A fix is available
APAR status
Closed as program error.
Error description
MSGCKR2216 received for multiple audit concerns applicable to the same UNIX file sensitivity type. For example: CKR2216 08 Inconsistent CONCERN for sensitivity "GlbIPNODES " ACCESS=WRIT-NX ignored: Can masquerade by redirecting all IP traffic to host names from all users' address spaces after the next CS Resolver setup modification Can masquerade by redirecting all IP traffic to mistyped host names from all users' address spaces after the next CS Resolver setup modification can be seen when GLOBALIPNODES is specified in the RESOLVER configuration.
Local fix
N/A
Problem summary
**************************************************************** * USERS AFFECTED: Users of zSecure Audit exploiting reports of * * the following types: RESOURCE, SENSDSN * * (Sensitive Data Set Names), TRUSTED (Users * * that can bypass security), and UNIX (UNIX * * System Services File System). * **************************************************************** * PROBLEM DESCRIPTION: zSecure Audit might issue a MSGCKR2216. * **************************************************************** * RECOMMENDATION: Apply the PTF provided and review the * * documentation updates. * **************************************************************** When zSecure Audit processes RESOURCE, SENSDSN (Sensitive Data Set Names), TRUSTED (Users that can bypass security), and/or UNIX (UNIX System Services File System) reports, it might issue a MSGCKR2216 which begins with the text "Inconsistent CONCERN for sensitivity...".
Problem conclusion
zSecure Audit has been modified so that no MSGCKR2216 is issued while processing RESOURCE, SENSDSN (Sensitive Data Set Names), TRUSTED (Users that can bypass security), and/or UNIX (UNIX System Services File System) reports. Please note the documentation updates as provided by the APAR tracking comment data.
Temporary fix
Comments
APAR Information
APAR number
OA63686
Reported component name
ZSEC BASE,ADMIN
Reported component ID
5655T0100
Reported release
250
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2022-08-25
Closed date
2022-11-25
Last modified date
2022-12-01
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
OA64017 UJ09584
Modules/Macros
C2R3RZ0I C2R3RZ0J C2R3RZ0K C2R3RZ0L C2R3RZ0M C2R3RZ0P C2R3RZ0Q C2R3SD16 C2R3SD17 C2R3SD18 C2R3SD19 C2R3SD1A C2R3UN1C C2R3UN1D C2R3UN1E C2R3UN1F C2R3UN1G CKAAU CKACFEA CKAFDEFA CKAGSENS CKANJE CKAOUCF CKAOUCIP CKAOUCIR CKAOUCIT CKAOUCMP CKAOUDBP CKAOUDBR CKAOUDCL CKAOUDDB CKAOUDDT CKAOUDGV CKAOUDJR CKAOUDP CKAOUDPK CKAOUDPN CKAOUDRT CKAOUDSC CKAOUDSG CKAOUDSN CKAOUDSQ CKAOUDTB CKAOUDTS CKAOUIMP CKAOUIMT CKAOUIN CKAOUJD CKAOUJN CKAOUJR CKAOUMD CKAOUMQN CKAOUMQP CKAOUMQQ CKAOUMQT CKAOUNIX CKAOURES CKAOUSDD CKAOUSEN CKAOUTRU CKAOUUPS CKAOUVMD CKAOUVTA CKAPSLG CKARLPA CKARMLPA CKARPROG CKASEND CKASENF CKASENI CKASENR CKASERI CKASMFI CKR31CFL CKR31CFS CKR32CFL CKR32CFS CKR41CFL CKR41CFS CKR42CFL CKR42CFS CKR51CFL CKR51CFS CKR52CFL CKR52CFS CKR53CFL CKR53CFS CKR54CFL CKR54CFS CKR55CFL CKR55CFS CKR56CFL CKR56CFS CKR61CFL CKR61CFS CKRAUTI CKRCFS CKRCFS2 CKRCFU CKRCFV CKRCKFIN CKRDB2A CKRDB2R CKRDBGS CKRESDV CKRESRC CKRGEVL CKRINLT CKRINPM CKRLMOD CKROBJC CKROUPK CKROURAC CKROURPT CKROUSK CKROUTKN CKROUVMR CKRSKEY CKRVCONF CKRXJPNC CKRXJPNV CKRXPLA GKR31CFL GKR31CFS GKR32CFL GKR32CFS GKR41CFL GKR41CFS GKR42CFL GKR42CFS GKR51CFL GKR51CFS GKR52CFL GKR52CFS GKR53CFL GKR53CFS GKR54CFL GKR54CFS GKR55CFL GKR55CFS GKR56CFL GKR56CFS GKR61CFL GKR61CFS GKRAU GKRAUTI GKRCFEA GKRCFS GKRCFS2 GKRCFU GKRCFV GKRCKFIN GKRDB2A GKRDB2R GKRDBGS GKRESDV GKRESRC GKRFDEFA GKRGEVL GKRGSENS GKRINLT GKRINPM GKRLMOD GKRNJE GKROBJC GKROUCF GKROUCIP GKROUCIR GKROUCIT GKROUCMP GKROUDBP GKROUDBR GKROUDCL GKROUDDB GKROUDDT GKROUDGV GKROUDJR GKROUDP GKROUDPK GKROUDPN GKROUDRT GKROUDSC GKROUDSG GKROUDSN GKROUDSQ GKROUDTB GKROUDTS GKROUIMP GKROUIMT GKROUIN GKROUJD GKROUJN GKROUJR GKROUMD GKROUMQN GKROUMQP GKROUMQQ GKROUMQT GKROUNIX GKROUPK GKROURAC GKROURES GKROURPT GKROUSDD GKROUSEN GKROUSK GKROUTKN GKROUTRU GKROUUPS GKROUVMD GKROUVMR GKROUVTA GKRPSLG GKRRLPA GKRRMLPA GKRRPROG GKRSEND GKRSENF GKRSENI GKRSENR GKRSERI GKRSKEY GKRSMFI GKRVCONF GKRXPLA
Fix information
Fixed component name
ZSEC BASE,ADMIN
Fixed component ID
5655T0100
Applicable component levels
R250 PSY UJ09584
UP22/11/29 P F211
Fix is available
Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSPQTM","label":"IBM Security zSecure Admin"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"250","Line of Business":{"code":"LOB24","label":"Security Software"}}]
Document Information
Modified date:
01 December 2022