On Wednesday, 10/12/2005 at 05:24 ZE2, Carsten Otte <[EMAIL PROTECTED]> wrote: > Adam Thornton wrote: > > On Oct 12, 2005, at 8:50 AM, Alan Altmark wrote: > > > >>>> 88 == minidisk password validation > >>>> > >> It is actually a proxy-LINK function for multi-client SVMs. It > >> also has > >> logon password and LOGON-BY validation. This could have some value. > > > > Logon password and logonby validation would be very useful for me. > > Think of it as the foundation for pam_vmcp. > Hm. So what the diagnose does is check if a given user/pass combination > is valid for CP?
Yes. However, if an ESM is active, you have to issue the CMS RPIVAL command since checking the CP directory isn't useful. I recognize that issuing RPIVAL is problematic for Linux and am working to address that problem in a future release of z/VM. Each ESM product does a product-specific thing inside the RPIVAL command. The RPIVAL program that comes with RACF/VM simply issues a diagnose 0xA0 subcode 4 (see the RACF/VM Macros and Interfaces book). What you do if another ESM is installed, is up to the vendor - ask them. And before you ask, no, there's no [programmatic] way to tell which ESM is installed. Diagnose 0xA0 subcode 8 only tells you an ESM is present - not which one. Using VM for Linux authentication and access control purposes is an area of intense interest to me. Alan Altmark z/VM Development IBM Endicott ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
