Restrictions in a multiprocess, multiuser environment

Programs that change the security environment cannot run in a multiprocess, multiuser environment. A multiprocess, multiuser environment is an environment in which there are multiple z/OS UNIX processes in an address space (enabled by the environment variable _BPX_SHAREAS=YES.) Each process has a different MVS™ identity; that is, it has its own process-level ACEE anchored at the TCB (TCBSenv) level. To prevent a user running under one MVS identity from affecting all the other processes in the address space, or creating a new process with an identity other than the one the user is running under, certain callable services are restricted.

These z/OS UNIX callable services are restricted in a multiprocess, multiuser environment, and will fail with JRMpMuProcess:
  • BPX1ATM/BPX4ATM (attach_execMVS) — ASM only
  • BPX1ATX/BPX4ATX (attach_exec) — ASM only
  • BPX1SEG/BPX4SEG (setegid)
  • BPX1SGI/BPX4SGI (setgid)
  • BPX1SPN/BPX4SPN (spawn family)
  • BPX1SRG/BPX4SRG (setregid)

See the descriptions of these callable services for further information about the restrictions.

Parent topic: Invocation details for callable services