Restrictions in a multiprocess, multiuser environment
Programs that change the security environment cannot run in a multiprocess, multiuser environment. A multiprocess, multiuser environment is an environment in which there are multiple z/OS UNIX processes in an address space (enabled by the environment variable _BPX_SHAREAS=YES.) Each process has a different MVS™ identity; that is, it has its own process-level ACEE anchored at the TCB (TCBSenv) level. To prevent a user running under one MVS identity from affecting all the other processes in the address space, or creating a new process with an identity other than the one the user is running under, certain callable services are restricted.
These z/OS UNIX callable
services are restricted in a multiprocess, multiuser environment,
and will fail with JRMpMuProcess:
- BPX1ATM/BPX4ATM (attach_execMVS) — ASM only
- BPX1ATX/BPX4ATX (attach_exec) — ASM only
- BPX1SEG/BPX4SEG (setegid)
- BPX1SGI/BPX4SGI (setgid)
- BPX1SPN/BPX4SPN (spawn family)
- BPX1SRG/BPX4SRG (setregid)
See the descriptions of these callable services for further information about the restrictions.