z/OS Security Server RACF Diagnosis Guide
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


Command tracing

z/OS Security Server RACF Diagnosis Guide
GA32-0886-00

Command tracing can be useful when diagnosing command errors and can be used with any command in z/OS Security Server RACF Command Language Reference that supports the AT keyword. It provides a step-by-step history of how the command text is parsed and rebuilt by the RACF® command envelope module and can be used to determine which TSO macros are used. It can help determine if the problem is in the command envelope module or the command processor load module and also determine where a failure occurred during command parsing and rebuilding.

To obtain a command trace, do:
  1. At the operator console, activate SET TRACE(IMAGE).
  2. From a TSO terminal in TSO READY mode or from ISPF Option 6 (Command), do one or more of:
    • Issue a RACF command and append the two characters -c (note there's a leading blank between the command and the two characters) to obtain a trace of the command buffer. This keyword is the most useful and is recommended over the others.
    • Issue a RACF command and append the two characters -t (note there's a leading blank between the command and the two characters) to obtain a trace of the TSO macros used during the parsing of the RACF command and to obtain a trace of the command buffer.
    • Issue a RACF command and append the two characters -n (note there's a leading blank between the command and the two characters) to not run the command.
  3. Output is sent to the user's TSO terminal.
Note:
  1. The three characters that are added to the end of the command must be entered exactly as shown and in lowercase letters only. That is, the command image must be followed by one blank space, either -c, -t, or -n and no trailing blanks.
  2. Each of these keywords does one thing, but can be issued on the same command together to get multiple results. For example, -c -n would trace, but not run the command.
  3. If you front-end commands, ensure that this information about the command buffer is passed to RACF:
    • The command alias name (for example, AG, ADDGROUP, and so on) is still the first thing in the buffer
    • The -c, -t, and -n are the last characters in the buffer (with no trailing blanks).
  4. Do not use the common command exit, IRREVX01, to put trace characters in the command buffer. Doing this causes a parse error.

See Front-ending RACF commands for additional information about front-ending RACF commands.

Parent topic: Obtaining trace records using the SET TRACE command

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014