/* REXX */ /* CLS2REXXed by UMLA01S on 3 Nov 2025 at 21:09:17 */ /*trace r?*/ Signal On NoValue Call On Error Signal On Failure Signal On Syntax Parse source opsys . exec_name . Address ISREDIT "MACRO" /* CATM0009 EDIT TEMP9 */ /*********************************************************************/ /* 04/19/2004 JL Nelson Changed to display Not a Finding text. */ /* 04/20/2004 JL Nelson Modified to display DISA standard. */ /* 06/17/2004 JL Nelson ADDED EXIT CODE. */ /* 07/15/2004 JL Nelson Changed DISA Standard to STIG requirement. */ /* 12/15/2004 JL Nelson Changed TSS0620, TSS0650, STIG incorrect. */ /* 01/05/2005 JL Nelson Changed TSS0275 CANCEL will not be */ /* specified. */ /* 02/09/2005 JL Nelson Changed constants to variables before */ /* rename. */ /* 04/13/2005 JL Nelson Changed AUTOERASE and DIAGTRAP per Charles. */ /* 04/27/2005 JL Nelson Delete obsolete PDIs per Charles Fenton. */ /* 04/27/2005 JL Nelson Delete TSS0290, TSS0300, TSS0340, TSS0370. */ /* 04/27/2005 JL Nelson Delete TSS0385, TSS0510, TSS0520. */ /* 06/08/2005 JL Nelson Pass MAXCC in ZISPFRC variable. */ /* 06/14/2005 JL Nelson Added LOGBUF to numeric check. */ /* 06/15/2005 JL Nelson Set return code to end job step. */ /* 03/15/2006 JL Nelson Made changes to avoid SUBSTR abend 920/932. */ /* 03/16/2006 JL Nelson Set/test RCode for every ISPEXEC command. */ /* 03/21/2006 JL Nelson Use NRSTR avoid abend 900 if ampersand in */ /* data. */ /* 03/30/2006 JL Nelson Test for empty member LINENUM Rcode = 4. */ /* 09/27/2006 CL Fenton Modified ZUSST050 and added ZUSST052. */ /* 07/09/2007 CL Fenton Removed requirement for UNCLASS systems. */ /* 08/07/2007 CL Fenton Changed characters that identify breaks to */ /* Non-national or special characters that could appear */ /* in PASSCHAR control option. Added ZUSST060. */ /* 10/01/2008 CL Fenton Changed table to remove text of 8.0 and */ /* below. Added addition requirements for NEWPW. */ /* 10/01/2008 CL Fenton Added AAMV0420 to table to test for */ /* BACKUP(ACTIVE entry. Deleted TSS0310 and TSS0610 */ /* because CAT IVs. */ /* 05/08/2009 CL Fenton Added analysis of LUUPDONCE for TSS0450. */ /* Removed test for TSS 9.0. */ /* 10/09/2009 CL Fenton Added analysis of TSS0460 to be consistant */ /* with the VMS check. */ /* 09/27/2010 CL Fenton Added analysis of TSS0290 for CPFTARGET. */ /* 03/15/2011 CL Fenton Chgd TSS0400 test from 35 to 30 days. */ /* 05/25/2011 CL Fenton Reverted TSS0400 test from 30 to 35 days. */ /* 03/08/2013 CL Fenton Added TSS0660, TSS0670, TSS0680, and TSS0690 */ /* to evaluate NEWPHRASE, PPSCHAR, NPPTHRESH, PPEXP, and */ /* PPHIST Control option settings, CSD-AR003262504. */ /* 03/11/2013 CL Fenton Removed TSS0430, STS-001566. */ /* 05/28/2013 CL Fenton Corrected TSS0660 rc=852 error, STS-002990. */ /* Also made cosmetic changes to this PDI. */ /* 09/24/2013 CL Fenton Chgd requirements for TSS0270, STS-003180. */ /* 12/10/2014 CL Fenton Chgd ZUSST052 to evaluate CHOWNURS with TSS */ /* V15 RO6374 PTF remove CHOWNURS control option, */ /* STS-006695. */ /* 01/30/2015 CL Fenton Chgd TSS0660 to evaluate MIN=15 for */ /* NEWPHRASE, STS-008965. */ /* 01/30/2015 CL Fenton Removed TSS0570 from scripts for option is */ /* obsolete, TSS V12 no longer supported, STS-008978. */ /* 02/04/2015 CL Fenton Chgd TSS0480 to evaluate list of 15 special */ /* characters, STS-004529. */ /* 02/04/2015 CL Fenton Chgd TSS0660 to evaluate list of 16 special */ /* characters and removed ID and NR= requirements, */ /* STS-008965. */ /* 08/24/2016 CL Fenton Chgd TSS0400 to INACTIVE(0), STS-015248. */ /* 07/18/2017 CL Fenton Chgd ZUSST050 to check for setting of */ /* UNIQUSER is OFF, STS-017961. */ /* 11/15/2017 CL Fenton Added TSS0485 to check the setting of AESENC */ /* for the value of 128 or 256, STS-018642. */ /* 03/05/2024 CL Fenton Removed obsolete PDI member automation for */ /* TSS0320, TSS0330, TSS0350, TSS0380, TSS0420, TSS0470, */ /* TSS0490, TSS0530, TSS0590, TSS0620, TSS0630, TSS0650, */ /* and ZUSST052, SCTASK0103747. */ /* 11/03/2025 CL Fenton Converted script from CLIST to REXX. */ /* 11/07/2025 CL Fenton Chgs to add new automation for IBM zSecure */ /* Suite, SCTASKU0461677. */ /* */ /* */ /* */ /*********************************************************************/ pgmname = "CATM0009 11/07/25" sysprompt = "OFF" /* CONTROL NOPROMPT */ sysflush = "OFF" /* CONTROL NOFLUSH */ sysasis = "ON" /* CONTROL ASIS - caps off */ return_code = 0 maxcc = 0 /*******************************************/ /* VARIABLES ARE PASSED TO THIS MACRO */ /* CONSLIST */ /* COMLIST */ /* SYMLIST */ /* TERMMSGS */ /*******************************************/ Address ISPEXEC "CONTROL NONDISPL ENTER" Address ISPEXEC "CONTROL ERRORS RETURN" return_code = 0 Address ISPEXEC "VGET (CONSLIST COMLIST SYMLIST TERMMSGS TEST PDIDD", "CATM040A) ASIS" tm09vget = return_code If return_code <> 0 then do Say pgmname "VGET RC =" return_code zerrsm Say pgmname "CONSLIST/"conslist "COMLIST/"comlist "SYMLIST/"symlist, "TERMMSGS/"termmsgs Say pgmname "TEST/"test "PDIDD/"pdidd "CATM040A/"catm040a return_code = return_code + 16 SIGNAL ERR_EXIT End /*******************************************/ /* TURN ON MESSAGES */ /*******************************************/ syssymlist = symlist /* CONTROL SYMLIST/NOSYMLIST */ sysconlist = conslist /* CONTROL CONLIST/NOCONLIST */ syslist = comlist /* CONTROL LIST/NOLIST */ sysmsg = termmsgs /* CONTROL MSG/NOMSG */ /*******************************************/ /* This edit Macro provides the Finding */ /* Details for TSS STATUS command. */ /*******************************************/ /*********************************************************************/ /* Notes on the following table. */ /* PDINAME */ /* Blank or 1 */ /* Blank if no more parameters need to be checked. */ /* One if additional parameter checks are to be made. */ /* Global parameter~ */ /* 'First search field' */ /* Used to obtain information from the report. */ /* Used to determine if information is invalid and for */ /* messages. */ /* 'Second search field' .ZCSR .ZCSR */ /* Used to test information and set return code. */ /* < End of search fields */ /* STIG requirements */ /* > End of STIG fields */ /*********************************************************************/ table = "AAMV0420 BACKUP~' BACKUP('~' BACKUP(ACTIVE' .ZCSR .ZCSR", "TSS0249 1NOADMBY~' ADMINBY'~' ADMINBY(YES) ' .ZCSR .ZCSR", "TSS0250 ADSP~' ADSP'~' ADSP(NO) ' .ZCSR .ZCSR", "TSS0260 1AUTH~' AUTH'", "TSS0270 1AUTOERASE~' AUTOERASE'", "TSS0275 CANCEL~' CANCEL'~' CANCEL(NO) ' .ZCSR .ZCSR", "TSS0280 CPFRCVUND~' CPFRCVUND'~' CPFRCVUND(NO) ' .ZCSR .ZCSR", "TSS0290 CPFTARGET~' CPFTARGET'~' CPFTARGET(LOCAL) ' .ZCSR .ZCSR", "TSS0360 1DOWN~ ' DOWN'", "TSS0390 1HPBPW~' HPBPW'", "TSS0400 1INACTIVE~' INACTIVE'", "TSS0440 1LOG~' LOG('", "TSS0450 LUUPDONCE~' LUUPDONCE'~' LUUPDONCE(NO) ' .ZCSR .ZCSR", "TSS0460 1MODE~' MODE'~' MODE(FAIL) ' .ZCSR .ZCSR", "TSS0480 1NEWPW~' NEWPW'~' PASSCHAR'", "TSS0485 1AESENC~' AESENC'", "TSS0500 1NPWR THRESH~' NPWRTHRESH'", "TSS0505 1OPTIONALS~' OPTIONALS'", "TSS0540 1PTHRESH~' PTHRESH'", "TSS0550 1PWEXP~' PWEXP'", "TSS0560 1PWHIST~' PWHIST'", "TSS0580 1RECOVER~' RECOVER'", "TSS0600 SUBACID~' SUBACID'~' SUBACID(U,8) ' .ZCSR .ZCSR", "TSS0640 TEMPDS~' TEMPDS'~' TEMPDS(YES) ' .ZCSR .ZCSR", "TSS0660 1NEWPHRASE~' NEWPHRASE'~' PPSCHAR'", "TSS0670 1NPPTHRESH~ ' NPPTHRESH'", "TSS0680 1PPEXP~' PPEXP'", "TSS0690 1PPHIST~' PPHIST'", "TSS0730 1VTHRESH~' VTHRESH'", "ZUSST0501OMVS~' UNIQUSER' FIRST", "ZUSST0601HFSSEC~' HFSSEC'~' HFSSEC(ON) ' .ZCSR .ZCSR", "" /*******************************************/ /* MAIN PROCESS */ /*******************************************/ "(MEMBER) = MEMBER" "(DSNAME) = DATASET" return_code = 0 "(LASTLINE) = LINENUM .ZLAST" If return_code > 0 then do If lastline = 0 then, Say pgmname "Empty file RCode =" return_code "DSN="dsname, "MEMBER="member zerrsm Else, Say pgmname "LINENUM Error RCode =" return_code "DSN="dsname, "MEMBER="member zerrsm return_code = return_code +16 SIGNAL ERR_EXIT End lp = "(" rp = ")" spc = " " "NULLS ON ALL" "CAPS OFF" xl = length(table) Do X = 1 to xl - 1 disatxt = "" /* STIG requirement */ findtxt8 = "" /* strings not found */ parse var table . =(x) pdinum +8 pditext "~" findtxt8 "<", disatxt ">" . y = pos("~",table,x) pdi_data = findtxt8"~" y = pos("<",table,x) If y > x then, x = y + 1 y = pos(">",table,x) "CURSOR = 1 0" findrc = 0 z = pos("~",pdi_data) Do until pdi_data = "" parse var pdi_data find_text "~" pdi_data return_code = 0 "FIND" find_text If test = "FINDING" then, /* test error cond */ return_code = 8 findrc = findrc + return_code If return_code = 0 & pos(".ZCSR",find_text) = 0 then do "(DATA) = LINE .ZCSR" "(LINE,COL) = CURSOR" "CURSOR =" line 0 /* parse var data . =(col) fld .*/ parse var data . =(col) fld ") " . If pos("(",fld) > 0 then, fld = fld")" pditext = pditext"~"fld End z = pos("~",pdi_data) End pditext = pditext"<" Do A = 1 to length(disatxt) b = pos("~",disatxt,a) If b = 0 then, b = length(disatxt) + 1 c = substrc(a,b-1,disatxt) If a = 1 then, Say pgmname pdinum c Else, Say pgmname " " c a = b End Address ISPEXEC "VPUT (FINDRC PDITEXT DISATXT FINDTXT8) ASIS" pdinum = strip(pdinum,"T") return_code = 0 Address ISPEXEC "EDIT DATAID("pdidd") MACRO("catm040a")", "MEMBER("pdinum")" If return_code > 4 then do Say pgmname "EDIT PDI" pdinum "RC =" return_code zerrsm return_code = return_code + 16 SIGNAL ERR_EXIT End If y > x then, x = y Else, x = xl End return_code = 0 Call Process_CACT0001 ERR_EXIT: If maxcc >= 16 | return_code > 0 then do Address ISPEXEC "VGET (ZISPFRC) SHARED" If maxcc > zispfrc then, zispfrc = maxcc Else, zispfrc = return_code Address ISPEXEC "VPUT (ZISPFRC) SHARED" Say pgmname "ZISPFRC =" zispfrc End tm009rc = return_code Address ISPEXEC "VPUT (TM09VGET TM009RC) ASIS" "SAVE" "END" Exit 0 Process_CACT0001: tabledd = "TABLE" pdimbr = "" return_code = listdsi(tabledd "FILE") if return_code > 0 then do say pgmname "DDNAME:"tabledd "RC:"return_code "SYSREASON:"sysreason say pgmname sysmsglvl1 SIGNAL ERR_EXIT end dsnmbr = sysdsname"(CACT0001)" If sysdsn("'"dsnmbr"'") <> "OK" then do return_code = 8 say pgmname dsnmbr "=" sysdsn("'"dsnmbr"'") return end Address TSO "Alloc f(test) ds('"dsnmbr"') shr reuse" Address TSO "Execio * diskr test (finis stem in." pdinum = "" findrc = 0 pditext = "2" disatxt = "" findtxt8 = "" Do x = 1 to in.0 return_code = 0 if pdinum <> substr(in.x,1,8) &, pdinum <> "" then do call Process_Details end pdinum = substr(in.x,1,8) resclass = substr(in.x,9,8) pditext = pditext resclass end Call Process_Details Return Process_Details: pditext = pditext "~" Address ISPEXEC "VPUT (FINDRC PDITEXT DISATXT FINDTXT8) ASIS" pdinum = strip(pdinum,"T") return_code = 0 Address ISPEXEC "EDIT DATAID("pdidd") MACRO("catm040a")", "MEMBER("pdinum")" If return_code > 4 then do Say pgmname "EDIT PDI" pdinum "RC =" return_code zerrsm return_code = return_code + 16 SIGNAL ERR_EXIT End findrc = 0 pditext = "2" disatxt = "" findtxt8 = "" return substrc: Procedure If arg(3) = '' Then Do s = Arg(1) l = 1 v = arg(2) End Else Do s = arg(1) l = arg(2)-arg(1)+1 v = arg(3) End Return substr(v,s,l) NoValue: Failure: Syntax: say pgmname 'REXX error' rc 'in line' sigl':' strip(ERRORTEXT(rc)) say SOURCELINE(sigl) SIGNAL ERR_EXIT Error: return_code = RC if RC > 4 & RC <> 8 then do say pgmname "LASTCC =" RC strip(zerrlm) say pgmname 'REXX error' rc 'in line' sigl':' ERRORTEXT(rc) say SOURCELINE(sigl) end if return_code > maxcc then maxcc = return_code return