Hello,
I would like to run SSHD under control of COZBATCH but are instantly failing:
Th JCL is:
//SSHD PROC
//SSHD EXEC DTLSPAWN,REGION=0M,TIME=NOLIMIT,LOGLVL=-LT,
// CMD='/usr/sbin/sshd -f /etc/ssh/sshd_config'
//STDOUT DD SYSOUT=*
//STDERR DD SYSOUT=*
//SYSERR DD SYSOUT=*
//SYSOUT DD SYSOUT=*
The job fails with rc=1005 und issues the following trace data:
CoZBatch[N]: Copyright (C) 2005-2009 Dovetailed Technologies LLC. ALL rights reserved.
CoZBatch[N]: version 1.5.0 2009-11-16
CoZBatch[T]: <- setupEnvironment()
CoZBatch[T]: -> openDDs()
CoZBatch[D]: stdin file opened: //DD:STDIN
CoZBatch[D]: stdout file opened: //DD:STDOUT
CoZBatch[D]: stderr file opened: //DD:STDERR
CoZBatch[T]: <- openDDs()
CoZBatch[T]: -> logRegionSize()
CoZBatch[D]: region size requested = 0K, Actual below/above limit = 8680K / 1667072K
CoZBatch[T]: <- logRegionSize()
CoZBatch[T]: -> setupProgname()
CoZBatch[D]: geteuid=0
CoZBatch: executing given progname="/usr/sbin/sshd"
CoZBatch[T]: <- setupProgname(/usr/sbin/sshd)
CoZBatch[T]: -> spawnChild()
CoZBatch[D]: spawning progname=/usr/sbin/sshd
CoZBatch[D]: argv[0] = /usr/sbin/sshd
CoZBatch[D]: argv[1] = -f
CoZBatch[D]: argv[2] = /etc/ssh/sshd_config
CoZBatch[D]: current environment:
CoZBatch[D]: >LIBPATH=/lib:/usr/lib:.<
CoZBatch[D]: >_EDC_ADD_ERRNO2=1<
CoZBatch[D]: >HOME=/<
CoZBatch[D]: >_BPX_SHAREAS=MUST<
CoZBatch[D]: >_BPX_SPAWN_SCRIPT=YES<
CoZBatch[D]: >_BPXK_JOBLOG=STDERR<
CoZBatch[D]: >PATH=/bin:/usr/bin<
CoZBatch[E]: could not spawn: /usr/sbin/sshd - EDC5157I An internal error has occurred. (errno2=0x0B1B0473)
CoZBatch[T]: <- spawnChild()
CoZBatch[T]: <- run()
CoZBatch[W]: an error occurred; returning rc=1005
I understand that the reason-code means "JRLocalSpawnNotAllowed". I've looked up the BPX1SPN callable service, but didn't find anything that give me an indication, what the reason might be.
The (working) BPXBATCH looks like this:
//SSHD PROC
//SSHD EXEC PGM=BPXBATCH,REGION=0M,TIME=NOLIMIT,
// PARM='PGM /usr/sbin/sshd -f /etc/ssh/sshd_config
//CEEDUMP DD SYSOUT=*
//SYSERR DD PATH='/tmp/sshd.syserr',
// PATHOPTS=(OWRONLY,OCREAT,OTRUNC),
// PATHMODE=SIRWXU
//STDOUT DD PATH='/tmp/sshd.stdout',
// PATHOPTS=(OWRONLY,OCREAT,OTRUNC),
// PATHMODE=SIRWXU
//STDERR DD PATH='/tmp/sshd.stderr',
// PATHOPTS=(OWRONLY,OCREAT,OTRUNC),
// PATHMODE=SIRWXU
//SYSOUT DD PATH='/tmp/sshd.sysout',
// PATHOPTS=(OWRONLY,OCREAT,OTRUNC),
// PATHMODE=SIRWXU
brgds,
Ulrich Schmidt
Run SSHD under COZBATCH
-
Ulrich Schmidt
- Posts: 37
- Joined: Fri Jan 09, 2009 1:25 pm
- Location: Germany
Ulrich,
COZBATCH by default spawns your program (sshd) with _BPX_SHAREAS=MUST set. "MUST" is required so that programs like /bin/sh which have the "sticky" bit set will start in the same address space.
But with _BPX_SHAREAS=MUST, programs that are APF authorized, like sshd won't start and will give you the undecipherable error message that you see.
But you can set _BPX_SHAREAS=YES or NO before starding SSHD in one of two ways:
//CEEOPTS DD *
_BPX_SHAREAS=YES
or run /bin/sh and then put "export _BPX_SHAREAS=YES" before starting sshd.
Of course, if you were looking to use COZBATCH rather than BPXBATCH to start SSHD in the same address spaces, then you are out of luck. COZBATCH is non-APF authorized, so it is impossible to spawn an APF authorized program in the same address space.
Hope this helps.
COZBATCH by default spawns your program (sshd) with _BPX_SHAREAS=MUST set. "MUST" is required so that programs like /bin/sh which have the "sticky" bit set will start in the same address space.
But with _BPX_SHAREAS=MUST, programs that are APF authorized, like sshd won't start and will give you the undecipherable error message that you see.
But you can set _BPX_SHAREAS=YES or NO before starding SSHD in one of two ways:
//CEEOPTS DD *
_BPX_SHAREAS=YES
or run /bin/sh and then put "export _BPX_SHAREAS=YES" before starting sshd.
Of course, if you were looking to use COZBATCH rather than BPXBATCH to start SSHD in the same address spaces, then you are out of luck. COZBATCH is non-APF authorized, so it is impossible to spawn an APF authorized program in the same address space.
Hope this helps.