z10 hmc 3270 emulator and ind$file
I am working on a new z/os installation on a z10 with hardly any connectivity. We have a 16 port switch next to the computer with the 2 HMCs, SE and OSA/ICC plugged into it. I am allowed to connect my government issued laptop to the switch, but I am not going to be on-site after a while. The next wave of people to do vendor installs will not have government laptops and will not be allowed to bring non-government laptops onto the floor. So the question is, can we use the HMCs to transfer data to z/os via ind$file using either the HMC DVD or USB ports? If so, how do you figure out what the path is that you specify in the (x3270) emulator? Thanks, Greg Smith -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: System Pack vs Starter System + ServerPac
> When do you plan to install the new z10? We plan to have the Customized > Offerings Driver available on DVD next month. If you need to put the > z10 in before that, have the IBM account team contact me directly and I > will put them in touch with the people who are supporting an interim > DVD-based procedure for loading the COD on systems without compatible > tape drives. John, Thanks (so very much) for the reply. As I understand, the z10 is sitting on the floor but the peripherals have not yet all arrived. I also understand that we are getting two standalone tape drives. And it seems that the z/os software order is stalled in the bureaucracy somewhere. If you could reply to me privately I can give you more information. Greg Smith -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
System Pack vs Starter System + ServerPac
We are putting up a new z10 at a facility that does not have any mainframes. I do not think the z10 will have any real tape drives (it will have a vtl). How do we install the operating system? I've been told that IBM is proposing a "System Pack" installation method. Does anyone know where I can find information on this? Thanks, Greg Smith -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: tar limitation preventing SAS install
We ran into the same tar problem. I run Fedora linux on my laptop and did something like: cd /media/ tar cf ~/sas92.ds01.tar ./ and ftp'ed that to z/os on the omvs side. Using pax to unpackage the archive resulted in the error. I then installed pax on my laptop and that did the trick. But, as others mentioned, you have to have an x11 server running on your workstation and a fairly recent level of java on z/os. You also need sufficient memory size and cpu time for your installation process plus a lot of disk space. Greg Smith -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
New Z10 install [was Re: ... cheap dasd]
We are planning to install new z10s into two data centers that do not currently have mainframes. I'm not sure if we are planning to have standalone tape drives (we will have vtls). What is the process to install z/os 1.12 in this scenario? I was hoping we could load some kind of starter system from the HMC and use that to install the serverpac (or is it custompac?) from shopzseries. Greg Smith -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Esoterics
We are in the process of migrating a smallish system from one location to another. The plan is to dump all the dasd to tape at the original location, ship the tapes to the new location, and restore the tapes to new dasd. The hardware at the new location is similar but not identical to the hardware at the old location. Therefore we are creating a new IODF and IOCP deck on a different system to use at the new location. I am thinking we are going to have a problem with the esoterics. The system does not use tokens for their esoterics. So I am thinking that we have to define the esoterics in the same order they were defined at the original location. But how do we find that out? The HCD report that was sent to us lists the esoterics in alphabetical order. To refresh my memory, I think this is how esoterics work. If tokens are not used then the order that the esoterics are defined is important. The catalog for a dataset cataloged with an esoteric unit type gets the sequence number of the particular esoteric in the list of esoterics. If tokens are used, then the token for an esoteric is a unique number that is stuffed into the catalog instead. The advantage using tokens is that you can delete an esoteric and not have the values of other esoterics possibly change? Is that right? What happens if you delete an esoteric with a token and that token is set in a catalog entry somewhere? Also, isn't there some kind of conversion job to convert catalog entries from sequence numbers to token numbers? Or was it a report job that listed catalog entries that were cataloged using esoterics? It's been so long ago that I last dealt with this stuff. But I don't want the system at the new location trying to mount tapes on dasd devices ... and vice versa!! Finally, a last question. If we substantially use the same device numbers, can we bring up the new system using the old system's IODF? The new system's IOCDS will be built with the new IOCP deck, so there may be mismatches on some chpids and control unit types between the IODF and the IOCDS. How much does MVS care what is correct in the IODF? After the initial IPL we can of course correct the IODF and get everything into sync. Thanks, Greg -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: 1960's IBM ad information with the Muppets
> Try using GOOGLE. Also check YouTube. Then report back with any URLs you > find. http://www.youtube.com/watch?v=QtCqcKzSVCU http://www.youtube.com/watch?v=hK5CE3T0aoU http://www.youtube.com/watch?v=RowwNXKEt4k -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: Jes2 Converter abend d37
> Does this job execute w/o error at the vendor site? > > If so, what are they doing that your site does not (or vice versa)? > > If NOT, change vendor! (Who wants to trust/rely on a vendor who does not > even test his installation deck?) > The error occurred in the converter. This means the job was succesfully submitted. Remember, converter processing is the next stage after input processing. My guess is that Roger's site has some product that hooks into a converter exit and it is that product that is bombing off (vanilla conversion does not write to temp datasets). It would be a shame to drop the vendor because some other vendor caused the problem. Greg -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: Mainframe hacking (getting back on topic)
> WRT an "outside" threat, I am willing to accept (and I acknowledged > this in my prior post) that the z/OS's defense against non-APF > authorized threats is "bulletproof". But then to just leave the issue > there is, I think, complacent. We had an interesting intrigue about a dozen years ago. I don't know the details, but rumor has it that 1) The agency upset a powerful large corporation 2) The corporation went to their bought and paid for congressman for releif 3) The congressman got the OIG to start a surreptitious audit 4) The OIG obtained some userids on the mainframe and borrowed some NSA types. 5) These guys found a least 3 ways to get into supervisor state as a normal user without any apf access They did not hack into any IBM code and fortunately for us they were unable to hack into any of our in-house code. Instead they found loop holes in vendor code, particularly vendor SVCs. One method was where the SVC was called by an unauthorized program and passed the SVC a chunk of key 8 storage. The SVC would then use that storage as a temporary save area. So the program would schedule a stimer exit to pop in a very short period of time and then issue the SVC. If the timer popped at the right time, it would change the return address so that the SVC code would branch into the unauthorized program in supervisor state key zero. One exploit of this nature was only successful in about 1 out of 100 attempts, but I could run it a 1000 times a second so that didn't matter. This exploit shows why authorized routines in supervisor state and/or key zero should be careful about what data they store into key 8 storage. Greg Smith -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: remote support questions - curiousity
Ed Finnell wrote: In a message dated 11/13/2006 10:44:35 A.M. Central Standard Time, [EMAIL PROTECTED] writes: windows PC than os/2 was. I find it at last practical to use from home, especially to logon to the SE's . so do the hackers We have an interesting setup here. At home we connect to a Windows 2003 server via a VPN and a remote desktop application. We signon using regular authentication and then authenticate using an RSA SecureId card. From the remote desktop I can start up IE and connect to the HMC, which is only visible to the intranet. The HMC application is another kind of remote desktop. In turn, connecting to the SE from the HMC is a further remote desktop. It's kind of interesting to move the mouse around going thru 3 remote desktops!! Greg Smith -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: EXCP with a DEB
Richard Peurifoy wrote: I was curious, so I did a GTF trace and see I/O to the PDS to count the number of directories. SVC 0 is used and shows a DDNAME of , a DCB addr, and a DEB addr. There is no OPEN, CLOSE, DYNALLOC, or DEBCHK SVC. There may be branch entries internally for these services, or the routine may just build all the control blocks itself. I wrote a program of few years back, offlindr, that dumps/restores logically offline dasd (eg z/vm or linux volumes). Looks like one place you can find it is http://www.clueful.co.uk/mbeattie/s390/offlindr.jcl Yes, apf authorization is absolutely required. A number of years ago we were the object of a political intrigue. Government agents on behalf of a congressman obtained legitimate userids to our system and spent some number of months trying, as a normal user, to get into supervisor state and/or key 0. They were unable to discover such a method in IBM code and (thankfully) our home-grown code, but did discover three methods through vendor software. One method that I recall is using a particular vendor svc. A key 8 storage area was passed to the svc and the svc used some of that area as an internal save area. The exploit simply issued a stimer for a short duration, and then issued the svc. If the stimer exit got scheduled at the right time, it simply modified the return address in the save area. The method only worked about once in a thousand attempts but considering that we could iterate this procedure tens of thousands of times a second it was virtually instantaneous. I did notify the vendor and the exposure was fixed. Greg Smith -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: destructive overlap
Paul Gilmartin wrote: In a recent note, Greg Smith said: Date: Wed, 6 Jul 2005 12:26:01 -0400 ds 0d a ds 12x b ds 16x But if I code mvc b(16),a the overlap is destructive (ie b won't necessarily be an exact copy of a). Would a concurrent copy occur? (in this case, a concurrent copy could occur without affecting the result). No. I believe the "destructive" character of the overlap has long been part of the specification of MVC. In particular, programmers of old were accustomed to blanking out a buffer with: MVI C' ',A MVC A+1(L'A'-1),A (before padding MVCL). -- gil Well that's what I would think. I'm trying to understand concurrent copy better - as I understand it, if the dest and source begin on the same byte boundary in a doubleword, doublewords are fetched and stored concurrently and if they are off by 4 then fullwords are fetched and stored concurrently (once you get to the proper boundary). However, if there is destructive overlap, then bytes are moved 1 at a time. But, I cannot get the program below to fail. Either I don't quite understand destructive overlap (tfm: ` Destructive overlap is said to exist when the result location is used as a source after the result has been stored, assuming processing to be performed one byte at a time') or there is concurrent copy if the source and dest are far enough apart. Greg MVCTEST CSECT SAVE (14,12) lr 12,15 using MVCTEST,12 IDENTIFY EP=SUBTASK,ENTRY=SUBTASK ATTACH EP=SUBTASK loopmvca(32),c mvca(16),b mvcb(16),a clisw,0 be loop STIMER WAIT,BINTVL==f'5' RETURN (14,12),RC=0 SUBTASK SAVE (14,12) lr 12,15 ahi12,MVCTEST-SUBTASK l 0,=a(N) loop2 l 1,b cl 1,c+12 be cont cl 1,c+24 be cont cl 1,c be cont mvisw,1 dc h'0' contbct0,loop2 mvisw,1 RETURN (14,12),RC=0 N EQU5 sw dc f'0' ds d a ds 12x b ds 20x c dc x'01020304',x'05060708',x'090a0b0c',x'0d0e0f10' dc x'11121314',x'15161718',x'191a1b1c',x'1d1e1f20' end -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
destructive overlap
I am trying to figure out precisely what is destructive overlap. Does destructive overlap imply nonconcurrent copy (and vice versa)? For example: ds 0d a ds 12x b ds 16x mvc a(16),b Here is an overlap but it is non-destructive. I would assume the copy is concurrent? But if I code mvc b(16),a the overlap is destructive (ie b won't necessarily be an exact copy of a). Would a concurrent copy occur? (in this case, a concurrent copy could occur without affecting the result). Thanks, Greg Smith -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: Sync A z/OS Clock To An SNTP Time Server?
Paul Gilmartin wrote: There is __no__ way to update the TOD clock other than via an ETR. That z/OS can function as an NTP server, but not as an NTP client is arrogant, perceived by non-mainframe-partisans as "radically immature". Not everyone can be emperor. That said, what are the practical considerations? I know some of the IBMers will cringe at this, but the clock can be set programmatically. For example, consider the `operator prompt' line in the clockxx member. This causes message iea888a to be issued during ipl where `Resetting GMT time causes the TOD clock to be reset.' Manual also says the message is issued by ieavrtod. Looking at this module you can see that it does indeed issue the SCK (b204) instruction. There are considerations, such as getting the TOD clock synced on all CPUs, and if the clock is fast, you should probably spin for the appropriate interval instead of setting the TOD clock into the past. Greg Smith -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html