That's the problem with these newbie z/VM sysprogs -- they don't want to look at the CP source code! ;-)
Richard, Every reference I've ever seen to SECLABEL is for printed output. On systems set for B1 security levels, one can set a "security label" to print at the bottom (or top -- don't remember) of every hardcopy page, such as "TOP SECRET" or "Internal Use Only" (establishing a different meaning to "increasing your fiber consumption"). Since it's security related, it makes sense that an ESM may have interfaces. Check for spooling related settings. I've modified the 8-byte "SECLABEL" field here to contain the current accounting code when output is spooled. That SECLABEL field is then passed via NJE to the z/OS systems that print the output - permitting accurate billing. for things actually printed. Mike Walter Hewitt Associates Any opinions expressed herein are mine alone and do not necessarily represent the opinions or policies of Hewitt Associates. "The IBM z/VM Operating System" <IBMVM@LISTSERV.UARK.EDU> wrote on 10/16/2008 12:36:30 PM: > In an attempt to process a file that arrived in the reader of a > class B machine and send the results to a third party's reader with > the original file's Origiid, the DIAG D4 subcode 0 was greeted with > RC=12. The description of this RC is: > "ESM authorization denied or subcode X'00' issued when security > label checking is enabled." > I have about driven myself over the edge looking for a definition of > "security label". I have searched both the z/VM bookshelf and the > VM:Secure documentation and still have no idea of what constitutes a > security label or how one is assigned or acquired. Neither can I > find any mention of securing the Diagnose by any means other than > privilege class. > DIAG D4 has a subcode 4 that has the security label as a third > parameter, but that is no help until I know what it is and where to > find it. Is there anyone who would be so kind as to enlighten me? > I cannot reach the Library Server, either BookManager or PDF, at the > VM web site. I get a time-out message. > > Regards, > Richard Schuh The information contained in this e-mail and any accompanying documents may contain information that is confidential or otherwise protected from disclosure. If you are not the intended recipient of this message, or if this message has been addressed to you in error, please immediately alert the sender by reply e-mail and then delete this message, including any attachments. Any dissemination, distribution or other use of the contents of this message by anyone other than the intended recipient is strictly prohibited. All messages sent to and from this e-mail address may be monitored as permitted by applicable law and regulations to ensure compliance with our internal policies and to protect our business. E-mails are not secure and cannot be guaranteed to be error free as they can be intercepted, amended, lost or destroyed, or contain viruses. You are deemed to have accepted these risks if you communicate with us by e-mail.
