Closed vmorris closed 2 years ago
Further investigation yields this message:
21:47:38 MSG FROM RACFVM : ICH408I USER(ETPGXJS ) GROUP(GXJS ) NAME(IBM DALLAS )
21:47:38 MSG FROM RACFVM : TATAC05.ETPGXKU CL(VMRDR )
21:47:38 MSG FROM RACFVM : INSUFFICIENT ACCESS AUTHORITY
21:47:38 MSG FROM RACFVM : ACCESS INTENT(UPDATE ) ACCESS ALLOWED(NONE )
@tmricht can you have a look please? Thanks!
@Jan, thanks for the notification. Sorry for the late reply, but I had to refreshen my brain first :-).
Can you please append (attach) the complete strace log to the ticket, this would help me a lot. Thanks. The vmur command uses the vmcp device driver interface for communication with the CP command layer. These errors are reported to the user but rarely interpreted by programs.
From the strace output it looks like the error occurs when closing the device with command "CLOSE D TO ETPGXKU RDR NAME kern...". This is done in function close_ur_device() and uses the vmcp() device driver, which just reports there error but does not act on any errors. Can you tell me the exact error number this command is failing with? So I can add a check. Thanks.
On what linux distro + version and what s390-tools version did the error occur?
I cannot reproduce the error at this time, and unfortunately I did not preserve the strace log.
This occurred on RHEL 8.4.
[root@dgbglbi bin]# vmur --version
vmur: Control virtual reader, punch, and printer version 2.15.1-5.el8
Copyright IBM Corp. 2007, 2017
Actually, I can reproduce it, here's the strace log:
https://gist.github.com/vmorris/ff12382a91c09ba8ada99f7eb9167c07
Thanks a lot and good to know you can reproduce the issue. As explained above, the error happens when closing the punch device 000d using a vmcp command. The error response of this command is not interpreted. So I need to know the exact error code to be returned in your case. Since we do not have such a RACF in place here in our lab, I would like you to rerun the command again with a modifed vmur program I modified for you. The only change is a printf statement to see the error return code from the close command, here is the output from my box:
[root@s8360046 vmur]# cat /etc/redhat-release Red Hat Enterprise Linux release 8.4 (Ootpa) [root@s8360046 vmur]# uname -a Linux s8360046.lnxne.boe 4.18.0-305.el8.s390x #1 SMP Thu Apr 29 09:06:01 EDT 2021 s390x s390x s390x GNU/Linux [root@s8360046 vmur]# ./vmur punch -r Makefile -u s8360047 -N kernel.img close_ur_device response PUN FILE 0328 SENT TO S8360047 RDR AS 0381 RECS 0008 CPY 001 A NOHOLD NOKEEP cprc:0 Reader file with spoolid 0328 created and transferred to S8360047. [root@s8360046 vmur]#
You just install the vmur program (I send it to your LN user-id as attachment) in a local directory and issue this command:
and send me the output, I need the lines in bold.
Thanks a lot.
@tmricht -
close_ur_device response RPIMGR032E YOU ARE NOT AUTHORIZED TO CLOSE TO TATAC05.ETPGXKU
HCPCSL007E Invalid userid - ETPGXKU
cprc:7
I ran into this issue where
vmur
thinks it was able to successfully punch and transfer a file to another system's reader, but in fact RACF is blocking it.I ran the command:
This was not obvious to me what the problem was, but I could see that no messages were being logged at the hardware console for either the driving or the receiving systems.
strace
gave some more details:Shouldn't
vmur
detectRPIMGR032E
and fail with a message back to the user?