OA64013: CKR0529 12 INVALID ACCESS VALUE "CREATE "

Obtain the fix for this APAR.

APAR status

• Closed as program error.

Error description

• CKR0529 12 Invalid ACCESS VALUE "CREATE ".
  
  This is seen when a select or exclude for ACCESS or INTENT with
  a value of CREATE is specified for NEWLIST TYPE=SMF.
  

Local fix

• Do not generate CARLa code for NEWLIST TYPE=SMF reports from
  SENSDSN reports using the RISK field, as RISK can contain
  CREATE for non-existent datasets defined in PARMLIB members such
  as PROGxx.
  

Problem summary

• ****************************************************************
  * USERS AFFECTED: Users of zSecure Audit exploiting the        *
  *                 "Sensitive Data Set Names" report (newlist   *
  *                 type SENSDSN) and SMF reports (newlist type  *
  *                 SMF).                                        *
  ****************************************************************
  * PROBLEM DESCRIPTION: zSecure Audit has following issues:     *
  *                       - Field RISK of the newlist type       *
  *                         SENSDSN reports an undocumented      *
  *                         value 'CREATE'.                      *
  *                       - Record filter (SELECT/EXCLUDE) on    *
  *                         that value results in a MSGCKR1166.  *
  *                       - When record filter on the            *
  *                         ACCESS/INTENT field's value 'CREATE' *
  *                         is applied against SMF reports, a    *
  *                         MSGCKR0529 is displayed.             *
  ****************************************************************
  * RECOMMENDATION: Apply the PTF provided and review the        *
  *                 documentation updates.                       *
  ****************************************************************
  1. The zSecure CARLa Command Reference does not document the
     value 'CREATE' reported by the RISK field of newlist type
     SENSDSN.
  2. When record filter on the RISK field for newlist type SENSDSN
     contains a 'CREATE' value (like SELECT RISK=CREATE), the
     zSecure Audit displays a MSGCKR1166 which begins with the
     text "A CREATE access level was not expected...".
  3. When record filter on the ACCESS/INTENT fields for newlist
     type SMF contains a 'CREATE' value (like SELECT INTENT>=
     CREATE), the zSecure Audit displays a MSG CKR0529 which
     begins with the text 'Invalid ACCESS VALUE "CREATE ".
  

Problem conclusion

• zSecure Audit has been modified so that:
   - The value 'CREATE' reported by the RISK field of the newlist
     type SENSDSN is documented.
   - The value 'CREATE' is allowed in record filters on the RISK
     field for newlist type SENSDSN.
   - The value 'CREATE' is allowed in record filters on the
     ACCESS/INTENT fields for newlist type SMF.
  Please note the documentation changes as provided by the APAR
  tracking comment data.
  

Temporary fix

Comments

APAR Information

• APAR is sysrouted FROM one or more of the following:

• APAR is sysrouted TO one or more of the following:

Modules/Macros

• CKAINPH  CKRINPO  GKRINPH  GKRINPO
  

Fix information

• Fixed component name

  ZSEC BASE,ADMIN

• Fixed component ID

  5655T0100

Applicable component levels

• R250 PSY UJ09674

     UP22/12/03 P F212

Fix is available

• Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.