Lizette,

Thank you for your reply. I will look into the MVS OE newsgroup. We are
using RACF. If I ask enough I do get some authority, they just don't
want to give it all away. The RACF guy made some changes but I still don't see
anybody else when I do a "ps -ef". As root they see all processes.
No real error messages , just a limitation I'd think others may have
encountered. Currently the pids of interest (SyslogD, Named, etc.) are stored
in
files. I just can't display them.


Thanks again, Dave H.






"Lizette Koehler" <starsoul@...>
Sent by: os390andmvs@yahoogroups.com

To

<os390andmvs@yahoogroups.com>
09/28/2008 08:59 AM
cc


Subject
Please respond to RE:
[SPAM]AW: [OS390 and MVS] USS and appropriate privileges
os390andmvs@yahoogroups.com














You might also try the IBM-MAIN or MVS OE newsgroup for this question.





What is your security product? RACF, ACF2, Top Secret?





For each one you need to setup the OMVS segment.





If you are RACF, there is also a RACF newsgroup that might be good as well.
Or
the ACF2 newsgroup if you are ACF2 user. I have not found a Top Secret
newsgroup
at this time.





The OMVS Segment needs to have a UID/GID and home directory specified. Since
you
did not include an SAF error messages, I am not sure what might be missing.





At the time of your error, did you look in SYSLOG for supporting error
messages?
They may be prefixed with BPX.  Any activity done in the MVS Shell (OMVS or
ISHELL) will spawn a BPX task.  This task may produce messages in syslog that
are
not sent to the user’s session.





Lizette














From: os390andmvs@yahoogroups.com [mailto:os390andmvs@yahoogroups.com] On
Behalf
Of Wolfgang
Sent: Monday, September 15, 2008 5:49 PM
To: os390andmvs@yahoogroups.com
Subject: [SPAM]AW: [OS390 and MVS] USS and appropriate privileges








Hello David,


well z/OS Unix is not other Unixes. IBM has put in great effords to avoid the
superuser privileges. For your specific question you might look at "su" command
which allows you to change the euid of your process to 0. This is controlled by
the RACF FACILITY class profile BPX.SUPERUSER. But there is more: with RACF
UNIXPRIV class you are able to give selective superuser priviliges to
individual
tasks. The best documentation about this can be found in IBM's "z/OS Unix
System
Services Planning" manual.





Cheers,


Wolfgang



--- David.L.Hansen@... <David.L.Hansen@...> schrieb
am
Fr, 12.9.2008:


Von: David.L.Hansen@... <David.L.Hansen@...>
Betreff: [OS390 and MVS] USS and appropriate privileges
An: os390andmvs@yahoogroups.com
Datum: Freitag, 12. September 2008, 19:54



Dear Group,

We are running z/OS V1R8. In the *NIX world may things require root
access.
The easy path was just make everybody a UID of 0. We are trying not
to do that with my userid.
However without being a superuser all I see from my ps -ef is this:

SY4019:/SYSTEM/ etc: >ps -ef
UID PID PPID C STIME TTY TIME CMD
SY4019 50331802 1 - 13:04:13 ? 0:03 OMVS
SY4019 83886258 50331802 - 16:07:53 ttyp0000 0:03 -sh
SY4019 67109053 83886258 - 17:42:48 ttyp0000 0:00 ps -ef
SY4019:/SYSTEM/ etc: >

I read the System Services Command Reference about ps and it says I will
only see those processes "the user" has approriate privileges to access.
It goes on to say it will support a list of users with the -U option. I
did
not see an /etc/shadow file on the system that would have alist of all
users. I typed in sudo, but got: "sudo: FSUM7351 not found".

Q). What solutions have the rest of you come up with to use a
non-superuser
ID in Openedition and still be able to get anything done?

Thank you, Dave H.

Disclaimer: Information in this message or an attachment may be
government
data and thereby subject to the Minnesota Government Data Practices Act,
Minnesota Statutes, Chapter 13, may be subject to attorney-client or work
product privilege, may be confidential, privileged, proprietary, or
otherwise protected, and the unauthorized review, copying,
retransmission,
or other use or disclosure of the information is strictly prohibited. If
you
are not the intended recipient of this message, please immediately notify
the sender of the transmission error and then promptly delete this
message
from your computer system.



__________________________________________________
Do You Yahoo!?
Sie sind Spam leid? Yahoo! Mail verfügt über einen herausragenden Schutz
gegen
Massenmails.
http://mail.yahoo.com


Disclaimer: Information in this message or an attachment may be government data
and thereby subject to the Minnesota Government Data Practices Act, Minnesota
Statutes, Chapter 13, may be subject to attorney-client or work product
privilege, may be confidential, privileged, proprietary, or otherwise protected,
and the unauthorized review, copying, retransmission, or other use or disclosure
of the information is strictly prohibited. If you are not the intended recipient
of this message, please immediately notify the sender of the transmission error
and then promptly delete this message from your computer system.