Post-Install Optimizations

From Try-AS/400
Revision as of 19:09, 28 January 2022 by PoC (talk | contribs) (→‎Change Program Defaults: +STRPASTHR)
Jump to navigation Jump to search

OS/400 provides a lot of default values for variables (affecting the run-time environment) and program options. Some of these make sense, some of them are kept consistent with earlier versions of the OS because of compatibility reasons by IBM.

Some of these recommendations might not be appropriate for you by various reasons. Don't apply blindly. Know what you do, use the online help to retrieve background information on the topic in question.

The findings below are based on V4R5 with annotated exceptions for newer releases.

Housekeeping

These are settings and scheduled jobs to keep your system uncluttered.

Change unneeded programs to not run

We most likely don't need to run lpd and smtpd to run per default.

CHGLPDA    AUTOSTART(*NO)
CHGSMTPA   AUTOSTART(*NO)

You can easily check all settings at once by using STRDFU OPTION(5) on the file QUSRSYS/QATOCSTART. These are not needed in general. Depending on OS version, not all entries may be available.

  • *DIRSRV
  • *NETSVR
  • *SLP

Change uninstalled programs to not run

If you did not install the Ultimedia package, you can remove the pre started job from the QSYSWRK subsystem description to make it not generate an error message at IPL time.

RMVPJE SBSD(QSYSWRK) PGM(QUMEDIA/QUMBPJTC)

If you did not install the Directory Services package (aka LDAP), you can remove the auto started jobs from the QSYSWRK subsystem description to make them not generate an error message at IPL time.

RMVAJE SBSD(QSYSWRK) JOB(QGLDPUBA)
RMVAJE SBSD(QSYSWRK) JOB(QGLDPUBE)

Both is valid and tested for V4R5.

Cleanup unneeded stuff

These objects come by default at OS install time, are not needed to my knowledge, and thus can be safely deleted:

DLTOUTQ    OUTQ(QDKT)
DLTOUTQ    OUTQ(QPFROUTQ)
DLTOUTQ    OUTQ(QPRINTS)
DLTF       FILE(QPRINTS)
DLTOUTQ    OUTQ(QPRINT2)
DLTF       FILE(QPRINT2)
DLTOUTQ    OUTQ(QTPPPOUTQ)
DLTDEVD    DEVD(QESPAP)
DLTDEVD    DEVD(QIADSP)
DLTDEVD    DEVD(QIAPRT)
DLTDEVD    DEVD(QQAHOST)
DLTDEVD    DEVD(QTIDA)
DLTDEVD    DEVD(QTIDA2)
DLTCTLD    CTLD(QESCTL)
DLTCTLD    CTLD(QTICTL)
DLTLIND    LIND(QESLINE)
DLTLIND    LIND(QTILINE)

System Values

System values are like environment variables as known from common operating systems. They influence system operation. I recommend the following changes.

System Control

  • Change work environment to separate subsystems for different kind of jobs. This also makes it easy to introduce your own subsystems.
CHGSYSVAL SYSVAL(QCTLSBSD) VALUE('QCTL QSYS')
  • Set automatic DST adjustment, and UTC offset. This value is valid for Central Europe (Berlin, Paris, …) Note! This variable is not available in V4R5.
CHGSYSVAL SYSVAL(QTIMZON) VALUE('QP0100CET2')
  • Lessen time to automatically end disconnected interactive jobs (sessions).
CHGSYSVAL SYSVAL(QDSCJOBITV) VALUE('60')

(Memory) Allocation

  • Adjust automatic performance values only at runtime, not at IPL.[1]
CHGSYSVAL SYSVAL(QPFRADJ) VALUE('3')
  • Allow memory pools to self adjust depending on jobs running. You can adjust the maximum active jobs per pool in the WRKSHRPOOL display.[2]
CHGSHRPOOL POOL(*BASE) PAGING(*CALC)
CHGSHRPOOL POOL(*INTERACT) PAGING(*CALC)
CHGSHRPOOL POOL(*SPOOL) PAGING(*CALC)
  • Reservations for job related data structures at IPL time. See DSPSYSSTS and set to slightly more than the Jobs in System value to be seen there.[3]
CHGSYSVAL SYSVAL(QTOTJOB) VALUE(100)
  • Reservations for job related data structures at IPL time. See WRKACTJOB and set to slightly more than the Active Jobs value to be seen there.
CHGSYSVAL SYSVAL(QACTJOB) VALUE(95)
  • Maximize TCP buffers for maximum performance, especially on faster links.
CHGTCPA TCPRCVBUF(8388608) TCPSNDBUF(8388608)
  • Make sure, database tasks can use system resources as needed.
CHGSYSVAL SYSVAL(QQRYDEGREE) VALUE(*OPTIMIZE)
  • When interactive jobs require more CPU time than being allowed by default (2 seconds),[4] to finish a block of processing, allow that memory to be taken from the *BASE pool. Advantage: The QINTER subsystem pool will not be subject to auto adjustment because of jobs which are supposed to run in batch.
CHGSYSVAL SYSVAL(QTSEPOOL) VALUE(*BASE)

Message-and-Logging

  • Allow immediate deletion of problem reports.
CHGSYSVAL SYSVAL(QPRBHLDITV) VALUE(0)
  • Do not log software errors. We can't do much about these anyway, seen from a hobbyist viewpoint.
CHGSYSVAL SYSVAL(QSFWERRLOG) VALUE(*NOLOG)
  • Maximize Central Syslog (viewable with DSPLOG size to lessen rotation frequency. Depending on OS version only VALUE(32767) may be valid.
CHGSYSVAL SYSVAL(QHSTLOGSIZ) VALUE(*DAILY)
  • Raise allowed unsuccessful sign on tries before taking action.
CHGSYSVAL SYSVAL(QMAXSIGN) VALUE('15')
  • Minimize logging for sessions disconnected beause of device errors.
CHGSYSVAL SYSVAL(QDEVRCYACN) VALUE(*ENDJOBNOLIST)

Security System Values

  • Unrestrict automatic creation of system objects triggered by external (network) requests.
CHGSYSVAL SYSVAL(QAUTOVRT) VALUE(*NOMAX)
  • Allow restore with all security relevant flags.
CHGSYSVAL SYSVAL(QALWOBJRST) VALUE(*ALL)
  • For TCP connections to work, we need encrypted passwords.
CHGDDMTCPA PWDRQD(*ENCRYPTED)
  • Allow QSYSOPR signon to all devices.
CHGSYSVAL SYSVAL(QLMTSECOFR) VALUE('0')
  • Raise maximum password length to maximum value.[5]
CHGSYSVAL SYSVAL(QPWDMAXLEN) VALUE(10)
  • Raise minimum passsword length for security reasons.
CHGSYSVAL SYSVAL(QPWDMINLEN) VALUE(8)

Misc

  • PTF install shall be done on unattended IPL time.
CHGSRVA PTFINSTYP(*DLYALL)
  • Provide European style formatting.
CHGSYSVAL SYSVAL(QCURSYM) VALUE('€')
CHGSYSVAL SYSVAL(QDECFMT) VALUE('J')
CHGSYSVAL SYSVAL(QSRTSEQ) VALUE(*LANGIDUNQ)[6]
  • Allow background compiling in PDM as ordinary user, and submitting batch jobs in general.
GRTOBJAUT OBJ(QGPL/QBATCH) OBJTYPE(*JOBD) USER(*PUBLIC) AUT(*USE)
  • Tweaking automatic cleanup (like logrotate).
CHGCLNUP  ALWCLNUP(*YES) STRTIME('02:22:22') USRMSG(7) SYSMSG(3) SYSPRT(7) SYSLOG(14) CALITM(*KEEP)
  • Change general SNA networking attributes. This is one long line. Take care to get it completely.
CHGNETA JOBACN(*SEARCH) VRTAUTODEV(254) MDMCNTRYID(DE)

Charset Conversion

In addition, OS/400 has a default value of 65535 for QCCSID. It should be set to a value being dependent on the installed language, to enable automatic translation of data on disk to the display device, and back. For Germany, the correct value is 273, and for US, it's 37. A good hint is to check your 5250 emulator program for possible values.

IPL Customization

With this procedure, the current startup program for the OS can be retrieved for easy customization.

RTVCLSRC   PGM(QSTRUP) SRCFILE(QCLSRC)
WRKMBRPDM  FILE(QCLSRC) MBR(QSTRUP) MBRTYPE(CLP)
CRTCLPGM   PGM(QSYS/QSTRUP)

Change Program Defaults

  • File creation and change defaults.
CHGCMDDFT  CMD(CRTPF) NEWDFT('SIZE(*NOMAX *N *N) WAITFILE(*IMMED) WAITRCD(*IMMED) REUSEDLT(*YES)')
CHGCMDDFT  CMD(CHGPF) NEWDFT('DLTDEPLF(*YES) SIZE(*NOMAX *N *N) WAITFILE(*IMMED) WAITRCD(*IMMED) REUSEDLT(*YES)')
CHGCMDDFT  CMD(CRTLF) NEWDFT('WAITFILE(*IMMED) WAITRCD(*IMMED)')
CHGCMDDFT  CMD(CHGLF) NEWDFT('WAITFILE(*IMMED) WAITRCD(*IMMED)')
  • No unnecessary wait for power down. CONFIRM(*NO) can be added for newer releases to suppress prompting.
CHGCMDDFT  CMD(PWRDWNSYS) NEWDFT('OPTION(*IMMED) ENDSBSOPT(*NOJOBLOG)')
  • Don't waste time displaying a not so very much interesting screen prior to connection.
CHGCMDDFT CMD(STRPASTHR) NEWDFT('PASTHRSCN(*NO)')

Regular Cleanup jobs

See job comment TEXT for details. These are long lines. Take care to get it completely.

ADDJOBSCDE JOB(PRGPRB) CMD(DLTPRB STATUS(*CLOSED)) FRQ(*WEEKLY) SCDDATE(*NONE) SCDDAY(*ALL) SCDTIME('13:22:00') MSGQ(*LIBL/QSYSOPR) TEXT('Purge closed and deletable problem entries')
ADDJOBSCDE JOB(RCLTMPSTG) CMD(RCLTMPSTG DAYS(30)) FRQ(*MONTHLY) SCDDATE(*MONTHSTR) SCDDAY(*NONE) SCDTIME('13:24:00') MSGQ(*LIBL/QSYSOPR) TEXT('Reclaim temporary storage')
ADDJOBSCDE JOB(RTVDSKINF) CMD(RTVDSKINF) FRQ(*MONTHLY) SCDDATE(*MONTHSTR) SCDDAY(*NONE) SCDTIME('13:34:00') MSGQ(*LIBL/QSYSOPR) TEXT('Retrieve disk space stats')
ADDJOBSCDE JOB(QPGMRCLR) CMD(CLRMSGQ MSGQ(QPGMR) CLEAR(*KEEPUNANS)) FRQ(*WEEKLY) SCDDATE(*NONE) SCDDAY(*ALL) SCDTIME('07:07:07') RCYACN(*NOSBM) MSGQ(*NONE) TEXT('Delete uninteresting messages')

Additional Steps for at least V7R2 and probably newer

After trying to enter SST, one gets the message that the password has expired. But the password cannot be changed. Re-IPL in manual mode, or force DST display via control panel.

  • Choose 5. Work with DST environment and 3. Service tools user IDs.
    • Disable the "backdoor" profile 11111111,
    • Change password for QSECOFR, Set password to expired to 2=No.
  • Press F12 and choose 5. Work with DST environment and 6. Service tools security data.
    • Enter 0 into the field 8. Password expiration interval in days, 8 into the Selection field, and press return.
    • Enter a high number (like 12) into the field 9. Maximum sign-on attempts allowed, 9 into the Selection field, and press return.
    • Enter 0 into the field 10. Duplicate password control, 10 into the Selection field, and press return.

Now exit DST.

You may choose to enter SST, enter 7 for Work with system security, and set Allow a service tools user ID with a default and expired password to change its own password to 1=Yes. Since we changed password expiry to never, this step is entirely optional.

See also

Footnotes

  1. If you change the amount of memory for the machine, temporarily adjust the value to '2', make the memory change and then change the value back to '3' — no further IPL needed.
  2. Press F21 to switch to view 2 or 3 to have adjustment possibilities.
  3. Press F21 to switch to view 2 or 3 to see the overall job count.
  4. This is set in *CLS objects.
  5. In newer OS versions, an additional variable QPWDLVL allows even longer passwords.
  6. This value isn't available with V4R5. You can use *LANGIDSHR there.