Announcement
Collapse
No announcement yet.
GnuPG on System i
Collapse
X
-
Re: GnuPG on System i
Ok, I have my question now that my first live run failed miserably!
My encryption commands won't run to encrypt because of this error:
CPFB9C7 - PASE for i already running in this job.
This message appeared in the job log after running under a different user. I ran the job thinking it would run for me (as it did every previous time), but no. I signed out and back in again and still it says PASE is already running.
I found some super old threads where Scott referred to post that would help, but they were all broken links.
Ugh!
My CL is almost identical to below. It fails on the call to QP2SHELL2.
Code:PGM DCL VAR(&CMD) TYPE(*CHAR) LEN(500) CHGVAR VAR(&CMD) VALUE('gpg --batch --yes + --encrypt + --recipient "Barack Obama" + --output "encrypted.gpg" + inputfile.txt') CALL QP2SHELL2 PARM('/QOpenSys/usr/bin/sh' '-c' &CMD) /* FIXME: Add code to verify that it succeeded!! */ ENDPGM
Last edited by mjhaston; May 12, 2014, 07:43 PM.Your friends list is empty!
-
Re: GnuPG on System i
Hi Scott -
7.1 box, there is no Java running in this job (that I know of). It's run from an "Advanced Job Scheduler" that is just a fluffed version of WRKJOBSCDE. All programs are CL or RPG. I thought maybe it had something to do with the scheduler, so I called the jobs myself and had the same results. I didn't see this issue once when testing.
I was trying to get these commands running from RPG (like I did with the old PGP package and like one of your examples, but it didn't work, so I went the CL and QP2SHELL2 route.
I did see some of your posts and others talking about Java jobs leaving PASE running. I guess there is no way to try and end PASE?
Thanks,
MikeYour friends list is empty!
Comment
-
Re: GnuPG on System i
Personally, i would not use QP2SHELL2. But, I can't see why that would give you an error about PASE already running.
In order to help you, we need to understand why you're getting this error... Can you tell us how to set up the job so that we'll get the same error that you're getting?
Comment
-
Re: GnuPG on System i
Edited to add ....
Okay, this could be key ... the WFR001 program creates an Excel spreadsheet and calls an ExcelWriter class. So in the middle of that first CL ... Java is being used. It should be completed and closed out. It never gave me an issue interactively.
.......................
I forget why I went from QP2SHELL to QP2SHELL2, but I remember it finally working, so I went with it. Interactively this job ran without issue for me. Last night it ran from the job scheduler and that's the first I saw the PASE message. I thought, okay I will just run it interactively and it will be fine, but I then got the message on my own job calling these from the command line.
The first program calls the second. The second fails on the QP2SHELL command. The WFR001 program called within is an RPG program to gather up data.
Code:PGM DCL VAR(&DATE) TYPE(*CHAR) LEN(6) DCL VAR(&MBR) TYPE(*CHAR) LEN(10) DCL VAR(&FILEP) TYPE(*CHAR) LEN(100) DCL VAR(&FILEF) TYPE(*CHAR) LEN(100) DCL VAR(&FOLDER) TYPE(*CHAR) LEN(100) DCL VAR(&RESULT) TYPE(*CHAR) LEN(100) DCL VAR(&SELECT) TYPE(*CHAR) LEN(1) RTVJOBA DATE(&DATE) CHGVAR VAR(&FILEP) VALUE('/ifs-path/wfachout.txt') CHGVAR VAR(&FILEF) + VALUE('/ifs-path/wfachout.txt.asc') CHGVAR VAR(&FOLDER) VALUE('/inbound/FOLDER_ACH_1') CLRPFM FILE(WFACHIN1) CLRPFM FILE(WFACHIN) RUNQRY QRY(WF_ACH) /* Create list of ACH to be + processed */ CPYF FROMFILE(WFACHIN1) TOFILE(WFACHIN) + MBROPT(*REPLACE) FMTOPT(*MAP *DROP) MONMSG MSGID(CPF0000) CLRPFM FILE(WFACHOUT) [B][COLOR="#FF0000"]CALL PGM(WFR001) PARM(&SELECT)[/COLOR][/B] /* Add members to PF */ CHGVAR VAR(&MBR) VALUE(ACH || &DATE) ADDPFM FILE(*LIBL/WFACHOUT) MBR(&MBR) MONMSG MSGID(CPF0000) CPYF FROMFILE(WFACHOUT) TOFILE(WFACHOUT) + TOMBR(&MBR) MBROPT(*REPLACE) FMTOPT(*NOCHK) MONMSG MSGID(CPF0000) CPYTOIMPF FROMFILE(WFACHOUT &MBR) + TOSTMF('/IFS-PATH/WFACHOUT.TXT') + MBROPT(*REPLACE) STMFCODPAG(*STDASCII) + RCDDLM(*CRLF) STRDLM(*NONE) MONMSG MSGID(CPF0000) CALL PGM(WFGNUPG01C) CALL PGM(WFFTPR01) PARM(&FOLDER &FILEF) ENDPGM
Code:PGM DCL VAR(&CMD) TYPE(*CHAR) LEN(500) CHGVAR VAR(&CMD) VALUE('gpg --batch --yes + --armor + --recipient "#####" + --local-user "#####" + --sign + --encrypt "/ifs-path/wfachout.txt"') CALL QP2SHELL2 PARM('/QOpenSys/usr/bin/sh' '-c' &CMD) ENDPGM
Last edited by mjhaston; May 13, 2014, 08:55 AM.Your friends list is empty!
Comment
-
Re: GnuPG on System i
Having said all that about everything working running interactive, I must have called my encryption and ftp programs manually from a command line. This is probably the first time I've run the main CL that has this RPG running Java in the middle of it.
I'll have to pull it all apart and see what happens. With that said ... I'm not sure why the Java is still an issue if the RPG has ended.Your friends list is empty!
Comment
-
Re: GnuPG on System i
So the RPG is running Java? I'm sure that's the issue, then.
The RPG ending would not matter. The Java stuff won't end just because your RPG program ends... Once you load Java, it will remain active for the remainder of the job. And Java, these days, runs in PASE, so you won't be able to start PASE again because it's already running.
I don't like the use of QP2SHELL (or QP2SHELL2) anyway. This is trying to run a PASE program in the ILE C environment, which isn't always reliable, since PASE is multi-threaded and parts of the ILE environment are not. They expect you to take care of those details in the calling program (such as setting up threadsafe pipes for the stdio streams) but, not many people do that.
Can you please use QSH (STRQSH) to run your gpg command and see if that works better? You may have to add the directory to your PATH if it is not there already.
Comment
-
Re: GnuPG on System i
(Another) stupid question here: When trying QSH should I leave that RPG calling the Java in the job? Or pull it out?
I'll try this in a few hours when I get home. I did try QSH from RPG and then CL previously, but I have a feeling the PATH (you mentioned here) was the issue.
Thank you.Last edited by mjhaston; May 13, 2014, 11:07 AM.Your friends list is empty!
Comment
-
Re: GnuPG on System i
Changed code to below. Worked perfectly the first time running this program only.
The second time I ran it and every time after I get a terminal message below. I signed out and back in and got the same.
Code:qsh: 001-0019 Error found searching for command gpg. No such path or directory. Press ENTER to end terminal session.
Code:Message . . . . : QSH0005 received by WFGNUPG01C at 1500. (C D I R) Cause . . . . . : Control language (CL) program WFGNUPG01C in library HB2320MOD detected an error at statement number 1500. Message text for QSH0005 is: Command ended normally with exit status 127. Recovery . . . : This inquiry message can be avoided by changing the program. Monitor for the error (MONMSG command) and perform error recovery within the program. To continue, choose a reply value.
Code:PGM DCL VAR(&CMD) TYPE(*CHAR) LEN(1000) ADDENVVAR ENVVAR(QIBM_QSH_CMD_ESCAPE_MSG) VALUE(Y) + REPLACE(*YES) CHGVAR VAR(&CMD) VALUE('PATH=$PATH:/QOpenSys/usr/bin && + gpg --batch --yes + --armor + --recipient "xxx" + --local-user "xxx" + --sign + --encrypt "/folder/wfachout.txt"') QSH CMD(&CMD) ENDPGM
Your friends list is empty!
Comment
-
Re: GnuPG on System i
If you are using my port of GnuPG, it puts the links in /QopenSys/usr/local/bin. you are adding /QOpenSys/usr/bin (which isn't the same) to your PATH... that's why it can't find the programs.
Maybe try something like this:
Code:CHGVAR VAR(&CMD) VALUE('PATH=$PATH:/QOpenSys/usr/bin+ :/QOpenSys/usr/local/bin && + gpg --batch --yes + --armor + --recipient "xxx" + --local-user "xxx" + --sign + --encrypt "/folder/wfachout.txt"')
Comment
-
Re: GnuPG on System i
Originally posted by Scott Klement View PostIf you are using my port of GnuPG, it puts the links in /QopenSys/usr/local/bin. you are adding /QOpenSys/usr/bin (which isn't the same) to your PATH... that's why it can't find the programs.
Maybe try something like this:
Code:CHGVAR VAR(&CMD) VALUE('PATH=$PATH:/QOpenSys/usr/bin+ :/QOpenSys/usr/local/bin && + gpg --batch --yes + --armor + --recipient "xxx" + --local-user "xxx" + --sign + --encrypt "/folder/wfachout.txt"')
Okay, that was it. I guess I can understand why the first time in it was good and thereafter a mess. Thank you.
Everything seems to be working. I just ran the whole CL flow with the RPG calling Java and it's working as expect (just like you wrote it)!
Thanks Scott.Last edited by mjhaston; May 13, 2014, 03:51 PM.Your friends list is empty!
Comment
Comment