/* REXX ALLUSERS Collect RACF data for ALL users. Use '(routine name) ?' for HELP-text. Cloned by Frank Clarke rexxhead@yahoo.com 20230118 Impact Analysis . SYSEXEC DFLTTLIB . SYSEXEC LISTUSR . SYSEXEC TBLGEN . SYSEXEC TRAPOUT Modification History 20230123 fxc exclude non-user IDs; corrected parsing of sumn; 20230206 fxc TBERASE existing table and recreate anew; 20230406 fxc adjust HELP 20230414 fxc point to PERSONAL.ISPTLIB 20230415 fxc make startable from READY; 20230416 fxc cannot be restarted from READY; S/878-10 20230507 fxc TBLGEN does not TBOPEN a new table 20230806 fxc chg SYSPROC to SYSEXEC in Impact Analysis; 20230826 fxc add call to LISTUSR; 20231103 fxc use DFLTTLIB to locate ISPTLIB; 20240213 fxc if SU row does not exist on AAMSTR, create it; 20240308 fxc chg dollar-sign to @ everywhere; 20240414 fxc DUMP_QUEUE quiet; */ arg argline address TSO /* REXXSKEL ver.20210402 */ arg parms "((" opts signal on syntax signal on novalue call TOOLKIT_INIT /* conventional start-up -*/ rc = Trace("O"); rc = Trace(tv) info = parms /* to enable parsing */ if info = "?" then call HELP /* -*/ call A_INIT /* -*/ call P_EXTRACT /* -*/ if \sw.nested then call DUMP_QUEUE 'quiet' /* -*/ exit /*@ ALLUSERS */ /* . ----------------------------------------------------------------- */ A_INIT: /*@ */ if branch then call BRANCH address TSO parse var parms uid . parse value "" with , grplist parse value "0 0 0 0 0 0 0 0" with , out. condt. , . openmode.0 = "WRITE" /* based on NOUPDT */ openmode.1 = "NOWRITE" alpha = "ABCDEFGHIJKLM ,NOPQRSTUVWXYZ" excl_owners = "QLUSER1" excl_IDs = "CSFSTC EDIT SETFALL SETSPRNG SHOPCERT ", "SSHD SSHDAEM TSSO " "NEWSTACK" "TBLGEN" tbltyp "DESCRIBE " /* get description */ pull "KEYS(" keynames ")" "NAMES(" varnames ")" "SORT(" dfltsort ")" if keynames = "" then, call Z_QUEUE /* -*/ "DELSTACK" return /*@ A_INIT */ /* . ----------------------------------------------------------------- */ P_EXTRACT: /*@ */ p_tv = trace() /* what setting at entry ? */ z_tv = p_tv if branch then call BRANCH address TSO call PA_SETUP_TABLE /* -*/ rc = Outtrap("OUT.") /* trap command output */ "LU *" rc = Outtrap("OFF") do ss = 1 to out.0 if Pos( "USER=",out.ss) > 0 then do if queued() > 0 then do rc = Trace("O"); rc = trace(p_tv) call PS_SPIN /* -*/ "DELSTACK" end /* queued */ "NEWSTACK" queue out.ss /* add to stack */ end /* USER= */ else do if Pos("ATTRIBUTES=",out.ss) > 0 then, queue out.ss ; else, /* add to stack */ if Pos("LAST-ACCESS=",out.ss) > 0 then, queue out.ss ; else, /* add to stack */ if Pos(" INSTALLATION-DATA=",out.ss) > 0 then, queue out.ss /* add to stack */ end /* else */ end /* ss */ call PS_SPIN /* -*/ "DELSTACK" rc = Trace("O"); rc = trace(z_tv) call PZ_CLOSE /* -*/ return /*@ P_EXTRACT */ /* . ----------------------------------------------------------------- */ PA_SETUP_TABLE: /*@ */ if branch then call BRANCH address ISPEXEC "LIBDEF ISPTABL DATASET ID("isptabl") STACK" "TBERASE" @tn@ "LIBDEF ISPTABL" address TSO "TBLGEN" tbltyp, /* build new SU-type table */ "TBLNAME" @tn@, "WRITE REPLACE", "((ISPTLIB" isptlib "ISPTABL" isptlib "LIBDEF ISPTLIB DATASET ID("isptlib") STACK" "TBSTATS" @tn@ "STATUS1(s1) STATUS2(s2)" if s1 > 1 then do zerrsm = "Table" @tn@ "not available." say zerrsm zerrlm = "Table" @tn@ "not found in the ISPTLIB library chain" "SETMSG MSG(ISRZ002)" sw.0error_found = "1"; return end; else, if s2 = 1 then do /* table is not open */ "TBOPEN " @tn@ openmode.NOUPDT if rc > 4 then do sw.0error_found = 1 zerrsm = "Table did not OPEN" zerrlm = "Table" @tn@ "cannot be opened due to prior", "enqueues." "SETMSG MSG(ISRZ002)" end end else "TBTOP" @tn@ "LIBDEF ISPTLIB" return /*@ PA_SETUP_TABLE */ /* A fresh stack has been prepared holding all the lines for one USER= group. Process the stack, creating data for the SU_form table. If any owner found in excl_owners, reject the entire group. If any user found in excl_IDs, reject the entire group. If the username contains 'Anchor', 'Unknown', or a numeric, reject the entire group. If not rejected, TBMOD fields SUUSER SUNAME SUFN SUMN SULN SUOWNER SUCREDT SULOGDT SUATTR SUDATA . ----------------------------------------------------------------- */ PS_SPIN: /*@ */ if branch then call BRANCH address TSO do queued() parse pull line if Pos( "USER=",line ) > 0 then do parse var line line "CREATED=" sucredt "/" if sucredt = "UNKNOWN" then return parse var line line "OWNER=" suowner . if WordPos(suowner,excl_owners) > 0 then return parse var line line "NAME=" suname parse var line line "USER=" suuser if WordPos(suuser,excl_IDs) > 0 then return parse var sucredt yy "." ddd sucredt = Date( "S" , Strip(yy||ddd) , "J" ) suname = Strip(suname) ucname = Translate(suname) /* shift to uppercase */ if WordPos( "ANCHOR",ucname) > 0 then return if WordPos( "UNKNOWN",ucname) > 0 then return if Verify( ucname,alpha ) > 0 then return /* cont non-alpha */ if Pos( ",",ucname ) > 0 then do parse var ucname ln "," fn ucname = fn ln end suname = PX_SHIFT(ucname) /* -*/ suattr = "" /* reset */ end /* USER line */ rc = Trace("O") if Pos( "LAST-ACCESS=",line ) > 0 then do parse var line line "ACCESS=" sulogdt "/" sulogtm . if sulogdt = "UNKNOWN" then return parse var sulogdt yy "." ddd sulogdt = Date( "S" , Strip(yy||ddd) , "J" ) end /* ACCESS line */ if Pos( " ATTRIBUTES=",line ) > 0 then do parse var line line " ATTRIBUTES=" attr if attr = "NONE" then attr = "" suattr = Space( suattr attr, 1 ) end /* Inst data */ if Pos( " INSTALLATION-DATA=",line ) > 0 then do parse var line line "-DATA=" sudata end /* Inst data */ end /* queued */ rc = trace(p_tv) address ISPEXEC "TBMOD" @tn@ /* add or repl row */ parse value "" with, suuser suname sufn sumn suln suowner sucredt sulogdt suattr, sudata /* clear all values */ return /*@ PS_SPIN */ /* Dual-case the username passed . ----------------------------------------------------------------- */ PX_SHIFT: /*@ */ if branch then call BRANCH address TSO shifted = "" arg wordlist do Words( wordlist ) parse var wordlist word wordlist low = Translate(word,, "abcdefghijklmnopqrstuvwxyz",, "ABCDEFGHIJKLMNOPQRSTUVWXYZ") word = Left(word,1)Substr(low,2) shifted = shifted word end /* wordlist */ shifted = Strip( shifted ) parse var shifted sufn w2 w3 w4 ct = Words( w2 w3 w4 ) if ct > 0 then do suln = Word( w2 w3 w4, ct ) /* last word */ parse value w2 w3 w4 with sumn (suln) end /* ct */ if monitor then say shifted "F:" sufn "M:" sumn "L:" suln return(shifted) /*@ PX_SHIFT */ /* . ----------------------------------------------------------------- */ PZ_CLOSE: /*@ */ if branch then call BRANCH address ISPEXEC "TBSORT " @tn@ "FIELDS( SULOGDT,N,D SULN,C,A )" "LIBDEF ISPTABL DATASET ID("isptabl") STACK" "TBCLOSE" @tn@ "LIBDEF ISPTABL" address TSO "LISTUSR" /* */ return /*@ PZ_CLOSE */ /* Queue seven (7) lines containing the key datapoints for a new table that does not yet exist on AAMSTR. The line for 'AALIBR' needs a fully-qualified unquoted DSN if this table is to reside on a known dataset, or '*' otherwise. Invoke TBLMSTR with 'NEWROW' to establish the new table. . ----------------------------------------------------------------- */ Z_QUEUE: /*@ */ if branch then call BRANCH address TSO "NEWSTACK" queue "AATBLID SU " queue "AATBLNM USER " queue "AAKEYS SUUSER " queue "AANAMES SUNAME SUFN SUMN SULN SUOWNER SUCREDT SULOGDT SUATTR SUDATA" queue "AADESC System User Names " queue "AASORT SULOGDT,C,D SULN,C,A " queue "AALIBR * " /* <=== Put DSN here */ "TBLMSTR (( NEWROW" opts "DELSTACK" return /*@ Z_QUEUE */ /* . ----------------------------------------------------------------- */ LOCAL_PREINIT: /*@ customize opts */ address TSO rc = Trace( tv ) dfltlib = "'"DFLTTLIB( 'USER' )"'" parse value KEYWD( "ISPTLIB" ) dfltlib with, isptlib . parse value KEYWD( "ISPTABL" ) isptlib with, isptabl . parse value KEYWD( "USETBL" ) "USER" with, @tn@ . parse value KEYWD( "TBLTYP" ) "SU" with, tbltyp . return /*@ LOCAL_PREINIT */ /* subroutines below LOCAL_PREINIT are not selected by SHOWFLOW */ /* . ----------------------------------------------------------------- */ HELP: /*@ */ address TSO;"CLEAR" if helpmsg <> "" then say helpmsg ex_nam = Left(exec_name,8) /* predictable size */ say " " say " "ex_nam" Reload the USER table holding all the non-machine users " say " known to the system. It does this by issuing a RACF " say " 'LU *' " say " and collecting all pertinent information from the output. " say " During the collection, certain IDs are excluded, either " say " because the ID is known to be non-human or because it " say " displays non-human characteristics. " say " " say " Table USER is TBERASEd and rebuilt via TBLGEN on each " say " invocation. " say " " say " Syntax: "ex_nam" no parms " say " (( ISPTLIB inlib " say " ISPTABL outlib " say " USETBL tblname " say " TBLTYP style " say " " "NEWSTACK"; pull; "CLEAR"; "DELSTACK" say " " say " inlib designates the dataset that holds the existing copy " say " of the USER table. If not specified, DFLTTLIB will " say " be called to provide a value. " say " " say " outlib designates the dataset that will receive the updated" say " copy of the USER table. It defaults to the current " say " value for . " say " " say " tblname names the table on . It defaults to 'USER'. " say " " say " style specifies the two-character key of the AAMSTR table " say " entry to be used by TBLGEN to build a new table. It" say " defaults to 'SU'. " say " " "NEWSTACK"; pull ; "CLEAR" ; "DELSTACK" say " Debugging tools provided include: " say " " say " BRANCH: show all paragraph entries. " say " " say " TRACE tv: will use value following TRACE to place the " say " execution in REXX TRACE Mode. " say " " say " " say " Debugging tools can be accessed in the following manner: " say " " say " TSO "ex_nam" parameters (( debug-options " say " " say " For example: " say " " say " TSO "ex_nam" (( MONITOR TRACE ?R " if sw.inispf then, address ISPEXEC "CONTROL DISPLAY REFRESH" exit /*@ HELP */ /* . ----------------------------------------------------------------- */ BRANCH: Procedure expose, /*@ */ sigl exec_name rc = trace("O") /* we do not want to see this */ arg brparm . origin = sigl /* where was I called from ? */ do currln = origin to 1 by -1 /* inch backward to label */ if Right(Word(Sourceline(currln),1),1) = ":" then do parse value sourceline(currln) with pgfname ":" . /* Label */ leave ; end /* name */ end /* currln */ select when brparm = "NAME" then return(pgfname) /* Return full name */ when brparm = "ID" then do /* wants the prefix */ parse var pgfname pgfpref "_" . /* get the prefix */ return(pgfpref) end /* brparm = "ID" */ otherwise say left(sigl,6) left(pgfname,40) exec_name "Time:" time("L") end /* select */ return /*@ BRANCH */ /* . ----------------------------------------------------------------- */ DUMP_QUEUE: /*@ Take whatever is in stack */ rc = trace("O") /* and write to the screen */ address TSO arg mode . "QSTACK" /* how many stacks? */ stk2dump = rc - tk_init_stacks /* remaining stacks */ if stk2dump = 0 & queued() = 0 then return if mode <> "QUIET" then, say "Total Stacks" rc , /* rc = #of stacks */ " Begin Stacks" tk_init_stacks , /* Stacks present at start */ " Excess Stacks to dump" stk2dump do dd = rc to tk_init_stacks by -1 /* empty each one. */ if mode <> "QUIET" then, say "Processing Stack #" dd " Total Lines:" queued() do queued();parse pull line;say line;end /* pump to the screen */ "DELSTACK" /* remove stack */ end /* dd = 1 to rc */ return /*@ DUMP_QUEUE */ /* Handle CLIST-form keywords added 20020513 . ----------------------------------------------------------------- */ CLKWD: Procedure expose info /*@ hide all except info */ arg kw kw = kw"(" /* form is 'KEY(DATA)' */ kw_pos = Pos(kw,info) /* find where it is, maybe */ if kw_pos = 0 then return "" /* send back a null, not found*/ rtpt = Pos(") ",info" ",kw_pos) /* locate end-paren */ slug = Substr(info,kw_pos,rtpt-kw_pos+1) /* isolate */ info = Delstr(info,kw_pos,rtpt-kw_pos+1) /* excise */ parse var slug (kw) slug /* drop kw */ slug = Reverse(Substr(Reverse(Strip(slug)),2)) return slug /*@CLKWD */ /* Handle multi-word keys 20020513 . ----------------------------------------------------------------- */ KEYWD: Procedure expose info /*@ hide all vars, except info*/ arg kw kw_pos = wordpos(kw,info) /* find where it is, maybe */ if kw_pos = 0 then return "" /* send back a null, not found*/ kw_val = word(info,kw_pos+Words(kw))/* get the next word */ info = Delword(info,kw_pos,2) /* remove both */ return kw_val /*@ KEYWD */ /* . ----------------------------------------------------------------- */ KEYPHRS: Procedure expose, /*@ */ info helpmsg exec_name /* except these three */ arg kp wp = wordpos(kp,info) /* where is it? */ if wp = 0 then return "" /* not found */ front = subword(info,1,wp-1) /* everything before kp */ back = subword(info,wp+1) /* everything after kp */ parse var back dlm back /* 1st token must be 2 bytes */ if length(dlm) <> 2 then /* Must be two bytes */ helpmsg = helpmsg, "Invalid length for delimiter("dlm") with KEYPHRS("kp")", info if wordpos(dlm,back) = 0 then /* search for ending delimiter*/ helpmsg = helpmsg, "No matching second delimiter("dlm") with KEYPHRS("kp")", info if helpmsg <> "" then call HELP /* Something is wrong */ parse var back kpval (dlm) back /* get everything b/w delim */ info = front back /* restore remainder */ return Strip(kpval) /*@ KEYPHRS */ /* . ----------------------------------------------------------------- */ NOVALUE: /*@ */ say exec_name "raised NOVALUE at line" sigl say " " say "The referenced variable is" condition("D") say " " zsigl = sigl signal SHOW_SOURCE /*@ NOVALUE */ /* . ----------------------------------------------------------------- */ SHOW_SOURCE: /*@ */ call DUMP_QUEUE /* Spill contents of stacks -*/ if sourceline() <> "0" then /* to screen */ say sourceline(zsigl) rc = trace("?R") nop exit /*@ SHOW_SOURCE */ /* . ----------------------------------------------------------------- */ SS: Procedure /*@ Show Source */ arg ssbeg ssend . if ssend = "" then ssend = 10 if \datatype(ssbeg,"W") | \datatype(ssend,"W") then return ssend = ssbeg + ssend do ssii = ssbeg to ssend ; say Strip(sourceline(ssii),'T') ; end return /*@ SS */ /* . ----------------------------------------------------------------- */ SWITCH: Procedure expose info /*@ */ arg kw sw_val = Wordpos(kw,info) > 0 /* exists = 1; not found = 0 */ if sw_val then /* exists */ info = Delword(info,Wordpos(kw,info),1) /* remove it */ return sw_val /*@ SWITCH */ /* . ----------------------------------------------------------------- */ SYNTAX: /*@ */ errormsg = exec_name "encountered REXX error" rc "in line" sigl":", errortext(rc) say errormsg zsigl = sigl signal SHOW_SOURCE /*@ SYNTAX */ /* Can call TRAPOUT. . ----------------------------------------------------------------- */ TOOLKIT_INIT: /*@ */ address TSO info = Strip(opts,"T",")") /* clip trailing paren */ parse source sys_id how_invokt exec_name DD_nm DS_nm, as_invokt cmd_env addr_spc usr_tokn parse value "" with tv helpmsg . parse value 0 "ISR00000 YES" "Error-Press PF1" with, sw. zerrhm zerralrm zerrsm if SWITCH("TRAPOUT") then do "TRAPOUT" exec_name parms "(( TRACE R" info exit end /* trapout */ sw.nested = sysvar("SYSNEST") = "YES" sw.batch = sysvar("SYSENV") = "BACK" sw.inispf = sysvar("SYSISPF") = "ACTIVE" "QSTACK" ; tk_init_stacks = rc /* How many stacks? */ parse value SWITCH("BRANCH") SWITCH("MONITOR") SWITCH("NOUPDT") with, branch monitor noupdt . parse value mvsvar("SYSNAME") sysvar("SYSNODE") with, #tk_cpu node . parse value KEYWD("TRACE") "N" with tv . tk_globalvars = "exec_name tv helpmsg sw. zerrhm zerralrm ", "zerrsm zerrlm tk_init_stacks branch monitor ", "noupdt" call LOCAL_PREINIT /* for more opts -*/ if Word(parms,1) = "?" then call HELP /* I won't be back */ return /*@ TOOLKIT_INIT */