> I think you missunderstand me here. > I will not use telnet to login or anything like that, it was just an example > of > how to make the Linux read data from a predefined cmsfile, that has > accessrules protecting it. > Not to mention you need a VMuserid to get in.
OK, I'm totally confused now. The way I read your suggestion was that you would put an entry in /etc/inetd.conf (or an entry in /etc/xinetd.d if you're using xinetd) that would trigger a Linux program to read a predefined CMS file and execute the statements in that file when a connection is made to the designated port. Telnet has no way to communicate the identity of the invoker (the telnet protocol doesn't collect or pass userids), and you have to define in the inetd entry what user is to be used as the effective uid under which the script statements are executed (ie, if you ever want to execute a privileged command, you have to let all users have that capability). Sudo doesn't help here because you don't know who is initiating the job, and thus you can't limit what it can do because you don't know who is running it. I see that you would have to have a VM userid to write the file of commands for a specific user, but there's no way to communicate to your script what specific user you're talking about, so there's only one possible file and one possible user context to use to execute the script. > So you need access in z/VM to write any useful data into that cmsfile, then > for example ssh into port xxxxx With a short timeout, and not even > expecting to get logged in. But you don't have ssh on CMS, which is the reason for this discussion in the first place -- all you have is rexec, which requires the rsh-daemon on Linux. If you have ssh, then this entire rigamarole is unnecessary. > No way to mess with that cmsfile unless you have a VMuserid and the > access. Another way around this (and maybe a better one in the long run) is to write a NQS client for CMS. Or use NJE. ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to lists...@vm.marist.edu with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For more information on Linux on System z, visit http://wiki.linuxvm.org/
