IBM Security Z Security

We've started using the zSecure server in self-connect mode so we can remove READ permissions from the RACF DB for most users. One consequence is that displays in Command Output Browse or CKRTSPRT now have 9 characters inserted at the start of each line of output to show system ID, which is obviously useful for remote access and command routing, but perhaps less so in self-connect mode.

Users have reported that long lines of command output are now truncated by up to 9 characters - for example in Command Verifier messages at the end of a resource listing. The LRECL for CKRTSPRT and SYSPRINT is hard-coded as 137, with RECFM VBA, in exec C2REWORK; we could increase that with a usermod, but we'd like to avoid that if possible.

Is there a way of suppressing the additional 9 characters inserted in output lines by the zSecure server, or any other way of avoiding the output truncation? 

Thanks

------------------------------
Sandy Malcolm
------------------------------

Hi Sandy
That is a really good observation.  Unfortunately, prefixing command output is a hard-coded function in the command execution module (CKX).  Please open an RFE so your suggestion can be taken into account for future versions.

------------------------------
Rob van Hoboken
------------------------------

Original Message:
Sent: Wed April 01, 2020 09:54 AM
From: Sandy Malcolm
Subject: zSecure server: Truncated output

We've started using the zSecure server in self-connect mode so we can remove READ permissions from the RACF DB for most users. One consequence is that displays in Command Output Browse or CKRTSPRT now have 9 characters inserted at the start of each line of output to show system ID, which is obviously useful for remote access and command routing, but perhaps less so in self-connect mode.

Users have reported that long lines of command output are now truncated by up to 9 characters - for example in Command Verifier messages at the end of a resource listing. The LRECL for CKRTSPRT and SYSPRINT is hard-coded as 137, with RECFM VBA, in exec C2REWORK; we could increase that with a usermod, but we'd like to avoid that if possible.

Is there a way of suppressing the additional 9 characters inserted in output lines by the zSecure server, or any other way of avoiding the output truncation? 

Thanks

------------------------------
Sandy Malcolm
------------------------------

Thanks Rob; I've opened RFE 141445 with details of the issue.

------------------------------
Sandy Malcolm
------------------------------

Original Message:
Sent: Thu April 02, 2020 10:44 AM
From: Rob van Hoboken
Subject: zSecure server: Truncated output

Hi Sandy
That is a really good observation.  Unfortunately, prefixing command output is a hard-coded function in the command execution module (CKX).  Please open an RFE so your suggestion can be taken into account for future versions.

------------------------------
Rob van Hoboken

Original Message:
Sent: Wed April 01, 2020 09:54 AM
From: Sandy Malcolm
Subject: zSecure server: Truncated output

We've started using the zSecure server in self-connect mode so we can remove READ permissions from the RACF DB for most users. One consequence is that displays in Command Output Browse or CKRTSPRT now have 9 characters inserted at the start of each line of output to show system ID, which is obviously useful for remote access and command routing, but perhaps less so in self-connect mode.

Users have reported that long lines of command output are now truncated by up to 9 characters - for example in Command Verifier messages at the end of a resource listing. The LRECL for CKRTSPRT and SYSPRINT is hard-coded as 137, with RECFM VBA, in exec C2REWORK; we could increase that with a usermod, but we'd like to avoid that if possible.

Is there a way of suppressing the additional 9 characters inserted in output lines by the zSecure server, or any other way of avoiding the output truncation? 

Thanks

------------------------------
Sandy Malcolm
------------------------------