Why do you specify MR when you really mean M or W? -----Original Message----- From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On Behalf Of Jim Vincent Sent: Thursday, June 29, 2006 10:08 AM To: IBMVM@LISTSERV.UARK.EDU Subject: Re: Define MDisk Question
Your steps are spot-on except for one small part. You do not have to let the linux guest do a DEFINE MDISK nor have class A. Simply add the MDISK entry to the directory and then on the linux guest, do a CP LINK * cuu cuu MR to get access to it. Make sense? In fact, there is a good paper on limiting the privilege class and commands allowed for a linux guest. It is a good read and gives some excellent ideas on how to protect a linux guest from shooting itself in the foot. _______________________________________ James Vincent Systems Engineering Consultant Nationwide Services Co., Technology Solutions Mainframe, z/VM and z/Linux Support One Nationwide Plaza 3-20-13 Columbus OH 43215-2220 U.S.A Voice: (614) 249-5547 Fax: (614) 677-7681 mailto:[EMAIL PROTECTED] The IBM z/VM Operating System <IBMVM@LISTSERV.UARK.EDU> wrote on 06/29/2006 10:00:41 AM: > IBMVM@LISTSERV.UARK.EDU > > First, apologies as I am a VM newbie. (And a linux newbie, for that > matter). > > We would like to be able to add dasd to a linux's logical volume group > on > the fly. We have been able to do this by making sure all our dasd is online > at ipl, then we det the dev from system, att it to our userid, format > it, > att it back to system and then do a define mdisk from the linux vm userid. > We then add it to user direct for the next time the linux user logs > off and > back on. > The trouble with this is, the linux guest must have "A" priveledge and > devmaint, which is undesirable. Does anyone know of a way around this? > Ideally, what I'd like is the ability to specify a userid on the > define mdisk, so that another ID could do it for the linux guest. As I > see it, we > either use devmaint or have to logoff/on the guest. > > Any thoughts or suggestions would be appreciated. > > Regards, > Mary Anne -------------------------------------------------------- If you are not an intended recipient of this e-mail, please notify the sender, delete it and do not read, act upon, print, disclose, copy, retain or redistribute it. Click here for important additional terms relating to this e-mail. http://www.ml.com/email_terms/ --------------------------------------------------------
