IP Services: Permit intranode management network application to use OSM interfaces
Description
Beginning in z/OS V2R1, access to OSM interface information by using ioctls SIOCGIFNAMEINDEX, SIOCGHOMEIF6, and SIOCGIFCON6 has been restricted to applications with READ authorization to the EZB.OSM.sysname.tcpname resource.
Table 1 provides more details about this migration action. Use this information to plan your changes to the system.
| Element or feature: | z/OS Communications Server. |
|---|---|
| When change was introduced: | z/OS V2R1. |
| Applies to migration from: | z/OS V1R13. |
| Timing: | Before installing z/OS V2R2. |
| Is the migration action required? | Yes, if you run an application that requires OSM interface information by using the ioctls. |
| Target system hardware requirements: | None. |
| Target system software requirements: | None. |
| Other system (coexistence or fallback) requirements: | None. |
| Restrictions: | None. |
| System impacts: | None. |
| Related IBM Health Checker for z/OS check: | None. |
Steps to take
An applications that uses ioctls SIOCGIFNAMEINDEX, SIOCGHOMEIF6, or SIOCGIFCONF6 to retrieve OSM interface information requires authorization to the EZB.OSM.sysname.tcpname resource.
- If your security server is RACF, issue the following commands.
SETROPTS CLASSACT(SERVAUTH) SETROPTS RACLIST (SERVAUTH) RDEFINE SERVAUTH EZB.OSM.sysname.tcpprocname PERMIT EZB.OSM.sysname.tcpname CLASS(SERVAUTH) - ID(userid) ACCESS(READ) SETROPTS RACLIST(SERVAUTH) REFRESH - If you use a different security server, perform the equivalent steps.
Reference information
For more information, see OSM access control in z/OS Communications Server: IP Configuration Guide.