|
|
|
The specification of which libraries are APF‑authorized differs slightly by z/OS release. See the IBM Initialization and Tuning Guide and Initialization and Tuning Reference for your release. For recent systems, the libraries are named in the parmlib member IEAAPFxx or the PROGxx members.
Specification through the PROGxx members allows dynamic alteration (effective immediately, not just at IPL) of the system’s list of APF‑authorized libraries. Some sites also use program products such as CA SYSVIEW or other authorized system programming tools to authorize libraries dynamically (regardless of the level of z/OS). CA Auditor can show you which libraries are authorized now, even if the logical Parmlib members have changed since IPL or libraries were dynamically authorized after IPL.
When libraries are specified as authorized but no volume is specified, the data set must be SMS‑managed for this authorization to be valid (all SMS‑managed data sets are cataloged). It is also possible to authorize a data set only if it is on the IPL volume or only if it is on the master catalog volume. When the IPL volume or the master catalog volume is required, z/OS resolves the volume at IPL and CA Auditor shows the real volser. When a library is authorized, the modules loaded from it are authorized regardless of how the data set was allocated‑whether from Joblib, Steplib, or Tasklib or accessed from LPA or LINKLST. (Tasklib includes ordinary JCL DD, TSO ALLOC, DYNALLOC, or SVC 99.)
| Copyright © 2009 CA. All rights reserved. | Tell Technical Publications how we can improve this information |