Robert - the read-only seemed harmless and as far as security that could get ugly, We sue CA TSS thru PAM calls and I would not want even ask what that would cause. really thank you for taking the time
Richard (Gaz) Gasiorowski Solution Architect CSC 3170 Fairview Park Dr., Falls Church, VA 22042 845-889-8533|Work|845-392-7889 Cell|rgasi...@csc.com|www.csc.com This is a PRIVATE message. If you are not the intended recipient, please delete without copying and kindly advise us by e-mail of the mistake in delivery. NOTE: Regardless of content, this e-mail shall not operate to bind CSC to any order or other contract unless pursuant to explicit written agreement or government initiative expressly permitting the use of e-mail for such purpose. From: RPN01 <nix.rob...@mayo.edu> To: LINUX-390@vm.marist.edu Date: 11/07/2011 10:54 AM Subject: Re: mvsdasd Since you got no replies, I took a quick look at the site. Since it creates a read-only mount, I don't see how you're going to hurt anything, so that would eliminate any of the "scary" portion, in terms of Sysplex membership concerns. Security concerns should be controlled from a z/VM standpoint, in that if you don't want the Linux image to see it, don't give it a link to the disk. If you're worried about a rogue z/VM administrator, he's got CMS, which could do far more damage than a Linux image. The mvsdasd driver doesn't support pdse or vsam, so it can't see most of what z/OS does these days. I'm not too sure how useful it would be, other than to get a view into flat files for the exchange of information meant specifically for z/OS to Linux communications. On this point, it could be fairly handy, but most sites will already have ftp or nfs traffic in place to do this. Giving access to an entire disk to access a single text file doesn't seem practical, and doesn't account for the fact that files' locations aren't fixed in z/OS, so a great deal of legwork would be involved just in locating the file and setting up the transaction, where FTP could be far more simple and straight forward. The driver itself makes a number of assumptions about the way z/OS sites "do business" that smack of 1980's thinking. The z/OS world generally doesn't work this way any more at the majority of sites, which leaves this technology in the dust. In today's world, you never specify the volume where a file will be created. The system takes care of this, based on standards set up by the administrators. It certainly wouldn't work here at all. I wouldn't even be able to get the "security file" on a volume here, as its name doesn't fit into the file naming standard here. The high-level-qualifier doesn't match anything used here, and so could never be created. They've written this for their own site, without any thought about what might be required anywhere else. It's a product that solved problems 30 years ago. It just got written far too late. Hope this helps. -- Robert P. Nix Mayo Foundation .~. RO-OC-1-18 200 First Street SW /V\ 507-284-0844 Rochester, MN 55905 /( )\ ----- ^^-^^ "In theory, theory and practice are the same, but in practice, theory and practice are different." On 11/6/11 2:19 PM, "Richard Gasiorowski" <rgasi...@csc.com> wrote: > Going to ask again since the first message was so popular I received no > responses. has anyone used this driver from mvsdasd.org? Interested in > any experience comments and gotcha's. Seems scary to open up z/VM access > to z/OS DASD which is a member of a sysplex. ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to lists...@vm.marist.edu with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For more information on Linux on System z, visit http://wiki.linuxvm.org/ ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to lists...@vm.marist.edu with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For more information on Linux on System z, visit http://wiki.linuxvm.org/