VM & VSE & linux/390 Employment Web Page
Greetings; (Posted to VMESA-L and VSE-L and LINUX-390) - - - Now in its fourth year! - - - - - - Now includes VSE! - - - - - - - Now includes linux/390 - - - - I have set up a public service web page at http://www.eskimo.com/~wix/vm/ for posting positions available and wanted for VM, VSE and linux/390. Please visit the web page for more information and feel free to send me any info you would like to have posted. Please make VM or VSE or linux/390 the first word in the subject. Questions and comments welcome! (Text or html OK. No java, gifs, etc. NO RESUMES or CVS!) Please check the web pages for examples before sending your ad! Good luck, Dennis VM & VSE & linux/390 Positions Available last updated Nov 8. VM & VSE & linux/390 Positions Wanted last updated Dec 3.
Hans Dieter Mertiens/Germany/IBM is out of the office.
I will be out of the office starting December 20, 2001 and will not return until January 9, 2002. I will respond to your message when I return.
Re: CLAW as installation option for SUSE
> There are instructions on the UTS FTP site and a modified ramdisk image that > includes the CLAW boot code for the 2.2.16 release that you can use to > install from scratch with CLAW support. See ftp.uts.com. If you mean the UTS Global ftp site, and I'm sure you do, see :- ftp.utsglobal.com /pub/c7000 Paul.
Re: Turbo 2.4.5 Beta and the Console is nolonger 3215
Very muchly agreed. If both are genned, 3215 should be the default, unless a 3270 is requested (via a parm). Providing options (without having to regen the kernel) is the best way to go. Rich Smrcina Sytek Services, Inc. Milwaukee, WI [EMAIL PROTECTED] [EMAIL PROTECTED] Catch the WAVV! Stay for Requirements and the Free for All! Update your S/390 skills in 4 days for a very reasonable price. WAVV 2002 in Cincinnati (Fort Mitchell, KY). April 12-16, 2002 For details see http://www.wavv.org One nation, under God, indivisible, with liberty and justice for all. - Original Message - From: Post, Mark K <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, December 19, 2001 1:56 PM Subject: Re: Turbo 2.4.5 Beta and the Console is nolonger 3215 > If I remember the debates from earlier in the year, if both 3215 and 3270 > console support is defined then 3215 should be the default. Whether that is > how it is implemented in the code, I don't know. If it is not, and 3270 > console is the default when both are present, then the installation process > should show how to specify a 3215 console. Support for both should be > generated into the kernels, or the customer should have a choice of various > kernels to pick from to match their needs. They should not have to re-gen > the kernel just to get the right type of console. If you have to pick one > or the other (and you really should not), then go with the 3215. There's > going to be a lot more Linux/390 running under VM than otherwise. > > Mark Post > > -Original Message- > From: Hervey Allen [mailto:[EMAIL PROTECTED]] > Sent: Wednesday, December 19, 2001 1:56 PM > To: [EMAIL PROTECTED] > Subject: Re: Turbo 2.4.5 Beta and the Console is nolonger 3215 > > > Chris - The only thing I could think of is that having 3270 support might > help when using something like the 3270 support module UTS Global offer > (see their HOWTO at ftp://ftp.utsglobal.com/pub/tub3270/oldstuff/HOWTO). > I'm walking over to engineering right now to see what we'll do > with our 2.4 beta (and upcoming GA's) in terms of switching back to 3215 > support. > > Does anyone else on the list have comments about this? > > Thanks, > - Hervey Allen > > TurboLinux > Sales Engineer > [EMAIL PROTECTED] > T 650-228-5142 > > > >Date:Tue, 18 Dec 2001 22:33:55 -0500 > >From:Christopher Lowry <[EMAIL PROTECTED]> > >Subject: Re: Turbo 2.4.5 Beta and the Console is nolonger 3215 > > > >Mark > > > >Thanks for the help. I had to remove the 3270 support and add the 3215 > >support. The 2.4.5 kernel is working with the 3215 console. > >After a review of the 3270 documentation and doing some testing, I could > >see not see any advantage to the 3270. Is there a 3270 style edit program > >(like VM XEdit) that works with this driver ? > >Chris
Setting up VM Sysmon
Question for VM techs - SYSMON has been customized and started on our Z/VM 4.1 system which we are using to run our Linux Guests. When SYSWATCH is invoked we get an error message: DMSCYM2379S NO RESPONSE RECEIVED FROM THE SERVICE MACHINE SYSMON AT ZVMV4R10. The doc for this error says to verify RSCS is running. Do we need RSCS available even though we only have one VM system we want to monitor? Thanks - Dan Hines
SAMBA help
is there a way to authenticate SAMBA users against a NT PDC without creating an entry in /etc/passwd Ira Hochner Mainline Information Systems [EMAIL PROTECTED]
Re: LCS drivers for 2.4.9 ?
> Just so everyone is clear: We (IBM) do not like to resort to OCO could have fooled me. > but in this world it is the only way to protect the intellectual property > present in the drivers. Oh you mean your network card has something that all the hundreds of others don't have ? Your patent department knows how to deal with that for sure. Unless you want to keep secret a breach of someone else's patent; or maybe that it's just a stock $15 NIC you guys sell for $8k ? > If the drivers weren't OCO, anyone could step up to the challenge to > provide support. But, when all the shouting is over, IBM or its delegate > is the one who provides support for its OCO modules, not the Open Source > community at large. What's the point here? IBM can't support the driver if it's open source? Extra eyes usually make support simpler because bugs are found (and fixes provided!!) by others. > It is obvious that many on this list have differing views about what the > word "support" means. By that, I mean more than just doing some coding. I > mean that IBM will fix something that isn't working. That promise is not > trivial and actually costs IBM real dollars to provide. We have people > that design, code, test, and document our drivers. When there's a new > driver, there's more testing. That means tying up REAL resources (people > and machines). And adding free community resources to that is not something IBM is interested in? Your ad campains may have fooled me there > I *know* this is frustrating to many and I am sorry for that, but we would > rather focus our efforts on opening up the interface (a difficult task at > best, with lots of legal complications) and eliminate the need for OCO > drivers altogether. This is where the win/win is to be found. Somehow I doubt this extra layer will fix the poor performance the current drivers already have Given how some of the other s390 kernel code works, I wouldn't be surprised that once you guys open up the driver some of the linux networking experts fixes the performance issues in a matter of days. > In the meantime, solutions can be had simply by routing your "new Linux" IP > traffic through a "certified Linux" which owns the adapters. You mean using that IBM kernel which has *KNOWN* and *PUBLISHED* local and remote exploits? No thank you. If IBM actually puts such a kernel on customers machines then I see that as deliberatly selling a defective product; US tort laws have ways with dealing with that last I heard. This year IBM spent a lot of money on Linux, a lot of that in advertising on how great Linux is. IBM: this would be a call to put your actions where your mouth is. Greetings, Arjan van de Ven
Re: LCS drivers for 2.4.9 ?
Hmm. As John Campbell said back in July "Our Irony is special, you see. It goes to 11." It's almost laughable to see a Red Hat employee arguing in favor of patents, and contrast his comments to the ones Kerry Kim posted earlier. Maybe there's two Red Hats and they don't work for the same company? I like David Boyes' attitude better. "Whining doesn't fix the problem. Putting up resources does. Your call -- part of the problem, or part of the solution?" Personally, I would prefer to be part of the solution, Rob van der Heij's caution against being careful with what I wish for to the contrary. I just don't know how I can help. :( Mark Post -Original Message- From: Arjan van de Ven [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 20, 2001 3:00 AM To: [EMAIL PROTECTED] Subject: Re: LCS drivers for 2.4.9 ? > Just so everyone is clear: We (IBM) do not like to resort to OCO could have fooled me. > but in this world it is the only way to protect the intellectual property > present in the drivers. Oh you mean your network card has something that all the hundreds of others don't have ? Your patent department knows how to deal with that for sure. Unless you want to keep secret a breach of someone else's patent; or maybe that it's just a stock $15 NIC you guys sell for $8k ? > If the drivers weren't OCO, anyone could step up to the challenge to > provide support. But, when all the shouting is over, IBM or its delegate > is the one who provides support for its OCO modules, not the Open Source > community at large. What's the point here? IBM can't support the driver if it's open source? Extra eyes usually make support simpler because bugs are found (and fixes provided!!) by others. > It is obvious that many on this list have differing views about what the > word "support" means. By that, I mean more than just doing some coding. I > mean that IBM will fix something that isn't working. That promise is not > trivial and actually costs IBM real dollars to provide. We have people > that design, code, test, and document our drivers. When there's a new > driver, there's more testing. That means tying up REAL resources (people > and machines). And adding free community resources to that is not something IBM is interested in? Your ad campains may have fooled me there > I *know* this is frustrating to many and I am sorry for that, but we would > rather focus our efforts on opening up the interface (a difficult task at > best, with lots of legal complications) and eliminate the need for OCO > drivers altogether. This is where the win/win is to be found. Somehow I doubt this extra layer will fix the poor performance the current drivers already have Given how some of the other s390 kernel code works, I wouldn't be surprised that once you guys open up the driver some of the linux networking experts fixes the performance issues in a matter of days. > In the meantime, solutions can be had simply by routing your "new Linux" IP > traffic through a "certified Linux" which owns the adapters. You mean using that IBM kernel which has *KNOWN* and *PUBLISHED* local and remote exploits? No thank you. If IBM actually puts such a kernel on customers machines then I see that as deliberatly selling a defective product; US tort laws have ways with dealing with that last I heard. This year IBM spent a lot of money on Linux, a lot of that in advertising on how great Linux is. IBM: this would be a call to put your actions where your mouth is. Greetings, Arjan van de Ven
Re: OT: Calendar
On Thu, Dec 20, 2001 at 12:41:21AM -0500, [EMAIL PROTECTED] wrote: > In all seriousness, there are other Unix-based tools (like > the "calendar" program) which would be run daily and send > little e-mail notices, kind of like a "tickler" (in English, > I guess, though you could always use Fr... > > > > ...uh, well, I'm not sure if that particular tool-set has been > brought to Linux, but it seems likely. 'Remind' (http://www.roaringpenguin.com/remind.html) can do this as well. Cheers, Dave -- Dave O'Neill, Senior Linux Consultant Linuxcare, Inc. tel: (613) 562-9949 fax: (613) 562-9700 [EMAIL PROTECTED] http://www.linuxcare.com/
Re: SAMBA help
Ira, You should be able to do this by specifying security=domain. You'll have to create a machine account for your Samba system in the NT domain, and have the system join the domain before this will work. Mark Post -Original Message- From: Ira Hochner [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 20, 2001 8:49 AM To: [EMAIL PROTECTED] Subject: SAMBA help is there a way to authenticate SAMBA users against a NT PDC without creating an entry in /etc/passwd Ira Hochner Mainline Information Systems [EMAIL PROTECTED]
Re: Turbo 2.4.5 Beta and the Console is nolonger 3215
I've grep'ed the kernel source (2.4.7-ac3 which I happened to have sitting on my R/390) and found conmode= as a kernel parm (/usr/src/linux/arch/s390/kernel/setup.c). I assume that support is there in later kernels. I think the last time we discussed this on the list the thoughts were to have default as 3215 with 3270 included in the kernel. The P/390, R/390 users and others who didn't want 3215 for VM PROP support could include conmode=3270 as a kernel parm to silo/zilo/zipl. (I run my VM 2.3 guest with 3270 - so I don't have to change anything to run native.) Regards, Dougie Lawson -- ITS Technical Support Enterprise/ASSIST IMS, DB2 & Linux
Linux Security
In our efforts to move Linux along we are try to get internet access to our mainframe running Linux under VM. With that said I need to furnish my security department with documentation and articles that releate to Linux security. This is a new world for them and the better understanding they have of Linux security the faster they will move in getting our Linux out to the net. The VM RACF or ACF2 stuff I can handle I just need more security doc on Linux. Can anyone point me in the right direction?
Re: SAMBA help
> is there a way to authenticate SAMBA users against a NT PDC without > creating an entry in /etc/passwd The other day when I was reading the Samba docs they say you can. # Security mode. Most people will want user level security. See # security_level.txt for details. security = user and in /usr/share/doc/samba-2.2.1a/docs/textdocs/security_level.txt Note: Samba-2.0.0 now adds the "domain" security mode. Please refer to the smb.conf man page for usage information and to the document docs/textdocs/DOMAIN_MEMBER.txt for further background details. Of the above, "security = server" means that Samba reports to clients that it is running in "user mode" but actually passes off all authentication requests to another "user mode" server. This requires an additional parameter "password server =" that points to the real authentication server. That real authentication server can be another Samba server or can be a Windows NT server, the later natively capable of encrypted password support. So, read the docus;-) Try www.samba.org if you don't have them locally. -- Cheers John Summerfield Microsoft's most solid OS: http://www.geocities.com/rcwoolley/ Note: mail delivered to me is deemed to be intended for me, for my disposition.
Re: CLAW as installation option for SUSE
Arf. Right. I need more coffee. Thanks, Paul. --db > > There are instructions on the UTS FTP site and a modified > ramdisk image that > > includes the CLAW boot code for the 2.2.16 release that you > can use to > > install from scratch with CLAW support. See ftp.uts.com. > > If you mean the UTS Global ftp site, and I'm sure you do, see :- > > ftp.utsglobal.com /pub/c7000 > > > Paul. >
Re: Linux Security
Hummm, I remember some things and links here www.suse.de/~marc and you might try linuxsecurity.com Regards, Jon Jon R. Doyle Sendmail Inc. 6425 Christie Ave Emeryville, Ca. 94608 (o_ (o_ (o_ //\ (/)_ (\)_ V_/_ On Thu, 20 Dec 2001, Gerard Graham wrote: > In our efforts to move Linux along we are try to get internet access to our > mainframe running Linux under VM. With that said I need to furnish my security > department with documentation and articles that releate to Linux security. This > is a new world for them and the better understanding they have of Linux security > the faster they will move in getting our Linux out to the net. The VM RACF or > ACF2 stuff I can handle I just need more security doc on Linux. Can anyone point > me in the right direction? >
Re: Linux Security
Gerard, Just a quick look at the links on the linuxvm.org site turned up these. There are others that will be more valuable coming from other people (and then I get to add them to the list of links!): Site Security Handbook - http://www.faqs.org/rfcs/rfc2196.html Securing DNS (Linux version) - http://www.psionic.com/papers/dns/dns-linux Linux-Privs - POSIX capabilities (security) - http://www.uk.kernel.org/pub/linux/libs/security/linux-privs/ Linux Security "State of the Union" - http://oss.software.ibm.com/developer/opensource/linux/whitepapers/LTC-Secur ity-Whitepaper-external.pdf Mark Post -Original Message- From: Gerard Graham [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 20, 2001 10:00 AM To: [EMAIL PROTECTED] Subject: Linux Security In our efforts to move Linux along we are try to get internet access to our mainframe running Linux under VM. With that said I need to furnish my security department with documentation and articles that releate to Linux security. This is a new world for them and the better understanding they have of Linux security the faster they will move in getting our Linux out to the net. The VM RACF or ACF2 stuff I can handle I just need more security doc on Linux. Can anyone point me in the right direction?
ISP/ASP redbook is published!
Hi list, The redbook "Linux for S/390 and zSeries: ISP/ASP Solutions", SG24-6299 was published today. It is on the Web at: http://www.redbooks.ibm.com/abstracts/sg246299.html -Mike MacIsaac, IBM [EMAIL PROTECTED] (845) 433-7061
Re: Websphere on Linux and or Websphere on OS/390
My company is using both. I think we are looking at Linux as a solution for scaling our application over multiple servers. We use IBM's CICS TS 1.3, Java 1.2 and CORBA and are having a problem with transactions. The application just doesn't scale like VTAM (naturally) and the Java environment on IBM is still formative. We're hoping CICS TS 2 will help. Thanks, Steve Guthrie -Original Message- From: Linux on 390 Port [mailto:[EMAIL PROTECTED]]On Behalf Of Debbie Abel Sent: Wednesday, December 19, 2001 4:35 PM To: [EMAIL PROTECTED] Subject: Websphere on Linux and or Websphere on OS/390 Is anyone using Websphere both on Linux and OS/390 ? If so, I am interested in knowing what reasoning was used to decide whether an application should reside on Websphere on Linux or the one on OS/390. What things do we need to take into consideration ? Any help is appreciated. Thanks, Debbie
Re: More Coffee for David, Was CLAW as installation option for SU SE
Post, Mark K <[EMAIL PROTECTED]> writes: > I'd be willing to chip in and buy you one of those hats that > have beer can > holders and tubes on them. We could just retro-fit them to > hold coffee cups > instead! :) JOLT Cola (http://www.wetplanet.com/main.html) cans are ABI-compatible with beer cans, no retrofit required if all David needs is caffeine and sugar. Lattes and cappuccinos are a different story - foamed milk cools down in cans. :-) Ross
Re: Linux/390 "Using the Dump Tools" Manuals
Despina did announce the Dump Tools manuals, but it was buried amongst lots of other goodies. Michael Connolly formerly with Linux for S/390 & zSeries Documentation >Date:Fri, 12 Oct 2001 21:41:35 +0200 >From:Despina Papadopoulou <[EMAIL PROTECTED]> >Subject: Linux for S/390 and zSeries: Recommended patches and OCO modules > (31-bit and 64-bit) for linux-2.4.7 on developerWorks >. >In the documentation section you can also find the new 64-bit LINUX for >zSeries manuals >- "Device Drivers and Installation Commands" and >- "Using the Dump Tools". > -Original Message- >Date:Tue, 18 Dec 2001 13:48:21 -0500 >From:"Post, Mark K" <[EMAIL PROTECTED] >Subject: Linux/390 "Using the Dump Tools" Manuals > >Here's something I don't recall anyone else pointing out. There are now two >manuals on the IBM DeveloperWorks site for Linux/390 called "Using the Dump >Tools" for 31-bit and 64-bit Linux/390.
Re: SAMBA help
We do this all the time. You just need three lines in your /etc/smb.conf file: security = server password server =encrypt passwords = yes "Christmas is a funny season. What other time of the year do you sit in front of a dead tree and eat candy out of your socks?" Gordon Wolfe, Ph.D. (425)865-5940 VM Technical Services, The Boeing Company > -- > From: John Summerfield > Reply To: Linux on 390 Port > Sent: Thursday, December 20, 2001 7:08 AM > To: [EMAIL PROTECTED] > Subject: Re: SAMBA help > > > is there a way to authenticate SAMBA users against a NT PDC without > > creating an entry in /etc/passwd > > The other day when I was reading the Samba docs they say you can. > > > # Security mode. Most people will want user level security. See > # security_level.txt for details. >security = user > > and in /usr/share/doc/samba-2.2.1a/docs/textdocs/security_level.txt > Note: Samba-2.0.0 now adds the "domain" security mode. Please refer to > the smb.conf man page for usage information and to the document > docs/textdocs/DOMAIN_MEMBER.txt for further background details. > > Of the above, "security = server" means that Samba reports to clients > that > it is running in "user mode" but actually passes off all authentication > requests to another "user mode" server. This requires an additional > parameter "password server =" that points to the real authentication > server. > That real authentication server can be another Samba server or can be a > Windows NT server, the later natively capable of encrypted password > support. > > > So, read the docus;-) Try www.samba.org if you don't have them locally. > > > -- > Cheers > John Summerfield > > Microsoft's most solid OS: http://www.geocities.com/rcwoolley/ > > Note: mail delivered to me is deemed to be intended for me, for my > disposition. > >
More Coffee for David, Was CLAW as installation option for SUSE
I'd be willing to chip in and buy you one of those hats that have beer can holders and tubes on them. We could just retro-fit them to hold coffee cups instead! :) Mark Post -Original Message- From: David Boyes [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 20, 2001 10:13 AM To: [EMAIL PROTECTED] Subject: Re: CLAW as installation option for SUSE Arf. Right. I need more coffee. Thanks, Paul. --db
Re: Linux Security
Check here: http://www.linux.org/docs/ldp/howto/Security-HOWTO.html Jay Brenneman Gerard Graham <[EMAIL PROTECTED]To: [EMAIL PROTECTED] >cc: Sent by: Linux onSubject: Linux Security 390 Port <[EMAIL PROTECTED] IST.EDU> 12/20/01 09:59 AM Please respond to Linux on 390 Port In our efforts to move Linux along we are try to get internet access to our mainframe running Linux under VM. With that said I need to furnish my security department with documentation and articles that releate to Linux security. This is a new world for them and the better understanding they have of Linux security the faster they will move in getting our Linux out to the net. The VM RACF or ACF2 stuff I can handle I just need more security doc on Linux. Can anyone point me in the right direction?
Re: Linux Security
Something else came to mind, and that is non-online resources. O'Reilly has a book called "Practical UNIX & Internet Security, 2nd Edition," which is written by Gene Spafford and Simson Garfinkel. You may recognize Spafford's name as being well-known within the security community. I've not read the book, and so cannot recommend it personally, but you can see if it would be of interest by going to http://www.oreilly.com/catalog/puis/. They have the complete table of contents of the book, as well as a sample chapter, "Appendix A: UNIX Security Checklist." Mark Post -Original Message- From: Gerard Graham [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 20, 2001 10:00 AM To: [EMAIL PROTECTED] Subject: Linux Security In our efforts to move Linux along we are try to get internet access to our mainframe running Linux under VM. With that said I need to furnish my security department with documentation and articles that releate to Linux security. This is a new world for them and the better understanding they have of Linux security the faster they will move in getting our Linux out to the net. The VM RACF or ACF2 stuff I can handle I just need more security doc on Linux. Can anyone point me in the right direction?
Re: ISP/ASP redbook is published!
I've got my copy! Mark Post -Original Message- From: Michael MacIsaac [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 20, 2001 10:50 AM To: [EMAIL PROTECTED] Subject: ISP/ASP redbook is published! Hi list, The redbook "Linux for S/390 and zSeries: ISP/ASP Solutions", SG24-6299 was published today. It is on the Web at: http://www.redbooks.ibm.com/abstracts/sg246299.html -Mike MacIsaac, IBM [EMAIL PROTECTED] (845) 433-7061
Re: SAMBA help
> So, read the docus;-) Try www.samba.org if you don't have them locally. And don't forget, the book "Using Samba" was donated to the open source community by O'Reilly** See http://www.oreilly.com/catalog/samba/toc.html Also, with later Samba releases, the whole book is available through swat. Just this makes setting up swat worth the small effort. -Mike MacIsaac, IBM [EMAIL PROTECTED] (845) 433-7061 ** It's nice when an organization puts freely downloadable, decent books on the Web (Oh yes, the IBM ITSO will put out more than 200 free books this year - a small reminder for one of the many facets of IBM's support of the open source software community :))
Re: SAMBA help
Note that using security=server versus security=domain is a less scalable approach. Using security=server keeps a connection open to the PDC the whole time the user is accessing Samba resources. If enough people are doing this, you can exceed the number of connections that the PDC can accept. Using security=domain requires a little more work up front, but avoids the problem of exhausting connections to your PDC. Mark Post -Original Message- From: Wolfe, Gordon W [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 20, 2001 11:04 AM To: [EMAIL PROTECTED] Subject: Re: SAMBA help We do this all the time. You just need three lines in your /etc/smb.conf file: security = server password server = encrypt passwords = yes "Christmas is a funny season. What other time of the year do you sit in front of a dead tree and eat candy out of your socks?" Gordon Wolfe, Ph.D. (425)865-5940 VM Technical Services, The Boeing Company > -- > From: John Summerfield > Reply To: Linux on 390 Port > Sent: Thursday, December 20, 2001 7:08 AM > To: [EMAIL PROTECTED] > Subject: Re: SAMBA help > > > is there a way to authenticate SAMBA users against a NT PDC without > > creating an entry in /etc/passwd > > The other day when I was reading the Samba docs they say you can. > > > # Security mode. Most people will want user level security. See > # security_level.txt for details. >security = user > > and in /usr/share/doc/samba-2.2.1a/docs/textdocs/security_level.txt > Note: Samba-2.0.0 now adds the "domain" security mode. Please refer to > the smb.conf man page for usage information and to the document > docs/textdocs/DOMAIN_MEMBER.txt for further background details. > > Of the above, "security = server" means that Samba reports to clients > that > it is running in "user mode" but actually passes off all authentication > requests to another "user mode" server. This requires an additional > parameter "password server =" that points to the real authentication > server. > That real authentication server can be another Samba server or can be a > Windows NT server, the later natively capable of encrypted password > support. > > > So, read the docus;-) Try www.samba.org if you don't have them locally. > > > -- > Cheers > John Summerfield > > Microsoft's most solid OS: http://www.geocities.com/rcwoolley/ > > Note: mail delivered to me is deemed to be intended for me, for my > disposition. > >
Re: SAMBA help
OK, I'll bite SWAT?? -Original Message- From: Michael MacIsaac [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 20, 2001 11:51 AM To: [EMAIL PROTECTED] Subject: Re: SAMBA help > So, read the docus;-) Try www.samba.org if you don't have them locally. And don't forget, the book "Using Samba" was donated to the open source community by O'Reilly** See http://www.oreilly.com/catalog/samba/toc.html Also, with later Samba releases, the whole book is available through swat. Just this makes setting up swat worth the small effort. -Mike MacIsaac, IBM [EMAIL PROTECTED] (845) 433-7061 ** It's nice when an organization puts freely downloadable, decent books on the Web (Oh yes, the IBM ITSO will put out more than 200 free books this year - a small reminder for one of the many facets of IBM's support of the open source software community :))
Re: SAMBA help
Samba Web Administration Tool "allows a Samba administrator to configure the complex smb.conf file via a Web browser. In addition, a swat configuration page has help links to all the configurable options in the smb.conf file allowing an administrator to easily look up the effects of any change." Usually port 901 on the Linux host. . Craig Kittendorf Systems Programmer -Original Message- From: O'Neill, Mike [mailto:Mike.O'[EMAIL PROTECTED]] Sent: Thursday, December 20, 2001 12:21 PM To: [EMAIL PROTECTED] Subject:Re: SAMBA help OK, I'll bite SWAT?? -Original Message- From: Michael MacIsaac [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 20, 2001 11:51 AM To: [EMAIL PROTECTED] Subject: Re: SAMBA help > So, read the docus;-) Try www.samba.org if you don't have them locally. And don't forget, the book "Using Samba" was donated to the open source community by O'Reilly** See http://www.oreilly.com/catalog/samba/toc.html Also, with later Samba releases, the whole book is available through swat. Just this makes setting up swat worth the small effort. -Mike MacIsaac, IBM [EMAIL PROTECTED] (845) 433-7061 ** It's nice when an organization puts freely downloadable, decent books on the Web (Oh yes, the IBM ITSO will put out more than 200 free books this year - a small reminder for one of the many facets of IBM's support of the open source software community :))
Re: LCS drivers for 2.4.9 ?
Most Open Source/Free Software advocates don't see anything wrong with patents for HARDWARE. It's software patents and patents for "obvious" things that we don't like. -Original Message- From: Post, Mark K [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 20, 2001 8:15 AM To: [EMAIL PROTECTED] Subject: Re: LCS drivers for 2.4.9 ? Hmm. As John Campbell said back in July "Our Irony is special, you see. It goes to 11." It's almost laughable to see a Red Hat employee arguing in favor of patents, and contrast his comments to the ones Kerry Kim posted earlier. Maybe there's two Red Hats and they don't work for the same company? I like David Boyes' attitude better. "Whining doesn't fix the problem. Putting up resources does. Your call -- part of the problem, or part of the solution?" Personally, I would prefer to be part of the solution, Rob van der Heij's caution against being careful with what I wish for to the contrary. I just don't know how I can help. :( Mark Post -Original Message- From: Arjan van de Ven [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 20, 2001 3:00 AM To: [EMAIL PROTECTED] Subject: Re: LCS drivers for 2.4.9 ? > Just so everyone is clear: We (IBM) do not like to resort to OCO could have fooled me. > but in this world it is the only way to protect the intellectual property > present in the drivers. Oh you mean your network card has something that all the hundreds of others don't have ? Your patent department knows how to deal with that for sure. Unless you want to keep secret a breach of someone else's patent; or maybe that it's just a stock $15 NIC you guys sell for $8k ? > If the drivers weren't OCO, anyone could step up to the challenge to > provide support. But, when all the shouting is over, IBM or its delegate > is the one who provides support for its OCO modules, not the Open Source > community at large. What's the point here? IBM can't support the driver if it's open source? Extra eyes usually make support simpler because bugs are found (and fixes provided!!) by others. > It is obvious that many on this list have differing views about what the > word "support" means. By that, I mean more than just doing some coding. I > mean that IBM will fix something that isn't working. That promise is not > trivial and actually costs IBM real dollars to provide. We have people > that design, code, test, and document our drivers. When there's a new > driver, there's more testing. That means tying up REAL resources (people > and machines). And adding free community resources to that is not something IBM is interested in? Your ad campains may have fooled me there > I *know* this is frustrating to many and I am sorry for that, but we would > rather focus our efforts on opening up the interface (a difficult task at > best, with lots of legal complications) and eliminate the need for OCO > drivers altogether. This is where the win/win is to be found. Somehow I doubt this extra layer will fix the poor performance the current drivers already have Given how some of the other s390 kernel code works, I wouldn't be surprised that once you guys open up the driver some of the linux networking experts fixes the performance issues in a matter of days. > In the meantime, solutions can be had simply by routing your "new Linux" IP > traffic through a "certified Linux" which owns the adapters. You mean using that IBM kernel which has *KNOWN* and *PUBLISHED* local and remote exploits? No thank you. If IBM actually puts such a kernel on customers machines then I see that as deliberatly selling a defective product; US tort laws have ways with dealing with that last I heard. This year IBM spent a lot of money on Linux, a lot of that in advertising on how great Linux is. IBM: this would be a call to put your actions where your mouth is. Greetings, Arjan van de Ven
Re: Linux Security
I've heard many folks say two books no sysadmin should be without are the O'Reilly titles: "Essential System Administration" (which has a surprising amount of info re: security) and that mentioned below "Practical Unix and Internet Security" which is, imho, the definitive guide. I've got 'em both, and they have come in handy over the years... -Original Message- From: Post, Mark K [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 20, 2001 10:26 AM To: [EMAIL PROTECTED] Subject: Re: Linux Security Something else came to mind, and that is non-online resources. O'Reilly has a book called "Practical UNIX & Internet Security, 2nd Edition," which is written by Gene Spafford and Simson Garfinkel. You may recognize Spafford's name as being well-known within the security community. I've not read the book, and so cannot recommend it personally, but you can see if it would be of interest by going to http://www.oreilly.com/catalog/puis/. They have the complete table of contents of the book, as well as a sample chapter, "Appendix A: UNIX Security Checklist." Mark Post -Original Message- From: Gerard Graham [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 20, 2001 10:00 AM To: [EMAIL PROTECTED] Subject: Linux Security In our efforts to move Linux along we are try to get internet access to our mainframe running Linux under VM. With that said I need to furnish my security department with documentation and articles that releate to Linux security. This is a new world for them and the better understanding they have of Linux security the faster they will move in getting our Linux out to the net. The VM RACF or ACF2 stuff I can handle I just need more security doc on Linux. Can anyone point me in the right direction?
Re: Linux for S/390 - updates and experimental OCOs on DeveloperWorks
Uwe said: >On the "Recommended level 2.4.7" page at: >http://www10.software.ibm.com/developerworks/opensource/linux390/current2_4 .shtml >the 2001-12-12 sections describing the 31-/64-bit OCO-modules >have been updated to clarify on HiperSockets support being >currently available in LPAR, only, and noting the prereq on >future VM-service (PTFs) for HiperSockets support for >Linux systems running as VM-guests. I'm curious. What makes a virtual hipersocket under z/VM and a LPAR-based hipersocket different? Shouldn't the virtualization in z/VM erase that difference, or is this one of those "need to know" things that the driver uses to turn on some HW assist? -- db
Linux on the Mainframe BOF at LinuxWorld Expo, Jan 31, 2002, NYC
Hello list, Carlos Ordonez and I volunteered to host the following Birds of a feather (BOF) - well buried on the LinuxWorld Web site: Linux on the Mainframe Thursday, January 31, 2002 6:00PM - 7:30PM Location: ???, Jacob Javits Convention Center, New York, NY The mainframe (S/390 or IBM e-server zSeries) is getting more recognition as a viable Linux platform. Some would argue it is actually helping Linux become accepted in the enterprise. This BOF will bring together professionals using Linux on the mainframe, both under z/VM and in LPARs, or those who are simply interested. Audiences: All LinuxWorld Attendees BOF Leader(s): Carlos Ordonez, IBM Corporation Mike MacIsaac, Team Leader, IBM Corporation If you're attending the conference, please plan to come to this BOF. If you're not attending but have an interest, a general admission ticket is just $10 before Dec 27. If you want to also attend the talks, its more $$ but fairly reasonable. See http://www.linuxworldexpo.com There is no formal presentation as no equipment will be supplied. I was planning on digging up a questionnaire similar to the one that Neale Ferguson has distributed and summarized at other conferences. This will simply be an open session where people can meet each other and share their opinions. I was thinking of proposing the following topics: 1) The wisdom of IBM OCO network modules 2) The productivity of vi versus Emacs 3) Politics 4) Religion 5) Your current health status No - just kidding! :)) That might not lead to a productive session. More productive might be better focused topics such as: 1) How you plan to use Linux on zSeries in production 2) How you *are* using Linux on zSeries in production 3) Topics and areas that need to be addressed in 2002 4) Values you get from Linux on zSeries versus other platforms 5) Anything else except 1-5 from the first list Hope to see you there. Happy holidays everyone. -Mike MacIsaac, IBM [EMAIL PROTECTED] (845) 433-7061
GDB 5.1 build on SuSE Linux fails
The build fails with the following messages on SuSE Linux for S/390 thread-db.c: In function `thread_db_fetch_registers': thread-db.c:804: cannot convert to a pointer type thread-db.c: In function `thread_db_store_registers': thread-db.c:837: cannot convert to a pointer type make[1]: *** [thread-db.o] Error 1 has anybody else seen this? or built gdb successfully on Linux/S390? thanks, ND
Re: SAMBA help
Thanks for the explanation, I have used it, I am so stupid. -Original Message- From: Kittendorf, Craig [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 20, 2001 12:35 PM To: [EMAIL PROTECTED] Subject: Re: SAMBA help Samba Web Administration Tool "allows a Samba administrator to configure the complex smb.conf file via a Web browser. In addition, a swat configuration page has help links to all the configurable options in the smb.conf file allowing an administrator to easily look up the effects of any change." Usually port 901 on the Linux host. . Craig Kittendorf Systems Programmer -Original Message- From: O'Neill, Mike [mailto:Mike.O'[EMAIL PROTECTED]] Sent: Thursday, December 20, 2001 12:21 PM To: [EMAIL PROTECTED] Subject:Re: SAMBA help OK, I'll bite SWAT?? -Original Message- From: Michael MacIsaac [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 20, 2001 11:51 AM To: [EMAIL PROTECTED] Subject: Re: SAMBA help > So, read the docus;-) Try www.samba.org if you don't have them locally. And don't forget, the book "Using Samba" was donated to the open source community by O'Reilly** See http://www.oreilly.com/catalog/samba/toc.html Also, with later Samba releases, the whole book is available through swat. Just this makes setting up swat worth the small effort. -Mike MacIsaac, IBM [EMAIL PROTECTED] (845) 433-7061 ** It's nice when an organization puts freely downloadable, decent books on the Web (Oh yes, the IBM ITSO will put out more than 200 free books this year - a small reminder for one of the many facets of IBM's support of the open source software community :))
Linux/390 system tools
Hello all, I have been asked by managment to develop a list of system managment tools which will can be deplyed on a Linux/390. One area I have little or no experience is with application change management product. Does anyone have know of l/390 tools ? Regards Phil Tully
Re: Linux/390 system tools
Phil, Are you talking about an application to manage changes, or a source version management tool for applications, or...? CVS is a fairly standard source version management tool on Linux and Linux/390. Mark Post -Original Message- From: Phil Tully [mailto:[EMAIL PROTECTED]] Sent: Thursday, December 20, 2001 9:54 AM To: [EMAIL PROTECTED] Subject: Linux/390 system tools Hello all, I have been asked by managment to develop a list of system managment tools which will can be deplyed on a Linux/390. One area I have little or no experience is with application change management product. Does anyone have know of l/390 tools ? Regards Phil Tully
Re: GDB 5.1 build on SuSE Linux fails
Nish Deodhar <[EMAIL PROTECTED]> writes: > has anybody else seen this? or built gdb successfully on Linux/S390? Have you tried the current GDB sources? They're available via anonymous CVS; details on http://sources.redhat.com/gdb. I built Red Hat's internal GDB sources on an S/390 running Red Hat Linux last night. Red Hat's internal repository tracks the public repository very closely (we do merges every day or so).
Re: Linux for S/390 - updates and experimental OCOs on DeveloperWorks
On Thursday, 12/20/2001 at 01:56 EST, David Boyes <[EMAIL PROTECTED]> wrote: > >the 2001-12-12 sections describing the 31-/64-bit OCO-modules > >have been updated to clarify on HiperSockets support being > >currently available in LPAR, only, and noting the prereq on > >future VM-service (PTFs) for HiperSockets support for > >Linux systems running as VM-guests. > > I'm curious. What makes a virtual hipersocket under z/VM and a LPAR-based > hipersocket different? Shouldn't the virtualization in z/VM erase that > difference, or is this one of those "need to know" things that the driver > uses to turn on some HW assist? They aren't supposed to be different, except that virtual HiperSockets don't have the same limits (number of LANs, number of subchannels) as real HiperSockets. (Well, there is another important difference: virtual HiperSockets are implemented entirely in software - no exploitation of HiperSockets hardware.) Regards, Alan Senior Software Engineer z/VM, TCP/IP, VIF, and Linux for zSeries Development, Endicott, NY Phone 607.752.6027fax 607.752.1497 t/l 852
Re: SAMBA help
> Thanks for the explanation, I have used it, I am so stupid. Give the man a coffee. -- Cheers John Summerfield Microsoft's most solid OS: http://www.geocities.com/rcwoolley/ Note: mail delivered to me is deemed to be intended for me, for my disposition.
Re: Linux for S/390 - updates and experimental OCOs on
DeveloperWorks > I'm curious. What makes a virtual hipersocket under z/VM and a > LPAR-based hipersocket different? Shouldn't the virtualization in > z/VM erase that difference, or is this one of those "need to know" > things that the driver uses to turn on some HW assist? I dont' believe there is a difference. The HiperSockets support ships as an EC to the z900 microcode. z/VM 4.2 requires a PTF which will ship after the EC. Regards, Jim
Re: 3215 vs. 3270 default in kernel... - [Turbolinux Response]
Hello Mark, Hello All - I did some digging today and spoke with our engineering. Here is what the current state of CONSOLE support in the kernel under Turbolinux for zSeries and S/390 looks like: * GA Releases (6.0 and 6.5) have 3215 Support. No 3270 support enabled in kernel by default. * 2.4.5-3 beta has 3270 enabled, no 3215. I guess that's why it's called "beta" ;-) * 2.4.7 alpha release has both 3215 and 3270 enabled. As noted, you can recompile the kernel (2.4.5) and in the /usr/src/linux/configs file set "CONFIG_TN_3215=y" to get 3215 support. As we go forward I believe our inclination will be to leave both types supported. This is due to the following statement from the current Device Drivers and Installation Commands manual from IBM for the 2.4.7 kernel (http://www10.software.ibm.com/developerworks/opensource/linux390/docu/l390dd06.pdf - see page 27): == The drivers for the 3215, 3270 and hardware consoles can be compiled into the LINUX kernel. If more than one console is present the default console driver will be chosen at run time according to the environment: * In an LPAR or native environment, the hardware console will be made the default. * In VM/ESA either the 3215 or the 3270 console driver will be made the default, depending on the guest's console settings (the "CONMODE" field in the output of "#CP QUERY TERMINAL"). * On a P/390 the 3215 console will be made the default. == If anyone begs to differ on this setting please speak up. We'll (naturally) do QA testing before releasing anything final and console issues will be looked at. Sincerely, - Hervey Allen TurboLinux Sales Engineer [EMAIL PROTECTED] T 650-228-5142 >Date:Wed, 19 Dec 2001 14:56:18 -0500 >From:"Post, Mark K" <[EMAIL PROTECTED]> >Subject: Re: Turbo 2.4.5 Beta and the Console is nolonger 3215 > >If I remember the debates from earlier in the year, if both 3215 and 3270 >console support is defined then 3215 should be the default. Whether that is >how it is implemented in the code, I don't know. If it is not, and 3270 >console is the default when both are present, then the installation process >should show how to specify a 3215 console. Support for both should be >generated into the kernels, or the customer should have a choice of various >kernels to pick from to match their needs. They should not have to re-gen >the kernel just to get the right type of console. If you have to pick one >or the other (and you really should not), then go with the 3215. There's >going to be a lot more Linux/390 running under VM than otherwise. > >Mark Post > >>-Original Message- >>From: Hervey Allen [mailto:[EMAIL PROTECTED]] >>Sent: Wednesday, December 19, 2001 1:56 PM >>To: [EMAIL PROTECTED] >>Subject: Re: Turbo 2.4.5 Beta and the Console is nolonger 3215 >> >> >>Chris - The only thing I could think of is that having 3270 support might >>help when using something like the 3270 support module UTS Global offer >>(see their HOWTO at ftp://ftp.utsglobal.com/pub/tub3270/oldstuff/HOWTO). >> I'm walking over to engineering right now to see what we'll do >>with our 2.4 beta (and upcoming GA's) in terms of switching back to 3215 >>support. >> >> Does anyone else on the list have comments about this? >> >>Thanks, >> - Hervey Allen >> >>TurboLinux >>Sales Engineer >>[EMAIL PROTECTED] >>T 650-228-5142
Dasd error with Suse 7.0
We're running Suse linux 7.0 on a 7060-H70 lpar and every day at midnight, cron runs a command (installation default) and caused i/o error on our disk pack: "/USR/SBIN/CRON[1194]: (root) CMD ( rm -f /var/spool/cron/lastrun/cron.daily)" "/USR/SBIN/CRON[1197]: (root) CMD ( test -x /usr/lib/secchk/security-control.sh && /usr/lib/secchk/security-control.sh daily &)" "kernel: dasd(eckd):device 40F0 on irq 2876: I/O status report:" "kernel: dasd(eckd):in req: 07e78430 CS: 0x00 DS: 0x02" "kernel: dasd(eckd):Failing CCW: 07e784c8" "kernel: dasd(eckd):Sense: 0:0x00 1:0x00 2:0x06 3:0x00 4:0xf0 5:0x60 6:0x41 7:0x00" "kernel: dasd(eckd):Sense: 8:0x00 9:0x00 10:0x00 11:0x01 12:0x59 13:0x77 14:0x00 15:0x10" "kernel: dasd(eckd):Sense: 16:0x42 17:0x00 18:0x08 19:0x14 20:0x00 21:0x15 22:0x67 23:0x09" "kernel: dasd(eckd):Sense: 24:0x04 25:0x10 26:0x4e 27:0x00 28:0x00 29:0x00 30:0x00 31:0x00" "kernel: dasd(eckd):32 Byte: Format: 1 Exception class 6" "kernel: dasd: devno 0x40F0 on subchannel 2876 = /dev/dasdb (94:4) postprocessing successful error recovery action using 00072fb0" We use 2 3390-3 disks on a SVA 9393 and the packs were formatted with DASDFMT. The SVA itself does not report any error. Could someone help with the error? Thanks much. _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ Steve Bui , IRIS - IBM Systems Support Mgr. Phone(480) 965-3070 / fax(480) 965-6317
Re: 3215 vs. 3270 default in kernel... - [Turbolinux Response]
Works for me. Thanks Hervey. Rich Smrcina Sytek Services, Inc. Milwaukee, WI [EMAIL PROTECTED] [EMAIL PROTECTED] Catch the WAVV! WAVV 2002 in Fort Mitchell (Cincinnati), KY. April 12-16, 2002 For details see http://www.wavv.org - Original Message - From: "Hervey Allen" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, December 20, 2001 5:28 PM Subject: Re: 3215 vs. 3270 default in kernel... - [Turbolinux Response] > Hello Mark, > Hello All - > I did some digging today and spoke with our engineering. Here is > what the current state of CONSOLE support in the kernel under Turbolinux > for zSeries and S/390 looks like: > > * GA Releases (6.0 and 6.5) have 3215 Support. No 3270 support enabled in > kernel by default. > * 2.4.5-3 beta has 3270 enabled, no 3215. I guess that's why it's called > "beta" ;-) > * 2.4.7 alpha release has both 3215 and 3270 enabled. > > As noted, you can recompile the kernel (2.4.5) and in the > /usr/src/linux/configs file set "CONFIG_TN_3215=y" to get 3215 support. > > As we go forward I believe our inclination will be to leave both types > supported. This is due to the following statement from the current Device > Drivers and Installation Commands manual from IBM for the 2.4.7 kernel > (http://www10.software.ibm.com/developerworks/opensource/linux390/docu/l 390dd06.pdf > - see page 27): > > == > The drivers for the 3215, 3270 and hardware consoles can be compiled into the > LINUX kernel. If more than one console is present the default console > driver will be > chosen at run time according to the environment: > > * In an LPAR or native environment, the hardware console will be made the > default. > > * In VM/ESA either the 3215 or the 3270 console driver will be made the > default, depending on the guest's console settings (the "CONMODE" field in > the output of "#CP QUERY TERMINAL"). > > * On a P/390 the 3215 console will be made the default. > == > > If anyone begs to differ on this setting please speak up. We'll (naturally) > do QA testing before releasing anything final and console issues will be > looked at. > > Sincerely, > - Hervey Allen > > TurboLinux > Sales Engineer > [EMAIL PROTECTED] > T 650-228-5142
Re: Linux Security
On Thu, 20 Dec 2001, Gerard Graham wrote: > In our efforts to move Linux along we are try to get internet access to our > mainframe running Linux under VM. With that said I need to furnish my security > department with documentation and articles that releate to Linux security. This > is a new world for them and the better understanding they have of Linux security > the faster they will move in getting our Linux out to the net. The VM RACF or > ACF2 stuff I can handle I just need more security doc on Linux. Can anyone point > me in the right direction? I'm doing a lot of security work and part of my job was to come up with a comprehensive security standard and procedure for all our Linux servers which are connected to the Internet (we are constantly under a security audit by another company). Here are my recommendations: - "Securing Linux: Step-by-Step" from the SANS institute: http://www.sansstore.org/ Try to follow these steps as close as possible for getting "basic" security installed on your servers. - "Securing & Optimizing Linux: The Ultimate Solution" http://www.puschitz.com/Security.html This book is a must. It helps you to install _very_ secure Linux servers. Hope this helps Werner
Ismat Dhanjibhai/US/ITMASTERS is out of the office
I will be out of the office starting 12/20/2001 and will not return until 01/02/2002. I will respond to your message when I return.
Neil R Pennell/Austin/IBM is out of the office.
I will be out of the office starting December 21, 2001 and will not return until January 7, 2002. I will respond to your message when I return. If this is urgent please contact my admin Lynn Geise @ 512-436-1066
