A fix is available
APAR status
Closed as program error.
Error description
RDZ V9110 INTERNAL DEFECTS AND ENHANCEMENTS - RSE
Local fix
n/a
Problem summary
**************************************************************** * USERS AFFECTED: 01.All RDz users. * * 02.All RDz Remote z/OS Search users * * 03.All RDz search function users * * 04.RDz administrators and users * * 05.RDz administrators and users * * 06.All RDz users * * 07.System administrators who check the * * server log * * 08.All RDz users using APPC TSO command * * server * * 09.All RDz users who login by certificates * * 10.All RDz users using DBCS text * * 11.All RDz users who connect to an APPC * * enabled RDz server * * 12.RDz administrators who run daemon ivp * * 13.All RDz users * * 14.RDz administrators * * 15.All RDz users * * 16.All RDz users * * 17.All RDz users * * 18.All RDz users * * 19.All RDz users * * 20.All RDz users with 64-bit JVM * * 21.All RDz users * * 22.All RDz users * * 23.All RDz users * * 24.All RDz users * * 25.system programmer * **************************************************************** * PROBLEM DESCRIPTION: 01.z/OS files deleted using RDz Host * * Connection Emulator (HCE) still * * appear in Remote Systems view * * filter following a refresh of that * * filter. Rdz User is required to * * disconnect/reconnect to the host in * * order to see the expected file list * * under filter in Remote Systems * * view. * * 02.RDz Remote z/OS Search consumed * * more CPU time with highest update * * frequency than lower frequencies. * * 03.Rational Developer for System z * * Remote search results incomplete * * when using * * -Dsearch.server.limit.datasets=nnn * * * * The difference can be observed when * * comparing results against TSO * * Search * * * * Analysis shows the search is * * canceled due to the rsed.envvars * * parameter * * -Dsearch.server.limit.datasets not * * counting datasets but actually * * counts "Number of sequential * * datasets" + "Number of PDS members" * * * * The text in rsed.envvars and Host * * Configuration Guide (SC23-7658-12) * * is using incorrect z/OS terms and * * is therefore confusing: * * #_RSE_JAVAOPTS="$_RSE_JAVAOPTS * * -Dsearch.server.limit.datasets=0" * * Limit the resource usage of * * non-indexed file and text searches. * * The default is 0 (no limit). * * Uncomment and customize this * * directive to stop a search after * * the specified number of data sets * * has been scanned. * * 04.Updates to support client triggered * * log collection * * 05.Unneeded temporary log file remains * * on server * * 06.Updates to support RACF password * * phrase * * 07.NullPointerException is logged * * without the privilege on the user * * log directory * * 08.Passwords in APPC TSO command * * server are visible * * 09.User can login using revoked * * certificate * * 10.Host log shows unexpected message * * U_BUFFER_OVERFLOW_ERROR * * 11.APPC command server in RDz server * * should use passtickets * * 12.RDz server is updated to handle a * * special condition while the daemon * * ivp program is going to disconnect * * 13.If an IO/security exception occurs * * in RDz server while downloading a * * big sequential data set, * * *rejectLogon status that is marked * * on a RDz server process sometimes * * remains set. * * 14.RDz server does not handle * * requesting user id correctly while * * checking the RACF profiles to * * manage log collection requests * * 15.When a user inputs very long * * password string, RDz server does * * not correctly return an error to * * client. * * 16.An allocation error occurred in * * ISPF gateway when RDz client * * disconnected even in * * "RSE_DSICALL=TSO" specified in * * rsed.envvars. * * 17.NullPointerException occurred in * * MVSfileSystemMiner when the session * * was shut-downed during startup. * * 18.There is no way for RDz client to * * know the actual server version. * * This can be a problem under some * * conditions. * * 19.When RDz user does not have RACF * * access to the APPL class, the * * response said "USERID is revoked" * * when using a password, and "Invalid * * Certificate" in using a * * certificate. The error message in * * the client dialog is quite * * misleading. * * 20.RDz remembers the datasets which * * caused IEC150I 913-38 error and * * next time RDz will show the error * * to the client user without actual * * access to the datasets. But this * * capability does not work in JVM * * 64-bit mode. * * 21.RDs fails to update a dataset with * * an abend 0C4 in function putFile. * * 22.RDz fails to save a PDS member and * * generates an abend 0C1 in function * * closeOutputFile() from * * libfekfmain.so. * * 23.The following trace entry is logged * * in rseserver.log but USER:userid * * shows the RDz Daemon Id. * * USER:userid should show Client * * userId. USER:userid INFO : * * MVSLockInfoHandler : queryLockOwner * * Resource= * * 24.In RDz, a remote search including * * unauthorized datasets ends up in * * abend U4091 and U4039 when the * * ERRCOUNT is specified as LE runtime * * option and the search thread * * encounters the 913-38 errors more * * than the ERRCOUNT value. * * 25.removal of enable.saf.check in * * rsed.envvars * **************************************************************** * RECOMMENDATION: * **************************************************************** 01.When a dataset at the top or bottom of an Remote System View filter in the RDz client was deleted by other processes, the RDz server failed to update the status of it in refreshing the filter. 02.The RDz server got search target datasets for each filter string from MVS in every remote search resume. 03.The search limit key name for scanned files was not matched with the term of z/OS. 04.Updates to support collecting host and client logs from client UI 05.Unneeded temporary log file remains on server after client completes collecting logs 06.Updates to support RACF password phrase 07.NullPointerException is output to the server log file, when a user does not have enough privilege to get the directory information of each user's log directory. Except that the exception is output, the program works as designed without any other problems. 08.When RDz server is configured to use APPC TSO command server, the passwords of the users who currently log in are visible in a memory dump image. 09.A user can login using a revoked certificate via "Remote daemon" z/OS connection with certificate authentication method. 10.Host log shows unexpected message U_BUFFER_OVERFLOW_ERROR when the local code page is windows-31j or MS932 and the host code page is IBM-1390. 11.RDz server with APPC command server enabled assumes RDz client passes user id and password and the passed password should be valid while the client is connecting. If the passed password has a short life time like a passticket, when the password is expired, RDz server can not call APPC command server correctly and it causes errors. 12.RDz server running the RSE Daemon IVP multiple times sometimes results in NullPointerException, if is configured with single.logon=true. 13.When RDz client starts editing a big sequential data set, an RDz server process is marked *rejectLogon while downloading the content and it can be seen by display process console command. If an IO/security exception occurs while downloading it, *rejectLogon status sometimes remains set, and the process marked *rejectLogon does not handle a new client any more. 14.RDz server does not handle the user id who becomes the owner of the collecting log and the authority often falls into the universal access authority of a defined RACF profile. 15.When a user inputs very long password string, RDz server does not correctly return an error to client. 16.ISPFFUNC=SHUTDOWN is invoked even when the "RSE_DSICALL=TSO" is specified in rsed.envvars. 17.NullPointerException occurred in MVSfileSystemMiner finish() when the session was shut-downed during startup. 18.There is no way for RDz client to know the actual server version. This can be a problem under some conditions. 19.When RDz user does not have RACF access to the APPL class, the response said "USERID is revoked" when using a password, and "Invalid Certificate" in using a certificate. The error message in the client dialog is quite misleading. 20.ICH408I "INSUFFICIENT ACCESS AUTHORITY" is shown in zOS console for every client action to access the dataset. 21.RDz client frequently sends C_LIST_DATASET command to RDz server to get the attributes of the dataset. But TSO Command gateway sometimes fails to process the listds command. This error in TSO gateway causes the abend 0C4 in function putFile. 22.RDz fails to save a PDS member and generates an abend 0C1 in function closeOutputFile() from libfekfmain.so. 23.The following trace entry is logged in rseserver.log but USER:userid shows the RDz Daemon Id. USER:userid should show Client userId. USER:userid INFO : MVSLockInfoHandler : queryLockOwner Resource= 24.In RDz, a remote search including unauthorized datasets ends up in abend U4091 and U4039 when the ERRCOUNT is specified as LE runtime option and the search thread encounters the 913-38 errors more than the ERRCOUNT value. 25.Rational Developer for System z (RDz) no longer supports the rsed.envvars variable enable.saf.check. Customers using version 85 or higher can use the related search.server.limit.errcount variable instead.
Problem conclusion
01.The RDz server was fixed to update all datasets status shown by a filter in the client, when a refresh action for it was invoked. 02.The RDz server was fixed to improve search resume performance by creating dataset caches for each filter string in a search and its resumes. 03.The RDz server was fixed to use a proper limit key name for scanned files; rsed.envvars variable search.server.limit.datasets is renamed to search.server.limit.scanned_objects. 04.Enhancement to support client triggered log collection 05.Remove the temporary log files when client does not require them any more 06.Enhancement to support RACF password phrase 07.Program is updated not to show NullPointerException when the privilege on the directory is not enough. 08.The code is updated to encrypt the passwords in APPC TSO command server. 09.The code is updated to check the CRL on a LDAP server in a remote daemon connection. 10.The code is updated to allocate enough buffer not to cause U_BUFFER_OVERFLOW_ERROR. 11.RDz server is updated not to expect client to pass password but to generate passticket internally. The APPLID for this passticket must be the partner-LU, and must be defined as _FEKFSCMD_PARTNER_LU_ variable in rsed.envvars. 12.Some object data in a session data for a daemon ivp are null as they are not null for a usual RDz client. When a previous daemon ivp session is cleaned up by the next daemon ivp session, these null values causes NullPointerException. RDz server code is updated to inore the null objects while cleaning up the ivp daemon session data. 13.RDz server is updated to clear *rejectLogon status even if any exception occurs while downloading a big sequential data set. 14.The code is updated to handle the user id correctly and to handle a log collection request according to the defined RACF profiles properly. 15.The code is updated to handle long password string. 16.Now, ISPFFUNC=SHUTDOWN is not invoked when the "RSE_DSICALL=TSO" is specified in rsed.envvars. 17.Now, MVSfileSystemMiner finish() will check the status so that it could not bring about NPE. 18.There is a mechanism that DataStore client and server exchange their versions during the connection establishment phase. The DataStore server version is controlled by the property of DSTORE_VERSION. Now, RDz daemon picks up the server version from SMP information and sets the server version forcibly to the DSTORE_VERSION property. 19.Now, the following message will be shown when RDz user does not have RACF access to the APPL class: "server failure: User, userid has insufficient permission to profile FEKAPPL in the APPL class. RACROUTE AUTH returned SAF return code = nn - RACF return code = nn RACF reason code = nn" 20.Now, the same RACF protection message is shown only once in zOS console even when the client tries to access the dataset to which the client does not have appropriate access authority. 21.Now, the following client actions are always executed as "Address TSO" environment: - C_ALLOCATE - C_DELETE - C_LIST_DATASET 22.Now, closeOutputFile() routine will not be abended 23.Now, USER:userid will show Client userId in queryLockOwner trace entry. 24.The search thread will be canceled before the number of 913-38 errors exceeds the ERRCOUNT value. 25.Rational Developer for System z (RDz) no longer supports the rsed.envvars variable enable.saf.check. Customers using version 85 or higher can use the related search.server.limit.errcount variable instead.
Temporary fix
Comments
APAR Information
APAR number
PI18677
Reported component name
RD/Z HOST
Reported component ID
5724T0723
Reported release
910
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2014-05-27
Closed date
2014-12-05
Last modified date
2014-12-09
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Modules/Macros
FEKFCMSG FEKFENVR FEKFMAIN FEKFMAI6 FEKFMINE FEKFOMVS FEKFTSO FEKFZOS
Fix information
Fixed component name
RD/Z HOST
Fixed component ID
5724T0723
Applicable component levels
R910 PSY UI23650
UP14/12/09 I 1000
Fix is available
Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.
[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSJK49","label":"IBM Developer for z Systems"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"9.1","Edition":"","Line of Business":{"code":"LOB35","label":"Mainframe SW"}},{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SG19M","label":"APARs - z\/OS environment"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"9.1","Edition":"","Line of Business":{"code":"","label":""}}]
Document Information
Modified date:
27 October 2020