IBM Support

OA64013: CKR0529 12 INVALID ACCESS VALUE "CREATE "

A fix is available

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • CKR0529 12 Invalid ACCESS VALUE "CREATE ".
    
    This is seen when a select or exclude for ACCESS or INTENT with
    a value of CREATE is specified for NEWLIST TYPE=SMF.
    

Local fix

  • Do not generate CARLa code for NEWLIST TYPE=SMF reports from
    SENSDSN reports using the RISK field, as RISK can contain
    CREATE for non-existent datasets defined in PARMLIB members such
    as PROGxx.
    

Problem summary

  • ****************************************************************
    * USERS AFFECTED: Users of zSecure Audit exploiting the        *
    *                 "Sensitive Data Set Names" report (newlist   *
    *                 type SENSDSN) and SMF reports (newlist type  *
    *                 SMF).                                        *
    ****************************************************************
    * PROBLEM DESCRIPTION: zSecure Audit has following issues:     *
    *                       - Field RISK of the newlist type       *
    *                         SENSDSN reports an undocumented      *
    *                         value 'CREATE'.                      *
    *                       - Record filter (SELECT/EXCLUDE) on    *
    *                         that value results in a MSGCKR1166.  *
    *                       - When record filter on the            *
    *                         ACCESS/INTENT field's value 'CREATE' *
    *                         is applied against SMF reports, a    *
    *                         MSGCKR0529 is displayed.             *
    ****************************************************************
    * RECOMMENDATION: Apply the PTF provided and review the        *
    *                 documentation updates.                       *
    ****************************************************************
    1. The zSecure CARLa Command Reference does not document the
       value 'CREATE' reported by the RISK field of newlist type
       SENSDSN.
    2. When record filter on the RISK field for newlist type SENSDSN
       contains a 'CREATE' value (like SELECT RISK=CREATE), the
       zSecure Audit displays a MSGCKR1166 which begins with the
       text "A CREATE access level was not expected...".
    3. When record filter on the ACCESS/INTENT fields for newlist
       type SMF contains a 'CREATE' value (like SELECT INTENT>=
       CREATE), the zSecure Audit displays a MSG CKR0529 which
       begins with the text 'Invalid ACCESS VALUE "CREATE ".
    

Problem conclusion

  • zSecure Audit has been modified so that:
     - The value 'CREATE' reported by the RISK field of the newlist
       type SENSDSN is documented.
     - The value 'CREATE' is allowed in record filters on the RISK
       field for newlist type SENSDSN.
     - The value 'CREATE' is allowed in record filters on the
       ACCESS/INTENT fields for newlist type SMF.
    Please note the documentation changes as provided by the APAR
    tracking comment data.
    

Temporary fix

Comments

APAR Information

  • APAR number

    OA64013

  • Reported component name

    ZSEC BASE,ADMIN

  • Reported component ID

    5655T0100

  • Reported release

    250

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2022-11-24

  • Closed date

    2022-12-02

  • Last modified date

    2023-01-03

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Modules/Macros

  • CKAINPH  CKRINPO  GKRINPH  GKRINPO
    

Fix information

  • Fixed component name

    ZSEC BASE,ADMIN

  • Fixed component ID

    5655T0100

Applicable component levels

  • R250 PSY UJ09674

       UP22/12/03 P F212

Fix is available

  • Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSPQTM","label":"IBM Security zSecure Admin"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"250","Line of Business":{"code":"LOB24","label":"Security Software"}}]

Document Information

Modified date:
05 January 2023