIB 2 A volum2 SYS1.LINKLIB 3 A SMS PROD.LINKLIB |
Strictly speaking, SMF data is not an informational display, it is however, a source of information for reporting purposes. The new type 90 SMF records include: subtype 29 - Dynamic LNKLST activation.
So as you can see, as OS/390 provides more means of controlling our environment, it also provides us with more means of reviewing it as well. This article is intended to introduce you to the new displays.