On Friday, 03/20/2009 at 01:13 EDT, Jim Bohnsack <[email protected]> 
wrote:
> I have a dumb question and a long posting.  Sorry.  We have SSLSERV
> working on our 2nd lvl z/VM 5.4 system, the one I loaded from the IBM
> DDR.  I always bring up a new release on a 2nd level id and then move
> code piece by piece to our production systems.  Almost everything is
> moved, but I am up against a brick wall with SSLSERV.  I think it is a
> problem with BFS and my total lack of knowledge about BFS.  I've never
> used BFS, so I suspect that I'm just missing something very obvious to
> anyone who knows anything at all about BFS.
> 
> The GSKADMIN and SSLSERV userid's are defined along with the RACF
> SECURITY class as it was in the RACF db from IBM.  GSKADMIN and SSLSERV
> are connected to SECURITY.  I've done the "rac alu sslserv ovm(uid(7))",
> "rac alu gskadmin ovm(uid(6))", and "rac alg security ovm(gid(7))".  The
> directory entries for GSKADMIN and SSLSERV have the following POSIXINFO
> entries, respectively:
> POSIXINFO UID 6 GNAME security
> POSIXINFO UID 7 GNAME security

Just as a reminder: Did you update HCPRWA to specify ICHNGMAX value > 0? 
If you didn't, RACF is not in charge of POSIX UID/GIDs.

> Where I seem to be having a problem is in following the step by step
> procedures in chapter 20 of TCP/IP Plng and Cust.  Step 4B sends me to
> Ch 15 of the TCPIP LDAP Admin. Guide.  When I logon to GSKADMIN to use
> GSKKYMAN to create a new database, I get the messages:

> Profile..: Mounting root file system...
> Profile..: Mounting GSKSSLDB file space at: /etc/gskadm/
> Object does not exist: '/etc/gskadm/'
> Profile--> Unexpected error from command: 
> OPENVM MOUNT /../VMBFS:VMSYS:GSKSSLDB/ /etc/gskadm/
> Profile..: RC = 28
> Ready; T=0.04/0.07 09:16:20
> 
> which I guess are reasonable because I haven't created the database yet.

No, not reasonable.  It's not going after files, it's going after 
directories that were created by LOADBFS.  Since it works on your 2nd 
level system, I would guess that you didn't import the GSKSSLDB and 
SSLSERV filespaces into your first-level VMSYS filepool via FILEPOOL 
UNLOAD and FILEPOOL RELOAD.

Alan Altmark
z/VM Development
IBM Endicott

Reply via email to