VM & VSE & linux/390 Employment Web Page

[Dennis G. Wicks]

Greetings; (Posted to VMESA-L and VSE-L and LINUX-390)

- - Now in its fifth year! - - Now includes VSE and linux/390!

I have set up a public service web page at

http://www.eskimo.com/~wix/vm/

for posting positions available and wanted for VM, VSE and linux/390.

Please visit the web page for more information and feel free to
send me any info you would like to have posted.  Please make VM
or VSE or linux/390 the first word in the subject.
Questions and comments welcome!
(Text or html OK.  No java, gifs, etc. NO RESUMES or CVS!)

Please check the web pages for examples before sending your ad!

Good luck,
Dennis

VM & VSE & linux/390 Positions Available last updated Apr 7.
VM & VSE & linux/390 Positions Wanted last updated Apr 1.

Re: backup software

[Paul Winder]

There is another option. UTS Global have a backup product called BAR
which will do full filesystem, or individual directory/file backups
(including incremental and differential). It does support a particular
vendors octagonal, or does it have more sides?, tape silo. BAR does
require an additional Tape Management Subsystem which is available from
UTS Global, official announcement is pending

What's also neat is individual users can restore their own files or any
singular file without sys admin intervention. BAR knows which tape the
backup is on and will get it mounted at the tape silo and restore the
file from it.


Paul Winder
UTS Global, LLC

David Boyes wrote:

 >>what does anyone use for backup software for
 >>linux/390...
 >>do you use TSM under VM
 >>
 >
 > See the recent discussion from about two weeks ago in the archives.
TSM is
 > one option, CA has an option, there are open-source options such as
Amanda,
 > and there are multiple options for full-volume dumps depending on
what other
 > systems you have available (eg, OS/390, VM, etc).
 >
 >
 >>or a Microsoft product to backup Linux
 >>
 >
 > You *are* kidding, right?
 >
 >
 >

Re: Subject: Unable to Ping the Network

[Sergey Korzhevsky]

24.04.2002 20:03:39 "Davis, Jeff"  wrote:

>Your network mask is probably incorrect.  The linux system must be in a
>different subnet from the rest of the network.
>

Why?

WBR, Sergey

Re: Try This URL

[Jill Grine]

This is working today.  THanks, Mark.

-Original Message-
From: Post, Mark K [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 24, 2002 4:25 PM
To: [EMAIL PROTECTED]
Subject: Try This URL


Before we insult Giorgio too much more, the site is in
Italian.

The link that Jill should be clicking on, and is generating the 404 error
for her is this:
http://spazioweb.inwind.it/bunga/linux390/books/sg244987.pdf

If anyone else can put this URL into their browser, and get the problem,
please let me know off-list.  We've chewed up enough bandwidth on it for
today.

Mark Post

Hercules 2.16 announcement

[Jay Maynard]

[I rather belatedly realized that this might be of interest to the folks
here. If so, I'll post future release announcements to this list.]

Release 2.16 of Hercules is now available from the usual suspects.

What's new in release 2.16

Release date: 20 April 2002
PER support (Jan Jaeger, Paul Leisy)
S/370 multiprocessor support (Jan Jaeger)
Licensed software restriction (Jan Jaeger, Jay Maynard)
Performance mods (Gabor Hoffer, Juergen Dobrinski, Greg Smith, and
Paul Leisy)
Interrupt subclass priorities (Greg Smith)
dasdcat program (Malcolm Beattie, Roger Bowler)
Updated TCP/IP documentation (Roger Bowler)
CTCI support for Windows (David "Fish" Trout)
Print to unix pipe (Roger Bowler)
Preliminary Lan Channel Station (LCS) support
HTTP server (Jan Jaeger)
Various fixes (as recorded in CHANGES) (Paul Leisy, Matt
Zimmerman, Greg Smith, Volker Bandke, Bernard van
der Helm, David "Fish" Trout)

Note that the performance mods mentioned are some, but not all, of Gabor
Hoffer's work. Expect more in the next release, and soon in the CVS
repository if you're brave enough.

The LCS support is preliminary, and subject to change...but does work now.

As usual, there are more improvements than the major ones listed above. A
lot of work has gone into the system since 2.15 was released last Christmas,
and a lot of folks deserve credit. Complete documentation is in the CHANGES
file in the source release.

Re: Subject: Kernel panic: It's fixed, Linux is alive!

[Jill Grine]

Good morning all,

Well, surprised me, I have a system!  TCPIP isn't working correctly, but I
have a
system!  (Sorry, I'm excited... newbie's are like that.)  If you all will be
so kind as to indulge me one more time (with much chagrin) Got in a
hurry and issued a
PING 10.1.1.120 without specifying any other parms (just what the book says
not to do).
Is there any way to get out of the loop of messages about how the address is
unreachable?!
Yes, I need to slow down but after dinking around with this off and on for a
year, just
knowing I can actually issue a message and it works...  well, you guys know
how it is,
right?  :-)

Anyway, if someone knows how to get out of this, I will be off at a more
careful pace.

Thanks all,
Jill

-Original Message-
From: Davis, Jeff [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 24, 2002 2:28 PM
To: [EMAIL PROTECTED]
Subject: Re: Subject: Kernel panic: VFS: Unable to mount root fs on 01:
00


You might try 3215 instead of 3270.

-Original Message-
From: Jill Grine [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 24, 2002 12:20 PM
To: [EMAIL PROTECTED]
Subject: Re: Subject: Kernel panic: VFS: Unable to mount root fs on 01:
00


This is what I coded in DIRECT:

CONSOLE 009 3270 A

-Original Message-
From: Post, Mark K [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 24, 2002 1:52 PM
To: [EMAIL PROTECTED]
Subject: Re: Subject: Kernel panic: VFS: Unable to mount root fs on 01:
00


Jill,

Glad to hear you're making some progress.  What console type do you have
defined for the Linux/390 guest?

Mark Post

-Original Message-
From: Jill Grine [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 24, 2002 10:43 AM
To: [EMAIL PROTECTED]
Subject: Re: Subject: Kernel panic: VFS: Unable to mount root fs on 01:
00


Whoa!  I am finally getting somewhere.  I tried the tape IPL again, but left
one (two) thing(s) different.  The PARM card had "" at the end, and before I
had deleted it.  Maybe I needed to keep it?  Also using new files from IUCV
URL Mark Post recommended.  I got far enough to get the prompt for network
device, but the system won't accept console input.  I remember there was
discussion about this, so I will search the archives to see what I did wrong
with this.  At least there is hope!

Thanks all.

(Can't dowload directly to VM because it isn't defined to the network for
outside access.)


The information in this electronic mail message is sender's business
Confidential and may be legally privileged.  It is intended solely for the
addressee(s).  Access to this Internet electronic mail message by anyone
else is unauthorized.  If you are not the intended recipient, any
disclosure, copying, distribution or any action taken or omitted to be taken
in reliance on it is prohibited and may be unlawful.
The sender believes that this E-mail and any attachments were free of any
virus, worm, Trojan horse, and/or malicious code when sent. This message and
its attachments could have been infected during  transmission. By reading
the message and opening any attachments, the recipient accepts full
responsibility for taking protective and remedial action about viruses and
other defects. Galileo International is not liable for any loss or damage
arising in any way from this message or its attachments.

Re: Subject: Kernel panic: It's fixed, Linux is alive!

[Sergey Korzhevsky]

25.04.2002 14:54:55 Jill Grine  wrote:

>hurry and issued a
>PING 10.1.1.120 without specifying any other parms (just what the book
says
>not to do).
>Is there any way to get out of the loop of messages about how the address
is
>unreachable?!

I think, not. Boot your system again.
WBR, Sergey

Re: Printing under LINUX/390 to VM

[Sergey Korzhevsky]

Or, if you can get new session, logon and kill this process.


WBR, Sergey

Re: Subject: Kernel panic: It's fixed, Linux is ali ve!

[Ferguson, Neale]

Depending on your 3270 emulator you can set a key to the caret character.
This is recognized by the 3215 driver as a control character. Thus you can
then enter 'c' to CTRL-C the operation. PCOMM allows you to do this
on the fly without restarting the session.

> -Original Message-
>hurry and issued a
>PING 10.1.1.120 without specifying any other parms (just
what the book
says
>not to do).
>Is there any way to get out of the loop of messages about
how the address is unreachable?!

Re: How do we get iostat working in SLES7?

[John P Taylor]

Jon, thanks very much for this information, it's just what I was looking
for.

> Kernel updates from SuSE have the hooks for iostat to give info similar to
> Solaris or BSD. This was placed into 2.4.16 and beyond as I recall. This
> kernel patch was questionable in the past. The patch is also located on
> the web, there is a maintainer in France as I recall. Google it if you do
> not have the updated Kernel, but I would recommend that route as there are
> several things that went into 2.4.18
>
> You might send a note to bernd or Jens at SuSE to check on updates.
>
>


John P Taylor
[EMAIL PROTECTED]

Re: Subject: Kernel panic: It's fixed, Linux is ali ve!

[Jill Grine]

Thanks.  I'm just going to reboot but since I use PCOMM, I'll make the
change in case a mental lapse happens again.  Decided not to bring Linux
back up until I read most of the Redbook at the URL Mark Post provided.
Also, want to redo the TCPIP setup.  THink I indicated an incorrect IP
address.


-Original Message-
From: Ferguson, Neale [mailto:[EMAIL PROTECTED]]
Sent: Thursday, April 25, 2002 8:16 AM
To: [EMAIL PROTECTED]
Subject: Re: Subject: Kernel panic: It's fixed, Linux is ali ve!


Depending on your 3270 emulator you can set a key to the caret character.
This is recognized by the 3215 driver as a control character. Thus you can
then enter 'c' to CTRL-C the operation. PCOMM allows you to do this
on the fly without restarting the session.

> -Original Message-
>hurry and issued a
>PING 10.1.1.120 without specifying any other parms (just
what the book
says
>not to do).
>Is there any way to get out of the loop of messages about
how the address is unreachable?!

Re: Subject: Kernel panic: It's fixed, Linux is alive!

[Jill Grine]

Hi Mark,

Don't know what it is...most folks I know think I'm nuts, but I have
always loved computers.  While I may moan and groan when I can't figure
something out, the pure functionality alone would be enough to make me
love them.  If the rest of the world could only grasp how much time in
pure grunt work is saved by computers, maybe they would appreciate them
more.  Maybe part of the love comes from the certainty that there is an
answer if you just look long enough...it doesn't depend on luck or whim.
And after working in Systems and other departments for many years on
IBM systems, Linux is so foreign that it is a major new toy.  And I know
there are many others besides myself who are very glad you do "hang around".
Thanks again for your help.

Jill

-Original Message-
From: Post, Mark K [mailto:[EMAIL PROTECTED]]
Sent: Thursday, April 25, 2002 9:14 AM
To: [EMAIL PROTECTED]
Subject: Re: Subject: Kernel panic: It's fixed, Linux is alive!


Jill,

Neale's given you the only solution that I know about, so I'll address the
other aspects of your message, namely the excitement.  I absolutely know how
that is!  When I got my first Linux/390 system up, I was _very_ excited!
Then, when I got the network to actually communicate, I was very excited
again!  I've loved working with computers since I was in the 9th grade.
Learning something new and getting it to work has always been a great source
of pleasure for me.  (Helping other people to do the same thing is another
source.  That's one of the reasons I "hang out" here.)  So, don't apologize
for having fun and being excited about your work.  I tell anyone who will
listen that I've had more fun over the last two years working with Linux/390
than I've had for a long, long time.  I'm happy to see other people having
the same experience.

Mark Post

-Original Message-
From: Jill Grine [mailto:[EMAIL PROTECTED]]
Sent: Thursday, April 25, 2002 7:55 AM
To: [EMAIL PROTECTED]
Subject: Re: Subject: Kernel panic: It's fixed, Linux is alive!


Good morning all,

Well, surprised me, I have a system!  TCPIP isn't working correctly, but I
have a
system!  (Sorry, I'm excited... newbie's are like that.)  If you all will be
so kind as to indulge me one more time (with much chagrin) Got in a
hurry and issued a
PING 10.1.1.120 without specifying any other parms (just what the book says
not to do).
Is there any way to get out of the loop of messages about how the address is
unreachable?!
Yes, I need to slow down but after dinking around with this off and on for a
year, just
knowing I can actually issue a message and it works...  well, you guys know
how it is,
right?  :-)

Anyway, if someone knows how to get out of this, I will be off at a more
careful pace.

Thanks all,
Jill

-Original Message-
From: Davis, Jeff [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 24, 2002 2:28 PM
To: [EMAIL PROTECTED]
Subject: Re: Subject: Kernel panic: VFS: Unable to mount root fs on 01:
00


You might try 3215 instead of 3270.

-Original Message-
From: Jill Grine [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 24, 2002 12:20 PM
To: [EMAIL PROTECTED]
Subject: Re: Subject: Kernel panic: VFS: Unable to mount root fs on 01:
00


This is what I coded in DIRECT:

CONSOLE 009 3270 A

-Original Message-
From: Post, Mark K [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 24, 2002 1:52 PM
To: [EMAIL PROTECTED]
Subject: Re: Subject: Kernel panic: VFS: Unable to mount root fs on 01:
00


Jill,

Glad to hear you're making some progress.  What console type do you have
defined for the Linux/390 guest?

Mark Post

-Original Message-
From: Jill Grine [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 24, 2002 10:43 AM
To: [EMAIL PROTECTED]
Subject: Re: Subject: Kernel panic: VFS: Unable to mount root fs on 01:
00


Whoa!  I am finally getting somewhere.  I tried the tape IPL again, but left
one (two) thing(s) different.  The PARM card had "" at the end, and before I
had deleted it.  Maybe I needed to keep it?  Also using new files from IUCV
URL Mark Post recommended.  I got far enough to get the prompt for network
device, but the system won't accept console input.  I remember there was
discussion about this, so I will search the archives to see what I did wrong
with this.  At least there is hope!

Thanks all.

(Can't dowload directly to VM because it isn't defined to the network for
outside access.)


The information in this electronic mail message is sender's business
Confidential and may be legally privileged.  It is intended solely for the
addressee(s).  Access to this Internet electronic mail message by anyone
else is unauthorized.  If you are not the intended recipient, any
disclosure, copying, distribution or any action taken or omitted to be taken
in reliance on it is prohibited and may be unlawful.
The sender believes that this E-mail and any attachments were free of any
virus, worm, Trojan horse, and/or malicious code when sent. This message and
its atta

Re: Subject: Kernel panic: It's fixed, Linux is alive!

[Post, Mark K]

Jill,

Neale's given you the only solution that I know about, so I'll address the
other aspects of your message, namely the excitement.  I absolutely know how
that is!  When I got my first Linux/390 system up, I was _very_ excited!
Then, when I got the network to actually communicate, I was very excited
again!  I've loved working with computers since I was in the 9th grade.
Learning something new and getting it to work has always been a great source
of pleasure for me.  (Helping other people to do the same thing is another
source.  That's one of the reasons I "hang out" here.)  So, don't apologize
for having fun and being excited about your work.  I tell anyone who will
listen that I've had more fun over the last two years working with Linux/390
than I've had for a long, long time.  I'm happy to see other people having
the same experience.

Mark Post

-Original Message-
From: Jill Grine [mailto:[EMAIL PROTECTED]]
Sent: Thursday, April 25, 2002 7:55 AM
To: [EMAIL PROTECTED]
Subject: Re: Subject: Kernel panic: It's fixed, Linux is alive!


Good morning all,

Well, surprised me, I have a system!  TCPIP isn't working correctly, but I
have a
system!  (Sorry, I'm excited... newbie's are like that.)  If you all will be
so kind as to indulge me one more time (with much chagrin) Got in a
hurry and issued a
PING 10.1.1.120 without specifying any other parms (just what the book says
not to do).
Is there any way to get out of the loop of messages about how the address is
unreachable?!
Yes, I need to slow down but after dinking around with this off and on for a
year, just
knowing I can actually issue a message and it works...  well, you guys know
how it is,
right?  :-)

Anyway, if someone knows how to get out of this, I will be off at a more
careful pace.

Thanks all,
Jill

-Original Message-
From: Davis, Jeff [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 24, 2002 2:28 PM
To: [EMAIL PROTECTED]
Subject: Re: Subject: Kernel panic: VFS: Unable to mount root fs on 01:
00


You might try 3215 instead of 3270.

-Original Message-
From: Jill Grine [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 24, 2002 12:20 PM
To: [EMAIL PROTECTED]
Subject: Re: Subject: Kernel panic: VFS: Unable to mount root fs on 01:
00


This is what I coded in DIRECT:

CONSOLE 009 3270 A

-Original Message-
From: Post, Mark K [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 24, 2002 1:52 PM
To: [EMAIL PROTECTED]
Subject: Re: Subject: Kernel panic: VFS: Unable to mount root fs on 01:
00


Jill,

Glad to hear you're making some progress.  What console type do you have
defined for the Linux/390 guest?

Mark Post

-Original Message-
From: Jill Grine [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 24, 2002 10:43 AM
To: [EMAIL PROTECTED]
Subject: Re: Subject: Kernel panic: VFS: Unable to mount root fs on 01:
00


Whoa!  I am finally getting somewhere.  I tried the tape IPL again, but left
one (two) thing(s) different.  The PARM card had "" at the end, and before I
had deleted it.  Maybe I needed to keep it?  Also using new files from IUCV
URL Mark Post recommended.  I got far enough to get the prompt for network
device, but the system won't accept console input.  I remember there was
discussion about this, so I will search the archives to see what I did wrong
with this.  At least there is hope!

Thanks all.

(Can't dowload directly to VM because it isn't defined to the network for
outside access.)


The information in this electronic mail message is sender's business
Confidential and may be legally privileged.  It is intended solely for the
addressee(s).  Access to this Internet electronic mail message by anyone
else is unauthorized.  If you are not the intended recipient, any
disclosure, copying, distribution or any action taken or omitted to be taken
in reliance on it is prohibited and may be unlawful.
The sender believes that this E-mail and any attachments were free of any
virus, worm, Trojan horse, and/or malicious code when sent. This message and
its attachments could have been infected during  transmission. By reading
the message and opening any attachments, the recipient accepts full
responsibility for taking protective and remedial action about viruses and
other defects. Galileo International is not liable for any loss or damage
arising in any way from this message or its attachments.

Re: Subject: Kernel panic: It's fixed, Linux is ali ve!

[Robert Werner]

The UNIX-3270 emulator "x3270" sends a "CTRL-C" if you type the characters
"^" "c" and then .

Robert.


> Depending on your 3270 emulator you can set a key to the caret character.
> This is recognized by the 3215 driver as a control character. Thus you can
> then enter 'c' to CTRL-C the operation. PCOMM allows you to do this
> on the fly without restarting the session.
>
> > -Original Message-
> >hurry and issued a
> >PING 10.1.1.120 without specifying any other parms (just
> what the book
> says
> >not to do).
> >Is there any way to get out of the loop of messages about
> how the address is unreachable?!
>

Re: Subject: Kernel panic: It's fixed, Linux is alive!

[John Summerfield]

> Jill,
>
> Neale's given you the only solution that I know about, so I'll address the
> other aspects of your message, namely the excitement.  I absolutely know how
> that is!  When I got my first Linux/390 system up, I was _very_ excited!
> Then, when I got the network to actually communicate, I was very excited
> again!  I've loved working with computers since I was in the 9th grade.
> Learning something new and getting it to work has always been a great source
> of pleasure for me.

I'm not sure what your nineth grade corresponds to here, but I still remember May/June 
1969 when I got near enough to computers to write programs for the first time.

One of my first bugs crashed the computer, a CDC 3200 running SCOPE.

My first programming languages were Fortran and Compass. I have gone off Fortan since 
those days.

My Osborne 1 is probably more cabable than that computer was.


--
Cheers
John Summerfield

Microsoft's most solid OS: http://www.geocities.com/rcwoolley/

Note: mail delivered to me is deemed to be intended for me, for my disposition.

==
If you don't like being told you're wrong,
be right!

Re: Subject: Kernel panic: It's fixed, Linux is alive!

[Dennis G. Wicks]

Well, very close to my feelings also, with a couple of qualifications.

- When I was in the 9th Grade, computers were something that a few people
  had heard of, but not many of us thought we would ever see!

- I would have to say "... I've had more fun over the last two years
working
  with Linux/390 than I've had *on*a*computer* for a long, long time."
   ^^^



Jill,

Neale's given you the only solution that I know about, so I'll address the
other aspects of your message, namely the excitement.  I absolutely know
how
that is!  When I got my first Linux/390 system up, I was _very_ excited!
Then, when I got the network to actually communicate, I was very excited
again!  I've loved working with computers since I was in the 9th grade.
Learning something new and getting it to work has always been a great
source
of pleasure for me.  (Helping other people to do the same thing is another
source.  That's one of the reasons I "hang out" here.)  So, don't apologize
for having fun and being excited about your work.  I tell anyone who will
listen that I've had more fun over the last two years working with
Linux/390
than I've had for a long, long time.  I'm happy to see other people having
the same experience.

Mark Post

Hardening Red Hat 7.2 with Bastille - can't open Questions.txt

[Michael MacIsaac]

Hi list,

I wanted to harden a lean Red Hat install with Bastille.  Because there is
no X installed, I use curses and seem to get Bastille installed but then
get the error:

  Can't open ./Questions.txt TUI data file... at ./InteractiveBastille line
403.

even though the file Questions.txt is right in the same directory.  Has
anyone seen this?  For reference, here is what I did (thanks for help from
Carlos Ordonez):

Went to Bastille at:
http://sourceforge.net/project/showfiles.php?group_id=403&release_id=78589
Did a search on "Curses" at
http://search.cpan.org/
to get the following files:

# cd /opt
# ls -l
-rw-r--r--1 root root   244474 Apr 24 10:44
Bastille-1.3.0.tar.bz2
-rw-r--r--1 root root25338 Apr 24 10:44
Bastille-Curses-module-1.3.0-0.5mdk.noarch.rpm
-rw-r--r--1 root root75923 Apr 24 10:44 Curses-1.06.tar.gz
# tar -xzf Curses-1.06.tar.gz
# cd Curses-1.06
# perl Makefile.PL
# make
...
# make install
...
# cd ..
# tar -xjf Bastille-1.3.0.tar.bz2
# cd Bastille
# mkdir /usr/lib/perl5/site_perl/5.6.0/s390-linux/Bastille
# cp *.pm /usr/lib/perl5/site_perl/5.6.0/s390-linux
# cd Bastille
# cp *.pm /usr/lib/perl5/site_perl/5.6.0/s390-linux
# cd ..
# mkdir /usr/lib/perl5/site_perl/5.6.0/s390-linux/Curses
# cp Curses/Widgets.pm  /usr/lib/perl5/site_perl/5.6.0/s390-linux/Curses
# mkdir /usr/share/Bastille
# ./InteractiveBastille -c
Using Curses user interface module.
Only displaying questions relevant to the current configuration.
Can't open ./Questions.txt TUI data file... at ./InteractiveBastille line
403.

  -Mike MacIsaac,  IBM   [EMAIL PROTECTED]   (845) 433-7061

P.S. Puzzle to think about:

 ...  .  .
 ......  ...   .
 ...   ...   ...   ..   ..   ..  ..   ..
 ...   ... ..   ...  ...
 ...   ... ..   ..   ..  ...
 ...   ...   ...   ..   ..   ... ..   ..
 ...   ...   ... ...   .
 ...   ...   ... .   

Re: LinuxWorld Article series

[Werner Puschitz]

Is the author right on this:

http://www.linuxworld.com/site-stories/2002/0416.mainframelinux-p7.html
"Linux memory management assumes control of a machine and so grabs up
free memory for use in I/O buffering. Having multiple Linux instances do
this to independently buffer I/O to the same files resident on a shared
mini-disk not only wastes memory, but dramatically increases the paging
effort."

Or has this already been addressed for Linux on zSeries?

Thanks
Werner

Re: Subject: Kernel panic: It's fixed, Linux is alive!

[Jay G Phelps]

Watching the console scroll by on your very first boot of your very first
390/Llinux system is a very good feeling ..  Wish I could bottle it ;-)

Jay




Jill Grine
  Subject: Re: Subject: Kernel panic:   
It's fixed, Linux is
Sent by: alive!
Linux on 390
Port
mailto:[EMAIL PROTECTED]]
Sent: Thursday, April 25, 2002 9:14 AM
To: [EMAIL PROTECTED]
Subject: Re: Subject: Kernel panic: It's fixed, Linux is alive!


Jill,

Neale's given you the only solution that I know about, so I'll address the
other aspects of your message, namely the excitement.  I absolutely know
how
that is!  When I got my first Linux/390 system up, I was _very_ excited!
Then, when I got the network to actually communicate, I was very excited
again!  I've loved working with computers since I was in the 9th grade.
Learning something new and getting it to work has always been a great
source
of pleasure for me.  (Helping other people to do the same thing is another
source.  That's one of the reasons I "hang out" here.)  So, don't apologize
for having fun and being excited about your work.  I tell anyone who will
listen that I've had more fun over the last two years working with
Linux/390
than I've had for a long, long time.  I'm happy to see other people having
the same experience.

Mark Post

-Original Message-
From: Jill Grine [mailto:[EMAIL PROTECTED]]
Sent: Thursday, April 25, 2002 7:55 AM
To: [EMAIL PROTECTED]
Subject: Re: Subject: Kernel panic: It's fixed, Linux is alive!


Good morning all,

Well, surprised me, I have a system!  TCPIP isn't working correctly, but I
have a
system!  (Sorry, I'm excited... newbie's are like that.)  If you all will
be
so kind as to indulge me one more time (with much chagrin) Got in a
hurry and issued a
PING 10.1.1.120 without specifying any other parms (just what the book says
not to do).
Is there any way to get out of the loop of messages about how the address
is
unreachable?!
Yes, I need to slow down but after dinking around with this off and on for
a
year, just
knowing I can actually issue a message and it works...  well, you guys know
how it is,
right?  :-)

Anyway, if someone knows how to get out of this, I will be off at a more
careful pace.

Thanks all,
Jill

-Original Message-
From: Davis, Jeff [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 24, 2002 2:28 PM
To: [EMAIL PROTECTED]
Subject: Re: Subject: Kernel panic: VFS: Unable to mount root fs on 01:
00


You might try 3215 instead of 3270.

-Original Message-
From: Jill Grine [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 24, 2002 12:20 PM
To: [EMAIL PROTECTED]
Subject: Re: Subject: Kernel panic: VFS: Unable to mount root fs on 01:
00


This is what I coded in DIRECT:

CONSOLE 009 3270 A

-Original Message-
From: Post, Mark K [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 24, 2002 1:52 PM
To: [EMAIL PROTECTED]
Subject: Re: Subject: Kernel panic: VFS: Unable to mount root fs on 01:
00


Jill,

Glad to hear you're making some progress.  What console type do you have
defined for the Linux/390 guest?

Mark Post

-Original Message-
From: Jill Grine [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 24, 2002 10:43 AM
To: [EMAIL PROTECTED]
Subject: Re: Subject: Kernel panic: VFS: Unable to mount root fs on 01:
00


Whoa!  I am finally getting somewhere.  I tried the tape IPL again, but
left
one (two) thing(s) different.  The PARM card had "" at the end, and before
I
had deleted it.  Maybe I needed to keep it?  Also using new files from IUCV
URL Mark Post recommended.  I got far enough to get the prompt for network
device, but the system won't accept console input.  I remember there was
discussion about this, so I will search the archives to see what I did
wrong
with this.  At least there is hope!

Thanks all.

(Can't dowload directly to VM because it isn't defined to the network for
outside access.)


The information in this electronic mail message is sender's business
Confidential and may be legally privileged.  It is intended solely for the
addressee(s).  Access to this Internet electronic mail message by anyone
else is unauthorized.  If you are not the intended recipient, any
disclosure, copying, distribution or any action taken or omitted to be
taken
in reliance on it is prohibited and may be unlawful.
The sender believes that this E-mail and any attachments were free of any
virus, worm, Trojan horse, and/or malicious code when sent. This message
and
its attachments could have been infected during  transmission. By reading
the message and opening any attachments, the recipient accepts full
responsibility for taking protective and remedial action about viruses and
other defects. Galileo International is not liable for any loss or damage
arising in any way from this message or its attachments.

Re: LinuxWorld Article series

[Barton Robinson]

The author is correct. This has NOT been addressed for Linux
on zSeries.

>From: Werner Puschitz <[EMAIL PROTECTED]>
>
>Is the author right on this:
>
>http://www.linuxworld.com/site-stories/2002/0416.mainframelinux-p7.html
>"Linux memory management assumes control of a machine and so grabs up
>free memory for use in I/O buffering. Having multiple Linux instances do
>this to independently buffer I/O to the same files resident on a shared
>mini-disk not only wastes memory, but dramatically increases the paging
>effort."
>
>Or has this already been addressed for Linux on zSeries?
>
>Thanks
>Werner







"If you can't measure it, I'm Just NOT interested!"(tm)

//
Barton Robinson - CBW Internet: [EMAIL PROTECTED]
Velocity Software, IncMailing Address:
 196-D Castro Street   P.O. Box 390640
 Mountain View, CA 94041   Mountain View, CA 94039-0640

VM Performance Hotline:   650-964-8867
Fax: 650-964-9012 Web Page:  WWW.VELOCITY-SOFTWARE.COM
//

Re: Subject: Kernel panic: It's fixed, Linux is ali ve!

[Ferguson, Neale]

They do: It's called Beer!!

> -Original Message-
> Watching the console scroll by on your very first boot of
> your very first
> 390/Llinux system is a very good feeling ..  Wish I could
> bottle it ;-)

Re: Hardening Red Hat 7.2 with Bastille - can't open Questions.txt

[John Summerfield]

> Hi list,
>
> I wanted to harden a lean Red Hat install with Bastille.  Because there is
> no X installed, I use curses and seem to get Bastille installed but then
> get the error:
>
>   Can't open ./Questions.txt TUI data file... at ./InteractiveBastille line
> 403.


Why wouldn't you use  http://prdownloads.sourceforge.net/bastille-linux/Bastille-
1.3.0-1.0.src.rpm to build from?

Using tarballs and such as you have is something one does as a last resort.

I downloaded it just for the hell of it and it builds just fine on my desktop
(in under ten seconds too!).

I've not actually tried installing or running it yet - it's time I was in my cot.



> even though the file Questions.txt is right in the same directory.  Has
> anyone seen this?  For reference, here is what I did (thanks for help from
> Carlos Ordonez):
>
> Went to Bastille at:
> http://sourceforge.net/project/showfiles.php?group_id=403&release_id=78589
> Did a search on "Curses" at
> http://search.cpan.org/
> to get the following files:
>
> # cd /opt
> # ls -l
> -rw-r--r--1 root root   244474 Apr 24 10:44
> Bastille-1.3.0.tar.bz2
> -rw-r--r--1 root root25338 Apr 24 10:44
> Bastille-Curses-module-1.3.0-0.5mdk.noarch.rpm
> -rw-r--r--1 root root75923 Apr 24 10:44 Curses-1.06.tar.gz
> # tar -xzf Curses-1.06.tar.gz
> # cd Curses-1.06
> # perl Makefile.PL
> # make
> ...
> # make install
> ...
> # cd ..
> # tar -xjf Bastille-1.3.0.tar.bz2
> # cd Bastille
> # mkdir /usr/lib/perl5/site_perl/5.6.0/s390-linux/Bastille
> # cp *.pm /usr/lib/perl5/site_perl/5.6.0/s390-linux
> # cd Bastille
> # cp *.pm /usr/lib/perl5/site_perl/5.6.0/s390-linux
> # cd ..
> # mkdir /usr/lib/perl5/site_perl/5.6.0/s390-linux/Curses
> # cp Curses/Widgets.pm  /usr/lib/perl5/site_perl/5.6.0/s390-linux/Curses
> # mkdir /usr/share/Bastille
> # ./InteractiveBastille -c
> Using Curses user interface module.
> Only displaying questions relevant to the current configuration.
> Can't open ./Questions.txt TUI data file... at ./InteractiveBastille line
> 403.
>
>   -Mike MacIsaac,  IBM   [EMAIL PROTECTED]   (845) 433-7061
>
> P.S. Puzzle to think about:
>
>  ...  .  .
>  ......  ...   .
>  ...   ...   ...   ..   ..   ..  ..   ..
>  ...   ... ..   ...  ...
>  ...   ... ..   ..   ..  ...
>  ...   ...   ...   ..   ..   ... ..   ..
>  ...   ...   ... ...   .
>  ...   ...   ... .   
>

--
Cheers
John Summerfield

Microsoft's most solid OS: http://www.geocities.com/rcwoolley/

Note: mail delivered to me is deemed to be intended for me, for my disposition.

==
If you don't like being told you're wrong,
be right!

Re: RFD: comp.os.linux.s390

[Rick Troth]

Please do NOT peer the newsgroup (if any)
with this mailing list.

Re: LinuxWorld Article series

[James Melin]

This assumes that every Linux image is going to be using the same disk,
does it not?



|-+-->
| |   Barton Robinson|
| |   <[EMAIL PROTECTED]|
| |   FTWARE.COM>|
| |   Sent by: Linux on 390  |
| |   Port   |
| |   <[EMAIL PROTECTED]|
| |   U> |
| |  |
| |  |
| |   04/25/2002 09:48 AM|
| |   Please respond to Linux|
| |   on 390 Port|
| |  |
|-+-->
  
>--|
  |
  |
  |   To:   [EMAIL PROTECTED]
  |
  |   cc:  
  |
  |   Subject:  Re: LinuxWorld Article series  
  |
  
>--|




The author is correct. This has NOT been addressed for Linux
on zSeries.

>From: Werner Puschitz <[EMAIL PROTECTED]>
>
>Is the author right on this:
>
>http://www.linuxworld.com/site-stories/2002/0416.mainframelinux-p7.html
>"Linux memory management assumes control of a machine and so grabs up
>free memory for use in I/O buffering. Having multiple Linux instances do
>this to independently buffer I/O to the same files resident on a shared
>mini-disk not only wastes memory, but dramatically increases the paging
>effort."
>
>Or has this already been addressed for Linux on zSeries?
>
>Thanks
>Werner







"If you can't measure it, I'm Just NOT interested!"(tm)

//
Barton Robinson - CBW Internet: [EMAIL PROTECTED]
Velocity Software, IncMailing Address:
 196-D Castro Street   P.O. Box 390640
 Mountain View, CA 94041   Mountain View, CA 94039-0640

VM Performance Hotline:   650-964-8867
Fax: 650-964-9012 Web Page:  WWW.VELOCITY-SOFTWARE.COM
//

Re: RFD: comp.os.linux.s390

[Rick Troth]

I agree with Jay's analysis/description, but ...

Rich asked:
> Pardon my ignorance in this matter, but what's the point?  We already have
a
> great group here and I would personally prefer a single point of
discussion.
> Do newsgroups work any way like mailing lists such that messages are mass
> emailed to members?

And Jay replied:
> No. Newsgroups are pull media, to use a neologism, rather than push media:
> you read the articles you're interested in, instead of having all fo them
> sent to you and ignoring those you don't want to read.

> I think they're better for high-activity groups than email,   ...

The problem is that they turn us all into spam fodder.
Sad what happens to good tools in the hands of unethical people,
but such is the state of NetNews.

If anyone has any doubts about how bad the spam problem has become,
I would forward examples to them,  but would probably get fired
for doing so,  given the content.

PLEASE DO NOT PEER THE MAILING LIST WITH A NEWSGROUP.

Linux Memory Management [was Re: LinuxWorld Article series]

[Werner Puschitz]

Does anyone know if there are any plans to address it in the near
future? Isn't this a big drawback for Linux on zSeries?


On Thu, 25 Apr 2002, Barton Robinson wrote:

> The author is correct. This has NOT been addressed for Linux
> on zSeries.
>
> >From: Werner Puschitz <[EMAIL PROTECTED]>
> >
> >Is the author right on this:
> >
> >http://www.linuxworld.com/site-stories/2002/0416.mainframelinux-p7.html
> >"Linux memory management assumes control of a machine and so grabs up
> >free memory for use in I/O buffering. Having multiple Linux instances do
> >this to independently buffer I/O to the same files resident on a shared
> >mini-disk not only wastes memory, but dramatically increases the paging
> >effort."
> >
> >Or has this already been addressed for Linux on zSeries?
> >
> >Thanks
> >Werner
>
>
>
>
>
>
>
> "If you can't measure it, I'm Just NOT interested!"(tm)
>
> //
> Barton Robinson - CBW Internet: [EMAIL PROTECTED]
> Velocity Software, IncMailing Address:
>  196-D Castro Street   P.O. Box 390640
>  Mountain View, CA 94041   Mountain View, CA 94039-0640
>
> VM Performance Hotline:   650-964-8867
> Fax: 650-964-9012 Web Page:  WWW.VELOCITY-SOFTWARE.COM
> //
>

Re: Hardening Red Hat 7.2 with Bastille - can't open Questions.txt

[Carlos Ordonez]

I have Bastille working in RedHat 7.2 using Curses. You probably miss
running the Install.sh from Bastille to put everything in the right places.
Contact me if you want. Carlos :-)



Carlos A. Ordonez
IBM Corporation
Server Consolidation



|-+--->
| |   Michael |
| |   MacIsaac/Poughkeepsi|
| |   e/IBM@IBMUS |
| |   Sent by: Linux on   |
| |   390 Port|
| |   <[EMAIL PROTECTED]|
| |   .EDU>   |
| |   |
| |   |
| |   04/25/2002 10:16 AM |
| |   Please respond to   |
| |   Linux on 390 Port   |
| |   |
|-+--->
  
>---|
  |
   |
  |To:  [EMAIL PROTECTED]
   |
  |cc: 
   |
  | From:  
   |
  |   Subject:  Hardening Red Hat 7.2 with Bastille - can't open 
Questions.txt|
  |
   |
  
>---|




Hi list,

I wanted to harden a lean Red Hat install with Bastille.  Because there is
no X installed, I use curses and seem to get Bastille installed but then
get the error:

  Can't open ./Questions.txt TUI data file... at ./InteractiveBastille line
403.

even though the file Questions.txt is right in the same directory.  Has
anyone seen this?  For reference, here is what I did (thanks for help from
Carlos Ordonez):

Went to Bastille at:
http://sourceforge.net/project/showfiles.php?group_id=403&release_id=78589
Did a search on "Curses" at
http://search.cpan.org/
to get the following files:

# cd /opt
# ls -l
-rw-r--r--1 root root   244474 Apr 24 10:44
Bastille-1.3.0.tar.bz2
-rw-r--r--1 root root25338 Apr 24 10:44
Bastille-Curses-module-1.3.0-0.5mdk.noarch.rpm
-rw-r--r--1 root root75923 Apr 24 10:44 Curses-1.06.tar.gz
# tar -xzf Curses-1.06.tar.gz
# cd Curses-1.06
# perl Makefile.PL
# make
...
# make install
...
# cd ..
# tar -xjf Bastille-1.3.0.tar.bz2
# cd Bastille
# mkdir /usr/lib/perl5/site_perl/5.6.0/s390-linux/Bastille
# cp *.pm /usr/lib/perl5/site_perl/5.6.0/s390-linux
# cd Bastille
# cp *.pm /usr/lib/perl5/site_perl/5.6.0/s390-linux
# cd ..
# mkdir /usr/lib/perl5/site_perl/5.6.0/s390-linux/Curses
# cp Curses/Widgets.pm  /usr/lib/perl5/site_perl/5.6.0/s390-linux/Curses
# mkdir /usr/share/Bastille
# ./InteractiveBastille -c
Using Curses user interface module.
Only displaying questions relevant to the current configuration.
Can't open ./Questions.txt TUI data file... at ./InteractiveBastille line
403.

  -Mike MacIsaac,  IBM   [EMAIL PROTECTED]   (845) 433-7061

P.S. Puzzle to think about:

 ...  .  .
 ......  ...   .
 ...   ...   ...   ..   ..   ..  ..   ..
 ...   ... ..   ...  ...
 ...   ... ..   ..   ..  ...
 ...   ...   ...   ..   ..   ... ..   ..
 ...   ...   ... ...   .
 ...   ...   ... .   

Re: Hardening Red Hat 7.2 with Bastille - can't open Questions.tx t

[Post, Mark K]

Do you, as root, have read access to that file?

Mark Post

-Original Message-
From: Michael MacIsaac [mailto:[EMAIL PROTECTED]]
Sent: Thursday, April 25, 2002 10:17 AM
To: [EMAIL PROTECTED]
Subject: Hardening Red Hat 7.2 with Bastille - can't open Questions.txt


Hi list,

I wanted to harden a lean Red Hat install with Bastille.  Because there is
no X installed, I use curses and seem to get Bastille installed but then
get the error:

  Can't open ./Questions.txt TUI data file... at ./InteractiveBastille line
403.

even though the file Questions.txt is right in the same directory.  Has
anyone seen this?  For reference, here is what I did (thanks for help from
Carlos Ordonez):

Went to Bastille at:
http://sourceforge.net/project/showfiles.php?group_id=403&release_id=78589
Did a search on "Curses" at
http://search.cpan.org/
to get the following files:

# cd /opt
# ls -l
-rw-r--r--1 root root   244474 Apr 24 10:44
Bastille-1.3.0.tar.bz2
-rw-r--r--1 root root25338 Apr 24 10:44
Bastille-Curses-module-1.3.0-0.5mdk.noarch.rpm
-rw-r--r--1 root root75923 Apr 24 10:44 Curses-1.06.tar.gz
# tar -xzf Curses-1.06.tar.gz
# cd Curses-1.06
# perl Makefile.PL
# make
...
# make install
...
# cd ..
# tar -xjf Bastille-1.3.0.tar.bz2
# cd Bastille
# mkdir /usr/lib/perl5/site_perl/5.6.0/s390-linux/Bastille
# cp *.pm /usr/lib/perl5/site_perl/5.6.0/s390-linux
# cd Bastille
# cp *.pm /usr/lib/perl5/site_perl/5.6.0/s390-linux
# cd ..
# mkdir /usr/lib/perl5/site_perl/5.6.0/s390-linux/Curses
# cp Curses/Widgets.pm  /usr/lib/perl5/site_perl/5.6.0/s390-linux/Curses
# mkdir /usr/share/Bastille
# ./InteractiveBastille -c
Using Curses user interface module.
Only displaying questions relevant to the current configuration.
Can't open ./Questions.txt TUI data file... at ./InteractiveBastille line
403.

  -Mike MacIsaac,  IBM   [EMAIL PROTECTED]   (845) 433-7061

P.S. Puzzle to think about:

 ...  .  .
 ......  ...   .
 ...   ...   ...   ..   ..   ..  ..   ..
 ...   ... ..   ...  ...
 ...   ... ..   ..   ..  ...
 ...   ...   ...   ..   ..   ... ..   ..
 ...   ...   ... ...   .
 ...   ...   ... .   

Re: LinuxWorld Article series

[Post, Mark K]

Yes, and it also assumes that the system administrator hasn't taken steps to
minimize this.  Such as, reducing the amount of virtual storage allocated to
the instance, and adding a v-disk as a paging device.  Putting "pressure" on
the storage use algorithms will reduce the amount used for buffering and
cache, so only frequently used things will remain in storage.

Mark Post

-Original Message-
From: James Melin [mailto:[EMAIL PROTECTED]]
Sent: Thursday, April 25, 2002 11:10 AM
To: [EMAIL PROTECTED]
Subject: Re: LinuxWorld Article series


This assumes that every Linux image is going to be using the same disk,
does it not?



|-+-->
| |   Barton Robinson|
| |   <[EMAIL PROTECTED]|
| |   FTWARE.COM>|
| |   Sent by: Linux on 390  |
| |   Port   |
| |   <[EMAIL PROTECTED]|
| |   U> |
| |  |
| |  |
| |   04/25/2002 09:48 AM|
| |   Please respond to Linux|
| |   on 390 Port|
| |  |
|-+-->

>---
---|
  |
|
  |   To:   [EMAIL PROTECTED]
|
  |   cc:
|
  |   Subject:  Re: LinuxWorld Article series
|

>---
---|




The author is correct. This has NOT been addressed for Linux
on zSeries.

>From: Werner Puschitz <[EMAIL PROTECTED]>
>
>Is the author right on this:
>
>http://www.linuxworld.com/site-stories/2002/0416.mainframelinux-p7.html
>"Linux memory management assumes control of a machine and so grabs up
>free memory for use in I/O buffering. Having multiple Linux instances do
>this to independently buffer I/O to the same files resident on a shared
>mini-disk not only wastes memory, but dramatically increases the paging
>effort."
>
>Or has this already been addressed for Linux on zSeries?
>
>Thanks
>Werner







"If you can't measure it, I'm Just NOT interested!"(tm)

//
Barton Robinson - CBW Internet: [EMAIL PROTECTED]
Velocity Software, IncMailing Address:
 196-D Castro Street   P.O. Box 390640
 Mountain View, CA 94041   Mountain View, CA 94039-0640

VM Performance Hotline:   650-964-8867
Fax: 650-964-9012 Web Page:  WWW.VELOCITY-SOFTWARE.COM
//

Re: RFD: comp.os.linux.s390

[Adam Thornton]

On Thu, Apr 25, 2002 at 10:23:06AM -0500, Rick Troth wrote:
> The problem is that they turn us all into spam fodder.
> Sad what happens to good tools in the hands of unethical people,
> but such is the state of NetNews.

Of course, this could be avoided by running a newsgroup on a private
server which required authentication.

But at that point, you've reinvented the mailing list.

I certainly understand why Harry chooses to run LISTSERV, but frankly,
I've become very impressed with Mailman; having articles saved by thread
and a nice web interface has proven very helpful to me.  I think that a
Mailman-based mailing list is about the best of all possible worlds in
that it becomes easy to treat it as something like a newsgroup *or* as a
mailing list.  That is, if you set it to "no mail" and check the
archives frequently, you end up with something that looks kind of like a
Usenet article tree.  On the other hand, you can just use it as a
mailing list and that works fine.  User admin is easy too.

Adam

Question: z/VM 4 base without assembler??

[Lionel Dyck]

I was just told by a friend that when I order z/VM 4 that I must also
order assembler as it is not included in the base which means that one can
not install maintenance that requires assembly.

Is this true?

thx

Lionel B. Dyck, Systems Software Lead
Kaiser Permanente Information Technology
25 N. Via Monte Ave
Walnut Creek, Ca 94598

Phone:   (925) 926-5332 (tie line 8/473-5332)
E-Mail:[EMAIL PROTECTED]
Sametime: (use Lotus Notes address)
AIM:lbdyck

Re: LinuxWorld Article series

[Ingo Adlung]

This is something we're looking at. There's some risk getting into
such a situation if ...

a) you significantly overcommited your memory, and
b) you have oversized Linux images (more than the application
   working set requires), and
c) the images are "rather busy"

Then from a VM perspective it is hard to determine a page that can
be selected for paging in case of memory pressure, if everything
appears to be ongoingly in use ...

If the sum of the images requires that much storage for its working
set (other than I/O buffering), and are busily active, then there is
little we can do, though. Then you must not excessively overcommit
your memory.

There is some thought, oversizing Linux memory to be prepared for
arbitrary peak workloads, thinking VM could page more efficiently.
You may choose to have Linux use its memory more restrictive, and
let Linux page in case of memory pressure instead. Depends on the
workload ...

Best regards,
Ingo

--
Ingo Adlung,
Linux for zSeries - Strategy & Design

The box said, 'Requires Windows95 or better', ...so I installed LINUX.


Barton Robinson <[EMAIL PROTECTED]>@VM.MARIST.EDU> on
25.04.2002 16:48:30

Please respond to Linux on 390 Port <[EMAIL PROTECTED]>

Sent by:Linux on 390 Port <[EMAIL PROTECTED]>


To:[EMAIL PROTECTED]
cc:
Subject:Re: [LINUX-390] LinuxWorld Article series



The author is correct. This has NOT been addressed for Linux
on zSeries.

>From: Werner Puschitz <[EMAIL PROTECTED]>
>
>Is the author right on this:
>
>http://www.linuxworld.com/site-stories/2002/0416.mainframelinux-p7.html
>"Linux memory management assumes control of a machine and so grabs up
>free memory for use in I/O buffering. Having multiple Linux instances do
>this to independently buffer I/O to the same files resident on a shared
>mini-disk not only wastes memory, but dramatically increases the paging
>effort."
>
>Or has this already been addressed for Linux on zSeries?
>
>Thanks
>Werner







"If you can't measure it, I'm Just NOT interested!"(tm)

//
Barton Robinson - CBW Internet: [EMAIL PROTECTED]
Velocity Software, IncMailing Address:
 196-D Castro Street   P.O. Box 390640
 Mountain View, CA 94041   Mountain View, CA 94039-0640

VM Performance Hotline:   650-964-8867
Fax: 650-964-9012 Web Page:  WWW.VELOCITY-SOFTWARE.COM
//

Re: Question: z/VM 4 base without assembler??

[Michael Short/Towers Perrin]

It is not included. You must have or order release 4  as a minimum to get
all the functionality that you need.

Re: Hardening Red Hat 7.2 with Bastille - can't open Questions.tx t

[Michael MacIsaac]

Thanks for the replies.

> Do you, as root, have read access to that file?
Yes, but I like the source RPM approach the best.

  -Mike MacIsaac,  IBM   [EMAIL PROTECTED]   (845) 433-7061

Re: LinuxWorld Article series - bufferring etc...

[John Campbell]

>>

"Post, Mark K" <[EMAIL PROTECTED]>@VM.MARIST.EDU> on 04/25/2002 11:37:05 AM

Please respond to Linux on 390 Port <[EMAIL PROTECTED]>

Sent by:Linux on 390 Port <[EMAIL PROTECTED]>


To:[EMAIL PROTECTED]
cc:
Subject:Re: LinuxWorld Article series



Yes, and it also assumes that the system administrator hasn't taken steps
to
minimize this.  Such as, reducing the amount of virtual storage allocated
to
the instance, and adding a v-disk as a paging device.  Putting "pressure"
on
the storage use algorithms will reduce the amount used for buffering and
cache, so only frequently used things will remain in storage.

Mark Post

-Original Message-
From: James Melin [mailto:[EMAIL PROTECTED]]
Sent: Thursday, April 25, 2002 11:10 AM
To: [EMAIL PROTECTED]
Subject: Re: LinuxWorld Article series


This assumes that every Linux image is going to be using the same disk,
does it not?


  I've thought that it should work the OTHER way once a mechanism to
  throttle buffer allocation has been cooked up;  You'd best depend
  upon VM to handle paging your system (to avoid double-paging) and
  remove the paging space ("swap" partition) from Linux entirely.

  So you could have a very large "virtual" instance but it wouldn't
  have any "local" paging space, depending instead upon VM to manage
  the paging of the instance.  Coupled with a buffer-leashing (we can
  hope it's tunable via a /proc entry or some such) this'd make each
  instance more likely to "play well with others".

  As for replicated buffers in the cache, yes, I've seen the cookbooks
  recommend building a single instance and then providing r/o access
  to other instances for the /usr filesystem, so this would be a
  concern.  While reducing the replication of files is a laudable goal
  we're still stuck w/ replicated buffers.  The only real advantage
  is with executables, since page misses in the code segments will
  just pull it in from the file itself (computational pages) and data
  (stack, bss) segments will be "unique" to each instance's processes
  anyway.

  Replicated buffers for persistent storage (i.e. data files) is less
  of a problem since data will vary from instance to instance.

  So it looks like a problem where you're replicating the contents of
  "shared" mdisk files across the instances but this replication will
  not be in the buffer cache but in the code segments of the programs
  running in each instance, and there's not much you can do to reduce
  this-  and it'd add a huge amount of overhead to even _think_ about
  doing so.

  If data doesn't vary instance-to-instance there's not much point to
  having multiple instances, eh?

  Mind you, I don't have my own root/shell access to an s/390 running
  linux;  I've worked w/ Linux since kernel 0.95 or thereabouts (does
  anyone out there remember the SLS distro?) and, despite my
enthusiasm,
  I try to maintain some recognition of weaknesses (no one system is
  ever good at _everything_).  Working w/ Xenix (and Unix, early on)
  one of the tunables was to set the buffer cache size.  While the new
  model of buffer cache management is wonderful for "regular" (non-
  shared) systems, it's not as good in the VM environment (though we
  wouldn't want to cripple this feature across the s/390 line, since
  this feature is not a problem for the bare metal or an LPAR).

  VM's side effects of virtualization vary a whole lot of "rules" in
  OS;  I don't know if they've ever been codified.

  Changing the subject slightly, how does Linux run using FBA vs.
  CKD devices?  (It's not like _I_ have the ability to run tests.)


John R. Campbell, Speaker to Machines (GNUrd)  {813-356|697}-5322
"Will Work for CLAIM Codes"
IBM Certified: IBM AIX 4.3 System Administration, System Support

Re: Subject: Kernel panic: It's fixed, Linux is alive!

[David Rock]

On Thu, Apr 25, 2002 at 07:54:55AM -0400, Jill Grine wrote:
> Good morning all,
>
> Well, surprised me, I have a system!  TCPIP isn't working correctly, but I
> have a
> system!  (Sorry, I'm excited... newbie's are like that.)  If you all will be
> so kind as to indulge me one more time (with much chagrin) Got in a
> hurry and issued a
> PING 10.1.1.120 without specifying any other parms (just what the book says
> not to do).
> Is there any way to get out of the loop of messages about how the address is
> unreachable?!
>
> Anyway, if someone knows how to get out of this, I will be off at a more
> careful pace.

I'm assuming you are in a 3270 emulator or something equivalent:

type ^c and hit return (NOT Ctrl-C, carat "^" -C).

--
David Rock
[EMAIL PROTECTED]

Re: try to load Gigabit OSA Ethernet driver qeth

[Liang, Ih-Cheng]

Hello,
It worked!  I was able to load it using caps on the portname matching the
name on the defining system.  Thanks for the help from you all.
IC Liang.

-Original Message-
From: Post, Mark K [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 24, 2002 12:49 PM
To: [EMAIL PROTECTED]
Subject: Re: try to load Gigabit OSA Ethernet driver qeth


Ah, the "qeth: received an IDX TERMINATE on irq 0x5AD with cause code 0x22
-- use another portname" message is important.  Try putting your portname in
all uppercase.  It has to match the name the "defining" system uses exactly,
including case.

Mark Post

-Original Message-
From: Liang, Ih-Cheng [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 24, 2002 3:14 PM
To: [EMAIL PROTECTED]
Subject: Re: try to load Gigabit OSA Ethernet driver qeth


Hi,
Here are the messages during the boot process:
Mar 28 10:48:30 mmsalnxt kernel: SenseID : device 0F08 reports: CU  Type/Mod
= 1731/01, Dev Type/Mod = 1732/01
Mar 28 10:48:30 mmsalnxt kernel: SenseID : device 0F09 reports: CU  Type/Mod
= 1731/01, Dev Type/Mod = 1732/01
Mar 28 10:48:30 mmsalnxt kernel: SenseID : device 0F0A reports: CU  Type/Mod
= 1731/01, Dev Type/Mod = 1732/01
Mar 28 10:48:30 mmsalnxt kernel: SenseID : device 0F0B reports: CU  Type/Mod
= 1731/01, Dev Type/Mod = 1732/01

I added portname:osagbfda to
insmod qeth
qeth_options=noauto,0x0f08,0x0f09,0x0f0a,portname:osagbfd8
But still getting the same error.

Additional messages in the system's log:
Apr 24 12:08:27 mmsalnxt kernel: loading qeth S/390 Gigabit Ethernet driver
Apr 24 12:08:27 mmsalnxt kernel: Trying to use card with devnos
0xF08/0xF09/0xF0A
Apr 24 12:08:27 mmsalnxt kernel: qeth: received an IDX TERMINATE on irq
0x5AD with cause code 0x22 -- use another portname
Apr 24 12:08:28 mmsalnxt kernel: qeth: There were problems in hard-setting
up the card.

IC Liang.


-Original Message-
From: Post, Mark K [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 24, 2002 9:45 AM
To: [EMAIL PROTECTED]
Subject: Re: try to load Gigabit OSA Ethernet driver qeth


Was the device reported as being detected during the boot process?  E.g.,
Detected device 010F on subchannel 0016 - PIM = F0, PAM = F0, POM = FF
Detected device 0D0C on subchannel 0017 - PIM = F0, PAM = F0, POM = FF

Mark Post

-Original Message-
From: Liang, Ih-Cheng [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 24, 2002 11:57 AM
To: [EMAIL PROTECTED]
Subject: Re: try to load Gigabit OSA Ethernet driver qeth


Yes, I loaded qdio first with insmod qdio.
IC Liang.

-Original Message-
From: Post, Mark K [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, April 23, 2002 8:49 PM
To: [EMAIL PROTECTED]
Subject: Re: try to load Gigabit OSA Ethernet driver qeth


Did you load the qdio module first?

Mark Post

-Original Message-
From: Liang, Ih-Cheng [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, April 23, 2002 6:12 PM
To: [EMAIL PROTECTED]
Subject: try to load Gigabit OSA Ethernet driver qeth


I have SuSE v7 running on an S390 LPAR.
I tried to load Gigabit OSA Ethernet driver with the following command:
insmod qeth qeth_options=noauto,0x0f0a,0x0f0b,0x0f0c
This command failed with the following messages:
Using /lib/modules/2.2.16/net/qeth.o
/lib/modules/2.2.16/net/qeth.o: init_module: Device or resource busy
Hint: this error can be caused by incorrect module parameters,
including invalid IO or IRQ parameters
Any suggestions what I did wrong?  Thanks.
IC Liang.

Linux Memory Management

[Barton Robinson]

There is a bigger issue.  Linux was written assuming
dedicated resource and slow disks. It does everything it
can to consume available storage and avoid disk I/O.
Under VM, we need Linux to understand "shared resource".
The real issue is how much code should put into the kernal
to support VM - Ingo can answer to that

What is needed is control over the buffer and cache size that
linux uses.  Turning them off is probably undesirable,
but controlling their size would be very desirable.
Currently as Mark said, the only way to control sizes
of buffer/cache is to reduce the size of the virtual machine.
Then create a virtual disk and use for swap.  Linux will
then have additional storage when needed, but will not use
that storage for buffer/cache - this is desirable.

But today, having 100 linux servers share the same read/only
disk, and all 100 cache the same disk is undesirable when
MDC could do it so well for all of them.
Even having control over which disks linux caches would be
desirable, but not currently possible (I think...)


>From: Werner Puschitz <[EMAIL PROTECTED]>
>
>Does anyone know if there are any plans to address it in the near
>future? Isn't this a big drawback for Linux on zSeries?
>
>
>On Thu, 25 Apr 2002, Barton Robinson wrote:
>
>> The author is correct. This has NOT been addressed for Linux
>> on zSeries.
>>
>> >From: Werner Puschitz <[EMAIL PROTECTED]>
>> >
>> >Is the author right on this:
>> >
>> >http://www.linuxworld.com/site-stories/2002/0416.mainframelinux-p7.html
>> >"Linux memory management assumes control of a machine and so grabs up
>> >free memory for use in I/O buffering. Having multiple Linux instances do
>> >this to independently buffer I/O to the same files resident on a shared
>> >mini-disk not only wastes memory, but dramatically increases the paging
>> >effort."
>> >
>> >Or has this already been addressed for Linux on zSeries?
>> >
>> >Thanks
>> >Werner







"If you can't measure it, I'm Just NOT interested!"(tm)

//
Barton Robinson - CBW Internet: [EMAIL PROTECTED]
Velocity Software, IncMailing Address:
 196-D Castro Street   P.O. Box 390640
 Mountain View, CA 94041   Mountain View, CA 94039-0640

VM Performance Hotline:   650-964-8867
Fax: 650-964-9012 Web Page:  WWW.VELOCITY-SOFTWARE.COM
//

IP Addressing Oddity

[Coffin Michael C]

Title: Message



Hi
Folks,
 
I recently
had to move my VM TCPIP stack for Linux, and my Linux/390 guests (Redhat and
SuSE) to a different subnet.  The third octet was changing, so (for
example) 152.225.112.249 would become 152.225.35.249.  I made the changes
to both VM's TCPIP and my Linux/390 guests in advance of the change then fired
everything up.  
 
I had coded
the third octet as .035. instead of .35.  VM's TCPIP took the
152.225.035.249 without any difficulty.  But all of my Linux/390 guests
CHANGED the .035. to .29 - so this same address on a Linux/390 guest would be
152.225.29.249.  I was totally perplexed, and after hours of scratching my
head I changed one of these to just .35. and low and behold it
worked!
 
Note: 
I made the changes on the SuSE machines in rc.config then ran SuSEconfig, and on
the RedHat I made them in ifcfg-ctc0, gateways and I think
network.
 
So my
question is why did the Linux/390 guests interpret .035. to mean .29., and if
that is a "normal" thing - why didn't VM's TCPIP do the same
thing?
 
Any advice
or opinions are most welcome.  :)
 
Michael Coffin, VM Systems
Programmer Internal Revenue Service - Room 6030  Constitution Avenue, N.W. Washington, D.C.  20224 
Voice:
(202) 927-4188   FAX:  (202) 622-6726[EMAIL PROTECTED]

Re: IP Addressing Oddity

[Carey Schug]

Because a leading zero in the unix/linux world (and much of the mini/micro
universe) means an octal number and 035 becomes 3 times 8 plus 5 which
equals 29

Carey Schug

Open your home, open your heart, become a foster parent!


Coffin Michael C <[EMAIL PROTECTED]>@VM.MARIST.EDU> on 04/25/2002
12:15:22

Please respond to Linux on 390 Port <[EMAIL PROTECTED]>

Sent by:Linux on 390 Port <[EMAIL PROTECTED]>


To:[EMAIL PROTECTED]
cc:
Subject:[LINUX-390] IP Addressing Oddity




Hi Folks,

I recently had to move my VM TCPIP stack for Linux, and my Linux/390 guests
(Redhat and SuSE) to a different subnet.  The third octet was changing, so
(for example) 152.225.112.249 would become 152.225.35.249.  I made the
changes to both VM's TCPIP and my Linux/390 guests in advance of the change
then fired everything up.

I had coded the third octet as .035. instead of .35.  VM's TCPIP took the
152.225.035.249 without any difficulty.  But all of my Linux/390 guests
CHANGED the .035. to .29 - so this same address on a Linux/390 guest would
be 152.225.29.249.  I was totally perplexed, and after hours of scratching
my head I changed one of these to just .35. and low and behold it worked!

Note:  I made the changes on the SuSE machines in rc.config then ran
SuSEconfig, and on the RedHat I made them in ifcfg-ctc0, gateways and I
think network.

So my question is why did the Linux/390 guests interpret .035. to mean
.29., and if that is a "normal" thing - why didn't VM's TCPIP do the same
thing?

Any advice or opinions are most welcome.  :)


Michael Coffin, VM Systems Programmer
Internal Revenue Service - Room 6030
 Constitution Avenue, N.W.
Washington, D.C.  20224

Voice: (202) 927-4188   FAX:  (202) 622-6726
[EMAIL PROTECTED]

Re: IP Addressing Oddity

[Adam Thornton]

On Thu, Apr 25, 2002 at 01:15:22PM -0400, Coffin Michael C wrote:
> I had coded the third octet as .035. instead of .35.  VM's TCPIP took the
> 152.225.035.249 without any difficulty.  But all of my Linux/390 guests
> CHANGED the .035. to .29 - so this same address on a Linux/390 guest would
> be 152.225.29.249.  I was totally perplexed, and after hours of scratching
> my head I changed one of these to just .35. and low and behold it worked!

ifconfig appears, therefore, to act like many Unix utilities: a leading
"0" means that the number is to be interpreted as octal.

Octal 35 is 3*8 + 5, or29.I bet you can use 0x1D to get 29 as
well.

Adam

Re: IP Addressing Oddity

[Paul L. Rogers]

I believe that if a component of an IP address contains a leading zero,
it normally interperted as an octal value.  I guess the VM folks play
by the "rules".

Paul

On Thu, 25 Apr 2002, Coffin Michael C wrote:

> Date: Thu, 25 Apr 2002 13:15:22 -0400
> From: Coffin Michael C <[EMAIL PROTECTED]>
> Reply-To: Linux on 390 Port <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: IP Addressing Oddity
>

> Hi Folks,

> I recently had to move my VM TCPIP stack for Linux, and my Linux/390 guests
> (Redhat and SuSE) to a different subnet.  The third octet was changing, so
> (for example) 152.225.112.249 would become 152.225.35.249.  I made the
> changes to both VM's TCPIP and my Linux/390 guests in advance of the change
> then fired everything up.

> I had coded the third octet as .035. instead of .35.  VM's TCPIP took the
> 152.225.035.249 without any difficulty.  But all of my Linux/390 guests
> CHANGED the .035. to .29 - so this same address on a Linux/390 guest would
> be 152.225.29.249.  I was totally perplexed, and after hours of scratching
> my head I changed one of these to just .35. and low and behold it worked!

> Note:  I made the changes on the SuSE machines in rc.config then ran
> SuSEconfig, and on the RedHat I made them in ifcfg-ctc0, gateways and I
> think network.

> So my question is why did the Linux/390 guests interpret .035. to mean .29.,
> and if that is a "normal" thing - why didn't VM's TCPIP do the same thing?

> Any advice or opinions are most welcome.  :)

Paul L. Rogers[EMAIL PROTECTED]
Are you prepared for NetDay?  http://www.netday.org/
Linux: It works for me.   http://www.linuxdoc.org/

Re: IP Addressing Oddity

[Michael Short/Towers Perrin]

I believe that in some circumstances the three digits are taken as octal
instead of decimal; i think this occurs when using three digits and there
are leading zeros.

Re: IP Addressing Oddity

[Post, Mark K]

Michael,

There is a convention in Linux that if you specify a leading zero on a
numeric value that it means it's in octal.  Octal 35 = decimal 29.

Mark Post

-Original Message-
From: Coffin Michael C [mailto:[EMAIL PROTECTED]]
Sent: Thursday, April 25, 2002 1:15 PM
To: [EMAIL PROTECTED]
Subject: IP Addressing Oddity


Hi Folks,

I recently had to move my VM TCPIP stack for Linux, and my Linux/390 guests
(Redhat and SuSE) to a different subnet.  The third octet was changing, so
(for example) 152.225.112.249 would become 152.225.35.249.  I made the
changes to both VM's TCPIP and my Linux/390 guests in advance of the change
then fired everything up.

I had coded the third octet as .035. instead of .35.  VM's TCPIP took the
152.225.035.249 without any difficulty.  But all of my Linux/390 guests
CHANGED the .035. to .29 - so this same address on a Linux/390 guest would
be 152.225.29.249.  I was totally perplexed, and after hours of scratching
my head I changed one of these to just .35. and low and behold it worked!

Note:  I made the changes on the SuSE machines in rc.config then ran
SuSEconfig, and on the RedHat I made them in ifcfg-ctc0, gateways and I
think network.

So my question is why did the Linux/390 guests interpret .035. to mean .29.,
and if that is a "normal" thing - why didn't VM's TCPIP do the same thing?

Any advice or opinions are most welcome.  :)

Michael Coffin, VM Systems Programmer
Internal Revenue Service - Room 6030
 Constitution Avenue, N.W.
Washington, D.C.  20224
Voice: (202) 927-4188   FAX:  (202) 622-6726
[EMAIL PROTECTED]

Re: IP Addressing Oddity

[Lerret, Anker A]

If it's any consolation, *every* UNIX sysadmin does that once.  It makes the
/etc/hosts look so much tidier!

anker

Anker Lerret
EDS, BlueCross BlueShield of Massachusetts account
617-246-4599
[EMAIL PROTECTED]



> -Original Message-
> From: Carey Schug [SMTP:[EMAIL PROTECTED]]
> Sent: Thursday, April 25, 2002 1:23 p
> To:   [EMAIL PROTECTED]
> Subject:  Re: IP Addressing Oddity
>
> Because a leading zero in the unix/linux world (and much of the mini/micro
> universe) means an octal number and 035 becomes 3 times 8 plus 5 which
> equals 29
>
> Carey Schug
>
> Open your home, open your heart, become a foster parent!
>
>
> Coffin Michael C <[EMAIL PROTECTED]>@VM.MARIST.EDU> on 04/25/2002
> 12:15:22
>
> Please respond to Linux on 390 Port <[EMAIL PROTECTED]>
>
> Sent by:Linux on 390 Port <[EMAIL PROTECTED]>
>
>
> To:[EMAIL PROTECTED]
> cc:
> Subject:[LINUX-390] IP Addressing Oddity
>
>
>
>
> Hi Folks,
>
> I recently had to move my VM TCPIP stack for Linux, and my Linux/390
> guests
> (Redhat and SuSE) to a different subnet.  The third octet was changing, so
> (for example) 152.225.112.249 would become 152.225.35.249.  I made the
> changes to both VM's TCPIP and my Linux/390 guests in advance of the
> change
> then fired everything up.
>
> I had coded the third octet as .035. instead of .35.  VM's TCPIP took the
> 152.225.035.249 without any difficulty.  But all of my Linux/390 guests
> CHANGED the .035. to .29 - so this same address on a Linux/390 guest would
> be 152.225.29.249.  I was totally perplexed, and after hours of scratching
> my head I changed one of these to just .35. and low and behold it worked!
>
> Note:  I made the changes on the SuSE machines in rc.config then ran
> SuSEconfig, and on the RedHat I made them in ifcfg-ctc0, gateways and I
> think network.
>
> So my question is why did the Linux/390 guests interpret .035. to mean
> .29., and if that is a "normal" thing - why didn't VM's TCPIP do the same
> thing?
>
> Any advice or opinions are most welcome.  :)
>
>
> Michael Coffin, VM Systems Programmer
> Internal Revenue Service - Room 6030
>  Constitution Avenue, N.W.
> Washington, D.C.  20224
>
> Voice: (202) 927-4188   FAX:  (202) 622-6726
> [EMAIL PROTECTED]
>
>
>
>
>
>

Re: IP Addressing Oddity

[Coffin Michael C]

Thanks to all who replied - that explains things (I had a feeling it would
be some silly thing like that, and Anker read my mind, I was trying to line
up my /etc/hosts to have 4 3 digit octets for neatness!).

Michael Coffin, VM Systems Programmer 
Internal Revenue Service - Room 6030 
 Constitution Avenue, N.W. 
Washington, D.C.  20224 

Voice: (202) 927-4188   FAX:  (202) 622-6726
[EMAIL PROTECTED]   



-Original Message-
From: Lerret, Anker A [mailto:[EMAIL PROTECTED]] 
Sent: Thursday, April 25, 2002 1:42 PM
To: [EMAIL PROTECTED]
Subject: Re: IP Addressing Oddity


If it's any consolation, *every* UNIX sysadmin does that once.  It makes the
/etc/hosts look so much tidier!

anker

Anker Lerret
EDS, BlueCross BlueShield of Massachusetts account
617-246-4599
[EMAIL PROTECTED]



> -Original Message-
> From: Carey Schug [SMTP:[EMAIL PROTECTED]]
> Sent: Thursday, April 25, 2002 1:23 p
> To:   [EMAIL PROTECTED]
> Subject:  Re: IP Addressing Oddity
>
> Because a leading zero in the unix/linux world (and much of the 
> mini/micro
> universe) means an octal number and 035 becomes 3 times 8 plus 5 which
> equals 29
>
> Carey Schug
>
> Open your home, open your heart, become a foster parent!
>
>
> Coffin Michael C <[EMAIL PROTECTED]>@VM.MARIST.EDU> on 
> 04/25/2002 12:15:22
>
> Please respond to Linux on 390 Port <[EMAIL PROTECTED]>
>
> Sent by:Linux on 390 Port <[EMAIL PROTECTED]>
>
>
> To:[EMAIL PROTECTED]
> cc:
> Subject:[LINUX-390] IP Addressing Oddity
>
>
>
>
> Hi Folks,
>
> I recently had to move my VM TCPIP stack for Linux, and my Linux/390 
> guests (Redhat and SuSE) to a different subnet.  The third octet was 
> changing, so (for example) 152.225.112.249 would become 
> 152.225.35.249.  I made the changes to both VM's TCPIP and my 
> Linux/390 guests in advance of the change
> then fired everything up.
>
> I had coded the third octet as .035. instead of .35.  VM's TCPIP took 
> the 152.225.035.249 without any difficulty.  But all of my Linux/390 
> guests CHANGED the .035. to .29 - so this same address on a Linux/390 
> guest would be 152.225.29.249.  I was totally perplexed, and after 
> hours of scratching my head I changed one of these to just .35. and 
> low and behold it worked!
>
> Note:  I made the changes on the SuSE machines in rc.config then ran 
> SuSEconfig, and on the RedHat I made them in ifcfg-ctc0, gateways and 
> I think network.
>
> So my question is why did the Linux/390 guests interpret .035. to mean 
> .29., and if that is a "normal" thing - why didn't VM's TCPIP do the 
> same thing?
>
> Any advice or opinions are most welcome.  :)
>
>
> Michael Coffin, VM Systems Programmer
> Internal Revenue Service - Room 6030
>  Constitution Avenue, N.W.
> Washington, D.C.  20224
>
> Voice: (202) 927-4188   FAX:  (202) 622-6726
> [EMAIL PROTECTED]
>
>
>
>
>
>

Re: IP Addressing Oddity

[Willem Konynenberg]

Coffin Michael C wrote:
> I had coded the third octet as .035. instead of .35.  VM's TCPIP took the
> 152.225.035.249 without any difficulty.  But all of my Linux/390 guests
> CHANGED the .035. to .29 - so this same address on a Linux/390 guest would
> be 152.225.29.249.  I was totally perplexed, and after hours of scratching
> my head I changed one of these to just .35. and low and behold it worked!

That is definitely a bug in the bit of Linux code that parses
that IP address.
The specs call this notation "dotted decimal", and RFC820 says
"For example, the internet address of ISIF in dotted decimal is
 010.002.000.052, or 10.2.0.52."

So, obviously, 035 should have been interpreted as the decimal
value 35, not as octal 35.

> So my question is why did the Linux/390 guests interpret .035. to mean .29.,
> and if that is a "normal" thing - why didn't VM's TCPIP do the same thing?

The standard Unix/C integer parsing functions "by default" do
automatic detection of the base of the number.  A "0x" prefix
indicates base 16, a "0" prefix indicates base 8, otherwise, base 10.
To parse in a specific base, the desired base must be specified
to the parsing function.
It would appear that some code that parses a "dotted decimal"
IP address has erroneously be written using the default automatic
base detection, where it should have forced base 10.


--
 Willem Konynenberg <[EMAIL PROTECTED]>
I am not able rightly to apprehend the kind of confusion of ideas
that could provoke such a question  --  Charles Babbage

Intrusion Detection Software

[Kittendorf, Craig]

Anyone have any experience/recommendations with Intrusion Detection
Software, e.g. tripwire, snort, etc.

Thanks,
 Craig Kittendorf
 Systems Programmer

Re: LinuxWorld Article series - bufferring etc...

[John Summerfield]

> This assumes that every Linux image is going to be using the same disk,
> does it not?
> 
>
>   I've thought that it should work the OTHER way once a mechanism to
>   throttle buffer allocation has been cooked up;  You'd best depend
>   upon VM to handle paging your system (to avoid double-paging) and
>   remove the paging space ("swap" partition) from Linux entirely.
>
>   So you could have a very large "virtual" instance but it wouldn't
>   have any "local" paging space, depending instead upon VM to manage
>   the paging of the instance.  Coupled with a buffer-leashing (we can
>   hope it's tunable via a /proc entry or some such) this'd make each
>   instance more likely to "play well with others".
>
>   As for replicated buffers in the cache, yes, I've seen the cookbooks
>   recommend building a single instance and then providing r/o access
>   to other instances for the /usr filesystem, so this would be a
>   concern.  While reducing the replication of files is a laudable goal
>   we're still stuck w/ replicated buffers.  The only real advantage
>   is with executables, since page misses in the code segments will
>   just pull it in from the file itself (computational pages) and data
>   (stack, bss) segments will be "unique" to each instance's processes
>   anyway.
>
>   Replicated buffers for persistent storage (i.e. data files) is less
>   of a problem since data will vary from instance to instance.
>

I thought we were talking about buffers for files, not storage allocated to
programs during use (and that's what stack, bss are).

Everything in /usr is supposed to be mountable r/o.


However, Linux doesn't know that VM might be caching it, so Linux caches it too
and this leads to increased storage use by Linux as seen by VM. So, to reduce
this caching, reduce the storage allocated to the Linux instance.

However, this is a problem which I think needs a better long-term solution. It's
wrong for Linux to allocate lots of cache to /usr (but only when running as a VM
guest) but right for it to cache /var liberally.

Perhaps a mount option would address this best, but I'm certainly no Kernel Guru.

The other question deals with paging/swapping. As far as I can figure it, paging
in Linux/Unix isn't what it is in MVS, and I've never discovered just what the
correspondences is. So, I use the terms swapping and paging as I did in my MVS
days.

There was some discussion about this quite a while ago. As I recall, the best
solution offered is to modify Linux so it recognises it's running in a VM
environment and to discuss paging operations with VM. I think the feeling was
that VM also needed to have some changes made as the way it discusses these
matters with other guests isn't ideal for Linux.

I imagine that the IBM folk are beavering away at fixing this up properly as I
type - I think it's working hours in ibm.de;-)







--
Cheers
John Summerfield

Microsoft's most solid OS: http://www.geocities.com/rcwoolley/

Note: mail delivered to me is deemed to be intended for me, for my disposition.

==
If you don't like being told you're wrong,
be right!

Re: Intrusion Detection Software

[Coffin Michael C]

I use PortSentry - it not only monitors ports but blocks IP addresses that
it determines are doing DOS attacks or otherwise doing "bad things".  It's
saved my bacon from hackers many times.

http://linux.rice.edu/help/tips-sentry.html

Michael Coffin, VM Systems Programmer 
Internal Revenue Service - Room 6030 
 Constitution Avenue, N.W. 
Washington, D.C.  20224 

Voice: (202) 927-4188   FAX:  (202) 622-6726
[EMAIL PROTECTED]   



-Original Message-
From: Kittendorf, Craig [mailto:[EMAIL PROTECTED]] 
Sent: Thursday, April 25, 2002 4:31 PM
To: [EMAIL PROTECTED]
Subject: Intrusion Detection Software


Anyone have any experience/recommendations with Intrusion Detection
Software, e.g. tripwire, snort, etc.

Thanks,
 Craig Kittendorf
 Systems Programmer

Re: LinuxWorld Article series - bufferring etc...

[John Summerfield]

>   I try to maintain some recognition of weaknesses (no one system is
>   ever good at _everything_).  Working w/ Xenix (and Unix, early on)
>   one of the tunables was to set the buffer cache size.  While the new
>   model of buffer cache management is wonderful for "regular" (non-
>   shared) systems, it's not as good in the VM environment (though we
>   wouldn't want to cripple this feature across the s/390 line, since
>   this feature is not a problem for the bare metal or an LPAR).


I did mean to comment on this too;-)

Linux's caching for single-OS machines isn't so wonderful either. I'm run a
postgresql database load a few times by way of a benchmark/test, and a result is
that my 256 Mbytes of RAM gets absolutely full of database stuff.

Then my desktop (KDE or GNOME) gets very slow indeed for a while until the cache
gets recharged with stuff from /usr.


--
Cheers
John Summerfield

Microsoft's most solid OS: http://www.geocities.com/rcwoolley/

Note: mail delivered to me is deemed to be intended for me, for my disposition.

==
If you don't like being told you're wrong,
be right!

Re: IP Addressing Oddity

[John Summerfield]

[EMAIL PROTECTED] said:
> Because a leading zero in the unix/linux world (and much of the mini/
> micro universe) means an octal number and 035 becomes 3 times 8 plus 5
> which equals 29

Betcha the relevant RFC doesn't contemplate the ifconfig interpretation!


--
Cheers
John Summerfield

Microsoft's most solid OS: http://www.geocities.com/rcwoolley/

Note: mail delivered to me is deemed to be intended for me, for my disposition.

==
If you don't like being told you're wrong,
be right!

Re: Intrusion Detection Software

[John Summerfield]

> Anyone have any experience/recommendations with Intrusion Detection
> Software, e.g. tripwire, snort, etc.


Clarkconnect moved from portsentry to snort.

I personally haven't come to terms with either of them, but I guess I should.
--
Cheers
John Summerfield

Microsoft's most solid OS: http://www.geocities.com/rcwoolley/

Note: mail delivered to me is deemed to be intended for me, for my disposition.

==
If you don't like being told you're wrong,
be right!

Re: IP Addressing Oddity

[John Summerfield]

> On Thu, Apr 25, 2002 at 01:15:22PM -0400, Coffin Michael C wrote:
> > I had coded the third octet as .035. instead of .35.  VM's TCPIP took the
> > 152.225.035.249 without any difficulty.  But all of my Linux/390 guests
> > CHANGED the .035. to .29 - so this same address on a Linux/390 guest would
> > be 152.225.29.249.  I was totally perplexed, and after hours of scratching
> > my head I changed one of these to just .35. and low and behold it worked!
>
> ifconfig appears, therefore, to act like many Unix utilities: a leading
> "0" means that the number is to be interpreted as octal.
>
> Octal 35 is 3*8 + 5, or29.I bet you can use 0x1D to get 29 as
> well.


I happen to have a box it doesn't matter if I misconfigure so I tried it. You
can (but I'm sure that's a recent change. I'm certain it didn't a while ago).


Someone might report it as a bug - we now have this ridiculous situation:
[root@numbat root]# ifconfig eth0 192.168.1.011
[root@numbat root]# ifconfig eth0
eth0  Link encap:Ethernet  HWaddr 00:40:F4:28:A0:3A
  inet addr:192.168.1.9  Bcast:192.168.1.255  Mask:255.255.255.0
  UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
  RX packets:58923479 errors:27 dropped:1 overruns:20 frame:0
  TX packets:37011741 errors:0 dropped:0 overruns:2 carrier:0
  collisions:197384 txqueuelen:100
  RX bytes:3622792122 (3454.9 Mb)  TX bytes:3221846063 (3072.5 Mb)
  Interrupt:10 Base address:0x3000

[root@numbat root]# host 192.168.1.011
Host 11.1.168.192.in-addr.arpa. not found: 3(NXDOMAIN)
[root@numbat root]#



--
Cheers
John Summerfield

Microsoft's most solid OS: http://www.geocities.com/rcwoolley/

Note: mail delivered to me is deemed to be intended for me, for my disposition.

==
If you don't like being told you're wrong,
be right!

Re: LinuxWorld Article series - bufferring etc...

[John Campbell]

  I hate the lack of sensible quoting w/i Bloated Notes.

>>>
I thought we were talking about buffers for files, not storage allocated to
programs during use (and that's what stack, bss are).

Everything in /usr is supposed to be mountable r/o.


However, Linux doesn't know that VM might be caching it, so Linux caches it
too
and this leads to increased storage use by Linux as seen by VM. So, to
reduce
this caching, reduce the storage allocated to the Linux instance.
<<<

  It took me a surprising amount of time to realize that /usr doesn't
  retain any large quantities of data that would end up residing in a
  buffer cache-  R/O data is of very limited utility.  I don't think
  we're likely to be overrun by people calling up the same man page
  across all of the systems.

>>>
However, this is a problem which I think needs a better long-term solution.
It's
wrong for Linux to allocate lots of cache to /usr (but only when running as
a VM
guest) but right for it to cache /var liberally.

Perhaps a mount option would address this best, but I'm certainly no Kernel
Guru.
<<<

  The "swap" (paging space) already has a priority flag;  Perhaps it
  can be borrowed for this?  I'll hafta "use the source" to see what
  it does now.

  Actually, the buffer cache allocation algorithm needs to have a
  "cost" associated with each percentage point of free space it
  consumes;  The rate of expense growth should be tunable, etc.  Some
  memory allocators used to have such a pricing mechanism to allow the
  system to balance out the load.

>>>
The other question deals with paging/swapping. As far as I can figure it,
paging
in Linux/Unix isn't what it is in MVS, and I've never discovered just what
the
correspondences is. So, I use the terms swapping and paging as I did in my
MVS
days.

There was some discussion about this quite a while ago. As I recall, the
best
solution offered is to modify Linux so it recognises it's running in a VM
environment and to discuss paging operations with VM. I think the feeling
was
that VM also needed to have some changes made as the way it discusses these
matters with other guests isn't ideal for Linux.

I imagine that the IBM folk are beavering away at fixing this up properly
as I
type - I think it's working hours in ibm.de;-)


  IIRC the commentary here on the list was that some folks are working
  at getting Linux better at peering w/ VM, which, IMHO, is a non-
  starter.  I don't see Linus admitting code like that into the
mainline
  kernel.  A more generic approach (like tuning the disk buffer cache
  mechanism to throttle new buffer requests) would be best, but that
  needs to be done in such a way that a code segment won't get paged
  out to make room for a disk buffer;  Only other disk buffers should
  be eligible for flushing and reallocation.

  (BTW, code segments don't get written out to the paging space;  They
  get dropped because they'll just get re-loaded from the executable
  file image when the page faults again.  As if anyone on this list
didn't
  already know or have an inkling of how this works.)

  I *really* need to get a life.


John R. Campbell, Speaker to Machines (GNUrd)  {813-356|697}-5322
"Will Work for CLAIM Codes"
IBM Certified: IBM AIX 4.3 System Administration, System Support

Re: LinuxWorld Article series - bufferring etc...

[John Campbell]

John Summerfield:
>
>   I try to maintain some recognition of weaknesses (no one system is
>   ever good at _everything_).  Working w/ Xenix (and Unix, early on)
>   one of the tunables was to set the buffer cache size.  While the
new
>   model of buffer cache management is wonderful for "regular" (non-
>   shared) systems, it's not as good in the VM environment (though we
>   wouldn't want to cripple this feature across the s/390 line, since
>   this feature is not a problem for the bare metal or an LPAR).

I did mean to comment on this too;-)

Linux's caching for single-OS machines isn't so wonderful either. I'm run a
postgresql database load a few times by way of a benchmark/test, and a
result is
that my 256 Mbytes of RAM gets absolutely full of database stuff.

Then my desktop (KDE or GNOME) gets very slow indeed for a while until the
cache
gets recharged with stuff from /usr.
<<<

  But the /usr stuff that gets re-loaded are executables and data
(impure)
  segments of the code to be run.  Unless the KDE stuff is all
scripting
  (yeah, like it's all done w/ tcl/TK, smoke and mirrors) then it's
going
  to consist of computational pages rather than persistent storage
(which
  is just a fancy AIX name for data that's reflected on disk;  the code
  segment of an executable gets to be both, in a way).

  It can be argued that the memory allocation mechanism needs to be
looked
  at to allow a memory request to have it's own priority level, just
like
  each process has a priority within the scheduler.  H...

  Doing this would benefit _all_ platforms.


John R. Campbell, Speaker to Machines (GNUrd)  {813-356|697}-5322
"Will Work for CLAIM Codes"
IBM Certified: IBM AIX 4.3 System Administration, System Support

Signatures, and taglines was RE: LinuxWorld Article series - bufferring etc...

[Gregg C Levine]

Hello from Gregg C Levine normally with Jedi Knight Computers
As most of you have figured out, I happen to be fan of that series of
films. All of them. So facts those are recounted in my signature, and
taglines. But I've noticed that, for example John Campbell here,
presents one, that is unfamiliar to me. So, the question is, "What are
CLAIM Codes?" An answer is appreciated, but not necessary. Directly to
me, so as to not clog up the list.
---
Gregg C Levine [EMAIL PROTECTED]

"The Force will be with you...Always." Obi-Wan Kenobi
"Use the Force, Luke."  Obi-Wan Kenobi
(This company dedicates this E-Mail to General Obi-Wan Kenobi )
(This company dedicates this E-Mail to Master Yoda )



> -Original Message-
> From: Linux on 390 Port [mailto:[EMAIL PROTECTED]] On Behalf Of
> John Campbell
> Sent: Thursday, April 25, 2002 5:34 PM
> To: [EMAIL PROTECTED]
> Subject: Re: LinuxWorld Article series - bufferring etc...
> 
> John Summerfield:
> >
> >   I try to maintain some recognition of weaknesses (no one
system is
> >   ever good at _everything_).  Working w/ Xenix (and Unix, early
on)
> >   one of the tunables was to set the buffer cache size.  While
the
> new
> >   model of buffer cache management is wonderful for "regular"
(non-
> >   shared) systems, it's not as good in the VM environment
(though we
> >   wouldn't want to cripple this feature across the s/390 line,
since
> >   this feature is not a problem for the bare metal or an LPAR).
> 
> I did mean to comment on this too;-)
> 
> Linux's caching for single-OS machines isn't so wonderful either. I'm
run a
> postgresql database load a few times by way of a benchmark/test, and a
> result is
> that my 256 Mbytes of RAM gets absolutely full of database stuff.
> 
> Then my desktop (KDE or GNOME) gets very slow indeed for a while until
the
> cache
> gets recharged with stuff from /usr.
> <<<
> 
>   But the /usr stuff that gets re-loaded are executables and data
> (impure)
>   segments of the code to be run.  Unless the KDE stuff is all
> scripting
>   (yeah, like it's all done w/ tcl/TK, smoke and mirrors) then
it's
> going
>   to consist of computational pages rather than persistent storage
> (which
>   is just a fancy AIX name for data that's reflected on disk;  the
code
>   segment of an executable gets to be both, in a way).
> 
>   It can be argued that the memory allocation mechanism needs to
be
> looked
>   at to allow a memory request to have it's own priority level,
just
> like
>   each process has a priority within the scheduler.  H...
> 
>   Doing this would benefit _all_ platforms.
> 
> 
> John R. Campbell, Speaker to Machines (GNUrd)  {813-356|697}-5322
> "Will Work for CLAIM Codes"
> IBM Certified: IBM AIX 4.3 System Administration, System Support

Re: Question: z/VM 4 base without assembler??

[Jim Elliott]

> I was just told by a friend that when I order z/VM 4 that I must also
> order assembler as it is not included in the base which means that one
> ca not install maintenance that requires assembly.

All z/VM maintenance (including features) from IBM ships as text decks.
You only need HLASM if you have user mods, or as Alan said for a short
list of customization capabilities which you should not need in your
environment.

Regards, Jim

Re: Intrusion Detection Software

[Gregg C Levine]

Hello from Gregg C Levine
While we are on the subject, has anyone succeeded in getting the
ipchains setup to work correctly on their systems? As to your question,
Craig, I am afraid, that I do not.
---
Gregg C Levine [EMAIL PROTECTED]

"The Force will be with you...Always." Obi-Wan Kenobi
"Use the Force, Luke."  Obi-Wan Kenobi
(This company dedicates this E-Mail to General Obi-Wan Kenobi )
(This company dedicates this E-Mail to Master Yoda )



> -Original Message-
> From: Linux on 390 Port [mailto:[EMAIL PROTECTED]] On Behalf Of
> Kittendorf, Craig
> Sent: Thursday, April 25, 2002 4:31 PM
> To: [EMAIL PROTECTED]
> Subject: Intrusion Detection Software
> 
> Anyone have any experience/recommendations with Intrusion Detection
> Software, e.g. tripwire, snort, etc.
> 
> Thanks,
>  Craig Kittendorf
>  Systems Programmer

Re: IP Addressing Oddity

[Steve Kotzmoyer]

Like someone already noted, it is supposed to be dotted !DECIMAL!
notation.

John Summerfield wrote:
>
> [EMAIL PROTECTED] said:
> > Because a leading zero in the unix/linux world (and much of the mini/
> > micro universe) means an octal number and 035 becomes 3 times 8 plus 5
> > which equals 29
>
> Betcha the relevant RFC doesn't contemplate the ifconfig interpretation!
>
> --
> Cheers
> John Summerfield
>
> Microsoft's most solid OS: http://www.geocities.com/rcwoolley/
>
> Note: mail delivered to me is deemed to be intended for me, for my
> disposition.
>
> ==
> If you don't like being told you're wrong,
> be right!

--
Steve Kotzmoyer   [EMAIL PROTECTED]

 TCP/IP Monitor Development   Home: (540) 253-5821
 Landmark Systems Work: (703) 464-1695

Re: Intrusion Detection Software

[A. Harry Williams]

On Thu, 25 Apr 2002 16:31:14 -0400 Kittendorf, Craig said:
>Anyone have any experience/recommendations with Intrusion Detection
>Software, e.g. tripwire, snort, etc.

We're looking at using Tripwire across the enterprise.  Mike's done
some experimenting with it on both Linux on Intel and on 390.
Maybe someone can twist his arm to write it up, but I believe he has it
working on both.  The biggest issue I remember him mentioning is that
it assumes the whole processor is dedicated.

>
>Thanks,
> Craig Kittendorf
> Systems Programmer
/ahw

Re: Subject: Kernel panic: It's fixed, Linux is alive!

[Rich Smrcina]

I don't know 'bout anyone else, but after 2 1/2 years it still gives me goose
bumps...  :)

On Thursday 25 April 2002 09:46 am, you wrote:
> Watching the console scroll by on your very first boot of your very first
> 390/Llinux system is a very good feeling ..  Wish I could bottle it ;-)
>
> Jay

--
Rich Smrcina
Sytek Services, Inc.
Milwaukee, WI
[EMAIL PROTECTED]
[EMAIL PROTECTED]

Catch the WAVV!  Stay for Requirements and the Free for All!
Update your S/390 skills in 4 days for a very reasonable price.
WAVV 2003 in Winston-Salem, NC.
April 25-29, 2003
For details see http://www.wavv.org

Re: IP Addressing Oddity

[soup]

> Like someone already noted, it is supposed to be dotted !DECIMAL!
> notation.

Assuming my memory works at all, I think this is a feature
of atoi() but I'd want to play with it first.

And, yes, there are two kinds of Unix SysAdmins:

   1)   Those who have already made this mistake; and
   2)   Those who WILL make this mistake.

(The same is true of doing an 'rm -rf *' as root from /)

--
 John R. Campbell   Speaker to Machines [EMAIL PROTECTED]
 - As a SysAdmin, yes, I CAN read your e-mail, but I DON'T get that bored!
   Disclaimer:  All opinions expressed above are those of John R. Campbell
alone and are seriously unlikely to reflect the opinions of
his employer(s) or lackeys thereof.  Anyone who says
differently is itching for a fight!

Re: Intrusion Detection Software

[Kittendorf, Craig]

 That leads to part 2 of the "newbie" question,
How is "Intrusion Detection Software" different from a firewall?  same as?
Used instead of? used with but enhances?

Thanks,
   Craig


-Original Message-
From: Gregg C Levine
To: [EMAIL PROTECTED]
Sent: 4/25/02 4:37 PM
Subject: Re: Intrusion Detection Software

Hello from Gregg C Levine
While we are on the subject, has anyone succeeded in getting the
ipchains setup to work correctly on their systems? As to your question,
Craig, I am afraid, that I do not.
---
Gregg C Levine [EMAIL PROTECTED]

"The Force will be with you...Always." Obi-Wan Kenobi
"Use the Force, Luke."  Obi-Wan Kenobi
(This company dedicates this E-Mail to General Obi-Wan Kenobi )
(This company dedicates this E-Mail to Master Yoda )



> -Original Message-
> From: Linux on 390 Port [mailto:[EMAIL PROTECTED]] On Behalf Of
> Kittendorf, Craig
> Sent: Thursday, April 25, 2002 4:31 PM
> To: [EMAIL PROTECTED]
> Subject: Intrusion Detection Software
> 
> Anyone have any experience/recommendations with Intrusion Detection
> Software, e.g. tripwire, snort, etc.
> 
> Thanks,
>  Craig Kittendorf
>  Systems Programmer

Re: Intrusion Detection Software

[Post, Mark K]

Craig,

It's used with a firewall, not in place of.  A firewall is intended to keep
the bad guys out in the first place.  An IDS is designed to figure out that
they got in anyway, and tell you what it was they messed with while they
were there.  Tripwire for instance keeps track of file sizes, dates (and I
think a checksum) of important system files.  If one of those attributes
changes from one daily scan to the next, it tells you there's a problem.

Mark Post

-Original Message-
From: Kittendorf, Craig [mailto:[EMAIL PROTECTED]]
Sent: Thursday, April 25, 2002 9:36 PM
To: [EMAIL PROTECTED]
Subject: Re: Intrusion Detection Software


 That leads to part 2 of the "newbie" question,
How is "Intrusion Detection Software" different from a firewall?  same as?
Used instead of? used with but enhances?

Thanks,
   Craig


-Original Message-
From: Gregg C Levine
To: [EMAIL PROTECTED]
Sent: 4/25/02 4:37 PM
Subject: Re: Intrusion Detection Software

Hello from Gregg C Levine
While we are on the subject, has anyone succeeded in getting the
ipchains setup to work correctly on their systems? As to your question,
Craig, I am afraid, that I do not.
---
Gregg C Levine [EMAIL PROTECTED]

"The Force will be with you...Always." Obi-Wan Kenobi
"Use the Force, Luke."  Obi-Wan Kenobi
(This company dedicates this E-Mail to General Obi-Wan Kenobi )
(This company dedicates this E-Mail to Master Yoda )



> -Original Message-
> From: Linux on 390 Port [mailto:[EMAIL PROTECTED]] On Behalf Of
> Kittendorf, Craig
> Sent: Thursday, April 25, 2002 4:31 PM
> To: [EMAIL PROTECTED]
> Subject: Intrusion Detection Software
> 
> Anyone have any experience/recommendations with Intrusion Detection
> Software, e.g. tripwire, snort, etc.
> 
> Thanks,
>  Craig Kittendorf
>  Systems Programmer

Red Hat 7.2 - install by tape?

[Makhijani, Beena]

Hi,

I am new to Linux (and UNIX) but need to do a proof-of-concept for using
Linux on S390 for file and print serving.  I was planning to use Red Hat 7.2
as that seems to be the only free downloadable commerical distribution with
the 2.4 kernel.  However, when browsing through the "Offical Red Hat Linux
for S390 Installation Guide" and the README file, I do not see any mention
of installing by tape.  Both the SuSE and TurboLinux manuals gave clear
instructions on how to do this.  Can I use tape to install Red Hat 7.2?  Is
there better documentation out there for Red Hat 7.2?  The Red Hat manual
does not appear to be as clear as the other vendors'.

>From reading through the archives, I also got the impression that the Red
Hat distribution is missing drivers for OSA and 3490/3590 tape drives and
that its installation is not as easy as SuSE's.  Is that so?  Any comments
comparing Red Hat's and SuSE's installation would also be appreciated.

Thanks,
Beena

Re: IP Addressing Oddity

[Willem Konynenberg]

[EMAIL PROTECTED] wrote:
> > Like someone already noted, it is supposed to be dotted !DECIMAL!
> > notation.
>
> Assuming my memory works at all, I think this is a feature
> of atoi() but I'd want to play with it first.

I dug around a wee bit.
The problem appears to be the inet_aton/inet_addr function,
and it's not a bug, it's a problem of conflicting specifications.
("the good thing about standards is that there are so many to choose from")

The SUS explicitly states:
  All numbers supplied as parts in dot notation may be decimal,
  octal, or hexadecimal, as specified in the ISO C standard (that
  is, a leading 0x or 0X implies hexadecimal; otherwise, a leading
  0 implies octal; otherwise, the number is interpreted as decimal).

(this is in line with the original BSD implementation, which even
 contained an explicit comment to state that it worked this way...)

But RFC 1123 (STD 3) "Requirements for Internet Hosts --
Application and Support" says
   2.1  Host Names and Numbers
...
  Whenever a user inputs the identity of an Internet host, it SHOULD
  be possible to enter either (1) a host domain name or (2) an IP
  address in dotted-decimal ("#.#.#.#") form.  The host SHOULD check
  the string syntactically for a dotted-decimal number before
  looking it up in the Domain Name System.

Though this does not provide a formal definition of the format,
it seems obvious that the numbers are intended to be decimal,
not octal or hexadecimal...
(and other RFCs contain examples that confirm this)


I suppose the UNIX standard take precedence here...  ;-(

--
 Willem Konynenberg <[EMAIL PROTECTED]>
I am not able rightly to apprehend the kind of confusion of ideas
that could provoke such a question  --  Charles Babbage

Re: Intrusion Detection Software

[Steve Kotzmoyer]

Craig,

In addition to what Mark said, an IDS will often work off of a database
of attack characteristics.  An IDS maintains more state information than
would a firewall.  Several of the non commercial IDS systems rival their
vendor developed counterparts.  I recommend reading, "Network Intrusion
Detection, An Analyst's Handbook", by Stephen Northcutt (SANS).

Steve

"Post, Mark K" wrote:
>
> Craig,
>
> It's used with a firewall, not in place of.  A firewall is intended to keep
> the bad guys out in the first place.  An IDS is designed to figure out that
> they got in anyway, and tell you what it was they messed with while they
> were there.  Tripwire for instance keeps track of file sizes, dates (and I
> think a checksum) of important system files.  If one of those attributes
> changes from one daily scan to the next, it tells you there's a problem.
>
> Mark Post
>
> -Original Message-
> From: Kittendorf, Craig [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, April 25, 2002 9:36 PM
> To: [EMAIL PROTECTED]
> Subject: Re: Intrusion Detection Software
>
>  That leads to part 2 of the "newbie" question,
> How is "Intrusion Detection Software" different from a firewall?  same as?
> Used instead of? used with but enhances?
>
> Thanks,
>Craig
>
> -Original Message-
> From: Gregg C Levine
> To: [EMAIL PROTECTED]
> Sent: 4/25/02 4:37 PM
> Subject: Re: Intrusion Detection Software
>
> Hello from Gregg C Levine
> While we are on the subject, has anyone succeeded in getting the
> ipchains setup to work correctly on their systems? As to your question,
> Craig, I am afraid, that I do not.
> ---
> Gregg C Levine [EMAIL PROTECTED]
> 
> "The Force will be with you...Always." Obi-Wan Kenobi
> "Use the Force, Luke."  Obi-Wan Kenobi
> (This company dedicates this E-Mail to General Obi-Wan Kenobi )
> (This company dedicates this E-Mail to Master Yoda )
>
> > -Original Message-
> > From: Linux on 390 Port [mailto:[EMAIL PROTECTED]] On Behalf Of
> > Kittendorf, Craig
> > Sent: Thursday, April 25, 2002 4:31 PM
> > To: [EMAIL PROTECTED]
> > Subject: Intrusion Detection Software
> >
> > Anyone have any experience/recommendations with Intrusion Detection
> > Software, e.g. tripwire, snort, etc.
> >
> > Thanks,
> >  Craig Kittendorf
> >  Systems Programmer

--
Steve Kotzmoyer   [EMAIL PROTECTED]

 TCP/IP Monitor Development   Home: (540) 253-5821
 Landmark Systems Work: (703) 464-1695

Re: Red Hat 7.2 - install by tape?

[Post, Mark K]

Beena,

Yes, you can install Red Hat 7.2 by tape.  The process you would follow is
identical to what you would do for any of the other distributions.  You'll
need to create an unlabelled tape with the kernel, parameter file, and
compressed ram disk on it, in that order.

For more documentation (false modesty prevents me from claiming it's
_better_ :)  ), you can take a look at Chapter 11, "Installing Red Hat
Linux" in the "Linux for zSeries and S/390: Distributions" Redbook at
http://publib-b.boulder.ibm.com/Redbooks.nsf/RedbookAbstracts/sg246264.html.

The recently opened source version of the OSA driver have not been
incorporated into their GA directories, but you should be able to use the
kernel from
ftp://ftp.redhat.com/pub/redhat/linux/rawhide/s390/images/tapekrnl.img .
I'm not aware of the Red Hat distribution missing any tape drivers that are
in the other distributions.

As far as ease of installation, my personal experience is that installing
Red Hat is about as easy as any of the others, and in at least one way,
easier.  Their installation scripts allow you to specify all your networking
parameters in the kernel parmfile you'll be writing to tape, which means you
won't be prompted for them by the installation script.  So, if you're like
most people, and you wind up going through the install process more than
once (or twice, or 10 times), it'll save you a lot of typing, and therefore
save you from a lot of typos.

Mark Post

-Original Message-
From: Makhijani, Beena [mailto:[EMAIL PROTECTED]]
Sent: Thursday, April 25, 2002 10:04 PM
To: [EMAIL PROTECTED]
Subject: Red Hat 7.2 - install by tape?


Hi,

I am new to Linux (and UNIX) but need to do a proof-of-concept for using
Linux on S390 for file and print serving.  I was planning to use Red Hat 7.2
as that seems to be the only free downloadable commerical distribution with
the 2.4 kernel.  However, when browsing through the "Offical Red Hat Linux
for S390 Installation Guide" and the README file, I do not see any mention
of installing by tape.  Both the SuSE and TurboLinux manuals gave clear
instructions on how to do this.  Can I use tape to install Red Hat 7.2?  Is
there better documentation out there for Red Hat 7.2?  The Red Hat manual
does not appear to be as clear as the other vendors'.

>From reading through the archives, I also got the impression that the Red
Hat distribution is missing drivers for OSA and 3490/3590 tape drives and
that its installation is not as easy as SuSE's.  Is that so?  Any comments
comparing Red Hat's and SuSE's installation would also be appreciated.

Thanks,
Beena

Re: Intrusion Detection Software

[A. Harry Williams]

On Thu, 25 Apr 2002 21:49:24 -0400 Post, Mark K said:
>Craig,
>It's used with a firewall, not in place of.  A firewall is intended to keep
>the bad guys out in the first place.  An IDS is designed to figure out that
>they got in anyway, and tell you what it was they messed with while they
>were there.  Tripwire for instance keeps track of file sizes, dates (and I
>think a checksum) of important system files.  If one of those attributes
>changes from one daily scan to the next, it tells you there's a problem.

Yup.  Based on a question I was asked offline, I think I may been
too circumspect in my statements.  I was vague because I don't
remember the details.  Mike briefly talked to me about it about 3
weeks ago while we were talking about something else.  My fuzzy
rememberance was that some of the defaults were more for a dedicated
machine, ala the recent discussion about memory size.  The checksums
also are a little compute bound too.

For the record, since I haven't seen it mentioned, there are 2 versions
of tripwire.  The commercial version at www.tripwire.com and the
Opensource version for Linux at www.tripwire.org.

>Mark Post
/ahw

network problems during installation

[Tim-Chr. Hanschen]

Hi folks,

I have a problem when installing SLES7. The installation routine cannot
connect to our network, when selecting Gigabit Ethernet at the beginning of
the installation, so I tried to install without network.

I am afraid that I have to setup the network manually. First of all I tried
to load the qdio:

SuSE:/ # insmod qdio
Using /lib/modules/2.4.5-SuSE/misc/qdio.o
qdio: loading QDIO base support ($Revision: 1.40 $/$Revision: 1.22 $)
debug: reserved 1 areas of 4 pages for debugging qdio_setup
debug: qdio_setup: new level 2
debug: reserved 2 areas of 4 pages for debugging qdio_labs
debug: qdio_labs: new level 2
debug: reserved 1 areas of 2 pages foer debugging qdio_sense
debug: qdio_sense: new level 2
debug: reserved 2 areas of 4 pages for debugging qdio_trace
debug: qdio_trace: new level 2

It seems that the driver has been loaded. After that I tried to load the
qeth modul:

SuSE:/# insmod qeth qeth_options=noautop,0x35a0,0x35a1,0x35a2,portname:OSAE
Using /lib/modules/2.4.5-SuSE/net/qeth.o
/lib/modules/2.4.5-SuSE/net/qeth.o: invalid parameter parm_qeth

What is the problem? I installed the first SuSE GA months ago and as far as
I remember it worked that way.

TIA,
  - Tim -

Sar logfiles

[Moloko Monyepao]

Where can I get the command that create the daily sar files that gets stored in  
/var/log/sa/ . I want to change this command to monitor my system at certain times 
only so that I can pull out the stats to check the perfomance of my system. Detail 
information of where I can get this scripts and commands that create this files could 
be highly appreciated. One last thing how can I get sar to monitor my sendmail 
processes (eg using sar -x pid command), Is this possible, if yes how can I do do that.

Thanx
Moloko

AW: network problems during installation

[Matthias Wittpoth]

Tim,

maybe your problems with the installation routine could be fixed with this
workaround:

in the installationsystem enter the QETH parameters

0x35a0,0x35a1,0x35a2;add_parms,0x10,portname:OSAE

next question  "Do you have OSE Express microcode level 0146 or higher?"
please answer with "n"
There is a fix for the installationsystem available at SuSE.

Is the portname ok? Matching with portname in os/390 ?

Matthias
> -Ursprüngliche Nachricht-
> Von:  Tim-Chr. Hanschen [SMTP:[EMAIL PROTECTED]]
> Gesendet am:  Freitag, 26. April 2002 07:33
> An:   [EMAIL PROTECTED]
> Betreff:  network problems during installation
> 
> Hi folks,
> 
> I have a problem when installing SLES7. The installation routine cannot
> connect to our network, when selecting Gigabit Ethernet at the beginning
> of
> the installation, so I tried to install without network.
> 
> I am afraid that I have to setup the network manually. First of all I
> tried
> to load the qdio:
> 
> SuSE:/ # insmod qdio
> Using /lib/modules/2.4.5-SuSE/misc/qdio.o
> qdio: loading QDIO base support ($Revision: 1.40 $/$Revision: 1.22 $)
> debug: reserved 1 areas of 4 pages for debugging qdio_setup
> debug: qdio_setup: new level 2
> debug: reserved 2 areas of 4 pages for debugging qdio_labs
> debug: qdio_labs: new level 2
> debug: reserved 1 areas of 2 pages foer debugging qdio_sense
> debug: qdio_sense: new level 2
> debug: reserved 2 areas of 4 pages for debugging qdio_trace
> debug: qdio_trace: new level 2
> 
> It seems that the driver has been loaded. After that I tried to load the
> qeth modul:
> 
> SuSE:/# insmod qeth
> qeth_options=noautop,0x35a0,0x35a1,0x35a2,portname:OSAE
> Using /lib/modules/2.4.5-SuSE/net/qeth.o
> /lib/modules/2.4.5-SuSE/net/qeth.o: invalid parameter parm_qeth
> 
> What is the problem? I installed the first SuSE GA months ago and as far
> as
> I remember it worked that way.
> 
> TIA,
>   - Tim -