Re: RSCS question
Yet it also states: Remote Spooling Communications Subsystem (RSCS) V3.2.0 (5684-096) has bee n repackaged and is now available for licensing under International Program License Agreement (IPLA) terms and conditions. RSCS Function Level 530 (FL530) is available as a priced, optional, preinstalled feature of z/VM V5.3. So, what is it? Based on this entry I'd say nothing has changed and we ca n still have RSCS functionality. Perhaps a different function level but as long as it provides the same functions I don't care about a version number. But, as Ron pointed out, if RSCS is no longer available on zVM then I'd have to order zVM asap. Regards, Berry.
Re: RSCS question
Remote Spooling Communications Subsystem (RSCS) V3.2.0 (5684-096) has been repackaged and is now available for licensing under International Program License Agreement (IPLA) terms and conditions. RSCS Function Level 530 (FL530) is available as a priced, optional, preinstalled feature of z/VM V5.3. So, what is it? Based on this entry I'd say nothing has changed and we can still have RSCS functionality. Perhaps a different function level but as long as it provides the same functions I don't care about a version number. But, as Ron pointed out, if RSCS is no longer available on zVM then I'd have to order zVM asap. RSCS is and will continue to be available for all supported z/VM releases. If you are on z/VM 5.2, RSCS 3.2 is available. Note, z/VM 5.2 end of service is now one year away (April 30, 2009). If you are on z/VM 5.3, RSCS Function Level 5.3.0 is available. Same product, different pricing / licensing agreement. Best Regards, Les Geer IBM z/VM and Linux Development
Re: VTAM on an IFL?
Is there a list of z/VM software products and/or applications that will NOT run on an IFL? Ray Mrohs -Original Message- From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On Behalf Of Alan Altmark Sent: Saturday, April 26, 2008 11:55 PM To: IBMVM@LISTSERV.UARK.EDU Subject: Re: VTAM on an IFL? On Saturday, 04/26/2008 at 08:59 EDT, Mark Post [EMAIL PROTECTED] wrote: Compared to a CP, an IFL has one less instruction. This is not true, and if it were it wouldn't apply to GCS or VM/VTAM. And all of the business reasons for having an IFL still exist. Specialty engines of all flavors are designed to let you create configurations that meet your computing needs at a price you can afford. Alan Altmark z/VM Development IBM Endicott
Re: VTAM on an IFL?
will not and not licensed for are two different animals. I think the will not list is z/OS, z/OS.e, OS/390, and all of the less than z architecture system (VM/370, MVS, MVT, etc) The not licensed for list would be too extensive for IBM to consider publishing. It would be better to reverse the question. What can run (can be licensed for) an IFL? /Tom Kern On Mon, 28 Apr 2008 10:27:23 -0400, Mrohs, Ray [EMAIL PROTECTED] wrot e: Is there a list of z/VM software products and/or applications that will NOT run on an IFL? Ray Mrohs
Re: VTAM on an IFL?
On Monday, 04/28/2008 at 10:28 EDT, Mrohs, Ray [EMAIL PROTECTED] wrote: Is there a list of z/VM software products and/or applications that will NOT run on an IFL? VSE, MVS, TPF, any VM prior to z/VM V4 (including CMS itself). Other than that, no. All of the products that have IPLA (OTC) licenses will run. Any ICA (MLC) product for which you get a special bid will run. Technically, no claim is made about any product that is not otherwise licensed to run on IFLs, but as a practical matter I don't know of any CMS application that won't run on an IFL. Alan Altmark z/VM Development IBM Endicott
Re: RSCS question
And do the lpr/lpd and UTF functions still work if RSCS is unlicensed? Mike Harding, Consultant/Specialist The IBM z/VM Operating System IBMVM@LISTSERV.UARK.EDU wrote on 04/28/2008 04:50:49 AM: RSCS is and will continue to be available for all supported z/VM releases. If you are on z/VM 5.2, RSCS 3.2 is available. Note, z/VM 5.2 end of service is now one year away (April 30, 2009). If you are on z/VM 5.3, RSCS Function Level 5.3.0 is available. Same product, different pricing / licensing agreement. Best Regards, Les Geer IBM z/VM and Linux Development
Re: VTAM on an IFL?
With the IBM z10, you can mix standard and IFL engines in the same LPAR. So, if you put all your engines in the same LPAR, what does that do to licensing of 390 software that can also run on an IFL? Note that this is a statement of direction. A not as yet announced release of z/VM will be a pre-req for this support. Damn good question as to licensing! With our current licensing rules you would have to license z/VM on ALL the processors on the z10 if you are using this mode of LPAR (CPs and IFLs). This would probably also apply to any software running on z/VM that could run on either processor type (like VTAM). We will have to wait for the announcement to see what the licsening folks come up with, but I will certainly discuss this with them in advance. And then on the Linux side, would you then get charged for the 390 engines? i.e. DB2/UDB and Oracle Most of IBM's products which run on Linux on z (such as DB2 and WebSphere) have sub-capacity pricing which could be used in this environment. I believe Oracle and some (many?) of the ISVs also do this. You would need to talk to your ISV. Jim
Re: RSCS question
And do the lpr/lpd and UTF functions still work if RSCS is unlicensed? There is no change. The drivers that were no-charge with the RSCS product are still no-charge with the RSCS feature. Jim
Re: VTAM on an IFL?
Jim Elliot's licensing explanation is what we are experiencing. I just recently documented for IBM why we wanted VM/VTAM and how we would use it. Two years ago we were able to license this product with no problem on IFLs at one of our other sites. There were no technical issues running it, nor were there any issues with the rest of our admin software such as the CA VM:MANAGER products. That project was canceled and now we are standing up another LINUX only LPAR using IFLs. Like Tom Kern we use RSCS Networking to transfer data such as monitor and accounting files to our z/OS systems. However, our other (priority) VTAM requirement is for remote logons, as we have an agency-wide solution for IBM 3270 mainframe systems that requires VTAM to logon to the host. We are uncomfortably restricted in that the Department of Defense (DOD) Ports and Protocols List prohibits the use of telnet (even SSL), and port 23 is being systematically closed at all our firewalls in order to comply with our security directives, so essentially we're left with VTAM for remote logon access. Regards, Denny Burch z/VM and z/LINUX Systems DISA DECC Mechanicsburg 717 605-1181 (dsn) 430-1181 -Original Message- From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On Behalf Of Jim Elliott Sent: Saturday, April 26, 2008 10:52 To: IBMVM@LISTSERV.UARK.EDU Subject: VTAM on an IFL? Hi... Is anyone out there running VTAM under VM on an IFL? If so, what process did you use get it? Lee: VTAM will work on an IFL, the problem is in getting a special bid approved to license it. Note that IBM software will come up with a OTC price for this which will be very hefty, if they do approve a special bid. I am aware of a few customers that have this, but it was not easy to get. You need to be very specific about what functions in VTAM you NEED and why. Price will probably depend on what functions you need. Start with your IBM Software System z sales rep (cross brand). Jim
Re: VTAM on an IFL?
On Monday, 04/28/2008 at 11:42 EDT, Burch, Aubrey Dennis CIV DISA GS4B [EMAIL PROTECTED] wrote: We are uncomfortably restricted in that the Department of Defense (DOD) Ports and Protocols List prohibits the use of telnet (even SSL), and port 23 is being systematically closed at all our firewalls in order to comply with our security directives, so essentially we're left with VTAM for remote logon access. Start the telnet server listening on port 22 (the ssh port) and configure your (secure) telnet client to connect to it. Et voila! No more nasty, smelly port 23! Even though it's an SNA network, don't you still have the policy of encrypting passwords over a network? (Undoubtedly the rationale for burying evil telnet in favor of the angelic ssh.) Alan Altmark z/VM Development IBM Endicott
Re: VTAM on an IFL?
Cheating like that can get you visited by armed Marines, etc. I doubt that any traffic between two DOD bases is unencrypted and tapping the coax cables inside the bases will get you in even more trouble. /Thomas Kern /U.S. Department of Energy /301-903-2211 (O) /301-905-6427 (M) On Mon, 28 Apr 2008 13:35:31 -0400, Alan Altmark [EMAIL PROTECTED] wrote: Start the telnet server listening on port 22 (the ssh port) and configur e your (secure) telnet client to connect to it. Et voila! No more nasty, smelly port 23! Even though it's an SNA network, don't you still have the policy of encrypting passwords over a network? (Undoubtedly the rationale for burying evil telnet in favor of the angelic ssh.) Alan Altmark z/VM Development IBM Endicott
Re: VTAM on an IFL?
Alan, you are correct - passwords are encrypted, which is done using a custom https front end solution that connects to our DOD IP network at a couple network boundary locations. From there, the session is connected to our isolated SNA networks in the background. The Ports and Protocols List prohibits both the port (23) and the protocol (telnet), so hiding telnet on an alternate port is not an option. At least for those of us who possess and would like to keep security clearances.. :) If IBM is weighing the future of VM/VTAM support either on IFLs or standard CPs (and I get the feeling reading this list that they are), then they can consider VM/VTAM a critical requirement for us. Regards, Denny Burch z/VM and z/LINUX Systems DISA DECC Mechanicsburg 717 605-1181 (dsn) 430-1181 -Original Message- From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On Behalf Of Alan Altmark Sent: Monday, April 28, 2008 13:36 To: IBMVM@LISTSERV.UARK.EDU Subject: Re: VTAM on an IFL? On Monday, 04/28/2008 at 11:42 EDT, Burch, Aubrey Dennis CIV DISA GS4B [EMAIL PROTECTED] wrote: We are uncomfortably restricted in that the Department of Defense (DOD) Ports and Protocols List prohibits the use of telnet (even SSL), and port 23 is being systematically closed at all our firewalls in order to comply with our security directives, so essentially we're left with VTAM for remote logon access. Start the telnet server listening on port 22 (the ssh port) and configure your (secure) telnet client to connect to it. Et voila! No more nasty, smelly port 23! Even though it's an SNA network, don't you still have the policy of encrypting passwords over a network? (Undoubtedly the rationale for burying evil telnet in favor of the angelic ssh.) Alan Altmark z/VM Development IBM Endicott
Re: VTAM on an IFL?
Would having the SNA go to a Linux image, perhaps in an IFL LPAR in the same box an your VM system, running Comm Server solve the problem? Regards, Richard Schuh -Original Message- From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On Behalf Of Thomas Kern Sent: Monday, April 28, 2008 10:48 AM To: IBMVM@LISTSERV.UARK.EDU Subject: Re: VTAM on an IFL? Cheating like that can get you visited by armed Marines, etc. I doubt that any traffic between two DOD bases is unencrypted and tapping= the coax cables inside the bases will get you in even more trouble. /Thomas Kern /U.S. Department of Energy /301-903-2211 (O) /301-905-6427 (M) On Mon, 28 Apr 2008 13:35:31 -0400, Alan Altmark [EMAIL PROTECTED] wrote: Start the telnet server listening on port 22 (the ssh port) and configur= e your (secure) telnet client to connect to it. Et voila! No more nasty,= smelly port 23! Even though it's an SNA network, don't you still have the policy of encrypting passwords over a network? (Undoubtedly the rationale for burying evil telnet in favor of the angelic ssh.) Alan Altmark z/VM Development IBM Endicott
Re: VTAM on an IFL?
Interesting question. I was trying to explain VTAM to a relatively newbe a couple weeks ago. And I did come to the conclusion that since there are no new SNA hardware anymore, not only VTAM should be sunsetted, but we need to play to get rid of VTAM in the next few years. The problem still remains, that CICS takes to VTAM. CICS doesn't talk directly with IP terminals (like can be done with VM). So, until there is an IBM supplied solution, VTAM still needs to be supported and available in the VSE world. That is, until we are forced to send all of our screens thru a browser. Tom Duerbusch THD Consulting Law of Cat Acceleration A cat will accelerate at a constant rate, until he gets good and ready to stop. Burch, Aubrey Dennis CIV DISA GS4B [EMAIL PROTECTED] 4/28/2008 1:08 PM If IBM is weighing the future of VM/VTAM support either on IFLs or standard CPs (and I get the feeling reading this list that they are), then they can consider VM/VTAM a critical requirement for us. Regards, Denny Burch z/VM and z/LINUX Systems DISA DECC Mechanicsburg 717 605-1181 (dsn) 430-1181
Re: VTAM on an IFL?
Would that be at the same price and support level as VM/VTAM? /Thomas Kern /U.S. Department of Energy /301-903-2211 (O) /301-905-6427 (M) On Mon, 28 Apr 2008 11:16:52 -0700, Schuh, Richard [EMAIL PROTECTED] wrot e: Would having the SNA go to a Linux image, perhaps in an IFL LPAR in the same box an your VM system, running Comm Server solve the problem? Regards, Richard Schuh
Re: VTAM on an IFL?
On Monday, 04/28/2008 at 02:27 EDT, Schuh, Richard [EMAIL PROTECTED] wrote: Would having the SNA go to a Linux image, perhaps in an IFL LPAR in the same box an your VM system, running Comm Server solve the problem? You would have to write the moral equivalent of VSCS, doing LU 2 on one side and LDSF on the other. (VSCS uses *CCS, not LDSF, but let's not quibble over details.) If you're going to do it this way, just use ssh and x3270 to get into the Linux image and let it do TN3270 for you over to the VM telnet server. I think this is along the lines of the custom solution that Adam was discussing, offered by Sine Nomine, but I'm not sure. Alan Altmark z/VM Development IBM Endicott
Re: VTAM on an IFL?
How does zOS handle this situation? Does it need VTAM to communicate with other CICS's in the same zOS? -Original Message- From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On Behalf Of Tom Duerbusch Sent: Monday, April 28, 2008 2:35 PM To: IBMVM@LISTSERV.UARK.EDU Subject: Re: VTAM on an IFL? Interesting question. I was trying to explain VTAM to a relatively newbe a couple weeks ago. And I did come to the conclusion that since there are no new SNA hardware anymore, not only VTAM should be sunsetted, but we need to play to get rid of VTAM in the next few years. The problem still remains, that CICS takes to VTAM. CICS doesn't talk directly with IP terminals (like can be done with VM). So, until there is an IBM supplied solution, VTAM still needs to be supported and available in the VSE world. That is, until we are forced to send all of our screens thru a browser. Tom Duerbusch THD Consulting Law of Cat Acceleration A cat will accelerate at a constant rate, until he gets good and ready to stop. Burch, Aubrey Dennis CIV DISA GS4B [EMAIL PROTECTED] 4/28/2008 1:08 PM If IBM is weighing the future of VM/VTAM support either on IFLs or standard CPs (and I get the feeling reading this list that they are), then they can consider VM/VTAM a critical requirement for us. Regards, Denny Burch z/VM and z/LINUX Systems DISA DECC Mechanicsburg 717 605-1181 (dsn) 430-1181
Re: VTAM on an IFL?
You would have to write the moral equivalent of VSCS, doing LU 2 on one side and LDSF on the other. (VSCS uses *CCS, not LDSF, but let's not quibble over details.) Minus 3d10 sanity for *CCS exposure. (*CCS qualifies as squamous crawling horror) If you're going to do it this way, just use ssh and x3270 to get into the Linux image and let it do TN3270 for you over to the VM telnet server. I think this is along the lines of the custom solution that Adam was discussing, offered by Sine Nomine, but I'm not sure. We have several options for this. Contact me offlist for details. -- db
Re: VTAM on an IFL?
-Original Message- From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On Behalf Of Gentry, Stephen Sent: Monday, April 28, 2008 1:58 PM To: IBMVM@LISTSERV.UARK.EDU Subject: Re: VTAM on an IFL? How does zOS handle this situation? Does it need VTAM to communicate with other CICS's in the same zOS? If both CICS'es on in the same z/OS image, then you can use either VTAM's LU 6.2 protocol, or cross memory services. Cross Memory services does not require VTAM. It is basically a memory-to-memory move between the two CICS address spaces. LU 6.2 must be used if the CICS'es are on different z/OS images. I don't think that CICS can use TCPIP for function shipping like it does LU 6.2. -- John McKown Senior Systems Programmer HealthMarkets Keeping the Promise of Affordable Coverage Administrative Services Group Information Technology The information contained in this e-mail message may be privileged and/or confidential. It is for intended addressee(s) only. If you are not the intended recipient, you are hereby notified that any disclosure, reproduction, distribution or other use of this communication is strictly prohibited and could, in certain circumstances, be a criminal offense. If you have received this e-mail in error, please notify the sender by reply and delete this message without copying or disclosing it.
Re: VTAM on an IFL?
As far as I know, it is up to date now, which makes the support level much better. The price is something I do not know, but considering the cost I was given for the recently decommissioned VM/VTAM, I doubt that it is any worse. Regards, Richard Schuh -Original Message- From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On Behalf Of Thomas Kern Sent: Monday, April 28, 2008 11:41 AM To: IBMVM@LISTSERV.UARK.EDU Subject: Re: VTAM on an IFL? Would that be at the same price and support level as VM/VTAM? /Thomas Kern /U.S. Department of Energy /301-903-2211 (O) /301-905-6427 (M) On Mon, 28 Apr 2008 11:16:52 -0700, Schuh, Richard [EMAIL PROTECTED] wrot= e: Would having the SNA go to a Linux image, perhaps in an IFL LPAR in the same box an your VM system, running Comm Server solve the problem? Regards, Richard Schuh
Re: VTAM on an IFL?
A couple of years ago, when our communications folks were upgrading to Enterprise Extender (or some such), IBM was pushing this at them for VM like it was already a done deal. Talk SNA out one side of the mouth; TCP/IP out the other, kind of like a salesman does. You mean that IBM doesn't already have it up and working? Nothing was said, so far as I know, about any development efforts to get it to talk that way. Regards, Richard Schuh -Original Message- From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On Behalf Of Alan Altmark Sent: Monday, April 28, 2008 11:54 AM To: IBMVM@LISTSERV.UARK.EDU Subject: Re: VTAM on an IFL? On Monday, 04/28/2008 at 02:27 EDT, Schuh, Richard [EMAIL PROTECTED] wrote: Would having the SNA go to a Linux image, perhaps in an IFL LPAR in the same box an your VM system, running Comm Server solve the problem? You would have to write the moral equivalent of VSCS, doing LU 2 on one side and LDSF on the other. (VSCS uses *CCS, not LDSF, but let's not quibble over details.) If you're going to do it this way, just use ssh and x3270 to get into the Linux image and let it do TN3270 for you over to the VM telnet server. I think this is along the lines of the custom solution that Adam was discussing, offered by Sine Nomine, but I'm not sure. Alan Altmark z/VM Development IBM Endicott
Spool Disks
Assuming that there are no dumps is spool, is it possible to swap a 3390-03 disk for a 3390-09 having the same volser? It would be a case of formatting and allocating the new disk, change the 03 volser to something else, change the 09 volser to the one the one formerly on the 03, and finally, shutdown reipl. Regards, Richard Schuh
Re: VTAM on an IFL?
On Monday, 04/28/2008 at 04:00 EDT, Schuh, Richard [EMAIL PROTECTED] wrote: A couple of years ago, when our communications folks were upgrading to Enterprise Extender (or some such), IBM was pushing this at them for VM like it was already a done deal. Talk SNA out one side of the mouth; TCP/IP out the other, kind of like a salesman does. You mean that IBM doesn't already have it up and working? Nothing was said, so far as I know, about any development efforts to get it to talk that way. Communications Server for Linux has an SNA stack and an EE implementation to do SNA-over-IP. You would use it supply EE functionality to VM/VTAM and VSE/VTAM. It never was an inbound LU2-to-TN3270 converter, but it does have an inbound TN3270-to-LU2 converter, replacing those outboard appliances. Alan Altmark z/VM Development IBM Endicott
Re: SCP/SFTP functionality
On Thu, 24 Apr 2008 00:08:36 -0400, Alan Altmark [EMAIL PROTECTED] wrote: There is an inherent architectural problem with an ssh *server* on VM: T he IP connection does not terminate in your virtual machine. When you logi n to a system with ssh, you are expected to have logged into your own account (a la telnet), not have a proxy login (a la ftp). Your profile runs, your disks are set up. An scp command would have as its local context, all the files you have accessed (or have access to) in your virtual machine. If ssh were just an alternate way to transfer files, that wouldn't be a big deal since the ftp server has to deal with the same issues. But it isn't. It's a network connection has an endpoint in your virtual machin e that scp, sftp, other ssh services (e.g. interactive console/keyboard) c an use. In previous discussions here, there was a feeling that an ssh *client* i n CMS was more important than having the ability to ssh *into* the system. The client is technically doable, and I await the day that z/OS has one that is not dependent on openSSH. Alan Altmark z/VM Development IBM Endicott = Why is this an inherent architectural problem? Is the problem that VM doesn't allow multiple logons to the same virtual machine, while Unux doe s? I don't understand why the Unix/Linux world prefers SFTP to FTPS, but it does, and in this shop that preference is encoded into Information Security rules. The user who enquired is getting dinged because a piece o f software is running around looking for violations, and he is in violation , since he is using only FTP. FTPS is not an approved option, SFTP is. The user's only solution is to stop using z/VM. I'm not sure I want to do battle with Information Security. Should I? I cannot defend IBM's failure to support SFTP or SSH. I don't even understand it. Alan Ackerman Alan (dot) Ackerman (at) Bank of America (dot) com
Re: VTAM on an IFL?
I see. It was presented to me, second hand, as a replacement for VM/VTAM, not an addition to it. That may well have been a misunderstanding of what was presented. Regards, Richard Schuh -Original Message- From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On Behalf Of Alan Altmark Sent: Monday, April 28, 2008 1:54 PM To: IBMVM@LISTSERV.UARK.EDU Subject: Re: VTAM on an IFL? On Monday, 04/28/2008 at 04:00 EDT, Schuh, Richard [EMAIL PROTECTED] wrote: A couple of years ago, when our communications folks were upgrading to Enterprise Extender (or some such), IBM was pushing this at them for VM like it was already a done deal. Talk SNA out one side of the mouth; TCP/IP out the other, kind of like a salesman does. You mean that IBM doesn't already have it up and working? Nothing was said, so far as I know, about any development efforts to get it to talk that way. Communications Server for Linux has an SNA stack and an EE implementation to do SNA-over-IP. You would use it supply EE functionality to VM/VTAM and VSE/VTAM. It never was an inbound LU2-to-TN3270 converter, but it does have an inbound TN3270-to-LU2 converter, replacing those outboard appliances. Alan Altmark z/VM Development IBM Endicott
Re: VTAM on an IFL?
On Monday, 04/28/2008 at 05:38 EDT, Schuh, Richard [EMAIL PROTECTED] wrote: I see. It was presented to me, second hand, as a replacement for VM/VTAM, not an addition to it. That may well have been a misunderstanding of what was presented. Oh, my. I can see where such a statement might, perhaps, engender a wee bit of confusion in the listener. ;-) Alan Altmark z/VM Development IBM Endicott
Re: SCP/SFTP functionality
Alan Ackerman wrote: In previous discussions here, there was a feeling that an ssh *client* in CMS was more important than having the ability to ssh *into* the system. CMS is not a multiuser system. SSH into CMS directly does not make sense, because an SSH server is a multiuser-architected server that doesn't scale to CMS. IMHO the OpenSSH way to do what the user is trying to do is this: 1. Have a Linux/390 or OpenSolaris/390 instance running on the target VM instance. 2. Log into the the Linux/390 via SSH and short-hop from that session to CMS. Alternatively, a little more effort but much cuter: * serve up access to your CMS account via 3270Telnet server on a published port served up by the Linux/390 instance. * SSH from your remote client into the Linux/390 instance with a port redirect command on the options line. * BINGO! You've got a local port that directly connects to your CMS instance o I.e., tn3270 localhost /redir_port/ -- Jack J. Woehr# Hipsters believe that irony has http://www.well.com/~jax # more resonance than reason. http://www.softwoehr.com # - Robert Lanham
Re: Spool Disks
On: Mon, Apr 28, 2008 at 01:52:15PM -0700,Schuh, Richard Wrote: } Assuming that there are no dumps is spool, is it possible to swap a } 3390-03 disk for a 3390-09 having the same volser? It would be a case of } formatting and allocating the new disk, change the 03 volser to } something else, change the 09 volser to the one the one formerly on the } 03, and finally, shutdown reipl. Unless you plan to backup spool first, do a cold or clean start and restore spool SDFs you will lose any spool files that are all or partly on that volume. it MAY work to ddr cyls 1-3399 of the mod 3 to the mod 9. No warantees expressed or implied. -- Rich Greenberg N Ft Myers, FL, USA richgr atsign panix.com + 1 239 543 1353 Eastern time. N6LRT I speak for myself my dogs only.VM'er since CP-67 Canines:Val, Red, Shasta Casey (RIP), Red Zero, Siberians Owner:Chinook-L Retired at the beach Asst Owner:Sibernet-L
Re: VTAM on an IFL?
It is like editing the result of editing a highly compressed JPEG. The errors are compounded. :-) Regards, Richard Schuh -Original Message- From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On Behalf Of Alan Altmark Sent: Monday, April 28, 2008 2:48 PM To: IBMVM@LISTSERV.UARK.EDU Subject: Re: VTAM on an IFL? On Monday, 04/28/2008 at 05:38 EDT, Schuh, Richard [EMAIL PROTECTED] wrote: I see. It was presented to me, second hand, as a replacement for VM/VTAM, not an addition to it. That may well have been a misunderstanding of what was presented. Oh, my. I can see where such a statement might, perhaps, engender a wee bit of confusion in the listener. ;-) Alan Altmark z/VM Development IBM Endicott
Re: VTAM on an IFL?
In the VSE world I know for a fact that one of the TCP/IP stack vendors offers a way to access VTAM applications without VTAM. That stack feature just went GA before the WAVV conference this year. So, any VTAM application could be accessed directly without having VTAM present on the system. The applications think they're talking to VTAM, but they're really talking to the IP stack. McKown, John wrote: The same applies to z/OS, but even worse in that TSO is required to really do anything at least as far as system maintenance is required. I don't know about VSE, but in z/OS, even with TCP/IP, it is VTAM which is doing the actual I/O to the IP devices (well, at least with OSA devices). Who designed this? As an amusement, I've been trying to see how much work I can do using z/OS's UNIX shell instead of TSO. The answer is: Not really very much. As far as CICS is concerned, I can almost envision a TN3270 server built in to CICS. Or perhaps a BMS/IP where BMS supports IP terminals directly somehow. Of course, this will not be implemented by IBM without a business case. Is ICCF available via IP? Or is it even necessary? I'm not very VSE literate. -- John McKown Senior Systems Programmer HealthMarkets Keeping the Promise of Affordable Coverage Administrative Services Group Information Technology -- Rich Smrcina VM Assist, Inc. Phone: 414-491-6001 Ans Service: 360-715-2467 rich.smrcina at vmassist.com http://www.linkedin.com/in/richsmrcina Catch the WAVV! http://www.wavv.org WAVV 2009 - Orlando, FL - May 15-19, 2009
Re: SCP/SFTP functionality
On Monday, 04/28/2008 at 05:05 EDT, McKown, John [EMAIL PROTECTED] wrote: Why? What is wrong with OpenSSH? Trick question. :-) There is nothing wrong with OpenSSH. But remember that in a VM system, we're talking about virtual machines, not processes. There is no hierarchy of virtual machines. No parent-child or sibling connection, no fork()/exec(),no inheritance of files or file descriptors or sockets. The ssh daemon runs in a virtual machine that is NOT the end user's virtual machine. The daemon can listen for ssh connections, encrypt the session, and even challenge the user for a userid and password. ssh requires implementation of public/private key pairs, too. Troublesome, but not impossible to solve as long as I have a central place for all users' public/private keypairs. lightning flashes Done. I have an ssh interactive session. I have created an LDEV (logical 3270 device) and logged you onto it. I am now getting 3270 traffic from CP. Drats. This session is really intended for native ASCII. OK, forget the LDEV. I'll use (horror!) *CCS and create a linemode session instead, with all the EBCDIC traffic converted to ASCII and some sort of control characters (should I use VT220?) thrown in. Now you want to use x3270. Drats. I'm in line mode. Not to mention the block vs. character mode difference. The guest doesn't see a file descriptor to write stdout and stderr, and read from stdin. It sees a virtual 3215 or 3270. But, ok, let's wave our hands and move past it. another flash of lightning You have a terminal session. You enter scp. It wants to use the ssh tunnel. R'uh r'oh! What tunnel? The tunnel isn't in YOUR virtual machine. There is no socket available to you that represents the tunnel. Drats, drats, and double drats, said Dick Dasterdly to Penelope Pitstop. (I can hear his dog, Muttley, laughing.) The ssh clients are relatively easy since those connections DO originate in the user's virtual machine. You would have to tell the remote system that your console is dumb so that it will just run in easy-to-translate line mode. No VT. No character mode. All of this jabbering to illustrate three things: 1. That OpenSSH isn't the problem. Rather, the basic assumption of the ssh protocol, that the target user process has access to the ssh tunnel, doesn't mesh with how consoles are handled in VM. 2. I understand the seductive desire for ssh, reinforced by misguided or misinformed security experts. 3. We *have* given it some considerable thought. OK, four things: 4. All that thinking makes my head hurt. Alan Altmark z/VM Development IBM Endicott
Re: Spool Disks
I wasn't too cleat. It is a DUMP pack and I can guarantee that there are no files on it, even if I have to SET DUMP OFF and purge any closed dump files. I probably don't have to go to that extreme, though. We just took our first dump in over a year, a SNAPDUMP taken because of a LOGOFF/FORCE PENDING condition. We usually do not have any dumps in spool, except for TPF dumps, and they don't count - they are regular spool files and are not on the DUMP disks. Speaking of dumps, IBM's server at testcase.software.ibm.com can't seem to digest the SNAPDUMP. It is only about 400,000,000 bytes. The FTP aborts about halfway through saying that the foreign host terminated the connection. Do I need to open a PMR against the IBM server? If so, how do I do that? We do have a fairly large system, but it was nearly idle at the time of the dump, so I wouldn't imagine that the size was outlandish. On a slightly different, but related, front, when I called to report the problem (1-800-426-7378, option 2 followed by option 3) I was told to please wait for the next available person. The NAP turned out to be offshore and was wondering why I called him (this was before 4:00 PM EDT). He then transferred me to 1-800-426-7378 after telling me to select options 2 and 3. When I selected my options, I was again told to stay on the line after the call so that I might be included in a customer satisfaction survey. Needless to say, I stayed on and was not chosen for the survey. Do they have a number of orbits completed counter in the orbital referral system so that any who have made the round trip are immediately eliminated from consideration? :-) Regards, Richard Schuh -Original Message- From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On Behalf Of Rich Greenberg Sent: Monday, April 28, 2008 2:54 PM To: IBMVM@LISTSERV.UARK.EDU Subject: Re: Spool Disks On: Mon, Apr 28, 2008 at 01:52:15PM -0700,Schuh, Richard Wrote: } Assuming that there are no dumps is spool, is it possible to swap a } 3390-03 disk for a 3390-09 having the same volser? It would be a case of } formatting and allocating the new disk, change the 03 volser to } something else, change the 09 volser to the one the one formerly on the } 03, and finally, shutdown reipl. Unless you plan to backup spool first, do a cold or clean start and restore spool SDFs you will lose any spool files that are all or partly on that volume. it MAY work to ddr cyls 1-3399 of the mod 3 to the mod 9. No warantees expressed or implied. -- Rich Greenberg N Ft Myers, FL, USA richgr atsign panix.com + 1 239 543 1353 Eastern time. N6LRT I speak for myself my dogs only. VM'er since CP-67 Canines:Val, Red, Shasta Casey (RIP), Red Zero, Siberians Owner:Chinook-L Retired at the beach Asst Owner:Sibernet-L
Re: VTAM on an IFL?
While I didn't do it (big disclaimer up front!), I was around back in the late '70s when they rewrote the TSO terminal handler stuff. The old TCAM support was removed and the new code intertwined it with VTAM. While it was a separate component, it seemed to be all gray shadows and mirrors between the two to me. Lee McKown, John wrote: I don't know about VSE, but in z/OS, even with TCP/IP, it is VTAM which is doing the actual I/O to the IP devices (well, at least with OSA devices). Who designed this? -- Lee Stewart, Senior SE Sirius Computer Solutions Phone: (303) 798-2954 Fax: (720) 228-2321 Email: [EMAIL PROTECTED] Web: www.siriuscom.com
Re: SCP/SFTP functionality
Now for the really stupid question. Why is an SSH daemon absolutely fundamental and prerequisite to a CMS SCP command to move a PDF from my A-disk to one of my linux servers for serving via Apache? /Tom Kern Alan Altmark wrote: On Monday, 04/28/2008 at 05:05 EDT, McKown, John [EMAIL PROTECTED] wrote: Why? What is wrong with OpenSSH? Trick question. :-) There is nothing wrong with OpenSSH. But remember that in a VM system, we're talking about virtual machines, not processes. There is no hierarchy of virtual machines. No parent-child or sibling connection, no fork()/exec(),no inheritance of files or file descriptors or sockets. The ssh daemon runs in a virtual machine that is NOT the end user's virtual machine. The daemon can listen for ssh connections, encrypt the session, and even challenge the user for a userid and password. ssh requires implementation of public/private key pairs, too. Troublesome, but not impossible to solve as long as I have a central place for all users' public/private keypairs. lightning flashes Done. I have an ssh interactive session. I have created an LDEV (logical 3270 device) and logged you onto it. I am now getting 3270 traffic from CP. Drats. This session is really intended for native ASCII. OK, forget the LDEV. I'll use (horror!) *CCS and create a linemode session instead, with all the EBCDIC traffic converted to ASCII and some sort of control characters (should I use VT220?) thrown in. Now you want to use x3270. Drats. I'm in line mode. Not to mention the block vs. character mode difference. The guest doesn't see a file descriptor to write stdout and stderr, and read from stdin. It sees a virtual 3215 or 3270. But, ok, let's wave our hands and move past it. another flash of lightning You have a terminal session. You enter scp. It wants to use the ssh tunnel. R'uh r'oh! What tunnel? The tunnel isn't in YOUR virtual machine. There is no socket available to you that represents the tunnel. Drats, drats, and double drats, said Dick Dasterdly to Penelope Pitstop. (I can hear his dog, Muttley, laughing.) The ssh clients are relatively easy since those connections DO originate in the user's virtual machine. You would have to tell the remote system that your console is dumb so that it will just run in easy-to-translate line mode. No VT. No character mode. All of this jabbering to illustrate three things: 1. That OpenSSH isn't the problem. Rather, the basic assumption of the ssh protocol, that the target user process has access to the ssh tunnel, doesn't mesh with how consoles are handled in VM. 2. I understand the seductive desire for ssh, reinforced by misguided or misinformed security experts. 3. We *have* given it some considerable thought. OK, four things: 4. All that thinking makes my head hurt. Alan Altmark z/VM Development IBM Endicott
Re: Spool Disks
On: Mon, Apr 28, 2008 at 03:49:44PM -0700,Schuh, Richard Wrote: } I wasn't too cleat. It is a DUMP pack and I can guarantee that there are } no files on it, even if I have to SET DUMP OFF and purge any closed dump } files. I probably don't have to go to that extreme, though. We just took } our first dump in over a year, a SNAPDUMP taken because of a } LOGOFF/FORCE PENDING condition. We usually do not have any dumps in } spool, except for TPF dumps, and they don't count - they are regular } spool files and are not on the DUMP disks. OK, now that it is cleater (sic), your scheme should work. -- Rich Greenberg N Ft Myers, FL, USA richgr atsign panix.com + 1 239 543 1353 Eastern time. N6LRT I speak for myself my dogs only.VM'er since CP-67 Canines:Val, Red, Shasta Casey (RIP), Red Zero, Siberians Owner:Chinook-L Retired at the beach Asst Owner:Sibernet-L
Re: SCP/SFTP functionality
On Monday, 04/28/2008 at 07:53 EDT, Thomas Kern [EMAIL PROTECTED] wrote: Why is an SSH daemon absolutely fundamental and prerequisite to a CMS SCP command to move a PDF from my A-disk to one of my linux servers for serving via Apache? It's not. As I said, the ssh client side (used by scp) doesn't have any architectural impediments. An ssh daemon is needed only at the target end. Alan Altmark z/VM Development IBM Endicott
