ISREDIT MACRO       /* CATM0409 EDIT TEMP9 */
 
/* 04/19/2004 JL Nelson CHANGED TO DISPLAY NO FINDING TEXT
/* 04/20/2004 JL Nelson Modified to display DISA standard
/* 06/17/2004 JL Nelson ADDED EXIT CODE
/* 07/15/2004 JL Nelson Changed DISA Standard to STIG requirement
/* 12/15/2004 JL Nelson Changed TSS0620, TSS0650, STIG incorrect
/* 01/05/2005 JL Nelson Changed TSS0275 CANCEL will not be specified.
/* 02/09/2005 JL Nelson Changed constants to variables before rename
/* 04/13/2005 JL Nelson Changed AUTOERASE and DIAGTRAP per Charles
/* 04/27/2005 JL Nelson Delete obsolete PDIs per Charles Fenton
/* 04/27/2005 JL Nelson Delete TSS0290, TSS0300, TSS0340, TSS0370
/* 04/27/2005 JL Nelson Delete TSS0385, TSS0510, TSS0520
/* 06/08/2005 JL Nelson Pass MAXCC in ZISPFRC variable
/* 06/14/2005 JL Nelson Added LOGBUF to numeric check
/* 06/15/2005 JL Nelson Set return code to end job step
/* 03/15/2006 JL Nelson Made changes to avoid SUBSTR abend 920/932.
/* 03/16/2006 JL Nelson Set/test RCode for every ISPEXEC command.
/* 03/21/2006 JL Nelson Use NRSTR avoid abend 900 if ampersand in data.
/* 03/30/2006 JL Nelson Test for empty member LINENUM Rcode = 4.
/* 09/27/2006 CL Fenton Modified ZUSST050 and added ZUSST052.
/* 07/09/2007 CL Fenton Removed requirement for UNCLASS systems.
/* 08/07/2007 CL Fenton Changed characters that identify breaks to
/*            Non-national or special characters that could appear
/*            in PASSCHAR control option.  Added ZUSST060.
/* 10/01/2008 CL Fenton Changed table to remove text of 8.0 and below.
/*            Added addition requirements for NEWPW.
/* 10/01/2008 CL Fenton Added AAMV0420 to table to test for BACKUP(ACTIVE
/*            entry.  Deleted TSS0310 and TSS0610 because CAT IVs.
/* 05/08/2009 CL Fenton Added analysis of LUUPDONCE for TSS0450.
/*            Removed test for TSS 9.0.
/* 10/09/2009 CL Fenton Added analysis of TSS0460 to be consistant with
/*            the VMS check.
/* 09/27/2010 CL Fenton Added analysis of TSS0290 for CPFTARGET.
/* 03/15/2011 CL Fenton Chgd TSS0400 test from 35 to 30 days.
/* 05/25/2011 CL Fenton Reverted TSS0400 test from 30 to 35 days.
/* 03/08/2013 CL Fenton Added TSS0660, TSS0670, TSS0680, and TSS0690
/*            to evaluate NEWPHRASE, PPSCHAR, NPPTHRESH, PPEXP, and
/*            PPHIST Control option settings, CSD-AR003262504.
/* 03/11/2013 CL Fenton Removed TSS0430, STS-001566.
/* 05/28/2013 CL Fenton Corrected TSS0660 rc=852 error, STS-002990.
/*            Also made cosmetic changes to this PDI.
/* 09/24/2013 CL Fenton Chgd requirements for TSS0270, STS-003180.
/* 12/10/2014 CL Fenton Chgd ZUSST052 to evaluate CHOWNURS with TSS
/*            V15 RO6374 PTF remove CHOWNURS control option, STS-006695.
/* 01/30/2015 CL Fenton Chgd TSS0660 to evaluate MIN=15 for NEWPHRASE,
/*            STS-008965.
/* 01/30/2015 CL Fenton Removed TSS0570 from scripts for option is
/*            obsolete, TSS V12 no longer supported, STS-008978.
/* 02/04/2015 CL Fenton Chgd TSS0480 to evaluate list of 15 special
/*            characters, STS-004529.
/* 02/04/2015 CL Fenton Chgd TSS0660 to evaluate list of 16 special
/*            characters and removed ID and NR= requirements,
/*            STS-008965.
/* 08/24/2016 CL Fenton Chgd TSS0400 to INACTIVE(0), STS-015248.
/* 07/18/2017 CL Fenton Chgd ZUSST050 to check for setting of UNIQUSER
/*            is OFF, STS-017961.
/* 11/15/2017 CL Fenton Added TSS0485 to check the setting of AESENC for
/*            the value of 128 or 256, STS-018642.
/* 03/05/2024 CL Fenton Removed obsolete PDI member automation for
/*            TSS0320, TSS0330, TSS0350, TSS0380, TSS0420, TSS0470,
/*            TSS0490, TSS0530, TSS0590, TSS0620, TSS0630, TSS0650,
/*            and ZUSST052, SCTASK0103747.
 
SET PGMNAME = &STR(CATM0009 03/05/24)
 
SET SYSPROMPT = OFF                /* CONTROL NOPROMPT          */
SET SYSFLUSH  = OFF                /* CONTROL NOFLUSH           */
SET SYSASIS   = ON                 /* CONTROL ASIS - caps off   */
 
/* ERROR ROUTINE */
ERROR DO
  SET RETURN_CODE = &LASTCC          /* SAVE LAST ERROR CODE */
  IF &LASTCC GE 16 THEN +
    WRITE &PGMNAME LASTCC = &LASTCC &ZERRLM
  RETURN
  END
 
SET RETURN_CODE = 0
 
ISPEXEC CONTROL NONDISPL ENTER
ISPEXEC CONTROL ERRORS RETURN
 
/* *************************************** */
/* VARIABLES ARE PASSED TO THIS MACRO      */
/* CONSLIST                                */
/* COMLIST                                 */
/* SYMLIST                                 */
/* TERMMSGS                                */
/* *************************************** */
 
SET RETURN_CODE = 0
 
ISPEXEC VGET ( +
  CONSLIST     +
  COMLIST      +
  SYMLIST      +
  TERMMSGS     +
  TEST         +
  PDIDD        +
  CATM040A     +
  ) ASIS
 
SET TM09VGET = &RETURN_CODE
IF &RETURN_CODE NE 0 THEN DO
  WRITE &PGMNAME VGET RC = &RETURN_CODE  &ZERRSM
  WRITE &PGMNAME CONSLIST/&CONSLIST COMLIST/&COMLIST SYMLIST/&SYMLIST +
    TERMMSGS/&TERMMSGS
  WRITE &PGMNAME TEST/&TEST PDIDD/&PDIDD CATM040A/&CATM040A
  SET RETURN_CODE = &RETURN_CODE + 16
  GOTO ERR_EXIT
  END
 
/* *************************************** */
/* TURN ON MESSAGES                        */
/* *************************************** */
 
SET SYSSYMLIST = &SYMLIST           /* CONTROL SYMLIST/NOSYMLIST */
SET SYSCONLIST = &CONSLIST          /* CONTROL CONLIST/NOCONLIST */
SET SYSLIST    = &COMLIST           /* CONTROL LIST/NOLIST       */
SET SYSMSG     = &TERMMSGS          /* CONTROL MSG/NOMSG         */
 
/* *************************************** */
/* THIS EDIT MACRO PROVIDES THE FINDING    */
/* DETAILS FOR RACF SETROPTS               */
/* *************************************** */
 
/* Notes on the following table.
/* PDINAME
/* Blank or 1
/*        Blank if no more parameters need to be checked.
/*        One if additional parameter checks are to be made.
/* Global parameter~
/* 'First search field'
/*        Used to obtain information from the report.
/*        Used to determine if information is invalid and for messages.
/* 'Second search field' .ZCSR .ZCSR
/*        Used to test information and set return code.
/* <      End of search fields
/* STIG requirements
/* >      End of STIG fields
/*
 
SET TABLE = &NRSTR(+
  AAMV0420 BACKUP~+
         ' BACKUP('~+
         ' BACKUP(ACTIVE' .ZCSR .ZCSR<+
          BACKUP(ACTIVE-xx:xx)>+
  TSS0249 1NOADMBY~+
         ' ADMINBY'~+
         ' ADMINBY(YES) ' .ZCSR .ZCSR<+
         ADMINBY >+
  TSS0250  ADSP~+
         ' ADSP'~+
         ' ADSP(NO) ' .ZCSR .ZCSR<+
          ADSP(NO)>+
  TSS0260 1AUTH~+
         ' AUTH'<+
           AUTH(OVERRIDE|MERGE,ALLOVER)>+
  TSS0270 1AUTOERASE~+
         ' AUTOERASE'<+
           AUTOERASE(ALL) for All System>+
  TSS0275  CANCEL~+
         ' CANCEL'~+
         ' CANCEL(NO) ' .ZCSR .ZCSR<+
          CANCEL will not be specified>+
  TSS0280  CPFRCVUND~+
         ' CPFRCVUND'~+
         ' CPFRCVUND(NO) ' .ZCSR .ZCSR<+
          CPFRCVUND(NO)>+
  TSS0290  CPFTARGET~+
         ' CPFTARGET'~+
         ' CPFTARGET(LOCAL) ' .ZCSR .ZCSR<+
          CPFTARGET(LOCAL)>+
  TSS0360 1DOWN~+
         ' DOWN'<+
           DOWN(BW,SB,TN|TW,OW)>+
  TSS0390 1HPBPW~+
         ' HPBPW'<+
           HPBPW(1-3)>+
  TSS0400 1INACTIVE~+
         ' INACTIVE'<+
           INACTIVE(0)>+
  TSS0440 1LOG~+
         ' LOG('<+
          LOG(INIT,SMF,SEC9,MSG)>+
  TSS0450  LUUPDONCE~+
         ' LUUPDONCE'~+
         ' LUUPDONCE(NO) ' .ZCSR .ZCSR<+
          LUUPDONCE(NO)>+
  TSS0460 1MODE~+
         ' MODE'~+
         ' MODE(FAIL) ' .ZCSR .ZCSR<+
          MODE(FAIL)>+
  TSS0480 1NEWPW~+
         ' NEWPW'~+
         ' PASSCHAR'<+
         NEWPW(MIN=8,WARN=(1-10),MINDAYS=01,NR=0,+
          ID,TS,RS,FA,FN,SC,MC,LC,UC)~  +
         with PASSCHAR(@,#,$,&&,*,^,:,=,!,-,%,.,?,_,|).>+
  TSS0485 1AESENC~+
         ' AESENC'<+
         AESENC(128) or AESENC(256)>+
  TSS0500 1NPWRTHRESH~+
         ' NPWRTHRESH'<+
           NPWRTHRESH(2)>+
  TSS0505 1OPTIONALS~+
         ' OPTIONALS'<+
         OPTIONALS(004)        >+
  TSS0540 1PTHRESH~+
         ' PTHRESH'<+
           PTHRESH(1-2)>+
  TSS0550 1PWEXP~+
         ' PWEXP'<+
           PWEXP(1-60)>+
  TSS0560 1PWHIST~+
         ' PWHIST'<+
           PWHIST(10-64)>+
  TSS0580 1RECOVER~+
         ' RECOVER'<+
          TSS (default) Recovery File(1-100%)~+
          RECOVER(ON)>+
  TSS0600  SUBACID~+
         ' SUBACID'~+
         ' SUBACID(U,8) ' .ZCSR .ZCSR<+
           SUBACID(U,8)>+
  TSS0640  TEMPDS~+
         ' TEMPDS'~+
         ' TEMPDS(YES) ' .ZCSR .ZCSR<+
           TEMPDS(YES)>+
  TSS0660 1NEWPHRASE~+
         ' NEWPHRASE'~+
         ' PPSCHAR'<+
           NEWPHRASE(MA=1-32,MN=1-32,MAX=100,MIN=15-32,+
           MINDAYS=1,SC=1-32,WARN=1-10)~  +
           with PPSCHAR( ,@,#,$,&&,*,^,:,=,!,-,%,.,?,_,|) or +
           PPSCHAR(40,@,#,$,&&,*,^,:,=,!,-,%,.,?,_,|).>+
  TSS0670 1NPPTHRESH~+
         ' NPPTHRESH'<+
           NPPTHRESH(2)>+
  TSS0680 1PPEXP~+
         ' PPEXP'<+
           PPEXP(1-60)>+
  TSS0690 1PPHIST~+
         ' PPHIST'<+
           PPHIST(10-64)>+
  TSS0730 1VTHRESH~+
         ' VTHRESH'<+
           VTHRESH(1-10,NOT,CAN|SUS)>+
  ZUSST0501OMVS~+
         ' UNIQUSER' FIRST<+
         UNIQUSER(OFF) will be +
         specified for Classified systems.>+
  ZUSST0601HFSSEC~+
         ' HFSSEC'~+
         ' HFSSEC(ON) ' .ZCSR .ZCSR<+
         HFSSEC(OFF) Not Applicable~+
         HFSSEC(ON), DEFPROT attribute must be specified in the +
         HFSSEC RDT record>+
    )
/* *************************************** */
/* MAIN PROCESS                            */
/* *************************************** */
 
ISREDIT (MEMBER) = MEMBER
ISREDIT (DSNAME) = DATASET
SET RETURN_CODE = 0
 
ISREDIT (LASTLINE) = LINENUM .ZLAST
 
IF &RETURN_CODE GT 0 THEN DO    /* Empty RC = 4
  IF &LASTLINE EQ 0 THEN +
    WRITE &PGMNAME Empty file RCode = &RETURN_CODE +
          DSN=&DSNAME  MEMBER=&MEMBER  &ZERRSM
  ELSE +
    WRITE &PGMNAME LINENUM Error RCode = &RETURN_CODE +
          DSN=&DSNAME  MEMBER=&MEMBER  &ZERRSM
  SET RETURN_CODE = &RETURN_CODE +16
  GOTO ERR_EXIT
  END
 
SET LP = &STR((
SET RP = )
 
SET SPC = &STR(          )
 
ISREDIT NULLS ON ALL
ISREDIT CAPS  OFF
 
SET XL = &LENGTH(&NRSTR(&TABLE))
DO X = 1 TO &XL - 1
 
  SET DISATXT  =           /*  STIG requirement   */
  SET FINDTXT8 =           /*  strings not found  */
 
  SET PDINUM = &SUBSTR(&X:&X+7,&NRSTR(&TABLE))
 
  SET Y = &SYSINDEX(&STR(~),&NRSTR(&TABLE),&X)
  IF &X+8 LT &Y-1 THEN +
    SET PDITEXT = &SUBSTR(&X+8:&Y-1,&NRSTR(&TABLE))
  ELSE SET PDITEXT = &STR( )
 
  IF &Y GT &X THEN SET X = &Y + 1
  SET Y = &SYSINDEX(&STR(<),&NRSTR(&TABLE),&X)
 
  IF &X LT &Y-1 THEN DO
    SET PDI_DATA = &SUBSTR(&X:&Y-1,&NRSTR(&TABLE))&STR(~)
    SET FINDTXT8 = &SUBSTR(&X:&Y-1,&NRSTR(&TABLE))
    END
  ELSE DO
    SET PDI_DATA = &STR( )
    SET FINDTXT8 = &STR( )
    END
 
  IF &Y GT &X THEN SET X = &Y + 1
  SET Y = &SYSINDEX(&STR(>),&NRSTR(&TABLE),&X)
 
  IF &X LT &Y-1 THEN +
    SET DISATXT = &SUBSTR(&X:&Y-1,&NRSTR(&TABLE))
  ELSE SET DISATXT = &STR( )
 
  ISREDIT CURSOR = 1 0
 
  SET FINDRC = 0
 
  SET Z = &SYSINDEX(&STR(~),&NRSTR(&PDI_DATA))
  DO WHILE &Z GT 2
      SET ZL = &LENGTH(&NRSTR(&PDI_DATA))
      SET FIND_TEXT = &SUBSTR(1:&Z-1,&NRSTR(&PDI_DATA))
      IF &Z+1 LT &ZL THEN +
        SET PDI_DATA = &SUBSTR(&Z+1:&ZL,&NRSTR(&PDI_DATA))
      ELSE SET PDI_DATA = &STR( )
 
      SET RETURN_CODE = 0
      ISREDIT FIND &FIND_TEXT
 
      IF &NRSTR(&TEST) EQ &STR(FINDING) THEN  /* test error cond */   -
        SET RETURN_CODE = 8
 
      SET FINDRC = &FINDRC + &RETURN_CODE
      IF &RETURN_CODE EQ 0 AND +
         &SYSINDEX(&STR(.ZCSR),&NRSTR(&FIND_TEXT)) EQ 0 THEN DO
        ISREDIT (DATA) = LINE .ZCSR
        ISREDIT (LINE,COL) = CURSOR
        ISREDIT CURSOR = &LINE 0
        SET COL1 = &SYSINDEX(&NRSTR(&RP ),&NRSTR(&DATA),&COL)
        IF &COL1 EQ 0 THEN SET COL1 = &LENGTH(&NRSTR(&DATA))
        IF &COL LT &COL1 THEN +
          SET PDITEXT = &NRSTR(&PDITEXT.~)+
                        &SUBSTR(&COL:&COL1,&NRSTR(&DATA))
        END
      SET Z = &SYSINDEX(&STR(~),&NRSTR(&PDI_DATA))
  END
 
  SET PDITEXT = &NRSTR(&PDITEXT.<)
 
  DO A = 1 TO &LENGTH(&NRSTR(&DISATXT))
    SET B = &SYSINDEX(&STR(~),&NRSTR(&DISATXT),&A)
    IF &B EQ 0 THEN SET B = &LENGTH(&NRSTR(&DISATXT)) + 1
    SET C = &SUBSTR(&A:&B-1,&NRSTR(&DISATXT))
    IF &A EQ 1 THEN +
      WRITE &PGMNAME &PDINUM  &C
    ELSE +
      WRITE &PGMNAME           &C
    SET A = &B
  END
 
  ISPEXEC VPUT ( +
    FINDRC       +
    PDITEXT      +
    DISATXT      +
    FINDTXT8     +
    ) ASIS
 
  SET PDINUM = &PDINUM
  SET RETURN_CODE = 0
 
  ISPEXEC  EDIT DATAID(&PDIDD) MACRO(&CATM040A) MEMBER(&PDINUM)
 
  IF &RETURN_CODE GT 4 THEN DO
    WRITE &PGMNAME EDIT PDI &PDINUM  RC = &RETURN_CODE  &ZERRSM
    SET RETURN_CODE = &RETURN_CODE + 16
    GOTO ERR_EXIT
    END
 
  IF &Y GT &X THEN SET X = &Y
  ELSE SET X = &XL
 
END
 
SET RETURN_CODE = 0
 
ERR_EXIT: +
IF &MAXCC GE 16 OR +
   &RETURN_CODE GT 0 THEN DO
  ISPEXEC VGET (ZISPFRC) SHARED
  IF &MAXCC GT &ZISPFRC THEN +
    SET ZISPFRC = &MAXCC
  ELSE +
    SET ZISPFRC = &RETURN_CODE
  ISPEXEC VPUT (ZISPFRC) SHARED
  WRITE &PGMNAME ZISPFRC = &ZISPFRC
  END
 
SET TM009RC = &RETURN_CODE
 
ISPEXEC VPUT ( +
  TM09VGET     +
  TM009RC      +
  ) ASIS
 
ISREDIT SAVE
ISREDIT END
 
EXIT CODE(0)
ISREDIT MEND
