What is the CEA address space?

Document ID : KB000018225
Last Modified Date : 14/02/2018
Show Technical Document Details

Description:

When running the TSSOERPT, we noticed the following entries:


initUSP          *BYPASS* *             999997          99   0    0    0     
04/20/14  14.110    4.53.45 CEA                        A580                  
Successful - UID or GID came from BPX.DEFAULT.USER                           
Home    : /u/oedflta                                                        
Program : /bin/sh                                                           
                                                                            
ck_access        *BYPASS* *             999997          99   8    8    4     
04/20/14  14.110    4.53.45 CEA                        A580                  
Failed - User not authorized to access file                                  
Function: mknod                User Type: Local                             
Requested Access: Write                                                     
Name flag:     Use CRED_name_flag to determine pathname                   
Pathname: /var/CEAServer                                                  
Filename: var                                                             
File Permissions: Owner: rwx Group: rwx Other: r-x                        
Owning UID:            0   Owning GID:          20                        
Volume  : OMVS0F  File Identifier:   01D6D4E5E2F0C600012D000000000003

Is the CEA address space something new?

Is this task something that requires a definition in CA Top Secret?

Solution:

CEA is for Common Event Adapter (CEA) which is a z/OS component that enables the delivery of z/OS management data to clients, such as the CIM server.

Just like any other started task, an acid needs to be created for the started task and given a valid OMVS segment and the user authorized accordingly. Please refer to the IBM manuals for the security requirements.

Then the acid needs to be associated with the started task by adding it to the STC table.


TSS ADD(STC) ACID(CEAACID) PROCN(CEA)            
                                                          
Listing of acid CEAACID                                
                                                          
ACCESSORID = CEAACID  NAME       = CEAACID
TYPE       = USER      SIZE       =      512  BYTES        
FACILITY   = STC                                           
FACILITY   = APPC                                          
DEPT ACID  = DEPT   DEPARTMENT = DEPT      
DIV ACID   = DIV    DIVISION   = DIV       
CREATED    = 04/15/97  00:00  LAST MOD   = 01/05/09  15:45                
LAST USED  = 05/02/14 06:54 CPU(ABCD) FAC(STC     ) COUNT(04923)          
DFLTGRP    = OMVSGRP                                                      
XA DATASET = OMVS.                                         OWNER(DSNDEPT )
  ACCESS  = ALL                                                          
XA SERVAUTH= EZB.                                          OWNER(DSNDEPT)
  ACCESS  = READ                                                         
-----------  SEGMENT OMVS                                                 
  UID        = 0000000000