On Friday, 03/20/2009 at 01:13 EDT, Jim Bohnsack <[email protected]> wrote: > I have a dumb question and a long posting. Sorry. We have SSLSERV > working on our 2nd lvl z/VM 5.4 system, the one I loaded from the IBM > DDR. I always bring up a new release on a 2nd level id and then move > code piece by piece to our production systems. Almost everything is > moved, but I am up against a brick wall with SSLSERV. I think it is a > problem with BFS and my total lack of knowledge about BFS. I've never > used BFS, so I suspect that I'm just missing something very obvious to > anyone who knows anything at all about BFS. > > The GSKADMIN and SSLSERV userid's are defined along with the RACF > SECURITY class as it was in the RACF db from IBM. GSKADMIN and SSLSERV > are connected to SECURITY. I've done the "rac alu sslserv ovm(uid(7))", > "rac alu gskadmin ovm(uid(6))", and "rac alg security ovm(gid(7))". The > directory entries for GSKADMIN and SSLSERV have the following POSIXINFO > entries, respectively: > POSIXINFO UID 6 GNAME security > POSIXINFO UID 7 GNAME security
Just as a reminder: Did you update HCPRWA to specify ICHNGMAX value > 0? If you didn't, RACF is not in charge of POSIX UID/GIDs. > Where I seem to be having a problem is in following the step by step > procedures in chapter 20 of TCP/IP Plng and Cust. Step 4B sends me to > Ch 15 of the TCPIP LDAP Admin. Guide. When I logon to GSKADMIN to use > GSKKYMAN to create a new database, I get the messages: > Profile..: Mounting root file system... > Profile..: Mounting GSKSSLDB file space at: /etc/gskadm/ > Object does not exist: '/etc/gskadm/' > Profile--> Unexpected error from command: > OPENVM MOUNT /../VMBFS:VMSYS:GSKSSLDB/ /etc/gskadm/ > Profile..: RC = 28 > Ready; T=0.04/0.07 09:16:20 > > which I guess are reasonable because I haven't created the database yet. No, not reasonable. It's not going after files, it's going after directories that were created by LOADBFS. Since it works on your 2nd level system, I would guess that you didn't import the GSKSSLDB and SSLSERV filespaces into your first-level VMSYS filepool via FILEPOOL UNLOAD and FILEPOOL RELOAD. Alan Altmark z/VM Development IBM Endicott
