IBM Support

PI18677: RDZ V9110 INTERNAL DEFECTS AND ENHANCEMENTS - RSE

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • RDZ V9110 INTERNAL DEFECTS AND ENHANCEMENTS - RSE
    

Local fix

  • n/a
    

Problem summary

  • ****************************************************************
    * USERS AFFECTED: 01.All RDz users.                            *
    *                 02.All RDz Remote z/OS Search users          *
    *                 03.All RDz search function users             *
    *                 04.RDz administrators and users              *
    *                 05.RDz administrators and users              *
    *                 06.All RDz users                             *
    *                 07.System administrators who check the       *
    *                    server log                                *
    *                 08.All RDz users using APPC TSO command      *
    *                    server                                    *
    *                 09.All RDz users who login by certificates   *
    *                 10.All RDz users using DBCS text             *
    *                 11.All RDz users who connect to an APPC      *
    *                    enabled RDz server                        *
    *                 12.RDz administrators who run daemon ivp     *
    *                 13.All RDz users                             *
    *                 14.RDz administrators                        *
    *                 15.All RDz users                             *
    *                 16.All RDz users                             *
    *                 17.All RDz users                             *
    *                 18.All RDz users                             *
    *                 19.All RDz users                             *
    *                 20.All RDz users with 64-bit JVM             *
    *                 21.All RDz users                             *
    *                 22.All RDz users                             *
    *                 23.All RDz users                             *
    *                 24.All RDz users                             *
    *                 25.system programmer                         *
    ****************************************************************
    * PROBLEM DESCRIPTION: 01.z/OS files deleted using RDz Host    *
    *                         Connection Emulator (HCE) still      *
    *                         appear in Remote Systems view        *
    *                         filter following a refresh of that   *
    *                         filter. Rdz User is required to      *
    *                         disconnect/reconnect to the host in  *
    *                         order to see the expected file list  *
    *                         under filter in Remote Systems       *
    *                         view.                                *
    *                      02.RDz Remote z/OS Search consumed      *
    *                         more CPU time with highest update    *
    *                         frequency than lower frequencies.    *
    *                      03.Rational Developer for System z      *
    *                         Remote search results incomplete     *
    *                         when using                           *
    *                         -Dsearch.server.limit.datasets=nnn   *
    *                                                              *
    *                         The difference can be observed when  *
    *                         comparing results against TSO        *
    *                         Search                               *
    *                                                              *
    *                         Analysis shows the search is         *
    *                         canceled due to the rsed.envvars     *
    *                         parameter                            *
    *                         -Dsearch.server.limit.datasets not   *
    *                         counting datasets but actually       *
    *                         counts "Number of sequential         *
    *                         datasets" + "Number of PDS members"  *
    *                                                              *
    *                         The text in rsed.envvars and Host    *
    *                         Configuration Guide (SC23-7658-12)   *
    *                         is using incorrect z/OS terms and    *
    *                         is therefore confusing:              *
    *                         #_RSE_JAVAOPTS="$_RSE_JAVAOPTS       *
    *                         -Dsearch.server.limit.datasets=0"    *
    *                         Limit the resource usage of          *
    *                         non-indexed file and text searches.  *
    *                         The default is 0 (no limit).         *
    *                         Uncomment and customize this         *
    *                         directive to stop a search after     *
    *                         the specified number of data sets    *
    *                         has been scanned.                    *
    *                      04.Updates to support client triggered  *
    *                         log collection                       *
    *                      05.Unneeded temporary log file remains  *
    *                         on server                            *
    *                      06.Updates to support RACF password     *
    *                         phrase                               *
    *                      07.NullPointerException is logged       *
    *                         without the privilege on the user    *
    *                         log directory                        *
    *                      08.Passwords in APPC TSO command        *
    *                         server are visible                   *
    *                      09.User can login using revoked         *
    *                         certificate                          *
    *                      10.Host log shows unexpected message    *
    *                         U_BUFFER_OVERFLOW_ERROR              *
    *                      11.APPC command server in RDz server    *
    *                         should use passtickets               *
    *                      12.RDz server is updated to handle a    *
    *                         special condition while the daemon   *
    *                         ivp program is going to disconnect   *
    *                      13.If an IO/security exception occurs   *
    *                         in RDz server while downloading a    *
    *                         big sequential data set,             *
    *                         *rejectLogon status that is marked   *
    *                         on a RDz server process sometimes    *
    *                         remains set.                         *
    *                      14.RDz server does not handle           *
    *                         requesting user id correctly while   *
    *                         checking the RACF profiles to        *
    *                         manage log collection requests       *
    *                      15.When a user inputs very long         *
    *                         password string, RDz server does     *
    *                         not correctly return an error to     *
    *                         client.                              *
    *                      16.An allocation error occurred in      *
    *                         ISPF gateway when RDz client         *
    *                         disconnected even in                 *
    *                         "RSE_DSICALL=TSO" specified in       *
    *                         rsed.envvars.                        *
    *                      17.NullPointerException occurred in     *
    *                         MVSfileSystemMiner when the session  *
    *                         was shut-downed during startup.      *
    *                      18.There is no way for RDz client to    *
    *                         know the actual server version.      *
    *                         This can be a problem under some     *
    *                         conditions.                          *
    *                      19.When RDz user does not have RACF     *
    *                         access to the APPL class, the        *
    *                         response said "USERID is revoked"    *
    *                         when using a password, and "Invalid  *
    *                         Certificate" in using a              *
    *                         certificate. The error message in    *
    *                         the client dialog is quite           *
    *                         misleading.                          *
    *                      20.RDz remembers the datasets which     *
    *                         caused IEC150I 913-38 error and      *
    *                         next time RDz will show the error    *
    *                         to the client user without actual    *
    *                         access to the datasets. But this     *
    *                         capability does not work in JVM      *
    *                         64-bit mode.                         *
    *                      21.RDs fails to update a dataset with   *
    *                         an abend 0C4 in function putFile.    *
    *                      22.RDz fails to save a PDS member and   *
    *                         generates an abend 0C1 in function   *
    *                         closeOutputFile() from               *
    *                         libfekfmain.so.                      *
    *                      23.The following trace entry is logged  *
    *                         in rseserver.log but USER:userid     *
    *                         shows the RDz Daemon Id.             *
    *                         USER:userid should show Client       *
    *                         userId. USER:userid INFO :           *
    *                         MVSLockInfoHandler : queryLockOwner  *
    *                         Resource=                            *
    *                      24.In RDz, a remote search including    *
    *                         unauthorized datasets ends up in     *
    *                         abend U4091 and U4039 when the       *
    *                         ERRCOUNT is specified as LE runtime  *
    *                         option and the search thread         *
    *                         encounters the 913-38 errors more    *
    *                         than the ERRCOUNT value.             *
    *                      25.removal of enable.saf.check in       *
    *                         rsed.envvars                         *
    ****************************************************************
    * RECOMMENDATION:                                              *
    ****************************************************************
    01.When a dataset at the top or bottom of an Remote System View
       filter in the RDz client was deleted by other processes, the
       RDz server failed to update the status of it in refreshing
       the filter.
    02.The RDz server got search target datasets for each filter
       string from MVS in every remote search resume.
    03.The search limit key name for scanned files was not matched
       with the term of z/OS.
    04.Updates to support collecting host and client logs from
       client UI
    05.Unneeded temporary log file remains on server after client
       completes collecting logs
    06.Updates to support RACF password phrase
    07.NullPointerException is output to the server log file, when
       a user does not have enough privilege to get the directory
       information of each user's log directory. Except that the
       exception is output, the program works as designed without
       any other problems.
    08.When RDz server is configured to use APPC TSO command
       server, the passwords of the users who currently log in are
       visible in a memory dump image.
    09.A user can login using a revoked certificate via "Remote
       daemon" z/OS connection with certificate authentication
       method.
    10.Host log shows unexpected message U_BUFFER_OVERFLOW_ERROR
       when the local code page is windows-31j or MS932 and the
       host code page is IBM-1390.
    11.RDz server with APPC command server enabled assumes RDz
       client passes user id and password and the passed password
       should be valid while the client is connecting. If the
       passed password has a short life time like a passticket,
       when the password is expired, RDz server can not call APPC
       command server correctly and it causes errors.
    12.RDz server running the RSE Daemon IVP multiple times
       sometimes results in NullPointerException, if is configured
       with single.logon=true.
    13.When RDz client starts editing a big sequential data set, an
       RDz server process is marked *rejectLogon while downloading
       the content and it can be seen by display process console
       command. If an IO/security exception occurs while
       downloading it, *rejectLogon status sometimes remains set,
       and the process marked *rejectLogon does not handle a new
       client any more.
    14.RDz server does not handle the user id who becomes the owner
       of the collecting log and the authority often falls into the
       universal access authority of a defined RACF profile.
    15.When a user inputs very long password string, RDz server
       does not correctly return an error to client.
    16.ISPFFUNC=SHUTDOWN is invoked even when the "RSE_DSICALL=TSO"
       is specified in rsed.envvars.
    17.NullPointerException occurred in MVSfileSystemMiner finish()
       when the session was shut-downed during startup.
    18.There is no way for RDz client to know the actual server
       version. This can be a problem under some conditions.
    19.When RDz user does not have RACF access to the APPL class,
       the response said "USERID is revoked" when using a password,
       and "Invalid Certificate" in using a certificate. The error
       message in the client dialog is quite misleading.
    20.ICH408I "INSUFFICIENT ACCESS AUTHORITY" is shown in zOS
       console for every client action to access the dataset.
    21.RDz client frequently sends C_LIST_DATASET command to RDz
       server to get the attributes of the dataset. But TSO Command
       gateway sometimes fails to process the listds command. This
       error in TSO gateway causes the abend 0C4 in function
       putFile.
    22.RDz fails to save a PDS member and generates an abend 0C1 in
       function closeOutputFile() from libfekfmain.so.
    23.The following trace entry is logged in rseserver.log but
       USER:userid shows the RDz Daemon Id. USER:userid should show
       Client userId. USER:userid INFO : MVSLockInfoHandler :
       queryLockOwner Resource=
    24.In RDz, a remote search including unauthorized datasets ends
       up in abend U4091 and U4039 when the ERRCOUNT is specified
       as LE runtime option and the search thread encounters the
       913-38 errors more than the ERRCOUNT value.
    25.Rational Developer for System z (RDz) no longer supports the
       rsed.envvars variable enable.saf.check. Customers using
       version 85 or higher can use the related
       search.server.limit.errcount variable instead.
    

Problem conclusion

  • 01.The RDz server was fixed to update all datasets status shown
       by a filter in the client, when a refresh action for it was
       invoked.
    02.The RDz server was fixed to improve search resume
       performance by creating dataset caches for each filter
       string in a search and its resumes.
    03.The RDz server was fixed to use a proper limit key name for
       scanned files; rsed.envvars variable
       search.server.limit.datasets is renamed to
       search.server.limit.scanned_objects.
    04.Enhancement to support client triggered log collection
    05.Remove the temporary log files when client does not require
       them any more
    06.Enhancement to support RACF password phrase
    07.Program is updated not to show NullPointerException when the
       privilege on the directory is not enough.
    08.The code is updated to encrypt the passwords in APPC TSO
       command server.
    09.The code is updated to check the CRL on a LDAP server in a
       remote daemon connection.
    10.The code is updated to allocate enough buffer not to cause
       U_BUFFER_OVERFLOW_ERROR.
    11.RDz server is updated not to expect client to pass password
       but to generate passticket internally. The APPLID for this
       passticket must be the partner-LU, and must be defined as
       _FEKFSCMD_PARTNER_LU_ variable in rsed.envvars.
    12.Some object data in a session data for a daemon ivp are null
       as they are not null for a usual RDz client. When a previous
       daemon ivp session is cleaned up by the next daemon ivp
       session, these null values causes NullPointerException. RDz
       server code is updated to inore the null objects while
       cleaning up the ivp daemon session data.
    13.RDz server is updated to clear *rejectLogon status even if
       any exception occurs while downloading a big sequential data
       set.
    14.The code is updated to handle the user id correctly and to
       handle a log collection request according to the defined
       RACF profiles properly.
    15.The code is updated to handle long password string.
    16.Now, ISPFFUNC=SHUTDOWN is not invoked when the
       "RSE_DSICALL=TSO" is specified in rsed.envvars.
    17.Now, MVSfileSystemMiner finish() will check the status so
       that it could not bring about NPE.
    18.There is a mechanism that DataStore client and server
       exchange their versions during the connection establishment
       phase. The DataStore server version is controlled by the
       property of DSTORE_VERSION. Now, RDz daemon picks up the
       server version from SMP information and sets the server
       version forcibly to the DSTORE_VERSION property.
    19.Now, the following message will be shown when RDz user does
       not have RACF access to the APPL class: "server failure:
       User, userid has insufficient permission to profile FEKAPPL
       in the APPL class. RACROUTE AUTH returned SAF return code =
       nn - RACF return code = nn RACF reason code = nn"
    20.Now, the same RACF protection message is shown only once in
       zOS console even when the client tries to access the dataset
       to which the client does not have appropriate access
       authority.
    21.Now, the following client actions are always executed as
       "Address TSO" environment: - C_ALLOCATE - C_DELETE -
       C_LIST_DATASET
    22.Now, closeOutputFile() routine will not be abended
    23.Now, USER:userid will show Client userId in queryLockOwner
       trace entry.
    24.The search thread will be canceled before the number of
       913-38 errors exceeds the ERRCOUNT value.
    25.Rational Developer for System z (RDz) no longer supports the
       rsed.envvars variable enable.saf.check. Customers using
       version 85 or higher can use the related
       search.server.limit.errcount variable instead.
    

Temporary fix

Comments

APAR Information

  • APAR number

    PI18677

  • Reported component name

    RD/Z HOST

  • Reported component ID

    5724T0723

  • Reported release

    910

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2014-05-27

  • Closed date

    2014-12-05

  • Last modified date

    2014-12-09

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Modules/Macros

  • FEKFCMSG FEKFENVR FEKFMAIN FEKFMAI6 FEKFMINE
    FEKFOMVS FEKFTSO  FEKFZOS
    

Fix information

  • Fixed component name

    RD/Z HOST

  • Fixed component ID

    5724T0723

Applicable component levels

  • R910 PSY UI23650

       UP14/12/09 I 1000

Fix is available

  • Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.

[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSJK49","label":"IBM Developer for z Systems"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"9.1","Edition":"","Line of Business":{"code":"LOB35","label":"Mainframe SW"}},{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SG19M","label":"APARs - z\/OS environment"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"9.1","Edition":"","Line of Business":{"code":"","label":""}}]

Document Information

Modified date:
27 October 2020