Command tracing can be useful when diagnosing command errors and
can be used with any command in z/OS Security Server RACF Command Language Reference that
supports the AT keyword. It provides a step-by-step history of how
the command text is parsed and rebuilt by the RACF® command envelope module and
can be used to determine which TSO macros are used. It can help determine
if the problem is in the command envelope module or the command processor
load module and also determine where a failure occurred during command
parsing and rebuilding.
To obtain a command trace, do:
- At the operator console, activate SET TRACE(IMAGE).
- From a TSO terminal in TSO READY mode or from ISPF Option 6 (Command),
do one or more of:
- Issue a RACF command and
append the two characters -c (note there's a leading
blank between the command and the two characters) to obtain a trace
of the command buffer. This keyword is the most useful and is recommended
over the others.
- Issue a RACF command and
append the two characters -t (note there's a leading
blank between the command and the two characters) to obtain a trace
of the TSO macros used during the parsing of the RACF command and to obtain a trace of the command
buffer.
- Issue a RACF command and
append the two characters -n (note there's a leading
blank between the command and the two characters) to not run the command.
- Output is sent to the user's TSO terminal.
Note: - The three characters that are added to the end of the command
must be entered exactly as shown and in lowercase letters only. That
is, the command image must be followed by one blank space, either -c, -t,
or -n and no trailing blanks.
- Each of these keywords does one thing, but can be issued on the
same command together to get multiple results. For example, -c
-n would trace, but not run the command.
- If you front-end commands, ensure that this information about
the command buffer is passed to RACF:
- The command alias name (for example, AG, ADDGROUP, and so on)
is still the first thing in the buffer
- The -c, -t, and -n are
the last characters in the buffer (with no trailing blanks).
- Do not use the common command exit, IRREVX01, to put trace characters
in the command buffer. Doing this causes a parse error.
See Front-ending RACF commands for additional information
about front-ending RACF commands.