Red Hat SATELLITE 5.1.0 RELEASE NOTES Instrukcja Instalacji Strona 79
- Strona / 268
- Spis treści
- BOOKMARKI
Oceniono. / 5. Na podstawie oceny klientów
Chapter 4. Installing and configuring z/VM 61
4.9.1 VM security products
You might want to use a z/VM security product such as IBM RACF® or CA VM:Secure. They
allow you to address more security issues such as password aging and the auditing of user
access attempts.
4.9.2 High level z/VM security
The paper z/VM Security and Integrity discusses the isolation and integrity of virtual servers
under z/VM. It is available on the Web at:
http://www-1.ibm.com/servers/eserver/zseries/library/techpapers/pdf/gm130145.pdf
Linux user ID privilege classes
Another security issue is the privilege class that Linux user IDs are assigned. The IBM
Redpaper publication Running Linux Guests with less than CP Class G Privilege addresses
this issue. It is on the Web at:
http://www.redbooks.ibm.com/redpapers/pdfs/redp3870.pdf
z/VM user ID and minidisk passwords
All passwords in a “vanilla” z/VM system are the same as the user ID. This is a large security
hole. The
minimum you should do is to address this issue.
There are two types of passwords in the USER DIRECT file:
User IDs The password required to logon with
Minidisks Separate passwords for read access, write access and multi-write access
Both types of passwords should be modified. This can be done using the CHPW540 XEDIT
macro defined in the next section.
4.9.3 Changing passwords in USER DIRECT
Changing the passwords can be done manually in XEDIT. However, this is both tedious and
error-prone. So a profile named CHPW540 XEDIT has been included with this book. The source
code is in “The CHPW540 XEDIT macro” on page 220.
This macro will change all z/VM passwords to the same value, which may still not be
adequate security, given the different function of the various user IDs. If you want different
passwords, you have to modify the USER DIRECT file manually, either with or without using the
CHPW52 XEDIT macro.
To modify all user ID and minidisk passwords to the same value, perform the following steps.
1. Logon to MAINT.
2. Link and access the LNXMAINT 192 disk to pick up the CHPW540 XEDIT macro:
==> vmlink lnxmaint 192
DMSVML2060I LNXMAINT 192 linked as 0120 file mode Z
3. Make a backup copy of the USER DIRECT file and first be sure the password that you want to
use is not a string in the file. For example, if you want to change all passwords to lnx4vm,
then do the following:
==> copy user direct c = direwrks = (oldd
==> x user direct c
====> /lnx4vm
- The Virtualization Cookbook 1
- Linux 5.2 3
- October 2008 3
- First Edition (October 2008) 4
- Contents 5
- Contents v 7
- Contents vii 9
- Trademarks 12
- The team that wrote this book 13
- Chapters and appendixes 15
- Conventions 17
- Comments welcome 17
- 1.1 What is virtualization 20
- 1.2 This book’s approach 21
- 1.4 Infrastructure design 22
- Planning 25
- 2.1 Bill of materials 26
- 2.2 z/VM conventions 27
- 2.3 Disk planning 28
- DASD versus SCSI/FCP 29
- 3390-3s versus 3390-9s 29
- Disk storage per Linux image 29
- 2.4 Memory planning 30
- 2.5 Password planning 30
- 2.6 Planning worksheets 31
- 2.7 Blank worksheets 34
- 2.7.2 z/VM DASD worksheet 35
- Configuring a desktop machine 37
- Figure 3-2 Setting logging 39
- Saving sessions 41
- 3.2 Setting up a VNC client 42
- 3.3 3270 emulators 43
- 4.1 Installing z/VM from DVD 46
- ==> instplan 50
- Running INSTDVD 52
- Figure 4-8 Load window 53
- ==> cold drain noautolog 54
- ==> no 54
- ==> disc 54
- 4.2 Configuring TCP/IP 56
- not specified 62
- 4.6 Adding paging volumes 65
- Using the CPFORMAT EXEC 67
- 4.6.4 Testing the changes 71
- 4.8.2 Testing the changes 78
- 4.9.1 VM security products 79
- ==> sampnss cms 86
- Servicing z/VM 89
- 5.1 Applying a PTF 90
- 6.4 Enabling the NFS server 106
- 7.2.3 Configuring VDISK swap 128
- 7.2.4 Configuring yum 128
- 7.2.5 Adding additional RPMs 129
- 7.2.10 Configuring SSH keys 134
- 4 6763) is running 135
- 8.2.4 Adding additional RPMs 145
- 8.2.8 Configuring SSH keys 145
- 8.2.9 Rebooting the system 146
- 8.2.10 Verifying the changes 146
- Detach the source disks 151
- Detach the target disks 154
- IPL the target system 154
- 9.3.2 Using the clone script 157
- FLASHCOPY 159
- Installation Server 159
- Master Image 159
- 9.5 Reviewing system status 163
- LNXMAINT 164
- Delete these 167
- Servicing Linux with Red Hat 171
- 12.1.2 Testing Apache 179
- 12.1.3 Turning on a firewall 179
- 12.1.6 Apache resources 182
- Start the LDAP service 184
- Deleting duplicate users 186
- Set a password 189
- 12.3.4 Adding a Samba user 191
- 12.3.6 Testing your changes 192
- 12.3.7 Configuring printing 193
- 12.4.1 Additional resources 194
- Linux kernel development 195
- Web development 195
- Miscellaneous recipes 197
- 13.1 Adding a logical volume 198
- Volume Group - optvg 200
- Creating a physical volume 204
- Extending the volume group 204
- /var/lib/ldap 205
- Configuring LDAP 206
- Configuring automount 207
- 13.4 Rescuing a Linux system 208
- Monitoring z/VM and Linux 211
- INIDICATE LOAD 212
- INDICATE QUEUES EXP 213
- Getting help 214
- Determining who is logged on 214
- Determining storage or memory 215
- Determining software level 215
- 14.2.3 Configuring PERFSVM 218
- Using a Web browser interface 220
- Using a 3270 interface 222
- 14.3 Monitoring Linux 223
- PURGE NSS NAME MONDCSS 228
- CP SAVESEG MONDCSS 228
- References 229
- Quick reference sheets 230
- Prefix commands 231
- :help give help 232
- Appendix B. z/VM source code 233
- The CPFORMAT EXEC 234
- The CHPW540 XEDIT macro 238
- The LABEL540 EXEC 241
- The LABEL540 XEDIT macro 243
- Linux source code 245
- Related publications 257
- Online resources 258
- How to get Redbooks 258
- Help from IBM 258
- Hat Enterprise Linux 5.2 265
Powiązane produkty i podręczniki dla Oprogramowanie Red Hat SATELLITE 5.1.0 RELEASE NOTES
Oprogramowanie Red Hat NETSCAPE MANAGEMENT SYSTEM 6.0 - AGENT GUIDE Instrukcja Użytkownika
(25 strony)
(25 strony)
Oprogramowanie Red Hat ENTERPRISE LINUX 5 - LOGICAL VOLUME MANAGER ADMINISTRATION Przewodnik Instalacji
(92 strony)
(92 strony)
Oprogramowanie Red Hat NETSCAPE MANAGEMENT SYSTEM 6.1 - COMMAND-LINE Przewodnik Instalacji
(158 strony)
(158 strony)
Oprogramowanie Red Hat NETSCAPE MANAGEMENT SYSTEM 4.5 - COMMAND-LINE Instrukcja Użytkownika
(128 strony)
(128 strony)
Oprogramowanie Red Hat NETSCAPE MANAGEMENT SYSTEM 4.5 - COMMAND-LINE Podręcznik Użytkownika
(270 strony)
(270 strony)
© 2020, manymanuals.pl. Wszelkie prawa zastrzeżone. | 0.038 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Komentarze do niniejszej Instrukcji