SSLADMIN LOG COMMAND YIELDS NO DATA FOR REDHAT-BASED SSL SYSTEM
APAR Identifier ...... PK21241 Last Changed ........ 08/04/16
SSLADMIN LOG COMMAND YIELDS NO DATA FOR REDHAT-BASED SSL SYSTEM
Symptom ...... IN INCORROUT Status ........... CLOSED PER
Severity ................... 3 Date Closed ......... 07/08/07
Component .......... 5735FAL00 Duplicate of ........
Reported Release ......... 520 Fixed Release ............ 999
Component Name TCP/IP V2 FOR V Special Notice
Current Target Date .. Flags
SCP ...................
Platform ............
Status Detail: SHIPMENT - Packaged solution is available for
shipment.
PE PTF List:
PTF List:
Release 520 : UK28018 available 07/08/08 (0801 )
Parent APAR:
Child APAR list:
ERROR DESCRIPTION:
When the SSL server is running on a Redhat Linux distribution,
the SSLADMIN LOG command produces only minimal output when it
is issued. Data present in the resulting SSLADMIN OUTPUT file
consists only of this record:
*** vmssl started: ddd, nn mmm yyyy hh:mm:ss -offset ***
For example:
*** vmssl started: Mon, 31 Oct 2005 19:27:52 -0800 ***
This problem has been isolated to processing performed in
the SSL server initialization script, vmssldss.
Note: This problem exists only when a Redhat Linux
distribution is used for running the z/VM SSL server.
LOCAL FIX:
A circumvention vmssldss script is available from IBM support.
This script must be manually installed on the Redhat Linux guest
used for running the SSL server. Instructions for installing
this guest will be provided upon request of this circumvention.
PROBLEM SUMMARY:
****************************************************************
* USERS AFFECTED: All customers running the z/VM SSL server *
* in conjunction with a Redhat Linux *
* Enterprise Linux guest. *
****************************************************************
* PROBLEM DESCRIPTION: *
****************************************************************
* RECOMMENDATION: APPLY PTF *
****************************************************************
The reported problem arises due to the manner in which the SSL
server initialization script, vmssldss, prepares the
environment for running the vmssl daemon. This script
redirects 'stdout' and 'stderr' from the screen to the SSL
server log file, to allow the messages produced by vmssld to be
logged.
For the case when the Linux guest used for running the SSL
server is Rehat Enterprise Linux, the 'daemon' function is used
to start vmssl daemon process. However, the logging and other
actions performed by this function conflict with the 'stdout'
and 'stderr' Input/Output redirection already established for
the vmssl daemon, and cause the SSL server messages to be lost.
PROBLEM CONCLUSION:
The SSL server initialization script, vmssldss, has been
modified so that the 'daemon' function is no longer used to
initialize the vmssl daemon when Redhat Enterprise Linux is in
use. It now instead runs the vmssl deamon directly (and saves
the daemon process ID for later use in stopping the daemon).
TEMPORARY FIX:
COMMENTS:
MODULES/MACROS: VMSR3 VMSR3S VMSR3X VMSR3XS VMSR4
VMSR4S VMSR4X VMSR4XS
SRLS: NONE
RTN CODES:
CIRCUMVENTION:
MESSAGE TO SUBMITTER: