OA67273: CKN125I 08 I/O REQUEST WITHOUT ALLOC - INTERMITTENTLY SEEN WHEN RESTRICTING ACCESS TO ROUTE RACF COMMANDS VIA CKNSERVE

Obtain the fix for this APAR.

APAR status

• Closed as program error.

Error description

• CKN125I 08 I/O request without alloc - intermittently seen when
  restricting access to route RACF commands via CKNSERVE.
  

Local fix

• N/A
  

Problem summary

• ****************************************************************
  * USERS AFFECTED: Users of zSecure Admin exploiting zSecure    *
  *                 services for remote data access.             *
  ****************************************************************
  * PROBLEM DESCRIPTION: zSecure ISPF interface might enter an   *
  *                      infinite loop in cases where RACF       *
  *                      commands that are generated by CKRCARLA *
  *                      are routed to a remote system using     *
  *                      zSecure services for remote data        *
  *                      access.                                 *
  ****************************************************************
  * RECOMMENDATION: Apply the PTF provided and review            *
  *                 documentation updates.                       *
  ****************************************************************
  When RACF commands that are generated by CKRCARLA are routed to
  a remote system using zSecure services for remote data access
  and remote allocation of the CKRCMD data set failed (either
  because of additional security measures as described by zSecure
  Installation and Deployment Guide (Chapter 9. Setup for remote
  data access and command routing, section "Setup for secure
  communication using AT-TLS", section "Additional security
  measures" or because of other reasons), zSecure ISPF interface
  might enter an infinite loop and MSGCKN125I which begins with
  the text "I/O request without alloc ..." might be observed in
  the remote zSecure Server's log/SYSPRINT.
  

Problem conclusion

• zSecure Admin has been modified, so that zSecure ISPF interface
  does not enter an infinite loop in cases where allocation of the
  remote CKRCMD data set failed but an error message is issued
  instead. Please note the documentation updates as provided by
  the APAR tracking comment data.
  

Temporary fix

Comments

APAR Information

• APAR is sysrouted FROM one or more of the following:

• APAR is sysrouted TO one or more of the following:

  UJ96682

Modules/Macros

• CKGTSOP  CKRADSN  CKRTSO   CKXTSO   GKRADSN  GKRTSO
  

Fix information

• Fixed component name

  ZSEC BASE,ADMIN

• Fixed component ID

  5655T0100

Applicable component levels

• R310 PSY UJ96682

     UP25/02/21 P F502

Fix is available

• Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.