IBM Support

Open errors messages generated from TCPIP processes

Troubleshooting


Problem

Error messages are generated when a command or program that uses TCP/IP services is run. These messages indicate a failure to open the UNIX file /etc/resolv.conf. The program may run to successful completion with no other indication of an error, or may experience resolver failures (DNS lookup errors). Similar problems may occur with other UNIX files used as inputs, such as /etc/hosts, /etc/ipnodes, /etc/protocol, or /etc/services,.

Symptom

The error messages are similar to the following:
   IEC104I 00000006,jobname,step ,SYS00001-000,IGGS0OP1,0004,00000013,
/etc/resolv.conf

   IEC141I 013-C0,IGG0199G,jobname,step,SYS00001

Cause

Part of the process of initializing TCP/IP services includes reading the configuration files that affect resolver processing. One of the files in this search order is /etc/resolv.conf. If the UNIX file protection bits do not allow this file to be opened by the user, the above error messages will be seen. Resolver processing treats the failure to open the file as a reason to continue down the search order. If a later file provides all of the information needed to allow successful completion of any name resolution calls, no error will be returned to the calling program.

These messages should have been accompanied with a security violation. Check the logs associated with the SAF product in use on your system (if using RACF, an ICH408I message would have been generated).

Resolving The Problem

Verify that the /etc/resolv.conf is an intended input for all users. If it is not, then use some other file in the search order that is unique to the desired processes and delete the /etc/resolv.conf file. See the Resolver configuration files section of the IP Configuration Guide for more information.

If you decide to use /etc/resolv.conf:

  • Verify that the UNIX file protection bits on the /etc directory allow any user to perform a directory search (the execute bit).
  • Verify that the UNIX file protection bits on the resolv.conf file allow any user to read the file.

The file protection bits can be listed by the UNIX ls -l command (sample output shown below with the referenced bits highlighted). These values can be changed using one of the following methods:

[{"Product":{"code":"SSSN3L","label":"z\/OS Communications Server"},"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Component":"All","Platform":[{"code":"PF035","label":"z\/OS"}],"Version":"1.6;1.7;1.8;1.9;1.10;1.11;1.12;1.13;2.1;2.2;2.3","Edition":"","Line of Business":{"code":"LOB35","label":"Mainframe SW"}}]

Document Information

Modified date:
15 June 2018

UID

swg21223276