H06.11 Release Version Update Compendium
Table Of Contents
- H06.11 Release Version Update Compendium
- Table of Contents
- About This Document
- 1 H06.11 Overview
- 2 Operating System
- 3 Application Development Products
- 4 Database and Transaction Processing Products
- 5 Installation and Configuration Products
- 6 Manageability Products
- 7 Hardware Products
- 8 Networking Products
- A Sources for Migration Assistance and Information
Logging on without a password can be done only if the SUPER.SUPER user has given the program
file that permission through Safeguard.
This feature introduces these changes:
• A new bit, bit #2, PRIV-LOGON, is added to the options parameter of the
USER_AUTHENTICATE procedure call.
• A new Safeguard disk file attribute, PRIV-LOGON, is added for the executable disk files
under Safeguard protection.
• The SAFECOM commands ADD, ALTER, INFO, SET, and SHOW support the new
PRIV-LOGON disk file attribute.
• The following new attributes have been added for disk files under Safeguard protection:
— PRIV-LOGON. When set to ON, this attribute denotes that the disk file under Safeguard
protection is permitted to perform logons without specifying a password or will not be
subjected timeout upon successive authentication failures. Valid values are ON and
OFF.
— AUDIT-PRIV-LOGON. When set to ON, this attribute denotes that the PRIV-LOGON
operations attempted by the disk files under Safeguard protection are audited. Valid
values are ON and OFF.
• The new Safeguard audit configuration attribute AUDIT-DISKFILE-PRIV-LOGON, when
set to ON, denotes that the PRIV-LOGON operations attempted by any disk file under
Safeguard protection are audited. Valid values are ON and OFF.
These new SPI tokens are introduced:
• zSFG-tkn-audit-privlogon, token type ZSPI-DDL-BOOLEAN. This token is valid with the
ZCOM-CMD-ADD, ZCOM-CMD-ALTER, and ZCOM-CMD-INFO commands. It is used
to add, alter, or display the PRIV-LOGON disk file attribute.
• zSFG-tkn-audit-priv-lgn, token type ZSPI-DDL-BOOLEAN. This token is valid with the
ZCOM-CMD-ADD, ZCOM-CMD-ALTER, ZMD-CMD-INFO commands. It is used to add,
alter, or display the AUDIT-PRIV-LOGON disk file attribute.
• zSFG-tkn-audit-file-priv-lgn, token type ZSPI-DDL-BOOLEAN. This token is valid with the
ZCOM-CMD-ALTER and ZCOM-CMD-INFO commands. It is used to alter or display the
AUDIT-DISKFILE-PRIV-LOGON configuration attribute.
Also introduced is the error token zSFG-err-privlgnnonobj, with the text “unable to set
PRIV-LOGON for non-object file.”
Migration
There are no special migration considerations for the H06.l1 version of Safeguard. However, the
following mitigation procedure can be used to handle any unexpected failures that might occur
during migration to the new version. This procedure preserves the user or alias database required
to restore the original user or alias database.
1. Use VPROC to determine the current versions of:
• OSMP
• OSMON
• SAFEART
• SAFECOM
2. Back up current Safeguard files ($*.SAFE.*, $SYSTEM.SYSTEM.USERID, and
$SYSTEM.SYSTEM.USERAX).
3. Use SAFECOM to build an OBEY file to save the current policy. To create an OBEY file, do
the following in SAFECOM:
TACL> safecom/out $system.safe.safevalu
=display as commands on
=info safeguard, detail
20 Manageability Products