Re: How to signal a Linux guest from z/VM?
If anyone else needs it, C code for Malcolm Beattie's ext-int kernel module to process external interrupts is in IBM's Redbook Large Scale Linux Deployment at http://www.redbooks.ibm.com/abstracts/sg246824.html Using the ext_int module, you can send a signal to a specified process upon receiving an external interrupt of a specific type. When loaded, the ext_int module requires three parameters: code The hexadecimal external interrupt number to listen for pid The process to notify upon receiving the external interrupt code sig The UNIX signal to send to pid For instance, to send UNIX signal 10 to process with pid number 1234 upon receiving external interrupt 0x1243, use: insmod -o ext1234 ext_int code=0x1234 pid=789 sig=10 To unload the module, use: rmmod ext1234 Date: Wed, 6 Sep 2006 09:02:02 -0400 From: Romanowski, John (OFT) [EMAIL PROTECTED] Subject: How to signal a Linux guest from z/VM? From z/VM I'd like to signal a SLES 9 guest somehow and have the guest respond by running a shell script (CP SIGNAL SHUTDOWN is not what I want to do). I don't want to use SECUSER and CP SEND, my Linux console isn't at a shell prompt, it's at the Login: prompt. Does Linux have a facility to process external interrupts sent via the CP EXTERNAL command? This e-mail, including any attachments, may be confidential, privileged or otherwise legally protected. It is intended only for the addressee. If you received this e-mail in error or from someone who was not authorized to send it to you, do not disseminate, copy or otherwise use this e-mail or its attachments. Please notify the sender immediately by reply e-mail and delete the e-mail from your system. -- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
Re: How to signal a Linux guest from z/VM?
On Wednesday, 09/06/2006 at 10:26 MST, Thomas Kern [EMAIL PROTECTED] wrote: That's why I like using something internal to the zSeries for zSeries communications and automation. The source of the data can be trusted to not be spoofed so you can authenticate that against a table of authorized users and be safe. With the VMCF protocal (SMSG is just a commandline SENDX, right?) and the IUCV protocal, CP handles the sizing of the data before the Linux code would ever see it, leaving application developers to look elsewhere to code their buffer overrun vulernabilities. It is unsniffable by the network spies so there is no need for fancy CPU intensive encryption with public/private key management. Careful! For multiuser operating systems, you can identify the guest, but you cannot identify the user. So you have to take steps in the guest to ensure that only authorized users are allowed to send commands. Look at hcp/vmcp for example. That's a command that should be limited to specific trusted Linux users. If you don't then the integrity of the guest becomes suspect. Alan Altmark z/VM Development IBM Endicott -- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
Re: How to signal a Linux guest from z/VM?
I was talking about the source of the SMSG that has arrived at my Linux service virtual machine. Sources like OPERATOR, MAINT, VMUTIL, not the anonymous userids (HACKER1, HACKER2, HACKER3) that are on the less properly administrated systems. Inside the Linux service virtual machine, there are also no HACKER1, HACKER2 or HACKER3 userids, not even development userids. All of those insecure users have their own linux or windows systems to corrupt. Is hcp/vmcp anymore sensitive in a class G (or less) linux service virtual machine than 'shutdown -h now'? Does anyone really let untrusted users have root access in production service virtual machines? /Tom Kern -- Careful! For multiuser operating systems, you can identify the guest, but you cannot identify the user. So you have to take steps in the guest to ensure that only authorized users are allowed to send commands. Look at hcp/vmcp for example. That's a command that should be limited to specific trusted Linux users. If you don't then the integrity of the guest becomes suspect. Alan Altmark z/VM Development IBM Endicott -- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
Re: How to signal a Linux guest from z/VM?
Thomas Kern wrote: Is hcp/vmcp anymore sensitive in a class G (or less) linux service virtual machine than 'shutdown -h now'? Does anyone really let untrusted users have root access in production service virtual machines? Untrusted users may still issue cp commands, if the admin of the guest machine lets them do that. sudo is the tool of choice to allow user tapeman to attach and detach his tape drive while keeping him from all the other stuff one can do with the cp command interface. cheers, Carsten -- Carsten Otte has stopped smoking: Ich habe in 3 Monate, 1 Woche und 6 Tage schon 508,55 Euro gespart anstatt 2.118,96 Zigaretten zu kaufen. -- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
Re: How to signal a Linux guest from z/VM?
On 9/7/06, Thomas Kern [EMAIL PROTECTED] wrote: Is hcp/vmcp anymore sensitive in a class G (or less) linux service virtual machine than 'shutdown -h now'? Does anyone really let untrusted users have root access in production service virtual machines? If the question is whether someone with root access in your class G virtual machine can do any harm, I believe the answer should be yes. If your Linux server is connected to the Internet, there's always the risk that someone with less friendly intentions gets root access. If you run Linux virtual machines for customers, that's often even part of the arrangement with that customer. Although I have not had time to update my Redpaper with the latest stuff, it may still be useful to explain the strategy of reducing the CP privileges of the virtual machine to a minimum. That way you limit the possible damage to the compromised server only. http://www.redbooks.ibm.com/abstracts/redp3870.html Rob Rob -- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
Re: How to signal a Linux guest from z/VM?
Thomas Kern wrote: That's why I like using something internal to the zSeries for zSeries communications and automation. The source of the data can be trusted to not be spoofed so you can authenticate that against a table of authorized users and be safe. With the VMCF protocal (SMSG is just a commandline SENDX, right?) and the IUCV protocal, CP handles the sizing of the data before the Linux code would ever see it, leaving application developers to look elsewhere to code their buffer overrun vulernabilities. It is unsniffable by the network spies so there is no need for fancy CPU intensive encryption with public/private key management. I was thinking of something slippery like an ampersand, which might be bad if fed unchecked to a shell commandline. I don't think CP's idea of safe characters is quite he same as Unix's. /Tom Kern --- John Summerfied [EMAIL PROTECTED] wrote: Looks like I need to fix myself:-) Dave Jones wrote: As Dr. Boyes suggests, using the open source IUCV driver is a very good way of solving this type of problem. You can find it here: http://www.sinenomine.net/vm/fsiucv Another approach that might be applicable here is to have a simple client, running on the Linux guest, and listening on a specific TCP port. A server, running on VM, can then connect to the client and send the client any number of Linux commands to execute. The client executes the commands Carefully, one hopes. We don't want this sort of thing getting out of hand again (like rsh and any number of web apps), trusting user data and so allowing unauthorised folk to do unauthorised things (and that included authorised folk exceeding their authorisation). -- Cheers John __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com -- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 -- Cheers John -- spambait [EMAIL PROTECTED] [EMAIL PROTECTED] Tourist pics http://portgeographe.environmentaldisasters.cds.merseine.nu/ Please do not reply off-list -- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
How to signal a Linux guest from z/VM?
From z/VM I'd like to signal a SLES 9 guest somehow and have the guest respond by running a shell script (CP SIGNAL SHUTDOWN is not what I want to do). I don't want to use SECUSER and CP SEND, my Linux console isn't at a shell prompt, it's at the Login: prompt. Does Linux have a facility to process external interrupts sent via the CP EXTERNAL command? This e-mail, including any attachments, may be confidential, privileged or otherwise legally protected. It is intended only for the addressee. If you received this e-mail in error or from someone who was not authorized to send it to you, do not disseminate, copy or otherwise use this e-mail or its attachments. Please notify the sender immediately by reply e-mail and delete the e-mail from your system. -- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
Re: How to signal a Linux guest from z/VM?
On 9/6/06, Romanowski, John (OFT) [EMAIL PROTECTED] wrote: I don't want to use SECUSER and CP SEND, my Linux console isn't at a shell prompt, it's at the Login: prompt. You could change inittab and make sure there is a running shell at the console.. And I suppose you don't want to use rexec and friends either? Does Linux have a facility to process external interrupts sent via the CP EXTERNAL command? I think Neale did that code back then before z/VM got the support for signal shutdown. With the current kernel you would write your own driver and use register_external_interrupt to have your handler pick up the interrupt. Note that you don't have anything but the number of the signal, no parameters. Rob -- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
Re: How to signal a Linux guest from z/VM?
I don't know enough C to write the driver. The signal number's all I need, just looking to invent a button that does a pre-defined action when pushed. I was thinking I could use the hotplug system but I don't think hotplug gets triggered when I attach/define a device to the guest. This e-mail, including any attachments, may be confidential, privileged or otherwise legally protected. It is intended only for the addressee. If you received this e-mail in error or from someone who was not authorized to send it to you, do not disseminate, copy or otherwise use this e-mail or its attachments. Please notify the sender immediately by reply e-mail and delete the e-mail from your system. -Original Message- From: Linux on 390 Port [mailto:[EMAIL PROTECTED] On Behalf Of Rob van der Heij Sent: Wednesday, September 06, 2006 9:16 AM To: LINUX-390@VM.MARIST.EDU Subject: Re: How to signal a Linux guest from z/VM? Does Linux have a facility to process external interrupts sent via the CP EXTERNAL command? I think Neale did that code back then before z/VM got the support for signal shutdown. With the current kernel you would write your own driver and use register_external_interrupt to have your handler pick up the interrupt. Note that you don't have anything but the number of the signal, no parameters. Rob -- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 -- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
Re: How to signal a Linux guest from z/VM?
I have suggested before that a Linux service virtual machine should have a facility to accept SMSGs, validate the origin against an authorized user list and process the content appropriately for that SVM. The response has generally been that is a dinosaur-style mainframe thing that doesn't belong in Linux. The real Linux way is to be a real operator and ssh into your Linux system and issue the commands manually or script the whole process in the linux system that you use to run your complex (usually your own linux workstation). /Tom Kern Date: Wed, 6 Sep 2006 09:02:02 -0400 From: Romanowski, John (OFT) [EMAIL PROTECTED] Subject: How to signal a Linux guest from z/VM? From z/VM I'd like to signal a SLES 9 guest somehow and have the guest respond by running a shell script (CP SIGNAL SHUTDOWN is not what I want to do). I don't want to use SECUSER and CP SEND, my Linux console isn't at a shell prompt, it's at the Login: prompt. Does Linux have a facility to process external interrupts sent via the CP EXTERNAL command? -- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
Re: How to signal a Linux guest from z/VM?
Use the IUCV driver Neale developed. There is an application supplied with it that lets Linux listen to *MSG and either write it to stdout or syslog. Then you can just TELL the Linux guest, and you do the automation where you chose to write the output from *MSG. You also get the ability to connect to any other CP IUCV service, both read and write. David Boyes Sine Nomine Associates -Original Message- From: Linux on 390 Port [mailto:[EMAIL PROTECTED] On Behalf Of Romanowski, John (OFT) Sent: Wednesday, September 06, 2006 9:16 AM To: LINUX-390@VM.MARIST.EDU Subject: How to signal a Linux guest from z/VM? From z/VM I'd like to signal a SLES 9 guest somehow and have the guest respond by running a shell script (CP SIGNAL SHUTDOWN is not what I want to do). I don't want to use SECUSER and CP SEND, my Linux console isn't at a shell prompt, it's at the Login: prompt. Does Linux have a facility to process external interrupts sent via the CP EXTERNAL command? -- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
Re: How to signal a Linux guest from z/VM?
On Wednesday 06 September 2006 15:33, Romanowski, John (OFT) wrote: I was thinking I could use the hotplug system but I don't think hotplug gets triggered when I attach/define a device to the guest. Hotplug (or udev) gets triggered when you define/attach/detach a device. Although it is not the nicest way of signalling, yes you could abuse hotplug or udev to trigger an action (e.g. by defining a virtual ctc device and intercepting this with hotplug or udev). -- Mit freundlichen Grüßen / Best Regards Christian Borntraeger Linux Software Engineer zSeries Linux Virtualization -- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
Re: How to signal a Linux guest from z/VM?
On 9/6/06, Christian Borntraeger [EMAIL PROTECTED] wrote: Hotplug (or udev) gets triggered when you define/attach/detach a device. Although it is not the nicest way of signalling, yes you could abuse hotplug or udev to trigger an action (e.g. by defining a virtual ctc device and intercepting this with hotplug or udev). Eeks! That's ugly... Another reason to become more familiar with udev ;-) -- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
Re: How to signal a Linux guest from z/VM?
As Dr. Boyes suggests, using the open source IUCV driver is a very good way of solving this type of problem. You can find it here: http://www.sinenomine.net/vm/fsiucv Another approach that might be applicable here is to have a simple client, running on the Linux guest, and listening on a specific TCP port. A server, running on VM, can then connect to the client and send the client any number of Linux commands to execute. The client executes the commands and routes the responses back to the server, sort of like rsh. However, things like encryption of the data sent and authentication of the server can easily been done with this framework. I have an example set of code for both the client and the server here, if anybody's really interested. Have a good one. DJ David Boyes wrote: Use the IUCV driver Neale developed. There is an application supplied with it that lets Linux listen to *MSG and either write it to stdout or syslog. Then you can just TELL the Linux guest, and you do the automation where you chose to write the output from *MSG. You also get the ability to connect to any other CP IUCV service, both read and write. David Boyes Sine Nomine Associates -Original Message- From: Linux on 390 Port [mailto:[EMAIL PROTECTED] On Behalf Of Romanowski, John (OFT) Sent: Wednesday, September 06, 2006 9:16 AM To: LINUX-390@VM.MARIST.EDU Subject: How to signal a Linux guest from z/VM? From z/VM I'd like to signal a SLES 9 guest somehow and have the guest respond by running a shell script (CP SIGNAL SHUTDOWN is not what I want to do). I don't want to use SECUSER and CP SEND, my Linux console isn't at a shell prompt, it's at the Login: prompt. Does Linux have a facility to process external interrupts sent via the CP EXTERNAL command? -- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 -- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
Re: How to signal a Linux guest from z/VM?
Thank you; I'll investigate using hotplug/udev. It's already installed, I'd just have to write a udev rule and the script. But if hotplug gets triggered when I attach a dasd why is it only some dasd addresses get automatically enabled and appear as /dev/dasd? after I attach one while Linux is running? Is the hotplug action limited to only the dasd addresses defined on the kernel parameter line, like dasd=200-20F ? This e-mail, including any attachments, may be confidential, privileged or otherwise legally protected. It is intended only for the addressee. If you received this e-mail in error or from someone who was not authorized to send it to you, do not disseminate, copy or otherwise use this e-mail or its attachments. Please notify the sender immediately by reply e-mail and delete the e-mail from your system. -Original Message- From: Linux on 390 Port [mailto:[EMAIL PROTECTED] On Behalf Of Christian Borntraeger Sent: Wednesday, September 06, 2006 9:57 AM To: LINUX-390@VM.MARIST.EDU Subject: Re: How to signal a Linux guest from z/VM? On Wednesday 06 September 2006 15:33, Romanowski, John (OFT) wrote: I was thinking I could use the hotplug system but I don't think hotplug gets triggered when I attach/define a device to the guest. Hotplug (or udev) gets triggered when you define/attach/detach a device. Although it is not the nicest way of signalling, yes you could abuse hotplug or udev to trigger an action (e.g. by defining a virtual ctc device and intercepting this with hotplug or udev). -- Mit freundlichen Grüßen / Best Regards Christian Borntraeger Linux Software Engineer zSeries Linux Virtualization -- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 -- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
Re: How to signal a Linux guest from z/VM?
On Wednesday 06 September 2006 16:02, Rob van der Heij wrote: Eeks! That's ugly... Another reason to become more familiar with udev ;-) Welcome to the Dark Side of the Force. ;-) Actually current udev versions are really powerful and flexible. The only problem is that the version, flexibility and syntax really differs from distro to distro, so you have to learn different udevs. And, no, I do not suggest to use udev+machine checks for guest signalling in an production environment. I just looks dirty :-) -- Mit freundlichen Grüßen / Best Regards Christian Borntraeger Linux Software Engineer zSeries Linux Virtualization -- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
Re: How to signal a Linux guest from z/VM?
Thank you for your suggestion. Our VM TCPIP isn't reachable from the Linux network; can't use TCPIP from my z/VM to connect to a linux guest. This e-mail, including any attachments, may be confidential, privileged or otherwise legally protected. It is intended only for the addressee. If you received this e-mail in error or from someone who was not authorized to send it to you, do not disseminate, copy or otherwise use this e-mail or its attachments. Please notify the sender immediately by reply e-mail and delete the e-mail from your system. -Original Message- From: Linux on 390 Port [mailto:[EMAIL PROTECTED] On Behalf Of Dave Jones Sent: Wednesday, September 06, 2006 10:11 AM To: LINUX-390@VM.MARIST.EDU Subject: Re: How to signal a Linux guest from z/VM? As Dr. Boyes suggests, using the open source IUCV driver is a very good way of solving this type of problem. You can find it here: http://www.sinenomine.net/vm/fsiucv Another approach that might be applicable here is to have a simple client, running on the Linux guest, and listening on a specific TCP port. A server, running on VM, can then connect to the client and send the client any number of Linux commands to execute. The client executes the commands and routes the responses back to the server, sort of like rsh. However, things like encryption of the data sent and authentication of the server can easily been done with this framework. I have an example set of code for both the client and the server here, if anybody's really interested. Have a good one. DJ David Boyes wrote: Use the IUCV driver Neale developed. There is an application supplied with it that lets Linux listen to *MSG and either write it to stdout or syslog. Then you can just TELL the Linux guest, and you do the automation where you chose to write the output from *MSG. You also get the ability to connect to any other CP IUCV service, both read and write. David Boyes Sine Nomine Associates -Original Message- From: Linux on 390 Port [mailto:[EMAIL PROTECTED] On Behalf Of Romanowski, John (OFT) Sent: Wednesday, September 06, 2006 9:16 AM To: LINUX-390@VM.MARIST.EDU Subject: How to signal a Linux guest from z/VM? From z/VM I'd like to signal a SLES 9 guest somehow and have the guest respond by running a shell script (CP SIGNAL SHUTDOWN is not what I want to do). I don't want to use SECUSER and CP SEND, my Linux console isn't at a shell prompt, it's at the Login: prompt. Does Linux have a facility to process external interrupts sent via the CP EXTERNAL command? -- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 -- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 -- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
Re: How to signal a Linux guest from z/VM?
Looks dirty? wasn't there some discussion here a few weeks ago about using a laptop with an IBM disk motion-sensitivity feature so one could tap on the laptop to trigger scripts on linux? This e-mail, including any attachments, may be confidential, privileged or otherwise legally protected. It is intended only for the addressee. If you received this e-mail in error or from someone who was not authorized to send it to you, do not disseminate, copy or otherwise use this e-mail or its attachments. Please notify the sender immediately by reply e-mail and delete the e-mail from your system. -Original Message- From: Linux on 390 Port [mailto:[EMAIL PROTECTED] On Behalf Of Christian Borntraeger Sent: Wednesday, September 06, 2006 10:19 AM To: LINUX-390@VM.MARIST.EDU Subject: Re: How to signal a Linux guest from z/VM? On Wednesday 06 September 2006 16:02, Rob van der Heij wrote: Eeks! That's ugly... Another reason to become more familiar with udev ;-) Welcome to the Dark Side of the Force. ;-) Actually current udev versions are really powerful and flexible. The only problem is that the version, flexibility and syntax really differs from distro to distro, so you have to learn different udevs. And, no, I do not suggest to use udev+machine checks for guest signalling in an production environment. I just looks dirty :-) -- Mit freundlichen Grüßen / Best Regards Christian Borntraeger Linux Software Engineer zSeries Linux Virtualization -- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 -- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
Re: How to signal a Linux guest from z/VM?
I don't know enough C to write the driver. You don't need to. We already did (and it's general purpose for all CP message types). http://www.sinenomine.net/vm/fsiucv Have fun. -- db -- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
Re: How to signal a Linux guest from z/VM?
On Wednesday 06 September 2006 16:16, Romanowski, John (OFT) wrote: But if hotplug gets triggered when I attach a dasd why is it only some dasd addresses get automatically enabled and appear as /dev/dasd? after I attach one while Linux is running? Is the hotplug action limited to only the dasd addresses defined on the kernel parameter line, like dasd=200-20F ? The Linux kernel does not activate any new devices on s390 by default (its a long discussion why) These devices appear in sysfs (/sys/bus/ccw/devices/ and /sys/devices/css0/..) trigger a hotplug event and thats it. You can activate these device with scripts, or if hotplug is properly configured, hotplug can activate these devices (IIRC on SUSE the hwup script is called which checks the config files in /etc/sysconfig/hardware/) -- Mit freundlichen Grüßen / Best Regards Christian Borntraeger Linux Software Engineer zSeries Linux Virtualization -- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
Re: How to signal a Linux guest from z/VM?
Danke. I'll make an /events directory and watch for events to get logged and see what's happening. This e-mail, including any attachments, may be confidential, privileged or otherwise legally protected. It is intended only for the addressee. If you received this e-mail in error or from someone who was not authorized to send it to you, do not disseminate, copy or otherwise use this e-mail or its attachments. Please notify the sender immediately by reply e-mail and delete the e-mail from your system. -Original Message- From: Linux on 390 Port [mailto:[EMAIL PROTECTED] On Behalf Of Christian Borntraeger Sent: Wednesday, September 06, 2006 10:42 AM To: LINUX-390@VM.MARIST.EDU Subject: Re: How to signal a Linux guest from z/VM? On Wednesday 06 September 2006 16:16, Romanowski, John (OFT) wrote: But if hotplug gets triggered when I attach a dasd why is it only some dasd addresses get automatically enabled and appear as /dev/dasd? after I attach one while Linux is running? Is the hotplug action limited to only the dasd addresses defined on the kernel parameter line, like dasd=200-20F ? The Linux kernel does not activate any new devices on s390 by default (its a long discussion why) These devices appear in sysfs (/sys/bus/ccw/devices/ and /sys/devices/css0/..) trigger a hotplug event and thats it. You can activate these device with scripts, or if hotplug is properly configured, hotplug can activate these devices (IIRC on SUSE the hwup script is called which checks the config files in /etc/sysconfig/hardware/) -- Mit freundlichen Grüßen / Best Regards Christian Borntraeger Linux Software Engineer zSeries Linux Virtualization -- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 -- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
Re: How to signal a Linux guest from z/VM?
Is that why tape devices aren't enabled when they are attached? Christian Borntraeger wrote: On Wednesday 06 September 2006 16:16, Romanowski, John (OFT) wrote: But if hotplug gets triggered when I attach a dasd why is it only some dasd addresses get automatically enabled and appear as /dev/dasd? after I attach one while Linux is running? Is the hotplug action limited to only the dasd addresses defined on the kernel parameter line, like dasd=200-20F ? The Linux kernel does not activate any new devices on s390 by default (its a long discussion why) These devices appear in sysfs (/sys/bus/ccw/devices/ and /sys/devices/css0/..) trigger a hotplug event and thats it. You can activate these device with scripts, or if hotplug is properly configured, hotplug can activate these devices (IIRC on SUSE the hwup script is called which checks the config files in /etc/sysconfig/hardware/) -- Rich Smrcina VM Assist, Inc. Phone: 414-491-6001 Ans Service: 360-715-2467 rich.smrcina at vmassist.com Catch the WAVV! http://www.wavv.org WAVV 2007 - Green Bay, WI - May 18-22, 2007 -- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
Re: How to signal a Linux guest from z/VM?
Rich Smrcina wrote: Is that why tape devices aren't enabled when they are attached? Yes. -- Carsten Otte has stopped smoking: Ich habe in 3 Monate, 1 Woche und 6 Tage schon 504,10 Euro gespart anstatt 2.100,42 Zigaretten zu kaufen -- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
Re: How to signal a Linux guest from z/VM?
Dave Jones wrote: As Dr. Boyes suggests, using the open source IUCV driver is a very good way of solving this type of problem. You can find it here: http://www.sinenomine.net/vm/fsiucv Another approach that might be applicable here is to have a simple client, running on the Linux guest, and listening on a specific TCP port. A server, running on VM, can then connect to the client and send the client any number of Linux commands to execute. The client executes the commands Carefully, one hopes. We don't want this sort of thing getting out of hand again (like rsh and any number of web apps), trusting user data and so allowing unauthorised folk to do unauthorised things (and that included authorised folk exceeding their authorisation). -- Cheers John -- spambait [EMAIL PROTECTED] [EMAIL PROTECTED] Tourist pics http://portgeographe.environmentaldisasters.cds.merseine.nu/ Please do not reply off-list -- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
Re: How to signal a Linux guest from z/VM?
That's why I like using something internal to the zSeries for zSeries communications and automation. The source of the data can be trusted to not be spoofed so you can authenticate that against a table of authorized users and be safe. With the VMCF protocal (SMSG is just a commandline SENDX, right?) and the IUCV protocal, CP handles the sizing of the data before the Linux code would ever see it, leaving application developers to look elsewhere to code their buffer overrun vulernabilities. It is unsniffable by the network spies so there is no need for fancy CPU intensive encryption with public/private key management. /Tom Kern --- John Summerfied [EMAIL PROTECTED] wrote: Dave Jones wrote: As Dr. Boyes suggests, using the open source IUCV driver is a very good way of solving this type of problem. You can find it here: http://www.sinenomine.net/vm/fsiucv Another approach that might be applicable here is to have a simple client, running on the Linux guest, and listening on a specific TCP port. A server, running on VM, can then connect to the client and send the client any number of Linux commands to execute. The client executes the commands Carefully, one hopes. We don't want this sort of thing getting out of hand again (like rsh and any number of web apps), trusting user data and so allowing unauthorised folk to do unauthorised things (and that included authorised folk exceeding their authorisation). -- Cheers John __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com -- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
