The fchaudit callable service changes the types of access to a file to be audited for the security product. You identify the file by its file descriptor.
For the corresponding service using a pathname, see chaudit (BPX1CHA, BPX4CHA) — Change audit flags for a file by path.
Operation | Environment |
---|---|
Authorization: | Supervisor state or problem state, any PSW key |
Dispatchable unit mode: | Task |
Cross memory mode: | PASN = HASN |
AMODE (BPX1FCA): | 31-bit |
AMODE (BPX4FCA): | 64-bit |
ASC mode: | Primary mode |
Interrupt status: | Enabled for interrupts |
Locks: | Unlocked |
Control parameters: | All parameters must be addressable by the caller and in the primary address space. |
|
AMODE 64 callers use BPX4FCA with the same parameters.
The name of a fullword containing the file descriptor of the file to be changed.
Value | Description |
---|---|
AUDTREADFAIL | Audit failing read requests. |
AUDTREADSUCCESS | Audit successful read requests. |
AUDTWRITEFAIL | Audit failing write requests. |
AUDTWRITESUCCESS | Audit successful write requests. |
AUDTEXECFAIL | Audit failing execute or search requests. |
AUDTEXECSUCCESS | Audit successful execute or search requests. |
The name of a fullword where the fchaudit service returns 0 if the request is successful, or -1 if it is not successful.
Return_code | Explanation |
---|---|
EBADF | The File_descriptor parameter is not a valid file descriptor. |
EINVAL | The Option_code parameter is incorrect, or File_descriptor refers to an unnamed pipe and fchaudit is not allowed on such a file. |
EPERM | The effective user ID of the calling process does not match the owner of the file, the calling process does not have appropriate privileges (see Authorization), or if Option_code indicated that the auditor audit flags were to be changed, then the user may not have had auditor authority. |
EROFS | The specified file is on a read-only file system. The following reason code can accompany the return code: JRReadOnlyFS. |
The name of a fullword where the fchaudit service stores the reason code. The fchaudit service returns Reason_code only if Return_value is -1. Reason_code further qualifies the Return_code value. For the reason codes, see z/OS UNIX System Services Messages and Codes.
You can get auditor authority by issuing the TSO/E command ALTUSER Auditor.
There are no restrictions on the use of the fchaudit service.
See BPX1FCA (fchaudit) example for an example using this callable service.