David:
I am not familiar with the Linux IUCV driver you posted last week.
However, RACROUTE interfaces to SAF so an easy place to make the inteface
modifications you are suggesting will be the zOS SAF exit. From there,
security goes to RACF/TOP/ACF2 as usual.
I am afraid I am not a zVM guy either (except for using it in the 80's when
pr/sm was not a reality yet and I needed to run my test MVS system - also
as a PROFS/CMS user) so am I understanding correctly that you can issue
RACROUTE under CP/VM to zOS?
Regards,
[EMAIL PROTECTED]
NCCI
Boca Raton, Florida
561.893.2415
greetings / avec mes meilleures salutations / Cordialmente
mit freundlichen Grüßen / Med vänlig hälsning
David Boyes
<[EMAIL PROTECTED] To:
[email protected]
e.net> cc:
Sent by: Linux on Subject: Re: Supporting zLinux
390 Port
<[EMAIL PROTECTED]
IST.EDU>
08/22/2005 11:40
AM
Please respond to
Linux on 390 Port
> is there any option to eTrust (i.e. LDAP Server under zOS to
> interface to
> ACF2) that fit the LDAP model better than eTrust?
> or easier to implement than eTrust?
Not that I know of, although the Linux IUCV driver we posted last week
opens up a lot of interesting opportunities, such as connecting to the VM
*RPI CP service, allowing you to implement a Linux guest as a CP external
security manager. Once that's done (and the smart way to do it would be to
write a *RPI to PAM bridge widget), then any authentication/authorization
method available to Linux would be available for CP and Linux equally. This
would be particularly helpful if the RACROUTE macro also used that
interface
-- I don't know for certain if it does, but Alan Altmark can probably
confirm one way or another. If it does, then most of the IBM stuff would
also work properly against an arbitrary AAA source. I'm still thinking a
bit
more about how this should be done, so don't take this as gospel.
> One comment, I thought the conversation was around Omegamon
> for Linux (for z-Series). Then, Omegamon knows what is going
> on inside the Linux image.
Hmm. The demos of Omegamon for Linux I've seen were for running the
monitoring server on Linux. The agents they were demoing didn't do much
more
than 'top'. Sounds like it's time to look at it again. The XE demo was
really pretty spiffy, though.
-- db
----------------------------------------------------------------------
For LINUX-390 subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or
visit
http://www.marist.edu/htbin/wlvindex?LINUX-390
The information contained in this e-mail message is intended only for
the personal and confidential use of the recipient(s) named above. This
message may be an attorney-client communication and/or work product and
as such is privileged and confidential. If the reader of this message
is not the intended recipient or an agent responsible for delivering it
to the intended recipient, you are hereby notified that you have
received this document in error and that any review, dissemination,
distribution, or copying of this message is strictly prohibited. If you
have received this communication in error, please notify us immediately
by e-mail, and delete the original message.
----------------------------------------------------------------------
For LINUX-390 subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit
http://www.marist.edu/htbin/wlvindex?LINUX-390
