We are running zVM on z900 box and going to let vswitch work in ethernet mode
(layer2). But it seems didn't work. I suspect the OSA adapter may not support
this function. Do you have any idea or suggestion? Thanks!
The message I got:
portname: UNASSIGNED RDEV: F320 Controller: NONE Error
I seem to remember a thread from long ago that discussed
"unchangeable defaults". :-)
Original message
>Date: Thu, 17 Sep 2009 17:18:30 -0400
>From: Alan Altmark
>Subject: Re: TDISK and SYSTEM CONFIG question.
>To: IBMVM@LISTSERV.UARK.EDU
>
>On Thursday, 09/17/2009 at 04:00
Well, there is precedence here of VM dev fixing things that are too large/too
much that take down VM
See VM64461 and VM6
I'll probably look into the possibility of a vmsecure exit to add a safety to
my gun for now.
Marcy
"This message may contain confidential and/or privileged informatio
On Sep 17, 2009, at 5:36 PM, David Boyes wrote:
Whether it should march off a cliff without at least questioning the
order
is the question at hand.
Of course it should.
Yes, my Unix is showing.
Adam
I stand corrected. I guess it is true what they say about memory as one ages.
Near-term is the first to go; long term stays around a little longer. I
haven't used T-disks for a long, long time. If I read the doc correctly, if you
are using FBA disks, only the first 8 blocks are cleared if you h
On 9/17/09 2:16 PM, "Adam Thornton" wrote:
> "Administrator typo" is not a failure mode the operating system is
> designed to protect you from.
That may be true now, but I think the point of the argument is that it
should not be.
On VMS, if you have a SYSTEM priv bit set, the system will sti
On 9/17/09 5:18 PM, "Alan Altmark" wrote:
> If I get my way, ENABLE CLEAR_TDISK will become the default and you won't
> be able to change it. :-)
Want a requirement? 8-)
-- db
On Thursday, 09/17/2009 at 05:20 EDT, Gonen Shoham
wrote:
> I cannot use a tape for this.
>
> I need it to work like TRAN RDR except that I do not have the ability to
> get the privilege required...
If you don't have the needed privileges, then you are not permitted to
send files that appear t
On Thursday, 09/17/2009 at 04:00 EDT, "Gentry, Stephen"
wrote:
> As mentioned in my question below, we have to format the defined temp
> minidisk every time. So, from that point of view, the data is gone. I
> didn't think of the DDR situation. However, a class G user would have to
> know where t
I cannot use a tape for this.
I need it to work like TRAN RDR except that I do not have the ability to
get the privilege required...
-Original Message-
From: The IBM z/VM Operating System [mailto:ib...@listserv.uark.edu] On
Behalf Of Kris Buelens
Sent: Thursday, September 17, 2009 10:5
Cross-posted to Linux-390, IBMVM, and IBM-MAIN
I've received three more Linux and z/VM presentations. Thanks to all the
speakers that have contributed.
Session Presenter Title
9137Rick Barlow Virtual Linux Server Disaster Recovery Planning
9153Rick Barlow z/VM Good
As far as I know, without Clear_Tdisk, CP still formats the first cylinder
of a T-disk, so ACCESS will always fail even if you'd get a T-disk at the
same place as the previous user. But, with DDR or alike one could still
find raw data on other cylinders.
With Clear-Tdisk enabled, CP will format al
If you have VSSI's VTAPE product, you can use VTAPE for the SPXTAPE, assuming
you are using a fairly recent build.
Regards,
Richard Schuh
From: The IBM z/VM Operating System [mailto:ib...@listserv.uark.edu] On Behalf
Of Kris Buelens
Sent: Thursday, Septembe
The simplest mode of recovering data from a T-disk in CMS requires only that
the starting cylinder be the same as it was for the previous user. If you are
in a shop that does not have Clear_Tdisk enabled, simply ACCESS the disk when
you define it. If the ACCESS works, you are in, you have access
On Sep 17, 2009, at 1:58 PM, Bill Holder wrote:
I'd agree with that point in cases where it's less clear, but in
this case, it's perfectly clear that the user action would have
been harmless if not for the administrator typo
Yabbut
"Administrator typo" is not a failure mode the operating
As mentioned in my question below, we have to format the defined temp
minidisk every time. So, from that point of view, the data is gone. I
didn't think of the DDR situation. However, a class G user would have to
know where the T-DISK area is defined. They cannot issue a QUERY ALLOC
TDISK or QUER
I doubt that COPYRDR keeps *all* the properties, e.g. creation time will be
changed.
For an exact copy: SPXTAPE to dump the RDR file to tape, then restore on the
target system.
If you only need to set the origin userid: use Diagnose D4 to set the
alternate userid of the copying user to the sender'
FYI, the system in question had about 175GB of page space - 22 mod 9s.
Currently the system does NO paging. All the guests fit within real
storage. (Of course there will eventually be more guests on that LPAR,
so sooner or later we'll start to page.)
Lee
Rob van der Heij wrote:
On Thu, Sep
On Thu, Sep 17, 2009 at 10:58 AM, Bill Holder wrote:
> I'd agree with that point in cases where it's less clear, but in
> this case, it's perfectly clear that the user action would have
> been harmless if not for the administrator typo. I don't disagree
> that more protection at the user action l
Without CLEAR_Tdisk enabled, whatever data the last user stored in
T-DISK space is still present when it is allocated to the next user. To
successfully use the space with CMS you will most likely have to format
it, unless the boundaries of your TDISK allocation exactly overlay the
previous user
Why is there a Clear_Tdisk option? Because not clearing T-disk poses a security
problem. There is no such problem with V-disk.
Regards,
Richard Schuh
> -Original Message-
> From: The IBM z/VM Operating System
> [mailto:ib...@listserv.uark.edu] On Behalf Of Gentry, Stephen
> Sent: T
I guess I should have read Richard's response closer. So, I'll echo Dennis's
question as well.
What security problem?
We do not have CLEAR_TDisk enabled. Every time we define a t-disk, it HAS to
be formatted, no exceptions.
Steve
-Original Message-
From: The IBM z/VM Operating System [
What "security problems" in T-Disk? If you enable Clear_TDisk, there's no
security problem. Even if the system crashes while confidential data is on a
T-disk, it's cleared at IPL time before the T-disk space is eligible to be
given to users.
De
Hi
I have the COPYRDR exec (from long time ago) which sends RDR file from one
machine to another - keeping ALL the original RDR file properties.
I found out that the USER which sent the original RDR file is not kept when the
RDR is copied to another user.
Can someone suggest a better way
I'd agree with that point in cases where it's less clear, but in
this case, it's perfectly clear that the user action would have
been harmless if not for the administrator typo. I don't disagree
that more protection at the user action level would be nice in
this case, that's really different disc
I don't think you can differentiate between the root cause and the immediate
cause when it comes to security and integrity. You may not necessarily be able
to detect the root cause, but you must protect the system against the immediate
cause if at all possible.
Regards,
Richard Schuh
> --
Sure, true enough, but the exposure was not caused by the guest
action. Yes, it wouldn't have happened had the guest not logged
on an IPLed, but that wasn't the root cause, the typo was.
The action of the class G user didn't cause the problem, therefore
it's not a Denial of Service attack case. N
An IPL isn't an action? True, the guest was not aware that it would harm the
system, but absent that action by the guest, there would not have been a
problem. The guest was an unwitting agent, a part of a bot net, as it were.
Regards,
Richard Schuh
> -Original Message-
> From: The
On Thu, Sep 17, 2009 at 6:34 PM, Bill Holder wrote:
> Occurrences of this sort of problem are likely to result in temporary
> or permanent hangs of both individual users and eventually the entire
> system, which supports the theory in this case. I'd really need to
> see a dump of the system in q
It sounds very similar in symptom to my minidisk cache overcommitment
problem that resulted in CP thrashing (and an APAR).
-Original Message-
From: The IBM z/VM Operating System [mailto:ib...@listserv.uark.edu] On
Behalf Of Bill Holder
Sent: Thursday, September 17, 2009 12:34 PM
To: IBMVM@
I should point out that this hang is likely being misunderstood here.
While this scenario will indeed drive paging over the edge, that's not
likely what happened. If paging had been driven to that point, the
system would have quickly taken a PGT004 abend and restarted. Instead,
I believe
No, not at all, that's not what I was saying; what you propose would
obviously be an exposure. A privileged user (operations staff) can issue
that today. Putting a loaded gun in the hands of a class G user is not a
t
all the same thing. Anything a user at a keyboard can do, a guest progra
m
can
On Thu, Sep 17, 2009 at 9:14 AM, Bill Holder wrote:
> I don't entirely agree. The action of the guest did not cause harm
> to CP, it was the action of the operations staff which did. This
> is not a denial of service case that I can see.
Hm. So by that rationale, we can make STORE H class G, be
I don't entirely agree. The action of the guest did not cause harm
to CP, it was the action of the operations staff which did. This
is not a denial of service case that I can see.
Bill Holder
z/VM Development, Memory Management team leader, IBM
On Tue, 15 Sep 2009 09:59:09 -0700, Schuh, Richard
If you have the page space to support it, you can get by without TDSK space by
using V-disk. It is always cleared very quickly, by CP, before it is used and
does not pose the security problems that you find in T-disk. A large V-disk is
also faster to format than is a T-disk of equal capacity.
R
35 matches
Mail list logo