Re: CPU Arch Security [was: Re: Probably the first published shell code]

On Fri, Nov 08, 2002 at 05:50:56PM +0100, Ulrich Weigand was heard to remark: > Linas Vepstas wrote: > > > Sorry I used the word semaphore. Using pipes & shmem is hard. Well, > > using them is easy, using them and creating something that's extenisble, > > maintainble, lacks race conditions and othe

Re: One more Googlism:

On Friday 08 November 2002 15:52, Adam Thornton wrote: > On Fri, Nov 08, 2002 at 05:49:02PM -0500, Post, Mark K wrote: > > I don't know which is odder. The things you're finding, or that you're > > looking for them in the first place! > > > > Just out of curiosity, what was the link for that first

Re: More NSS Info

Hello from Gregg C Levine And if you murder him, I'll be forced to use my Jedi Knight functions to send you to Kessel. Just going along with it, Rick. --- Gregg C Levine [EMAIL PROTECTED] "The Force will be with you...Alwa

Re: Googlism.com

At 18:35 11/08/2002 -0500, Adam Thornton wrote: And then there's the frankly frightening: Watch it, cough-syrup boy! ross patterson is extremly hot you should put the picture of him in the movie at the very very end with his tongue outlol Yup, I am SO hot! Vote for me: http://www.hotornot.co

Re: CPU Arch Security [was: Re: Probably the first published shell code]

At 17:09 11/08/2002 +, Alan Cox wrote: In fact several exploits work on the basis they overrun a stack section with a complete return sequence including variables to cause an execlp("/bin/sh", ...) to occur. Yup, that was exactly the case in the Phrack article that started this whole topic.

Re: One more Googlism:

It actually would appear to spit out information that it finds based on web searches - try it for someone you know who doesn't have a web site or postings and it reports that it doesn't know you 'yet'. Lionel B. Dyck, Systems Sof

Re: One more Googlism:

On Fri, Nov 08, 2002 at 05:49:02PM -0500, Post, Mark K wrote: > I don't know which is odder. The things you're finding, or that you're > looking for them in the first place! > > Just out of curiosity, what was the link for that first one (since that > really is me)? No idea--Googlism just spits o

Re: One more Googlism:

I don't know which is odder. The things you're finding, or that you're looking for them in the first place! Just out of curiosity, what was the link for that first one (since that really is me)? Mark Post -Original Message- From: Adam Thornton [mailto:athornton@;sinenomine.net] Sent: Fr

Re: One more Googlism:

And then again: adam thornton is awarded a "#1 textfire investigator" badge adam thornton is awarded a "#1 textfire investigator" badge adam thornton is awarded a "#1 textfire investigator" badge; april 22 adam thornton is a funny guy adam thornton is a member of the 14th public affairs detachment

One more Googlism:

And then there's the just-plain-odd: mark post is a senior infrastructure specialist in eds' mainframe platforms operating systems repository support group mark post is mentioned in the mark post is 40p away on 318 mark post is the director of the car mark post is recovering from a bad case of the

Googlism.com

Googlism is the best search engine ever. Some of our luminaries There's the predictable, if kind of boring: neale ferguson is a longtime ibm s/390 system administrator with over nineteen years of experience with vm/esa There's the random: rick troth is a part of the science department There

Re: Yet More NSS Info

Rick Troth <[EMAIL PROTECTED]> wrote: > > > If you create a CMS file called PROGRA~1 DIR I'll have to murder you. > > ;-) > > > Just so you know. Other than that, sure, sounds like a plan--I assume > > you mean that you use some filesystem convention like a file which > > always has some particula

Re: More NSS Info

> This "folding", as far as I know, is just a couple of symlinks, from /bin to > /usr/bin and from /lib to /usr/lib. Doing the same thing on a typical Linux Specifically, running 'ls -l' in root, you see bin -> usr/bin lib -> usr/lib If memory serves, you do

Re: More NSS Info

On Fri, Nov 08, 2002 at 02:44:19PM -0500, David Boyes wrote: > > What distribution are you using which places these utilities in /usr? > > Sorry, finger check. I date back far enough that everything was in or near > /usr... thanks. Meant to say "from their default location". I do not date back ve

Re: More NSS Info

> If you create a CMS file called PROGRA~1 DIR I'll have to murder you. ;-) > Just so you know. Other than that, sure, sounds like a plan--I assume > you mean that you use some filesystem convention like a file which > always has some particular name, which contains a CMS filename to Unix > dire

Re: More NSS Info

On Fri, Nov 08, 2002 at 03:09:54PM -0500, Kris Van Hees wrote: > I worked on a RO / before (presented briefly at SHARE in TN), and > unfortunately Linux has (or had - they may have fixed it) a C library that > usesthe Unix domain socket /dev/log for syslog handling, and that one is > created dynam

mono RPMs

For those who'd like to play with the C# open-source package "mono", the necessary RPMs can be downloaded from "http://go-mono.com/download";. I don't think you need the -devel RPMs if you just want to play. You will need to do the following as root: ln -s /usr/bin/mint /usr/bin/mono. Neale

Re: More NSS Info

On Fri, Nov 08, 2002 at 02:16:47PM -0500, Matt Zimmerman wrote: > On Fri, Nov 08, 2002 at 12:24:13PM -0500, Kris Van Hees wrote: > > I would *love* to see a CMSFS that can support things like device files so > > we can finally put /dev somewhere other than the root filesystem, so / can > > truly be

Re: Kernel Compilation Optionsy

On Fri, 8 Nov 2002, Post, Mark K wrote: > I was compiling a 2.4.19 kernel this week, and I was presented with some > options for Journalling Flash File System and Journalling Flash File System2 > support. Being curious, I selected to have them built as modules. Once the > kernel was compiled and

Re: Kernel Compilation Options

Matt, I had considered that also, but wasn't sure about the availability of such things as blkmtd and mtdram. I'm not at all familiar with that area. But, either way is fine with me, I guess. I just think you shouldn't be able to select things that you can't get to work. Mark Post -Origin

Re: Virtual network topology questions...

On Fri, Nov 08, 2002 at 11:09:02AM -0600, Nix, Robert P. wrote: > This has gone completely off track, and in no way resembles or answers > my original questions. We're running zVM 4.2, not 4.2. We're on a 9672, > not a z-series, we have a single OSA interface, shared with a zOS image, > and no opt

Re: More NSS Info

> You would need at least one non-root/swap address mounted > as /config or > > something for storing the configuration of what goes where, > and you'd > > have to move at least a few of the utilities (eg mount, > ifconfig, etc) > > from /usr to /sbin (generating statically linked versions) > and i

Re: Kernel Compilation Options

On Fri, Nov 08, 2002 at 12:35:55PM -0500, Post, Mark K wrote: > So, given that a pre-requisite for the JFFS/JFFS2 code is not available, > should they be selectable options on a Linux/390 kernel configuration? I > would think not, but I wanted to make sure I was understanding this > correctly. I

Re: More NSS Info

On Fri, Nov 08, 2002 at 12:24:13PM -0500, Kris Van Hees wrote: > I would *love* to see a CMSFS that can support things like device files so > we can finally put /dev somewhere other than the root filesystem, so / can > truly be made RO. I worked on that using initrd, but cmsfs would be so > mu

Re: More NSS Info

On Fri, Nov 08, 2002 at 10:52:52AM -0600, Rick Troth wrote: > On Fri, 8 Nov 2002, David Boyes wrote: > > Much as I dislike Solaris, their diskless workstation filesystem layout > > is a pretty good model for this. We should use that as a model for > > ideas. > > They also demonstrated the first sh

Re: More NSS Info

On Fri, Nov 08, 2002 at 11:23:25AM -0500, David Boyes wrote: > You would need at least one non-root/swap address mounted as /config or > something for storing the configuration of what goes where, and you'd > have to move at least a few of the utilities (eg mount, ifconfig, etc) > from /usr to /sb

Re: Lotus Notes on Linux

Steve, You may not have to wait that long. Look at Jim Elliott's post, on this db, from Wed, 21 Aug 2002 14:58:35. Regards, Paul = From: "Post, Mark K" <[EMAIL PROTECTED] > Subject: Re: Lotus

root filesystem on RAID0

I've been trying to setup the ability to run the root filesystem on a RAID0 array. I've been using the Software-RAID HOWTO as a guide. I've had no luck at all. Before I spend anymore time on this "project" does anyone know if this is really possible with s390? I don't mind working on it and fi

Re: Virtual network topology questions...

http://www.marist.edu/htbin/wlvtype?LINUX-VM.23045 http://www.marist.edu/htbin/wlvtype?LINUX-VM.24840 http://www.marist.edu/htbin/wlvtype?LINUX-VM.25835 Mark Post -Original Message- From: Dave Myers [mailto:dave.myers@;twcable.com] Sent: Friday, November 08, 2002 12:47 PM To: [EMAIL PROTE

Re: Virtual network topology questions...

> This has gone completely off track, and in no way resembles > or answers my original questions. Huh? > We're running zVM 4.2, not 4.2. OK, you have guest LAN support, just no broadcast support. > We're on a 9672, not a > z-series, Guest LANs work fine on 9672s. > we have a single OSA interf

Re: Virtual network topology questions...

In a message dated 11/8/2002 10:37:37 AM Mountain Standard Time, [EMAIL PROTECTED] writes: > Further, there is another option from SuSE. For free, they will send you > CDs with their GA code on them. You just don't get any support during the > trial. There is? I thought sles7 was all i can get

Kernel Compilation Options

I was compiling a 2.4.19 kernel this week, and I was presented with some options for Journalling Flash File System and Journalling Flash File System2 support. Being curious, I selected to have them built as modules. Once the kernel was compiled and IPLed, I was getting unresolved symbol errors fo

Re: Virtual network topology questions...

Robert, About the only thing you can't get out of this thread is broadcast support on your Guest LAN. Everything else should be available to you as you sit now with z/VM 4.2 and a 9672. No new hardware, etc. Further, there is another option from SuSE. For free, they will send you CDs with thei

Re: More NSS Info

David Boyes writes: > You would need at least one non-root/swap address mounted as /config or > something for storing the configuration of what goes where, and you'd > have to move at least a few of the utilities (eg mount, ifconfig, etc) > from /usr to /sbin (generating statically linked versions)

Re: More NSS Info

On Fri, Nov 08, 2002 at 01:15:01PM -0500, Adam Thornton wrote: > On Fri, Nov 08, 2002 at 10:58:30AM -0600, Rick Troth wrote: > > > If you use the cmsfs stuff, that information can all be on the > > > 191 disk and read by the startup scripts. > > What about a CMSFS that can do directories an

Re: Virtual network topology questions...

In a message dated 11/8/2002 10:14:42 AM Mountain Standard Time, [EMAIL PROTECTED] writes: > The answers have been fairly much the same as "Put out your resume, and find > a job at a company with a different system..." > h...then you either haven't been reading them carefully...or you don't u

Re: More NSS Info

On Fri, Nov 08, 2002 at 10:58:30AM -0600, Rick Troth wrote: > > If you use the cmsfs stuff, that information can all be on the > > 191 disk and read by the startup scripts. > What about a CMSFS that can do directories and specials (device files) > akin to the UMSDOS hack? If you create a C

Re: Virtual network topology questions...

This has gone completely off track, and in no way resembles or answers my original questions. We're running zVM 4.2, not 4.2. We're on a 9672, not a z-series, we have a single OSA interface, shared with a zOS image, and no option for adding hardware interfaces, and we don't have any money budge

Re: More NSS Info

On Fri, 8 Nov 2002, Kris Van Hees wrote: > Despite what Sun Microsystems did with linking /usr/bin and /usr/sbin > into the root filesystem as /bin and /sbin, a more sensible setup is > still to have the core utilities that are required to boot a system > (and to do basic maintenance) as part of t

Re: More NSS Info

> If you use the cmsfs stuff, that information can all be on the > 191 disk and read by the startup scripts. What about a CMSFS that can do directories and specials (device files) akin to the UMSDOS hack?

Re: More NSS Info

You mean set up a Linux NSS like we do a CMS NSS? When you IPL the CMS NSS it expects 190 to be the boot disk, 19E to be the CMS equivalent of /usr and 191 to contain the configuration files. When it comes up the first thing CMS does is to run the PROFILE EXEC on the 191 disk. The commands to acces

Re: More NSS Info

On Fri, 8 Nov 2002, David Boyes wrote: > Much as I dislike Solaris, their diskless workstation filesystem layout > is a pretty good model for this. We should use that as a model for > ideas. They also demonstrated the first shared /usr implementation. They also do something I call "folding" (for

Re: CPU Arch Security [was: Re: Probably the first published shell code]

Linas Vepstas wrote: > Sorry I used the word semaphore. Using pipes & shmem is hard. Well, > using them is easy, using them and creating something that's extenisble, > maintainble, lacks race conditions and other bugs ... that's a lot > harder. If it's so easy, why didn't ssh do it years ago? Th

Re: CPU Arch Security [was: Re: Probably the first published shell code]

On Thu, 2002-11-07 at 19:11, John Summerfield wrote: > On IA32, if it's not in the code segment, you can't execute it. > > The code segment _can_ be ro, so presumably a return to arbitrary code can be > prevented. I dont need to modify any of the code segment to exploit your machine. In fact seve

[ANNOUNCE] Systems/C, Systems/C++ and Systems/ASM for z/Linux

Just a quite note to announce the new versions of Systems/C, Systems/C++ and Systems/ASM. What makes this pertinent to this mailing list is the new 64-bit support, including z/Linux. All of the Dignus tools now run on z/Linux, as well as generating code for z/Linux. We have also delivered the fi

Re: Questions about accessing DASD

On Fri, Nov 08, 2002 at 11:00:19AM -0500, [EMAIL PROTECTED] wrote: > Also, the shark is being used to share dasd with open systems over > fiber. Would it be possible to have the linux image connect (over > FICON?) to access that same data? For example, to mount the same > file-system an NT server

Re: Lotus Notes on Linux

You'll have to wait for Lotus to be released for Linux/390. If this is something you want to do _now_, then you're out of luck. If you can wait, it sounds like something that would be fairly reasonable since most of what is going on is moving data around. Mark Post -Original Message- Fr

Re: Virtual network topology questions...

On Fri, Nov 08, 2002 at 10:57:41AM -0500, Dave Myers wrote: > So according to the statements below...I CAN use SUSE SLES7 > to play the guest lan game, using QDIO instead of virtual hipersockets? > Am I correct in this assumption? > Any testimony from someone who has setup guest lans with SUSE SLES

Re: More NSS Info

If you put something like cmsfs or hcp on the root disk, you should have enough to read a config file from the CMS A-disk and use information in there to do the dynamic configuration of the disks. Despite what Sun Microsystems did with linking /usr/bin and /usr/sbin into the root filesystem as /bi

Re: More NSS Info

Not really. If you use the cmsfs stuff, that information can all be on the 191 disk and read by the startup scripts. Mark Post -Original Message- From: David Boyes [mailto:dboyes@;sinenomine.net] Sent: Friday, November 08, 2002 11:23 AM To: [EMAIL PROTECTED] Subject: Re: More NSS Info

Lotus Notes on Linux

We currently run Lotus Notes on AIX. We intend to up grade to the next release when it comes available for some desired feature which escapes me at the moment and is not part of this query anyway. We currently have a 60GB application which is comprised of Clerk of the Courts transactions from which

Re: More NSS Info

You would need at least one non-root/swap address mounted as /config or something for storing the configuration of what goes where, and you'd have to move at least a few of the utilities (eg mount, ifconfig, etc) from /usr to /sbin (generating statically linked versions) and include /sbin in the ro

Re: Questions about accessing DASD

Daniel, Linux/390 should be able to handle mod 27's with no problem. I don't think FICON support is there (but I could be wrong), but I know (from Neale Ferguson) that FCP support works pretty well. When we were at the VM/VSE tech conference, he showed me a 200GB file system (yes, that's Giga, n

Re: Virtual network topology questions...

With SuSE SLES 7 you can use virtual hipersockets and virtual qdio lans (both), and this is for sure. Saying goes: Great minds think alike - I say: Great minds think for themselves! Carlos A. Ordonez IBM Corporation Server Consolidation |-+---> | |

Re: Questions about accessing DASD

> Working with a RH 7.2 image in an LPAR, which currently > accesses 3390-3 > volumes (over ESCON?). I remember hearing that linux s/390 can handle > 3390-9 volumes, can it handle 3390-27's? It should -- I don't have any to test it, but the Linux DASD drivers are pretty tolerant of odd sizes. The

Questions about accessing DASD

Let me start with: I do not have a mainframe background, and I'm still trying to get my head around the concepts. Working with a RH 7.2 image in an LPAR, which currently accesses 3390-3 volumes (over ESCON?). I remember hearing that linux s/390 can handle 3390-9 volumes, can it handle 3390-27's?

Re: More NSS Info

Would it not be sufficient to create the NSS with just the boot disk and maybe swap configured in on the kernel parameter line, and then using something very early on in the boot process to add the other disks using /proc/dasd/devices? It might take some work to get the NSS and RO boot disk just ri

Re: Virtual network topology questions...

So according to the statements below...I CAN use SUSE SLES7 to play the guest lan game, using QDIO instead of virtual hipersockets? Am I correct in this assumption? Any testimony from someone who has setup guest lans with SUSE SLES7? Tia Dave Myers Adam said... Now, you're using SuSE, so that may

Re: Virtual network topology questions...

I think that as long as your distribution of Linux supports QDIO (which 2.2.16 does) you can define a "qdio" (instead of a "hipers" one) guest lan under zVM 4.3 and use qdio/qeth. (I think! haven't tried it) Carlos :-) Saying goes: Great minds think alike - I say: Great minds think for themselves

Re: Virtual network topology questions...

Nix, Robert P. writes: > 9672, so no hiper-sockets. In trial mode, so no money to buy a distribution or >support, but with the potential to do so if / when it goes into production. >Potentially running DB2 and WebSphere, so SuSE instead of RedHat, as IBM supports >SuSE more so than RedHat, in ou

Re: Virtual network topology questions...

> 9672, so no hiper-sockets. In trial mode, so no money to buy > a distribution or support, but with the potential to do so if > / when it goes into production. Potentially running DB2 and > WebSphere, so SuSE instead of RedHat, as IBM supports SuSE > more so than RedHat, in our experience. Guest

Re: Virtual network topology questions...

No hardware hipersockets doesn't necessarily mean that you can't use the guest LAN. Are you using the evaluation version of SuSE 7.2 or are you using the old SuSE with the 2.2.16 kernel? If the former you can define a guest LAN and set up SuSE to use it. If the latter, then you are definitely st

Re: Virtual network topology questions...

If at all possible, use the Guest LAN. It gets past all of this point to point stuff and for all the reasons that Adam mentioned. On Friday 08 November 2002 08:44 am, you wrote: > Given an IFL running zVM and several Linux/390 images, is it better to fan > out to all the Linux images from zVM's T

Re: Virtual network topolgy questions...

On Fri, Nov 08, 2002 at 09:12:32AM -0600, Nix, Robert P. wrote: > 9672, so no hiper-sockets. In trial mode, so no money to buy a > distribution or support, but with the potential to do so if / when it > goes into production. Potentially running DB2 and WebSphere, so SuSE > instead of RedHat, as IBM

Re: Virtual network topology questions...

> Given an IFL running zVM and several Linux/390 images, is it > better to fan out to all the Linux images from zVM's TCPIP, > or should TCPIP talk to a selection of images, with these > images each handling several end machines, more like a tree > structure? If you have a version of z/VM that sup

Re: CPU Arch Security [was: Re: Probably the first published shel l code]

Folks, This is known territory, both in implementation and literature. Both Multics and MTS implemented a similar architecture to what Linus V. is describing, and Apollo did an implementation with distributed memory in NCS. I'd suggest doing some reading before you go off to design a CPU -- we've

Re: Virtual network topology questions...

9672, so no hiper-sockets. In trial mode, so no money to buy a distribution or support, but with the potential to do so if / when it goes into production. Potentially running DB2 and WebSphere, so SuSE instead of RedHat, as IBM supports SuSE more so than RedHat, in our experience. I'd like to w

Re: Virtual network topology questions...

On Fri, Nov 08, 2002 at 08:44:20AM -0600, Nix, Robert P. wrote: > Given an IFL running zVM and several Linux/390 images, is it better to > fan out to all the Linux images from zVM's TCPIP, or should TCPIP talk to a > selection of images, with these images each handling several end > machines, more

Virtual network topology questions...

Given an IFL running zVM and several Linux/390 images, is it better to fan out to all the Linux images from zVM's TCPIP, or should TCPIP talk to a selection of images, with these images each handling several end machines, more like a tree structure? What would be the advantages and disadvantages

More NSS Info

I don't have the faintest idea why IBM claims that you have to have an identical DASD layout on all machines that share an NSS. Admittedly cursory testing seems to show that your NSS will have whatever parameter line you burned into it, which does specify a range of devices. But not only can thos

PR: SuSE Linux Enterprise Server Validated for Latest Version of DB2

See: "http://linuxtoday.com/news_story.php3?ltsn=2002-11-08-004-26-NW-BZ-SS"; "SuSE Linux Enterprise Server is the first distribution to be validated on all hardware platforms supported by DB2 for Linux (including IBM zSeries mainframes) and validated to run DB2 Enterprise Server Edition. SuSE`s s