Here is another possibility. As in your possibility number 1 write a CMS format on every new disk. Then run CMS2CDL exec which can be downloaded from IBM's VM download page. The CMS2CDL runs very quickly, it only writes a CDL VTOC with LINUX partition information. CMS2CDL first checks that the disk is CMS format.
DEF T3390 100 100 format 100 z DMSFOR603R FORMAT will erase all files on disk Z(100). Do you wish to continue? Enter 1 (YES) or 0 (NO). 1 DMSFOR605R Enter disk label: t100 DMSFOR733I Formatting disk Z DMSFOR732I 100 cylinders formatted on Z(100) Ready; T=0.01/0.02 08:46:36 cms2cdl 100 Ready; T=0.01/0.01 08:47:33 lvtoc 100 Extent information for dasd at 100 volid= 00T100 FROM CYL-HEAD TO CYL-HEAD --- DSN --- 00000 00000 00000 00000 * * * RESERVED * * * 00000 00001 00000 00001 * * * V T O C * * * 00000 00002 00099 00014 LINUX.V00T100.PART0001.NATIVE Ready; T=0.01/0.01 08:41:15 On Wed, Mar 13, 2013 at 1:59 AM, Pavelka, Tomas <tomas.pave...@ca.com>wrote: > Thanks for the replies, here are my thoughts on the problem: > > I agree that before a minidisk is given to a guest (before the guest is > started for the first time) the minidisk needs to be formatted and any data > that was previously on the disk erased. The question is, when to do it and > from which OS. > I have the ability to create both the new guest and the minidisk from > Linux (via SMAPI) but not the ability to safely format the disk from Linux, > because I cannot safely bring the disk online for format. By unsafe I mean > that bringing the disk online can create contention on the real device that > can last several minutes. > > There are several possibilities I can think of: > 1) Format every newly created disk in CMS before formatting in Linux. > Directory maintenance products can do this. This means every disk would be > formatted twice and every new disk creation would take twice as long > (unless you stay with CMS format and not use CDL at all). > 2) Do a security erase on every deleted disk. Again directory managers can > do this, but the setting is optional. If you want to do this, you have to > follow this rigorously on the entire DASD pool on which minidisks are > created. One deletion without security erase can potentially cause trouble. > 3) Write nonsense data to the first tracks of the disk so that Linux would > not recognize it as a known format and would not go into loops when the > data on the disk is not right. Similar to 1) but faster. > > After this, it is safe to format a disk with CDL from Linux. > > As Mark has suggested, I need the ability to format the disk from Linux > without needing to put it online first with Linux examining the contents. > Without this, the CDL format is incomplete as it can only be safely applied > to an already formatted disk. > > As for the security question about Linux running on LPAR with disk shared > by z/OS: what makes Linux different from other platforms? If Linux is not > used to format disks, there must be another OS that has the ability to wipe > out any of the shared disks and the person doing the format must know which > disk they are formatting. Also, we are talking about security in the sense > of preventing accidental deletion. A malicious user having access to Linux > sharing disks with zOS can do harm to the shared disks by using > raw_track_access unless the shared disks are protected against access from > Linux. (As long as the attacker knows CKD architecture. As I have recently > learned, you cannot just redirect /dev/zero to the disk in raw track format > ;-)) > > Tomas > > ---------------------------------------------------------------------- > For LINUX-390 subscribe / signoff / archive access instructions, > send email to lists...@vm.marist.edu with the message: INFO LINUX-390 or > visit > http://www.marist.edu/htbin/wlvindex?LINUX-390 > ---------------------------------------------------------------------- > For more information on Linux on System z, visit > http://wiki.linuxvm.org/ > ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to lists...@vm.marist.edu with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For more information on Linux on System z, visit http://wiki.linuxvm.org/