Using the APF statement

Use the APF statement to specify the following:

The format (dynamic or static) of the APF-authorized library list.
Program libraries to be added to the APF list.
Program libraries to be deleted from the APF list.

The system automatically adds SYS1.LINKLIB and SYS1.SVCLIB to the APF list at IPL. In addition, any module in the link pack area (pageable LPA, modified LPA, fixed LPA, or dynamic LPA) will be treated by the system as though it came from an APF-authorized library. Ensure that you have properly protected SYS1.LPALIB and any other library that contributes modules to the link pack area to avoid system security and integrity exposures, just as you would protect any APF-authorized library.

If you specify a dynamic APF list format in PROGxx, you can update the APF list at any time during normal processing or at initial program load (IPL). You can also enter an unlimited number of libraries in the APF list.

If you specify a static APF list format in PROGxx, you can define the list only at IPL, and are limited to defining a maximum of 255 library names (SYS1.LINKLIB and SYS1.SVCLIB, which are automatically placed in the list at IPL, and up to 253 libraries specified by your installation).

Note:

If you currently specify APF-authorized libraries in the IEAAPFxx parmlib member, you can convert the format of IEAAPFxx to PROGxx using the IEAAPFPR REXX exec provided by IBM®. For information about how to perform this conversion, see Using the IEAAPFPR exec.
Except for concatenations opened during system initialization, an unauthorized library concatenated to any authorized libraries will cause the system to consider all the concatenated libraries unauthorized.
If you allow storage management subsystem (SMS) to manage a library, the system may move the library to a different volume during normal SMS processing. To ensure that the library retains authorization, specify SMS on its APF statement.
When LNKAUTH=APFTAB is specified, the system considers SYS1.MIGLIB and SYS1.CSSLIB to be APF-authorized when they are accessed as part of the concatenation (even when they are not included in the APF list).