INFO-VAX Wed, 13 Jun 2007 Volume 2007 : Issue 320 Contents: Re: %TCPIP-E-ROUTEERROR from TCPIP SHOW ROUTES... 2007 HP Worldwide User Advocacy Support 320GB SDLT Backup solutions for under $2600 Re: 8086 vs patches Re: 8086 vs patches Re: 8086 vs patches Re: 8086 vs patches Re: 8086 vs patches Re: 8086 vs patches Re: AEST on Alpha Re: ALPHA_V732_MASTER_ECO_LIST.txt Re: Another opportunity Re: Another opportunity Re: Another opportunity Re: Another opportunity Re: Another opportunity Re: Another opportunity Re: Another opportunity Re: Another opportunity Re: Another opportunity Re: Another opportunity Re: Another opportunity Re: Another opportunity RE: Another opportunity Re: Another opportunity Re: Another opportunity Re: Another opportunity Re: Another opportunity Re: Another opportunity Re: Another opportunity Re: Another opportunity Re: Another opportunity Re: Anyone know why the Alpha market is so so quiet? Re: Anyone know why the Alpha market is so so quiet? BACKUP Suggestions (/STAT and error handling) 8.3 Re: BACKUP Suggestions (/STAT and error handling) 8.3 Re: BACKUP Suggestions (/STAT and error handling) 8.3 Re: bad checksum for AXP_DNVOSIECO02-V83 Re: BYPASS privilege !! Re: BYPASS privilege !! Re: BYPASS privilege !! Re: BYPASS privilege !! Re: BYPASS privilege !! Re: BYPASS privilege !! Re: BYPASS privilege !! Re: BYPASS privilege !! Re: BYPASS privilege !! Re: BYPASS privilege !! Re: BYPASS privilege !! Re: BYPASS privilege !! Re: BYPASS privilege !! Re: BYPASS privilege !! Re: BYPASS privilege !! Re: BYPASS privilege !! Re: BYPASS privilege !! Re: BYPASS privilege !! Re: BYPASS privilege !! Re: BYPASS privilege !! Re: BYPASS privilege !! Re: BYPASS privilege !! Re: Comparative patch installation (was Re: Re: Comparative patch installation (was Re: Re: Comparative patch installation (was Re: Re: Comparative patch installation (was Re: Re: Comparative patch installation (was Re: Re: Comparative patch installation (was Re: Re: Comparative patch installation (was Re: help running OpenVMS on Itanium 2 2620 WinXP variant Re: help running OpenVMS on Itanium 2 2620 WinXP variant Re: help running OpenVMS on Itanium 2 2620 WinXP variant host based routing software? Re: host based routing software? Re: host based routing software? Re: host based routing software? Re: HP wasting millions of dollars on itanium! RE: Is VMS losing the Financial Sector, also? Re: Is VMS losing the Financial Sector, also? Re: Is VMS losing the Financial Sector, also? Re: Mandatory Security (was: Re: Another opportunity Re: Minimum priv to run an audit More TCPIP nonsense Re: More TCPIP nonsense Re: More TCPIP nonsense Re: More TCPIP nonsense Re: More TCPIP nonsense Re: More TCPIP nonsense Re: More TCPIP nonsense Re: More TCPIP nonsense Re: More TCPIP nonsense Re: More TCPIP nonsense Re: More TCPIP nonsense Re: More TCPIP nonsense Re: More TCPIP nonsense Re: More TCPIP nonsense Off lease ES45 Re: Off lease ES45 Re: Off lease ES45 OT: Carla Re: OT: Lightning & Time to buy lottery tickets Re: OT: Question to Bob Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Question for the Group Re: Reflection's VT emulation RMS equiv of ACP fch$m_directory? Re: RMS equiv of ACP fch$m_directory? Re: RMS equiv of ACP fch$m_directory? Re: SAMBA not ready to be a replacement for PathWorks Re: SAMBA not ready to be a replacement for PathWorks Secure IMAP on TCP/IP Services 5.6 on VMS 8.3I? Re: Security Standards (was: Another opportunity) Shells WAS: Re: Another opportunity Re: SMTP.CONFIG: Reject-Mail-From: for part of an address? Re: SMTP.CONFIG: Reject-Mail-From: for part of an address? Re: SMTP.CONFIG: Reject-Mail-From: for part of an address? Re: SMTP.CONFIG: Reject-Mail-From: for part of an address? Re: SMTP.CONFIG: Reject-Mail-From: for part of an address? Re: SMTP.CONFIG: Reject-Mail-From: for part of an address? Re: SMTP.CONFIG: Reject-Mail-From: for part of an address? Re: SMTP.CONFIG: Reject-Mail-From: for part of an address? Re: SMTP.CONFIG: Reject-Mail-From: for part of an address? Re: SMTP.CONFIG: Reject-Mail-From: for part of an address? Re: SMTP.CONFIG: Reject-Mail-From: for part of an address? Re: Story Time Re: Story Time Re: Story Time Re: Story Time Re: Story Time Re: Story Time Re: Story Time RE: Story Time Re: Story Time Re: Story Time Re: Story Time Re: Story Time Re: Story Time Re: Story Time Re: Story Time Re: Story Time Re: Story Time Re: Story Time Re: Story Time Re: Story Time Re: Story Time SYSMAN IO SET EXCLUDE and satellites VMS analogue of FBSD and linux hier(7) man pages Re: VMS analogue of FBSD and linux hier(7) man pages Re: VMS analogue of FBSD and linux hier(7) man pages Re: VMS analogue of FBSD and linux hier(7) man pages Re: VMS analogue of FBSD and linux hier(7) man pages Re: VMS analogue of FBSD and linux hier(7) man pages Re: VMS analogue of FBSD and linux hier(7) man pages Re: VMS analogue of FBSD and linux hier(7) man pages Re: VMS analogue of FBSD and linux hier(7) man pages Re: VMS analogue of FBSD and linux hier(7) man pages Re: VMS analogue of FBSD and linux hier(7) man pages Re: VMS analogue of FBSD and linux hier(7) man pages What's the implication of this development if any... Re: What's the implication of this development if any... Re: What's the implication of this development if any... Re: What's the implication of this development if any... Re: What's the implication of this development if any... Re: What's the implication of this development if any... Re: What's the implication of this development if any... Re: What's the implication of this development if any... Re: What's the implication of this development if any... Re: What's the implication of this development if any... Re: What's the implication of this development if any... Who's in the Phoenix area? Why partitioned disks on VMS would be useful Re: Why partitioned disks on VMS would be useful Re: Why partitioned disks on VMS would be useful Re: Why partitioned disks on VMS would be useful Re: Why partitioned disks on VMS would be useful Re: Why partitioned disks on VMS would be useful Re: Why partitioned disks on VMS would be useful Re: Why partitioned disks on VMS would be useful Re: Why partitioned disks on VMS would be useful Re: Why partitioned disks on VMS would be useful Re: Why partitioned disks on VMS would be useful Re: Why partitioned disks on VMS would be useful Re: Why partitioned disks on VMS would be useful Re: Why partitioned disks on VMS would be useful Re: Why partitioned disks on VMS would be useful Re: Why partitioned disks on VMS would be useful Re: Why partitioned disks on VMS would be useful Re: Why partitioned disks on VMS would be useful [OT] ZFS and OS X 10.5 (Leopard) Re: [Q]Pascal packed arrary of char and varying of char ---------------------------------------------------------------------- Date: 12 Jun 2007 09:09:22 +0200 From: peter@langstoeger.at (Peter 'EPLAN' LANGSTOeGER) Subject: Re: %TCPIP-E-ROUTEERROR from TCPIP SHOW ROUTES... Message-ID: <466e62c2$1@news.langstoeger.at> In article <466DE341.4F5FD653@spam.comcast.net>, David J Dachtera writes: >Peter 'EPLAN' LANGSTOeGER wrote: >>In article <46689B42.1256A6E4@spam.comcast.net>, David J Dachtera writes: >>>Galen wrote: >>>> We're running TCP/IP V5.3 (no TCP/IP ecos) ... >>> >>>There's your problem right there - UCX *ALWAYS* has ECOs! >> >> TCPIP V5.6 still does not ;-) > >The release is young, my friend! Yup. But way older than expected. In a few days it gets 1 year old! Now, this is a long time for a (TCPIP) product without an ECO... -- Peter "EPLAN" LANGSTOEGER Network and OpenVMS system specialist E-mail peter@langstoeger.at A-1030 VIENNA AUSTRIA I'm not a pessimist, I'm a realist ------------------------------ Date: Tue, 12 Jun 2007 20:23:23 -0500 From: David J Dachtera Subject: 2007 HP Worldwide User Advocacy Support Message-ID: <466F470B.3CB45CB8@spam.comcast.net> The following was received (in two messages - combined here) via the VMS SIG Mailing List today. I saw no reason to not pass it on to c.o.v. 2007 HP Worldwide User Advocacy Survey Local Voices…Global Impact Encompass OpenVMS SIG members— As fellow Encompass members, I want to issue a personal appeal for you to support Encompass by completing the 2007 HP Worldwide Customer Survey at http://www.hpadvocacysurvey.org This program is a convenient and effective means of sharing your opinions, satisfaction and needs regarding HP’s products and services directly to HP. You will be able to select OpenVMS as your preferred Operating System and answer questions specifically related to VMS. From experience, I can attest that HP pays significant attention to the results of this survey. Last year, I represented Encompass and spent a half-day day reporting session with nearly 100 senior-level HP executives and decision-makers. Several of the recommendations from previous surveys have been implemented to the collective benefit of all HP users. These changes include: 1) At HP Technology Forum 2006, Ann Livermore announced simplification of sales contracts, reducing length of terms and conditions by two-thirds. 2) HP NonStop education is supporting an initiative to develop a "Center for Excellence for Business Critical Systems" at the University of South Florida in Tampa, FL that will include certificate programs for HP BCS technologies, including NonStop. 3) HP’s NonStop division decided to invest in improvements of development tools, including NonStop plugins for Eclipse that are scheduled for general availability for June 2007. It’s especially important to Encompass that we have a strong participation rate by our members in this survey. HP entrusts the entire survey process to Encompass and other members of its international user group community, giving the survey an added dimension of credibility as a true customer-driven initiative. Having a strong turnout by our members validates our strength and influence to HP, so please complete the survey and indicate your affiliation with Encompass where asked. Visit www.hpadvocacysurvey.org to complete the survey. Please respond by June 28th. Thanks, in advance, for your participation. Steve Davidek, Systems Administrator City of Sparks, Nevada, Web Coordinator -- David J Dachtera dba DJE Systems http://www.djesys.com/ ------------------------------ Date: Wed, 13 Jun 2007 09:48:53 -0400 From: "David Turner, Island Computers" Subject: 320GB SDLT Backup solutions for under $2600 Message-ID: <136vtdp6hu8k336@news.supernews.com> We have brand NEW Island Datastore (using NEW HP Internal SDLT tape drives) tabletop tape drives Carbon colored for $2595 New with 1 yr warranty Guaranteed eligible for HP maintenance We also do LTO and DDS/DAT Call or email if interested -- David B Turner Island Computers US Corp 2700 Gregory St, Suite 180 Savannah GA 31404 T: 877-6364332 x201 Intl: 001 912 447 6622 E: dturner@islandco.com F: 912 201 0402 W: http://www.islandco.com ------------------------------ Date: Tue, 12 Jun 2007 00:47:23 -0500 From: Ron Johnson Subject: Re: 8086 vs patches Message-ID: On 06/11/07 19:11, David J Dachtera wrote: > JF Mezei wrote: >> Nobody accepted to provide me with a supply of chocolate in exchange for >> my stopping the use of the term "8086" to designate the industry >> standard architecture (since this is where it has its roots). >> >> I have a new proposal to make: >> >> I would be willing to stop using the 8086 monicker if Kerry Main were >> willing to stop using the "many many patches" argument. >> >> Would that be a fair deal that would benefit the c.o.v. community at large ? > > Sorry, no. > > The 8086 8/16 bit CPU has not been widely used since the dawn of the 80x86 > chips, especially the 80386 16/32 bit chips and later. I'm not even sure 8086 is > even made anymore. I'm sure it is, in a radiation-hardened form. Same for the 80386 & 80486. Military jets that don't want to fall out of the sky after an EM pulse, and spacecraft need such specialized IC chips. The transistors in newer micro- and namo-scale gate chip-making processes are so small that they are very susceptible to radiation. > Patch-of-the-hour, on the other hand, is a fact of life in the M$, UN*X, Java, > etc. worlds. -- Ron Johnson, Jr. Jefferson LA USA Give a man a fish, and he eats for a day. Hit him with a fish, and he goes away for good! ------------------------------ Date: 13 Jun 2007 08:12:28 -0500 From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) Subject: Re: 8086 vs patches Message-ID: In article , JF Mezei writes: > Nobody accepted to provide me with a supply of chocolate in exchange for > my stopping the use of the term "8086" to designate the industry > standard architecture (since this is where it has its roots). > > I have a new proposal to make: > > I would be willing to stop using the 8086 monicker if Kerry Main were > willing to stop using the "many many patches" argument. > > Would that be a fair deal that would benefit the c.o.v. community at large ? No. I wholeheartedly agree with Kerry on that one. ------------------------------ Date: 13 Jun 2007 08:17:16 -0500 From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) Subject: Re: 8086 vs patches Message-ID: <3QhDuzZR3yKK@eisner.encompasserve.org> Ron Johnson writes: > > I'm sure it is, in a radiation-hardened form. Same for the 80386 & > 80486. > I think there are stocks of rad hardended 386 and 486, but I'm not so sure anything earlier than 486 is still being fabbed and not even too sure about those. Rad hardened RISC chips are fairly common now. A supply of earlier chips for maintenance will not go on forever as aircraft systems do get upgraded. ------------------------------ Date: Wed, 13 Jun 2007 10:17:08 -0500 From: Ron Johnson Subject: Re: 8086 vs patches Message-ID: On 06/13/07 08:17, Bob Koehler wrote: > Ron Johnson writes: >> I'm sure it is, in a radiation-hardened form. Same for the 80386 & >> 80486. >> > > I think there are stocks of rad hardended 386 and 486, but I'm not so > sure anything earlier than 486 is still being fabbed and not even too > sure about those. Rad hardened RISC chips are fairly common now. MIPS, I'd wager. Maybe PPC? > A supply of earlier chips for maintenance will not go on forever > as aircraft systems do get upgraded. I wonder if that's one of the reasons why the F-14 was retired and the F-15 will be. -- Ron Johnson, Jr. Jefferson LA USA Give a man a fish, and he eats for a day. Hit him with a fish, and he goes away for good! ------------------------------ Date: Wed, 13 Jun 2007 12:32:06 -0400 From: "Richard B. Gilbert" Subject: Re: 8086 vs patches Message-ID: <46701C06.7080404@comcast.net> Ron Johnson wrote: > On 06/13/07 08:17, Bob Koehler wrote: > >> Ron Johnson writes: >> >>> I'm sure it is, in a radiation-hardened form. Same for the 80386 & >>> 80486. >>> >> >> I think there are stocks of rad hardended 386 and 486, but I'm not so >> sure anything earlier than 486 is still being fabbed and not even too >> sure about those. Rad hardened RISC chips are fairly common now. > > > MIPS, I'd wager. Maybe PPC? > >> A supply of earlier chips for maintenance will not go on forever >> as aircraft systems do get upgraded. > > > I wonder if that's one of the reasons why the F-14 was retired and the > F-15 will be. > I'd look to things like "metal fatigue" and just plain wear and tear for the reasons. Airplanes, like cars and many other things, reach the far end of the bathtub curve. The failure rate rises sharply and it becomes uneconomical to continue to use them. I don't know what we're using to replace them but I'd bet that they are faster, more maneuverable, better armed, etc, etc. It's a good bet that even brand new F-14s and F-15s couldn't compete! ------------------------------ Date: Wed, 13 Jun 2007 09:43:17 -0700 From: etmsreec@yahoo.co.uk Subject: Re: 8086 vs patches Message-ID: <1181752997.374696.216590@x35g2000prf.googlegroups.com> A few years ago (maybe four, maybe five) NASA, it was claimed, were having problems with the Space shuttle as it was still dependant in some way on 486 processors. This would make sense given the time that the shuttle was designed I guess? I'm told that railway signalling was still being controlled by Pentiums, not PII, not PIII etc a few years ago when Paddington station in London was being resignalled. Point is though, JF is still just plain b****** wrong in calling all Intel 32 bit chips 8086. Kerry is right on this, JF is wrong. Live with it JF. Steve On 13 Jun, 14:17, koeh...@eisner.nospam.encompasserve.org (Bob Koehler) wrote: > Ron Johnson writes: > > > I'm sure it is, in a radiation-hardened form. Same for the 80386 & > > 80486. > > I think there are stocks of rad hardended 386 and 486, but I'm not so > sure anything earlier than 486 is still being fabbed and not even too > sure about those. Rad hardened RISC chips are fairly common now. > A supply of earlier chips for maintenance will not go on forever > as aircraft systems do get upgraded. ------------------------------ Date: Tue, 12 Jun 2007 02:39:18 -0700 From: IanMiller Subject: Re: AEST on Alpha Message-ID: <1181641158.786498.81500@o11g2000prd.googlegroups.com> Go to http://h71000.www7.hp.com/openvms/products/omsva/omsais.html Use the "Accept the license terms and download the software." ------------------------------ Date: Tue, 12 Jun 2007 04:21:37 -0700 From: "george.pagliarulo@hp.com" Subject: Re: ALPHA_V732_MASTER_ECO_LIST.txt Message-ID: <1181647297.865112.279740@r19g2000prf.googlegroups.com> On Jun 11, 3:04 pm, hel...@astro.multiCLOTHESvax.de (Phillip Helbig--- remove CLOTHES to reply) wrote: > In article <1181583983.390260.320...@o11g2000prd.googlegroups.com>, > > "george.pagliar...@hp.com" writes: > > It used to be > and was changed to >= . We had instances of customers > > installing a kit and, for some reason or another, having to re-install > > to get an image back on the system. Since the database saw the image > > as already being installed, with it being >, it would not install the > > "new" (same) image. DOH. > > This sounds like the database marked the image as installed before it > actually was. I can see this happening if a disk fills up or whatever, > but only if the database is updated before the actual installation. Is > that the case? No. The case I'm talking about is when, sometime after installation, an image is deleted or there is some other problem that causes a user to want to re-install the images in the kit. And PCSI will check for adequate disk space before it atempts to install a kit. George Pagliarulo ECO Release Process OpenVMS Sustaining Engineering Hewlett-Packard Company ------------------------------ Date: Tue, 12 Jun 2007 09:58:23 +0200 From: Michael Kraemer Subject: Re: Another opportunity Message-ID: johnhreinhardt@yahoo.com schrieb: > On Jun 11, 8:57 pm, Michael Kraemer wrote: > >> >>linux mentality isn't "free" but "affordable". >>Or why do you think people still buy distribution CDs >>although Linux is "free" ? >>BTW, it is new to me, that Oracle etc give away >>their Linux stuff for free. > > They don't. They charge for the "Linux stuff" just like they charge > for any other - I can imagine, it was more a rhethorical remark, countering the OPs assumption that everything with a "Linux" badge attached to it is "free". This may hold true for the base OS, but not for the commercial apps above it. > unless it falls into the narrow band allowed for in > the developer's license. I quote from the "Oracle Technology Network > Developer License" to which you must agree in order to legally > download Oracle RDBMS 10gR2 (10.2.0.1): (snip, a link would have sufficed) ------------------------------ Date: Tue, 12 Jun 2007 10:04:59 +0200 From: Michael Kraemer Subject: Re: Another opportunity Message-ID: Main, Kerry schrieb: > >>Moreover, Unix/Linux mentality is, that in a networked world >>TCP/IP should be part of the OS, >>which it is in Unix for about 20 years or so. >>The fact that it is still a matter of discussion in VMS-land >>shows how far behind VMS is w/ respect to others. >>Even OS/2 and AmigaOS have it integrated now. > > As does OpenVMS .. what's your point? well, in 7.3 it's still an alien, although a legal one. So IMHO even those legacy OSs have a better TCP integration. > > OpenVMS also has partner products like Multinet and TCPware which offer > additional features as well, so imho, that's a good thing. The sheer fact that there's a market for alternative products shows that DECs original leaves sth to be desired. ------------------------------ Date: Tue, 12 Jun 2007 02:32:27 -0700 From: IanMiller Subject: Re: Another opportunity Message-ID: <1181640747.768522.7710@r19g2000prf.googlegroups.com> paragraph 3.6.1 is talking about Trusted Operating Systems with mandatory access control. This has not been seen in VMS land since SEVMS. It could be argued that VMS satisfies other things mentioned e.g "very secure system-wide control policy, a finely defined set of access privileges, and extensive logging and auditing capabilities." The other issues listed in that section seem sensible to be used as an argument for VMS. ------------------------------ Date: Tue, 12 Jun 2007 05:01:59 -0700 From: Andrew Subject: Re: Another opportunity Message-ID: <1181649719.331878.48220@i13g2000prf.googlegroups.com> On 12 Jun, 06:39, Ron Johnson wrote: > On 06/11/07 18:40, Main, Kerry wrote: > > > > >> -----Original Message----- > >> From: Ron Johnson [mailto:ron.l.john...@cox.net] > >> Sent: June 11, 2007 6:01 PM > >> To: Info-...@Mvb.Saic.Com > >> Subject: Re: Another opportunity > > >> On 06/11/07 16:09, Main, Kerry wrote: > >>>> -----Original Message----- > >>>> From: Dan Allen [mailto:dal...@nist.gov] > >>>> Sent: June 11, 2007 11:10 AM > >>>> To: Info-...@Mvb.Saic.Com > >>>> Subject: RE: Another opportunity > > >>>> Mention VMS to almost anyone here and watch the reaction. Anything > >>>> from total > >>>> lack of recognition to "is that old thing still around". > > >>>> Dan > > >>> You mean that thing that is approx 8 or 9 years *younger* than UNIX? > > >>> Thats like the middle aged man calling the 35 year old "old" .. > > >>> :-) > > >>> UNIX--> 1969 > >>> OpenVMS--> 1978 > >> Unix keeps reinventing it's innards and outards(??), though (newer, > >> better filesystems, newer shells with more features, fancier GUIs, > >> etc, etc ad nauseum). > > >> BSD and Linux internally look *nothing* like AT&T Unix. (Their > >> lawyers ensured that.) > > > Basic architecture is the same. Otherwise, how would they continue with > > the "UNIX is UNIX" story (yes, we all know that this is not true and > > It's the API, not the implementation, that makes Unix. > > > that numerous incompatibilities exist between UNIX's). > > Actually, it's not easy to get to be able to legally be called UNIX. > The *BSDs are grandfathered in, and Sun pays a license fee to SCOX > for the privilege. Otherwise, you've got to conform to the Single > Unix Specification (a descendant of OSF). > Sun does not pay a license fee to SCO, Sun purchased outright their license for UNIX from USL long before SCO bought whatever they did actually buy from Novell. This is one of the reasons why SCO is not suing Sun for releasing their code to the OpenSource community as Sun has done with OpenSolaris. > Didn't DEC brag about 15 years ago that OpenVMS was a certified > Unix? I know that IBM did so on the mainframe. > > And Linux can't be called Unix: it's a work-alike. > > BTW, an important point: "Linux" relies deeply on the GNU toolchain. > If there is a flaw in the GNU libc implentation of malloc, then > the system as a whole won't scale well. > It would be fairer to say the GNU relies on the Linux kernel as a platform since there is in fact much more GNU in any Linux distribution than there is Linux specific code. > This was demonstrated recently in a comparison of MySQL 5.0.?? on > recent vintages of Debian(?), {Free,Open,Net}BSD on an 8x x86-64 system. > > OpenBSD & NetBSD just couldn't scale *at all*, and "modern Linux" > tanked when the number of threads MySQL threads exceeded the number > of CPUs. FreeBSD, however, leveled off at it's peak performance. > > When the GNU malloc was replaced with google-malloc, Linux's > performance graph looked almost exactly like that of FreeBSD. > > > Hey, perhaps I'm wrong - what's the difference between fork on Solaris > > and fork on Linux? > > Implementation efficiency. > > >> OTOH, I'd bet dime to a dollar that there still many traces of code > >> from the original AXP VMS port, and even money that there's still a > >> lot of "elder days" code in there. > > > Also, from VAX days as well. Same for UNIX thought... If this were not > > true, you would have major issues with compatibility. > > Absolutely not true. > > >> ODS-2 has been around since 1980(?) and ODS-5 is too incompatible > >> with existing apps to be deployed in many circumstances. DCL is > >> substantially the same as when I first started using it in 1989. > > > And how long as the basic UNIX shell commands been around? Oh yes, > > longer than DCL. > > > :-) > > 1. (grrr) not all the switches are the same, > 2. they are implemented differently, > 3. they don't have to be implemented at all (there ae DOS-like > shells), > 4. there are many different shells, with many different features and > purposes (some are full-featured and incompatible, while some are > designed to be low- or tiny-footprint). > > >> The last big new feature was PIPE in v7.0. But that idea came from > >> Unix!!! > > >> Oh, wait: a "big" usability enhancement in v8.2: the DCL line length > >> was increased from a pathetic 250 bytes to a less-pathetic (?)4096 > >> bytes. > > > You have not been following the new VMS releases to much have you? > > > As only a small example, check out VMS V8.* new features: > >http://h71000.www7.hp.com/openvms/integrity/v83features.html(V8.3) > > Yeah!! I can finally burn DVDs!!!! And VMS has finally implemented > AES encryption!!! 10GbitE and 4Gbit HBAs!! The ability to generate > modern hash keys for files!!!! > > Cutting edge stuff, dude!!!! > > Not. > > VMS is treading water, slowly. > > >http://h71000.www7.hp.com/openvms/integrity/v82features.html(V8.2) > > > Also note the performance, UNIX portability, security, new HW, new > > clustering features, new .. you get the drift. > > Call me when DCL has for-loops, while-loops, case statements and > user-defined functions. The ability to string it all on one line > would also be a big help. > > Too bad those are also trailing edge features. > > -- > Ron Johnson, Jr. > Jefferson LA USA > > Give a man a fish, and he eats for a day. > Hit him with a fish, and he goes away for good! ------------------------------ Date: Tue, 12 Jun 2007 12:36:25 +0000 (UTC) From: david20@alpha2.mdx.ac.uk Subject: Re: Another opportunity Message-ID: In article , Michael Kraemer writes: >Main, Kerry schrieb: > >> >>>Moreover, Unix/Linux mentality is, that in a networked world >>>TCP/IP should be part of the OS, >>>which it is in Unix for about 20 years or so. >>>The fact that it is still a matter of discussion in VMS-land >>>shows how far behind VMS is w/ respect to others. >>>Even OS/2 and AmigaOS have it integrated now. >> >> As does OpenVMS .. what's your point? > >well, in 7.3 it's still an alien, although a legal one. >So IMHO even those legacy OSs have a better TCP integration. > Well it's installed as part of the standard OS installation procedure along with in the same way as DECNET, X-Windows etc >> >> OpenVMS also has partner products like Multinet and TCPware which offer >> additional features as well, so imho, that's a good thing. > >The sheer fact that there's a market for alternative products >shows that DECs original leaves sth to be desired. > DEC left it too late when producing their own TCPIP stack and the early versions left a lot to be desired. Hence third-party stacks had become well established. Nowadays a single company - Process - owns the only two remaining third-party TCPIP stacks for VMS. Even though Process inherited two different stacks (TCPWARE and Multinet) which both appear to support pretty much identical functionality there doesn't seem to be any move to drop one or the other. Some people seem to prefer Multinet and some prefer TCPWARE. Others prefer to get their TCPIP stack from the same supplier as the OS ie DEC TCPIP services from HP. The third-party stacks have also tended to get new features - SSH , IPSEC before DEC TCPIP services. Which certainly makes it look like HP are restricting their competition in this area to allow these stacks to continue to exist. Whether this is because they do not want to upset Process (who sell other VMS products) or whether they even fear being sued for bundling TCPIP in with the OS is open to question. I'm not sure precisely why DEC didn't produce a good TCPIP stack earlier. They had their own networking system DECNET which was very widely used - SPAN (Space Physics Analysis Network), HEPNET (high energy Physics Network), ESnet (Energy Sciences Network) etc - but it still seems strange that they didn't produce a TCPIP stack for VMS. Then of course later they were convinced that the OSI protocols would replace TCPIP which probably contributed to a deemphasis on improving the UCX TCPIP stack. David Webb Security team leader CCSS Middlesex University ------------------------------ Date: 12 Jun 2007 13:28:46 GMT From: bill@cs.uofs.edu (Bill Gunshannon) Subject: Re: Another opportunity Message-ID: <5d7lceF342pf9U2@mid.individual.net> In article <1181640747.768522.7710@r19g2000prf.googlegroups.com>, IanMiller writes: > paragraph 3.6.1 is talking about Trusted Operating Systems with > mandatory access control. This has not been seen in VMS land since > SEVMS. I thought regular VMS had "mandatory access control"? I guess I was wrong. :-( But it still fits into the general model proposed by this paper. > > It could be argued that VMS satisfies other things mentioned e.g "very > secure system-wide control policy, a finely defined set of access > privileges, and extensive logging and auditing capabilities." > > The other issues listed in that section seem sensible to be used as an > argument for VMS. One would think that by now someone from HP (VMS division) would be sitting accross the desk from the authors discussing this. But I am probably just dreaming again. bill -- Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves bill@cs.scranton.edu | and a sheep voting on what's for dinner. University of Scranton | Scranton, Pennsylvania | #include ------------------------------ Date: Tue, 12 Jun 2007 10:17:22 -0500 From: Ron Johnson Subject: Re: Another opportunity Message-ID: <6Oybi.122068$NK5.66439@newsfe23.lga> On 06/12/07 08:28, Bill Gunshannon wrote: > In article <1181640747.768522.7710@r19g2000prf.googlegroups.com>, > IanMiller writes: >> paragraph 3.6.1 is talking about Trusted Operating Systems with >> mandatory access control. This has not been seen in VMS land since >> SEVMS. > > I thought regular VMS had "mandatory access control"? I guess I > was wrong. :-( But it still fits into the general model proposed > by this paper. > >> It could be argued that VMS satisfies other things mentioned e.g "very >> secure system-wide control policy, a finely defined set of access >> privileges, and extensive logging and auditing capabilities." >> >> The other issues listed in that section seem sensible to be used as an >> argument for VMS. > > One would think that by now someone from HP (VMS division) would be > sitting accross the desk from the authors discussing this. But I > am probably just dreaming again. Exactly! Kerry's signature should be OpenVMS: it keeps the auditors happy! -- Ron Johnson, Jr. Jefferson LA USA Give a man a fish, and he eats for a day. Hit him with a fish, and he goes away for good! ------------------------------ Date: 12 Jun 2007 18:21:09 -0400 From: Rich Alderson Subject: Re: Another opportunity Message-ID: david20@alpha2.mdx.ac.uk writes: > I'm not sure precisely why DEC didn't produce a good TCPIP stack earlier. > They had their own networking system DECNET which was very widely used - > SPAN (Space Physics Analysis Network), HEPNET (high energy Physics Network), > ESnet (Energy Sciences Network) etc - but it still seems strange that they > didn't produce a TCPIP stack for VMS. Then of course later they were > convinced that the OSI protocols would replace TCPIP which probably > contributed to a deemphasis on improving the UCX TCPIP stack. DEC didn't produce a good TCP/IP stack on *any* architecture, and DECNET is the reason. There are still 36-bit bigots who hate VMS who believe that DECNET should have won the networking wars (and at least one who thinks that the skunkworks ANF-10 should have beat out DECNET. TCP/IP on Tops-20 originated with the TENEX code from BB&N, and was vastly improved at customer sites like Stanford, MIT, and CMU, while DEC (and later Digital) was trying to get DECNET out the door. The Digital DNS code--based on the reference implementation for the entire Internet--was done at ISI, and replaced completely by code written by one programmer (SRA--see also "Alice's PDP-10") at MIT. So it's not just VMS, and it's not just HP. -- Rich Alderson | /"\ ASCII ribbon | news@alderson.users.panix.com | \ / campaign against | "You get what anybody gets. You get a lifetime." | x HTML mail and | --Death, of the Endless | / \ postings | ------------------------------ Date: Tue, 12 Jun 2007 17:38:55 -0500 From: Ron Johnson Subject: Re: Another opportunity Message-ID: <3gFbi.561993$2Q1.326041@newsfe16.lga> On 06/12/07 17:21, Rich Alderson wrote: [snip] > DEC didn't produce a good TCP/IP stack on *any* architecture, and DECNET is > the reason. There are still 36-bit bigots who hate VMS who believe that > DECNET should have won the networking wars (and at least one who thinks that > the skunkworks ANF-10 should have beat out DECNET. Reminds me of the people who haven't quite accepted that the North won the War. -- Ron Johnson, Jr. Jefferson LA USA Give a man a fish, and he eats for a day. Hit him with a fish, and he goes away for good! ------------------------------ Date: Wed, 13 Jun 2007 09:34:35 +0200 From: Michael Kraemer Subject: Re: Another opportunity Message-ID: david20@alpha2.mdx.ac.uk schrieb: > Well it's installed as part of the standard OS installation procedure along > with in the same way as DECNET, X-Windows etc The best you can say is that they (TCPIP,Gfx) are on the same installation CD, but they're not well integrated at all. On VAX the installation is a PITA. On my VS4000s I had to edit sys$system:modparams.dat to add a MIN_INTSTKPAGES=12, otherwise it wouldn't run. (this was nowhere described, it took me several hours to figure it out). Plus run some autogen stuff. Plus the three UCX PAKs (no other OS I know of needs such dongles just to be able to communicate with the rest of the world). Of course you can't just ftp the license.com since ftp is not yet working. Brilliant. And while we're at "integration" of stuff which comes standard on other platforms, Gfx is another sad story. My alphastation has a gfx card which isn't supported by VMS out of the box. Apparently it needs Open3D, which I couldn't find on the hobbyist CD, or maybe just the license is missing (doesn't come with the hobbyist license AFAIK) So I'm left dead in the water with that box (at least if I want to stay legal), even if I only want to run 2D X11. Ah, BTW, Tru64 runs just fine on the same box, so at least someone at DEC back then knew how to write the respective drivers. On the next box I tried, a PWS500, VMS didn't like the CD-ROM (an IDE drive), so I had to plug one of those rare 512-byte SCSI drives. All-in-all, installation procedures, support of vendor's own hardware as well as integration of standard components just plain sucks, when compared with the competition. Even good old Ultrix works better in that respect. > > I'm not sure precisely why DEC didn't produce a good TCPIP stack earlier. > They had their own networking system DECNET which was very widely used - > SPAN (Space Physics Analysis Network), HEPNET (high energy Physics Network), > ESnet (Energy Sciences Network) etc - > but it still seems strange that they didn't produce a TCPIP stack for VMS. > Then of course later they were convinced that the OSI protocols would replace > TCPIP which probably contributed to a deemphasis on improving the UCX TCPIP > stack. But that dates back way into the late 1980s, so they had plenty of time to improve and seamless integrate UCX. I mean, how long does it take to implement such a thingy ? I don't think that's rocket science. ------------------------------ Date: Wed, 13 Jun 2007 11:57:18 +0000 (UTC) From: david20@alpha2.mdx.ac.uk Subject: Re: Another opportunity Message-ID: In article <3gFbi.561993$2Q1.326041@newsfe16.lga>, Ron Johnson writes: >On 06/12/07 17:21, Rich Alderson wrote: >[snip] >> DEC didn't produce a good TCP/IP stack on *any* architecture, and DECNET is >> the reason. There are still 36-bit bigots who hate VMS who believe that >> DECNET should have won the networking wars (and at least one who thinks that >> the skunkworks ANF-10 should have beat out DECNET. > DEC's Unix Ultrix produced in 1984 must surely have had a TCPIP stack. But VMS didn't get one from DEC until about 1989 and then it seemed to be a very minimal stack to provide limited connectivity to Ultrix (UCX). Dec did produce VMS software for connectivity to other systems eg SNA/RJE connectivity to IBM systems, PSI software for X-25 connectivity etc but they just didn't seem to want to produce anything for TCP/IP connectivity and hence left it to third-parties. David Webb Security team leader CCSS Middlesex University >Reminds me of the people who haven't quite accepted that the North >won the War. > >-- >Ron Johnson, Jr. >Jefferson LA USA > >Give a man a fish, and he eats for a day. >Hit him with a fish, and he goes away for good! ------------------------------ Date: 13 Jun 2007 07:11:03 -0500 From: Kilgallen@SpamCop.net (Larry Kilgallen) Subject: Re: Another opportunity Message-ID: In article <3gFbi.561993$2Q1.326041@newsfe16.lga>, Ron Johnson writes: > On 06/12/07 17:21, Rich Alderson wrote: > [snip] >> DEC didn't produce a good TCP/IP stack on *any* architecture, and DECNET is >> the reason. There are still 36-bit bigots who hate VMS who believe that >> DECNET should have won the networking wars (and at least one who thinks that >> the skunkworks ANF-10 should have beat out DECNET. > > Reminds me of the people who haven't quite accepted that the North > won the War. Oh great, Ron, give us another opening for an off-topic controversy :-) ------------------------------ Date: 13 Jun 2007 08:29:58 -0500 From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) Subject: RE: Another opportunity Message-ID: In article , helbig@astro.multiCLOTHESvax.de (Phillip Helbig---remove CLOTHES to reply) writes: > > Which is better is a different question; what the truth is is a > different question; the point is that the PERCEPTION is that VMS hasn't > been improved in a while. The perception is that VMS only runs on "those old computers" and has ODS-2 file naming limitations. People who have been forced off of it still whish they hadn't. ------------------------------ Date: 13 Jun 2007 08:34:42 -0500 From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) Subject: Re: Another opportunity Message-ID: In article , Ron Johnson writes: > > Unix keeps reinventing it's innards and outards(??), though (newer, > better filesystems, newer shells with more features, fancier GUIs, > etc, etc ad nauseum). > > BSD and Linux internally look *nothing* like AT&T Unix. (Their > lawyers ensured that.) Much work has been done on the innards and outards of UNIX, but the two mode OS with a cryptic shell is and remains typical late 1960s design. Everyon else was doing those in the late 1960s, too. The sad thing is that children born of the late 1970s, and later, are exposed to is as the only example of things like how to write a powerfull shell. Compare that to my wife, who left computing as a career in the early 1980s and can't understand why we put up with these things because "We had better". ------------------------------ Date: 13 Jun 2007 09:18:35 -0500 From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) Subject: Re: Another opportunity Message-ID: In article <5d7lceF342pf9U2@mid.individual.net>, bill@cs.uofs.edu (Bill Gunshannon) writes: > In article <1181640747.768522.7710@r19g2000prf.googlegroups.com>, > IanMiller writes: >> paragraph 3.6.1 is talking about Trusted Operating Systems with >> mandatory access control. This has not been seen in VMS land since >> SEVMS. > > I thought regular VMS had "mandatory access control"? I guess I > was wrong. :-( But it still fits into the general model proposed > by this paper. > The "mandatory access control" available in SEVMS and specified in vertain government applications is not the kind of file control seen in VMS, UNIX, Windows, or other general purpose OS. It includes concepts like write-up (to higher security level) and read-down (to lower security level). ------------------------------ Date: Wed, 13 Jun 2007 14:45:22 +0000 (UTC) From: david20@alpha2.mdx.ac.uk Subject: Re: Another opportunity Message-ID: In article , Michael Kraemer writes: >david20@alpha2.mdx.ac.uk schrieb: > >> Well it's installed as part of the standard OS installation procedure along >> with in the same way as DECNET, X-Windows etc > >The best you can say is that they (TCPIP,Gfx) are on the same >installation CD, but they're not well integrated at all. >On VAX the installation is a PITA. It's much too long since I setup VMS on a VAX system so I can't really comment on how well integrated TCPIP is into it's installation procedures. On Alpha the installation/upgrade procedure asks whether to install/upgrade DEC TCPIP services in the same way it asks whether you want to install/upgrade DECNET Phase IV or DECNET Phase V. >On my VS4000s I had to edit sys$system:modparams.dat >to add a MIN_INTSTKPAGES=12, otherwise it wouldn't run. >(this was nowhere described, it took me several hours to figure it out). >Plus run some autogen stuff. >Plus the three UCX PAKs (no other OS I know of needs such dongles >just to be able to communicate with the rest of the world). DECNET also requires a license PAK. >Of course you can't just ftp the license.com since ftp is not yet >working. Brilliant. Apart from systems which were designed to install via FTP (and which therefore start up a restricted FTP process) is there any system which allows ftp access during installation ? Even systems which install via ftp don't, as far as I am aware, allow you to just ftp up a file in the middle of the installation. >And while we're at "integration" of stuff which comes standard >on other platforms, Gfx is another sad story. >My alphastation has a gfx card which isn't supported by VMS out >of the box. Apparently it needs Open3D, which I couldn't >find on the hobbyist CD, or maybe just the license is missing >(doesn't come with the hobbyist license AFAIK) Version 8.2 and later of OPENVMS don't require the Open3D license for 3D support and don't support installation of the Open3D layered product which is probably why it isn't on the hobbyist CD. Unfortunately OpenVMS 8.2 also dropped support for some graphics cards. see http://h71000.www7.hp.com/doc/82FINAL/6674/6674pro_retired.html#retirementch and http://h71000.www7.hp.com/doc/82FINAL/6674/6674pro_hardware2.html#graphicsboards This appears to be another HP development since under COMPAQ and DEC VMS was well known for it's continued support for decades old hardware with the latest versions of the OS. >So I'm left dead in the water with that box >(at least if I want to stay legal), even if I only want to run 2D X11. >Ah, BTW, Tru64 runs just fine on the same box, so at least >someone at DEC back then knew how to write the respective drivers. >On the next box I tried, a PWS500, >VMS didn't like the CD-ROM (an IDE drive), so I had to plug >one of those rare 512-byte SCSI drives. Hardware peripherals depend upon the age of the box and what is supported in hardware as well as in software. Some of the earlier PWS boxes couldn't boot VMS from IDE CD drives. >All-in-all, installation procedures, support of vendor's >own hardware as well as integration of standard components >just plain sucks, when compared with the competition. >Even good old Ultrix works better in that respect. > >> >> I'm not sure precisely why DEC didn't produce a good TCPIP stack earlier. >> They had their own networking system DECNET which was very widely used - >> SPAN (Space Physics Analysis Network), HEPNET (high energy Physics Network), >> ESnet (Energy Sciences Network) etc - >> but it still seems strange that they didn't produce a TCPIP stack for VMS. >> Then of course later they were convinced that the OSI protocols would replace >> TCPIP which probably contributed to a deemphasis on improving the UCX TCPIP >> stack. > >But that dates back way into the late 1980s, so they had plenty of >time to improve and seamless integrate UCX. I mean, how long does >it take to implement such a thingy ? I don't think that's rocket science. > I'm not sure what extra level of integration you are looking for. David Webb Security team leader CCSS Middlesex University ------------------------------ Date: Wed, 13 Jun 2007 10:38:12 -0500 From: Ron Johnson Subject: Re: Another opportunity Message-ID: On 06/13/07 08:34, Bob Koehler wrote: > In article , Ron Johnson writes: >> Unix keeps reinventing it's innards and outards(??), though (newer, >> better filesystems, newer shells with more features, fancier GUIs, >> etc, etc ad nauseum). >> >> BSD and Linux internally look *nothing* like AT&T Unix. (Their >> lawyers ensured that.) > > Much work has been done on the innards and outards of UNIX, but > the two mode OS with a cryptic shell is and remains typical late > 1960s design. Everyon else was doing those in the late 1960s, too. > > The sad thing is that children born of the late 1970s, and later, > are exposed to is as the only example of things like how to write > a powerfull shell. 4DOS was (and 4NT is) a powerful shell. But most Windows users stick with the GUI. > Compare that to my wife, who left computing as a career in the early > 1980s and can't understand why we put up with these things because > "We had better". If DCL had been constantly improved like bash 1.0 was an improvement over the Bourne shell (and how bash has improved over the years as has the zsh, which some people rave over), then it would definitely be greater than bash. OTOH, I occasionally have to use ksh on an HP-UX box, and man, it is *painful*. -- Ron Johnson, Jr. Jefferson LA USA Give a man a fish, and he eats for a day. Hit him with a fish, and he goes away for good! ------------------------------ Date: Wed, 13 Jun 2007 11:20:29 -0500 From: Ron Johnson Subject: Re: Another opportunity Message-ID: On 06/13/07 09:45, david20@alpha2.mdx.ac.uk wrote: [snip] > >> Of course you can't just ftp the license.com since ftp is not yet >> working. Brilliant. > > Apart from systems which were designed to install via FTP (and which therefore > start up a restricted FTP process) is there any system which allows ftp access > during installation ? Even systems which install via ftp don't, as far as I am > aware, allow you to just ftp up a file in the middle of the installation. I guess it depends on the stage of installation. -- Ron Johnson, Jr. Jefferson LA USA Give a man a fish, and he eats for a day. Hit him with a fish, and he goes away for good! ------------------------------ Date: Wed, 13 Jun 2007 12:44:32 -0400 From: "Richard B. Gilbert" Subject: Re: Another opportunity Message-ID: <46701EF0.2020007@comcast.net> Ron Johnson wrote: > On 06/13/07 08:34, Bob Koehler wrote: > >> In article , Ron Johnson >> writes: >> >>> Unix keeps reinventing it's innards and outards(??), though (newer, >>> better filesystems, newer shells with more features, fancier GUIs, >>> etc, etc ad nauseum). >>> >>> BSD and Linux internally look *nothing* like AT&T Unix. (Their >>> lawyers ensured that.) >> >> >> Much work has been done on the innards and outards of UNIX, but >> the two mode OS with a cryptic shell is and remains typical late >> 1960s design. Everyon else was doing those in the late 1960s, too. >> >> The sad thing is that children born of the late 1970s, and later, >> are exposed to is as the only example of things like how to write >> a powerfull shell. > > > 4DOS was (and 4NT is) a powerful shell. But most Windows users stick > with the GUI. > >> Compare that to my wife, who left computing as a career in the early >> 1980s and can't understand why we put up with these things because >> "We had better". > > > If DCL had been constantly improved like bash 1.0 was an improvement How would you "improve' DCL. Since they added IF/THEN/ELSE a few years ago, it's been just about perfect. :-) I know someone who claims to have a DCL program that occupies some 400 pages of "greenbar paper" when printed. Many of us have written DCL that "writes" DCL. It's a hell of a lot more "readable" than the abominations that Unix uses. ------------------------------ Date: Wed, 13 Jun 2007 12:49:50 -0400 From: Stephen Hoffman Subject: Re: Another opportunity Message-ID: david20@alpha2.mdx.ac.uk wrote: > In article , Michael Kraemer writes: >> david20@alpha2.mdx.ac.uk schrieb: >> Of course you can't just ftp the license.com since ftp is not yet >> working. Brilliant. InfoServer works here. > Apart from systems which were designed to install via FTP (and which therefore > start up a restricted FTP process) is there any system which allows ftp access > during installation ? Even systems which install via ftp don't, as far as I am > aware, allow you to just ftp up a file in the middle of the installation. The EFI console allows FTP before you've installed. >> And while we're at "integration" of stuff which comes standard >> on other platforms, Gfx is another sad story. DIGITAL announced it was getting out of the workstation market. >> My alphastation has a gfx card which isn't supported by VMS out >> of the box. Which graphics controller? > This appears to be another HP development since under COMPAQ and DEC VMS was > well known for it's continued support for decades old hardware with the > latest versions of the OS. Old systems classically dropped off the support list. That old systems carry through is as big a problem as a benefit; an installed base prevents you from making various changes. For instance, OpenVMS Alpha itself can't simply rebuild everything using byte-word, it has to conditionalize or avoid these constructs as folks are still using EV5 and prior. >> So I'm left dead in the water with that box >> (at least if I want to stay legal), even if I only want to run 2D X11. >> Ah, BTW, Tru64 runs just fine on the same box, so at least >> someone at DEC back then knew how to write the respective drivers. Tru64 UNIX retired all DEC 3000 boxes and slews of controllers, which caused a minor uproar. >> On the next box I tried, a PWS500, >> VMS didn't like the CD-ROM (an IDE drive), so I had to plug >> one of those rare 512-byte SCSI drives. Which CD-ROM? Which Personal Workstation? (Some of these Personal Workstation boxes didn't have junk I/O capable of booting IDE disks. I've yet to meet identical IDE disks.) There are Itanium boxes that would boot OpenVMS for US$500 on eBay. Add a real license for US$900 per core or a hobbyist license, and off you go. Old gear goes away. That's the nature of the business. What you buy now is worthless junk in five years. Sometimes less. > Hardware peripherals depend upon the age of the box and what is supported in > hardware as well as in software. Some of the earlier PWS boxes couldn't boot > VMS from IDE CD drives. Those boxes were never supported for OpenVMS, either. They sorta worked, and were not explicitly locked out. Directions on how to work around this got posted, too. >> All-in-all, installation procedures, support of vendor's >> own hardware as well as integration of standard components >> just plain sucks, when compared with the competition. >> Even good old Ultrix works better in that respect. >> >>> I'm not sure precisely why DEC didn't produce a good TCPIP stack earlier. >>> They had their own networking system DECNET which was very widely used - >>> SPAN (Space Physics Analysis Network), HEPNET (high energy Physics Network), >>> ESnet (Energy Sciences Network) etc - >>> but it still seems strange that they didn't produce a TCPIP stack for VMS. >>> Then of course later they were convinced that the OSI protocols would replace >>> TCPIP which probably contributed to a deemphasis on improving the UCX TCPIP >>> stack. >> But that dates back way into the late 1980s, so they had plenty of >> time to improve and seamless integrate UCX. I mean, how long does >> it take to implement such a thingy ? I don't think that's rocket science. The "fun" for many years was that DIGITAL bet very heavily on OSI. And DIGITAL lost that bet, and ended up playing catch-up in the market. IP is not rocket science, but it's certainly a large and never-ending empirical effort -- very little of IP actually works the way implied by the RFCs. And IP is perpetually moving forward, so you're always chasing and re-porting, or extending. Also the nature of the business. > I'm not sure what extra level of integration you are looking for. I suspect Mr. Kraemer wants a generic IDE CD-ROM and to continue to use an ancient graphics widget on his existing Personal Workstation, while also looking to upgrade the older gear to current software. Certainly laudable goals. DIGITAL, Compaq and HP have sought to sell newer gear. Also laudable goals. Unfortunately, these two goals do appear to conflict. (Though thankfully for us hardware bottom-feeders and scanvengers, used Itanium gear is finally starting to appear on the used-equipment market, and the DS and ES-class AlphaServer series boxes are seeing continued price drops.) -- www.HoffmanLabs.com Services for OpenVMS ------------------------------ Date: Wed, 13 Jun 2007 17:38:31 +0000 (UTC) From: david20@alpha2.mdx.ac.uk Subject: Re: Another opportunity Message-ID: In article , Stephen Hoffman writes: >david20@alpha2.mdx.ac.uk wrote: >> In article , Michael Kraemer writes: >>> david20@alpha2.mdx.ac.uk schrieb: > >>> Of course you can't just ftp the license.com since ftp is not yet >>> working. Brilliant. > > InfoServer works here. > >> Apart from systems which were designed to install via FTP (and which therefore >> start up a restricted FTP process) is there any system which allows ftp access >> during installation ? Even systems which install via ftp don't, as far as I am >> aware, allow you to just ftp up a file in the middle of the installation. > > The EFI console allows FTP before you've installed. > >>> And while we're at "integration" of stuff which comes standard >>> on other platforms, Gfx is another sad story. > > DIGITAL announced it was getting out of the workstation market. > >>> My alphastation has a gfx card which isn't supported by VMS out >>> of the box. > > Which graphics controller? > >> This appears to be another HP development since under COMPAQ and DEC VMS was >> well known for it's continued support for decades old hardware with the >> latest versions of the OS. > > Old systems classically dropped off the support list. > > That old systems carry through is as big a problem as a benefit; an >installed base prevents you from making various changes. For instance, >OpenVMS Alpha itself can't simply rebuild everything using byte-word, it >has to conditionalize or avoid these constructs as folks are still using >EV5 and prior. > >>> So I'm left dead in the water with that box >>> (at least if I want to stay legal), even if I only want to run 2D X11. >>> Ah, BTW, Tru64 runs just fine on the same box, so at least >>> someone at DEC back then knew how to write the respective drivers. > > Tru64 UNIX retired all DEC 3000 boxes and slews of controllers, which >caused a minor uproar. > >>> On the next box I tried, a PWS500, >>> VMS didn't like the CD-ROM (an IDE drive), so I had to plug >>> one of those rare 512-byte SCSI drives. > > Which CD-ROM? Which Personal Workstation? (Some of these Personal >Workstation boxes didn't have junk I/O capable of booting IDE disks. >I've yet to meet identical IDE disks.) > > There are Itanium boxes that would boot OpenVMS for US$500 on eBay. >Add a real license for US$900 per core or a hobbyist license, and off >you go. > > Old gear goes away. That's the nature of the business. What you buy >now is worthless junk in five years. Sometimes less. > > >> Hardware peripherals depend upon the age of the box and what is supported in >> hardware as well as in software. Some of the earlier PWS boxes couldn't boot >> VMS from IDE CD drives. > > Those boxes were never supported for OpenVMS, either. They sorta >worked, and were not explicitly locked out. Directions on how to work >around this got posted, too. > I'm sure the PWS system have pretty much always supported VMS (at least the au version). Are you perhaps thinking of the Multia ? David Webb Security team leader CCSS Middlesex University >>> All-in-all, installation procedures, support of vendor's >>> own hardware as well as integration of standard components >>> just plain sucks, when compared with the competition. >>> Even good old Ultrix works better in that respect. >>> >>>> I'm not sure precisely why DEC didn't produce a good TCPIP stack earlier. >>>> They had their own networking system DECNET which was very widely used - >>>> SPAN (Space Physics Analysis Network), HEPNET (high energy Physics Network), >>>> ESnet (Energy Sciences Network) etc - >>>> but it still seems strange that they didn't produce a TCPIP stack for VMS. >>>> Then of course later they were convinced that the OSI protocols would replace >>>> TCPIP which probably contributed to a deemphasis on improving the UCX TCPIP >>>> stack. >>> But that dates back way into the late 1980s, so they had plenty of >>> time to improve and seamless integrate UCX. I mean, how long does >>> it take to implement such a thingy ? I don't think that's rocket science. > > The "fun" for many years was that DIGITAL bet very heavily on OSI. >And DIGITAL lost that bet, and ended up playing catch-up in the market. > > IP is not rocket science, but it's certainly a large and never-ending >empirical effort -- very little of IP actually works the way implied by >the RFCs. And IP is perpetually moving forward, so you're always >chasing and re-porting, or extending. Also the nature of the business. > >> I'm not sure what extra level of integration you are looking for. > > I suspect Mr. Kraemer wants a generic IDE CD-ROM and to continue to >use an ancient graphics widget on his existing Personal Workstation, >while also looking to upgrade the older gear to current software. >Certainly laudable goals. DIGITAL, Compaq and HP have sought to sell >newer gear. Also laudable goals. Unfortunately, these two goals do >appear to conflict. (Though thankfully for us hardware bottom-feeders >and scanvengers, used Itanium gear is finally starting to appear on the >used-equipment market, and the DS and ES-class AlphaServer series boxes >are seeing continued price drops.) > > >-- >www.HoffmanLabs.com >Services for OpenVMS ------------------------------ Date: Wed, 13 Jun 2007 13:06:33 -0400 From: "John Smith" Subject: Re: Anyone know why the Alpha market is so so quiet? Message-ID: Main, Kerry wrote: >> -----Original Message----- >> From: Arne Vajhřj [mailto:arne@vajhoej.dk] >> Sent: June 9, 2007 3:07 PM >> To: Info-VAX@Mvb.Saic.Com >> Subject: Re: Anyone know why the Alpha market is so so quiet? >> >> Dr. Dweeb wrote: >>> Main, Kerry wrote: >>>> As I mentioned earlier, it is not the roll-out of the patches that >> is >>>> the issue. Heck, that is relatively minor as you can even easily do >>>> this with all of the Windows security patches. >>>> >>>> The big issue by far is the re-certification and testing of >> important >>>> business applications with all of the monthly OS security patches. >>>> >>>> For small and some medium businesses with small numbers of users, >>>> this is not an issue as they simply apply the patch and reboot. If >> a >>>> OS security patch breaks the kernel or an application, then they >> can >>>> simply roll-back with minimal impact as the numbers of users are >> not >>>> that large. >>>> >>>> That is usually not the case with large IT environments with >> mission >>>> critical environments. >> >>> OK. Just so you guys "get it", here is a real example. >>> >>> A system software upgrade is tested and validated. To be deployed >> at 8 >>> different sites over a period of 1 year, sheduled deployment >> determined by >>> PM downtime of 24*7 manufacturing operations - which by its nature >> is >>> planned a long way in advance. >>> >>> 2 smaller sites go live before a memory leak rears its ugly head in >> a large >>> site, number 3, crashing the application and stalling part of the >> factory >>> shipping processes. The resulting cleanup operation consumes DBA >> and >>> sysadmin time at every occurrance and occurs at different intervals >>> depending on the transaction volume of the factory - the larger the >> factory, >>> the larger the problem. We are talking daily on a large factory. >>> >>> The IT troubleshooters get on the job and isolate the error, create >> a simple >>> reproducer and report it as priority 1 bug to the supplier, who duly >> fix it >>> within 3 days! The IT guys check out the reproducer and the >> instances of >>> live code where the problem was evident and verify that the supplier >> patch >>> has indeed solved the problem. >>> >>> Q1: Which version of the software was installed at the following 5 >> sites? >>> Q:2 When was the software updated at the 3 already installed sites? >>> >>> A1: The broken version. >>> A2: Never (yet) >>> >>> In order to release a systems software upgrade, the entire >> application must >>> pass certification. This is an $7B pr. year manufacturing company - >> a >>> houshold name - SOX compliant and accutely aware of the necessity >> for >>> application certification before deployment. >>> >>> Why you ask? >>> >>> Because the cost of bringing a larger factory down completely is >> like >>> $50,000 per hour, while the cost of having a DBA cleanup the stalls >> is zero, >>> because he is already sitting there and it is in his job >> description. The >>> risk is evaluated, the costs apportioned and the decision made. A >>> management no-brainer, because the certification requirement and >> procedures >>> are very clear and unambiguous. As bizarre as it seems, this is the >> daily >>> life of people who maintain and operate the big iron that controls >> large >>> manufacturing - not just that particular site. >>> >>> When the application is recertified on the patched vendor software, >> the >>> patch to the vendor software will be applied to the production >> environment >>> in a controlled and phased manner - not before. >>> >>> Here endeth the lesson in reality for you guys who wouldn't know a >> real >>> high-availability corporate production environment if it landed on >> your >>> head! >> >> But the conclusion is that Kerry arguments against Linux does not >> hold water. >> >> Because if those systems where running Linux - how many security >> patches would have been installed on them in that period ? >> >> Arne > > Thank you - you just made my point. > > :-) > > With 5-20 Linux (and Windows) security patches being released each > and every month, this company would not get approval from the > business units to test and apply all these patches against all the > important apps, so the business would have to risk not being hacked > with all of these well documented security patches not being applied. > > With 50-60% of all security issues being internal related, that is a > huge risk. > > And think about this in the financial sector with systems running > billions (and in some OpenVMS systems, trillions) of $'s through > their systems daily, weekly, monthly. With all of the internal people > taking laptops, PDA's back and forth to home, on the road and work > etc all open for Trojans, worms etc that are looking for systems with > documented holes to exploit. > > It really blows me away that serious financial institutions can > justify moving to Linux (Windows) with so many monthly security > patches being released each and every month. > > I can only believe that the managers involved have no idea of the > security issues their techies or those pushing these platforms are > exposing the business to. > > Personally speaking, I would have to ask "how can these financial and > mission critical environments afford these platforms?" So let me ask you these questions about this alleged incredulous actions by financial institutions and other bet-your-business companies: In your travels and engagements with these organizations, *what* rationale have they told you was behind their decision to turf VMS out? 1) Does it have anything to do with the fact that certain critical applications are no longer available or supported on VMS, (eg. SWIFT, etc....)? 2) If their rationales are related to question 1) above, then have they told you that since their critical applications or tools aren't available on VMS, then they have no choice but to pay the price of patch-of-the-hour environments. 3) Have they told you that it's because HP doesn't convince them that VMS has any forseeable future, ie. doubts about VMS & Itanic EOL scenarios? 4) What about staff retention - have they mentioned that their staff may want to have relevant *marketable* experience with the technologies that can get them new jobs if the company downsizes/outsources them? I'm sure that has to be in the minds of everyone in the IT divisions except perhaps the CIO. 5) Have they told you it's because the CEO keeps reading about Linux or Windows doing X, Y & Z applications elsewhere and wonders why his company isn't doing the same? How many of your off-VMS onto-Linux customers have come back to you at the end of the migration and said "We never should have switched"? So how about this -- since you've had experience with many of these situations, --create a no-names list you can post here with the following attributes: Industry --eg. financial, manufacturing, medical, pharmaceutical, retail, etc... Old Environment - VMS, Solaris, Windows, Linux, zOS, etc.... New Environment - VMS, Solaris, Windows, Linux, zOS, etc.... Reason for Migration - HW vendor dead, application not supported on old OS, tools not available, needed new apps so figured they'd use Asian talent with zero VMS experience, whatever ...... Best Result of Migration - eg. costs reduced 20%, more TPS, whatever ...... Worst Result of Migration - patch-of-the-hour, costs increased, unstable environment, etc..... Overall Satisfaction w/Migration - not including scope creep -- OpenVMS - The never-advertised operating system with the dwindling ISV and customer base. ------------------------------ Date: 13 Jun 2007 17:45:57 GMT From: bill@cs.uofs.edu (Bill Gunshannon) Subject: Re: Anyone know why the Alpha market is so so quiet? Message-ID: <5daoqlF33bv84U1@mid.individual.net> In article , "John Smith" writes: > > How many of your off-VMS onto-Linux customers have come back to you at the > end of the migration and said "We never should have switched"? How many CEO's who killed successful Processor families in favor of as yet non-existant Processor families came back later to admit they had made a mistake? The first rule of comporate management is never admit a mistake, the other sharks can smell the blood in the water. bill -- Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves bill@cs.scranton.edu | and a sheep voting on what's for dinner. University of Scranton | Scranton, Pennsylvania | #include ------------------------------ Date: Tue, 12 Jun 2007 06:52:45 -0400 From: JF Mezei Subject: BACKUP Suggestions (/STAT and error handling) 8.3 Message-ID: <2534a$466e7b04$cef8887a$688@TEKSAVVY.COM> Based on Backup, alpha, 8.3 Having BACKUP display a summary at the end would be very useful. Total files backed up, total blocks used in those files, total blocks allocated in those files, total files skipped due to nobackup, total files that were open for writing time elapsed and performance (blocks per second). Also, if backup ever aborts due to an error, it should provide the above statistics no matter what, as well as the name of the file last succesfully saved (and the name/file id) of file where error was encountered.) ------------------------------ Date: Wed, 13 Jun 2007 03:10:51 GMT From: John Santos Subject: Re: BACKUP Suggestions (/STAT and error handling) 8.3 Message-ID: <%eJbi.4635$1o.3885@trnddc01> JF Mezei wrote: > Based on Backup, alpha, 8.3 > > Having BACKUP display a summary at the end would be very useful. > > Total files backed up, > total blocks used in those files, > total blocks allocated in those files, > total files skipped due to nobackup, > total files that were open for writing > time elapsed > and performance (blocks per second). > > > Also, if backup ever aborts due to an error, it should provide the above > statistics no matter what, as well as the name of the file last > succesfully saved (and the name/file id) of file where error was > encountered.) I asked for almost exactly this at a DECUS "ask the developers" session about 20 years ago. The BACKUP developer's response was "Sounds like a good idea and easy to implement. I think I'm getting a [summer intern |gofer|programming lackey] this summer and I'll get him to do it..." Never happened. :-( -- John Santos Evans Griffiths & Hart, Inc. 781-861-0670 ext 539 ------------------------------ Date: Wed, 13 Jun 2007 01:30:59 -0700 From: IanMiller Subject: Re: BACKUP Suggestions (/STAT and error handling) 8.3 Message-ID: <1181723459.488924.262470@o11g2000prd.googlegroups.com> and when you sent this suggestion to HP what was the response? ------------------------------ Date: Tue, 12 Jun 2007 11:04:08 +0200 From: "P. Sture" Subject: Re: bad checksum for AXP_DNVOSIECO02-V83 Message-ID: In article , Bill Bennett wrote: > I've tried twice today to download the new DECnet-Plus ECO > AXP_DNVOSIECO02-V83 from the ITRC FTP site, and both times > got the same checksum for the ZIPEXE file (CHECKSUM$CHECKSUM > = "2926599316"), which unfortunately does not agree with > the checksum in the cover letter, although the ZIPEXE runs > and unpacks the PCSI files without obvious error. (And no, > the checksum in the cover letter doesn't agree with that > for the PCSI$COMPRESSED file, either.) > > Has anyone been able to download AXP_DNVOSIECO02-V83.ZIPEXE > and get the checksum listed in the cover letter? > > I downloaded the new VMS 8.3 Alpha UPDATE_V0300.ZIPEXE and > a few more recent patches with the same procedures with no > problem, but I'd have thought that someone else would have > noticed the problem by now and posted a comment here, if > there really were a kit with a bad checksum on the ITRC > site... > There is a new version of this kit available on ITRC. This time the checksum matches. -- Paul Sture ------------------------------ Date: Mon, 11 Jun 2007 23:39:37 -0700 From: "Bart.Zorn@gmail.com" Subject: Re: BYPASS privilege !! Message-ID: <1181630377.104879.182360@j4g2000prf.googlegroups.com> On Jun 11, 9:33 pm, JF Mezei wrote: > Baxt...@tessco.com wrote: > > We are currently preparing for the dreaded Sarbanes-Oxley stuff > > and are discussing the effects (if any) of removing BYPASS privilege > > from the SYSTEM account. > > $SEARCH SYS$MANAGER:*.COM BYPASS will give you your answer. [ S n i p . . . ] This opens the proverbial can of worms. One of the first things you must do is uninstal TCP/IP Services for OpenVMS to get rid of MANY unneccesary occurences of BYPASS! Regards, Bart Zorn ------------------------------ Date: 12 Jun 2007 07:03:51 -0500 From: Kilgallen@SpamCop.net (Larry Kilgallen) Subject: Re: BYPASS privilege !! Message-ID: In article <1181606749.449032.311320@c77g2000hse.googlegroups.com>, BaxterD@tessco.com writes: > First of all, I would like to say that this discussion came about > during a meeting on SOX requirements, which morphed into a discussion > about how it would be possible to "trick" our application if the > villain had certain knowledge, programming skills and system > privileges. We managed to come up with a surprising number of ways > to work mischief, that would be difficult to detect immediately, and > possibly even more difficult to figure out. That is why they are called privileges. They should be handed out _very_ sparingly. In the case of the SYSTEM username, that is done by disabling it for Interactive, Network and possible Batch access. The only unique capability of the SYSTEM username is for logging in from the console when under breakin evasion denial of service attack. The same capability that allows that situation to avoid the breakin evasion also allows it to avoid the situation where lack of Interactive access prevents login. To allow access in this limited situation, consider the description in the second paragraph at: http://www.ljk.com/ljk/LJK_SECURITY_DOCUMENTATION/ljk_security_d_032.html If you (or your SOX auditors) want to take that further, consider dual generated passwords stored behind separate glass. > Thanks to you all for your responses, and I want to start by > saying that we agree with all of you. Whether BYPASS is freely > given to the SYSTEM account or not, there is really no way of stopping > a malicious admin from reeking havoc with your system, should he > choose to. > > We were looking at it more from the point of auditability (?). VMS is incredibly auditable, and that is the answer to all issued regarding privileges that are actually needed for individuals. There will always be someone with full control, so Separation of Duties, as mandated by AC-5 within NIST 800-53 (which is already a requirement for US Federal Systems, unlike 800-53A which is still in draft form) is a requirement. > 2. be able to determine, after the fact, exactly what was done to > your App, or Data, and be able to recover from it. > and, > 3. To be able to determine, again after the fact, exactly who did > it. > > As far as SOX is concerned, they are primarily interested in objective > #2. However objective #3 is still important if you want to avoid > it happening again. Those two go hand in hand. > Obviously, Identifiers and ACL's provide a way to lock down the files > and directories which make up the application, and the UAF provides > the means to control the app users. I think the most underused VMS security capability is Protected Subsystems. Make sure none of your applications are installed with privileges related to file access (BYPASS, GRPPRV, etc.). > However, If there happen to be multiple Administrators, all using the > SYSTEM account for their admin duties. How do you determine who > did what? NOBODY should use the SYSTEM username for ANY interactive use. That is basic to having an auditable system. > 2. Lock down the SYSTEM account for use only when carrying out > Maint, Upgrades or Patching. Not even for that. Only for the breakin evasion case I cited. > 3. Enable auditing of Privilege use and UAF modification. If that is a future step, the site is not even close to complying with _any_ reasonable security system. > 1. Does anyone know of any function, particularly during system > startup, which "absolutely" requires BYPASS" privilege. I think your SOX auditor does not really know VMS. Does she realize that the system startup process has BYPASS privilege independent of any settings in the UAF ? > 2. Does anyone know of any Admin function which "absolutely" > requires the SYSTEM account. The breakin evasion case is the only proper requirement for the SYSTEM username. Anything else you find is a software defect. ------------------------------ Date: Tue, 12 Jun 2007 12:25:08 GMT From: rdeininger@mindspringdot.com (Robert Deininger) Subject: Re: BYPASS privilege !! Message-ID: In article <1181606749.449032.311320@c77g2000hse.googlegroups.com>, BaxterD@tessco.com wrote: ... >Equally obvious, to a user with BYPASS privilege, it matters not how >well you lock down the security on your app, since BYPASS by >definition, will bypass all system security. Once the app is >properly secured, then the only way for a non-application, privileged >username to access the application directories or files is either to >grant themselves the necessary identifiers, or use BYPASS to bulldoze >their way in. Both of these actions, (and most other discrete >attempts) can be recorded in the Security Audit Journal. There are a number of ways to completely bypass security in addition to BYPASS priv. Some of them require a bit more work. In particular, if you give me CMKRNL, I can write a program to do anything. So you need to keep me from writing a program or bringing one on site. And I could create the program using EDIT. (Slow and painful, but possible.) It goes without saying, but I'll say it anyway, that you need to read and understand the guide to system security. I assume you've done that, but a reminder seems prudent for other folks reading the thread. >However, If there happen to be multiple Administrators, all using the >SYSTEM account for their admin duties. How do you determine who >did what? > >I know this sounds fairly paranoid, and for people running 2- and 3- >tier apps, this all sounds a bit weird, but we are just running >through (a few of the endless number of) options. > >1. Give each admin a personalized admin account with no BYPASS (and >maybe other privs also) This is one ingredient of every serious security policy I've read about. If you have multiple people sharing an account, you really can't audit who did what to which objects. For starters, you should give each admin his own account, copying the privs and quotas of the system account. Remove privs as you test understand the impact of doing so. VMS products SHOULD document what privs are requried, but I fear the documentation is less than perfect. Some trial and error will likely be needed. If you find documentation that is wrong or incomplete in terms of required privs, please send feedback to HP. Reserve the SYSTEM account for: 1. Starting the system. I fear you'll create a LOT of work chasing down little-known priv requirements if you try to use a different account. 2. Emergency use, to fix problems due to unforseen personnel changes and etc. >2. Lock down the SYSTEM account for use only when carrying out >Maint, Upgrades or Patching. Even for this, individual accounts are safer. You'll see warnings, but installs and patches should still work. >3. Enable auditing of Privilege use and UAF modification. Yes, you've still got to have some level of trust for your system admins, because they'll have to have some elevated privs. But you can keep track of what they've done. >Final comment, I could present an endless number of scenarios which >represent risk, and for each one, someone would come up with a >solution. However the solution always comes after the >solution. We are not asking for solutions, we are merely asking if >anyone knows the answers to the two simple questions, > >1. Does anyone know of any function, particularly during system >startup, which "absolutely" requires BYPASS" privilege. Don't know. Startup is routinely tested with the SYSTEM account, which has all privs. I'm not aware of any effort to test with a subset of privs. >2. Does anyone know of any Admin function which "absolutely" >requires the SYSTEM account. No, a copy of the account should always work. If you find an exception, I would call it a bug. Report it. For many tasks, fewer privs will be needed. Give your individual admin accounts those privs. If you find occasional tasks that require more privs, add them temporarily (under supervision). Or use special task-oriented accounts with extra privs, that are DISUSERed when not needed. ------------------------------ Date: 12 Jun 2007 07:57:04 -0500 From: Kilgallen@SpamCop.net (Larry Kilgallen) Subject: Re: BYPASS privilege !! Message-ID: In article , rdeininger@mindspringdot.com (Robert Deininger) writes: > There are a number of ways to completely bypass security in addition to > BYPASS priv. Some of them require a bit more work. > > In particular, if you give me CMKRNL, I can write a program to do > anything. So you need to keep me from writing a program or bringing one > on site. And I could create the program using EDIT. (Slow and painful, > but possible.) > > > It goes without saying, but I'll say it anyway, that you need to read and > understand the guide to system security. I assume you've done that, but a > reminder seems prudent for other folks reading the thread. In particular, look at the description of VMS privilege _Categories_ (levels). That is the way to look at the power of various privileges, not the fearsomeness of their English language name. ------------------------------ Date: Tue, 12 Jun 2007 13:09:02 GMT From: rdeininger@mindspringdot.com (Robert Deininger) Subject: Re: BYPASS privilege !! Message-ID: In article , Kilgallen@SpamCop.net (Larry Kilgallen) wrote: > >> 1. Does anyone know of any function, particularly during system >> startup, which "absolutely" requires BYPASS" privilege. > >I think your SOX auditor does not really know VMS. Does she realize >that the system startup process has BYPASS privilege independent of >any settings in the UAF ? > >> 2. Does anyone know of any Admin function which "absolutely" >> requires the SYSTEM account. > >The breakin evasion case is the only proper requirement for the SYSTEM >username. Anything else you find is a software defect. Thanks for pointing out the evasion case. I have missed that one completely up to now. ------------------------------ Date: Tue, 12 Jun 2007 06:10:02 -0700 From: AEF Subject: Re: BYPASS privilege !! Message-ID: <1181653802.225186.254890@z28g2000prd.googlegroups.com> On Jun 11, 8:05 pm, Baxt...@tessco.com wrote: [...] > > This being the case, then there are really only three objectives > which we can aim for; > > 1. Lock down your executables, scripts and data as securely as > possible. > however if someone still manages to cause malicious damage, then; > 2. be able to determine, after the fact, exactly what was done to > your App, or Data, and be able to recover from it. > and, > 3. To be able to determine, again after the fact, exactly who did > it. > > As far as SOX is concerned, they are primarily interested in objective > #2. However objective #3 is still important if you want to avoid > it happening again. Hmmm. I'd've thought that #3 would be pretty important to SOX: accountability. > > Recovery after damage can be done (in our case) using the capabilities > of RMS journaling, however the ability to acheive objective #3 depends > on how you impliment Objective #1. > > Obviously, Identifiers and ACL's provide a way to lock down the files > and directories which make up the application, and the UAF provides > the means to control the app users. > > Equally obvious, to a user with BYPASS privilege, it matters not how > well you lock down the security on your app, since BYPASS by > definition, will bypass all system security. Once the app is > properly secured, then the only way for a non-application, privileged > username to access the application directories or files is either to > grant themselves the necessary identifiers, or use BYPASS to bulldoze > their way in. Both of these actions, (and most other discrete > attempts) can be recorded in the Security Audit Journal. If you have SYSPRV you could give yourself BYPASS in about a minute. Even with just SYSPRV you can delete most system files if they have their default protections. > However, If there happen to be multiple Administrators, all using the > SYSTEM account for their admin duties. How do you determine who > did what? > > I know this sounds fairly paranoid, and for people running 2- and 3- > tier apps, this all sounds a bit weird, but we are just running > through (a few of the endless number of) options. > > 1. Give each admin a personalized admin account with no BYPASS (and > maybe other privs also) > 2. Lock down the SYSTEM account for use only when carrying out > Maint, Upgrades or Patching. > 3. Enable auditing of Privilege use and UAF modification. > > Final comment, I could present an endless number of scenarios which > represent risk, and for each one, someone would come up with a > solution. However the solution always comes after the > solution. Say what? > We are not asking for solutions, we are merely asking if > anyone knows the answers to the two simple questions, > > 1. Does anyone know of any function, particularly during system > startup, which "absolutely" requires BYPASS" privilege. ANAL/DISK/REPAIR: NOPRIVDIRSUM, some directories protected against access cannot recover lost files Facility: ANALDISK, Analyze/Disk_Structure Utility Explanation: During the directory scan, the utility could not read a directory because of a privilege error (for example, the user running the utility lacked sufficient privileges). Since the utility's method of determining whether a file is lost is to scan all directories for the file, the utility's list of lost files is incorrect. Therefore, no attempt will be made to retrieve lost files. User Action: Assign yourself BYPASS privilege and rerun the utility. If you have TCPware (v5.3-3) you need BYPASS to shut it down, though it seems to work without it, at least on my systems. Depending on which version of VMS you're running, file restores could go a lot more easily with BYPASS (think write-protected directories) but of course there is more danger, but restores are always potentially dangerous. > 2. Does anyone know of any Admin function which "absolutely" > requires the SYSTEM account. > > thanks. > > Dave. [...] AEF ------------------------------ Date: Tue, 12 Jun 2007 06:25:20 -0700 From: AEF Subject: Re: BYPASS privilege !! Message-ID: <1181654720.499348.282080@r19g2000prf.googlegroups.com> On Jun 12, 9:10 am, AEF wrote: > On Jun 11, 8:05 pm, Baxt...@tessco.com wrote: > [...] > > > > > > > > > This being the case, then there are really only three objectives > > which we can aim for; > > > 1. Lock down your executables, scripts and data as securely as > > possible. > > however if someone still manages to cause malicious damage, then; > > 2. be able to determine, after the fact, exactly what was done to > > your App, or Data, and be able to recover from it. > > and, > > 3. To be able to determine, again after the fact, exactly who did > > it. > > > As far as SOX is concerned, they are primarily interested in objective > > #2. However objective #3 is still important if you want to avoid > > it happening again. > > Hmmm. I'd've thought that #3 would be pretty important to SOX: > accountability. > > > > > > > > > Recovery after damage can be done (in our case) using the capabilities > > of RMS journaling, however the ability to acheive objective #3 depends > > on how you impliment Objective #1. > > > Obviously, Identifiers and ACL's provide a way to lock down the files > > and directories which make up the application, and the UAF provides > > the means to control the app users. > > > Equally obvious, to a user with BYPASS privilege, it matters not how > > well you lock down the security on your app, since BYPASS by > > definition, will bypass all system security. Once the app is > > properly secured, then the only way for a non-application, privileged > > username to access the application directories or files is either to > > grant themselves the necessary identifiers, or use BYPASS to bulldoze > > their way in. Both of these actions, (and most other discrete > > attempts) can be recorded in the Security Audit Journal. > > If you have SYSPRV you could give yourself BYPASS in about a minute. > > Even with just SYSPRV you can delete most system files if they have > their default protections. > > > > > > > However, If there happen to be multiple Administrators, all using the > > SYSTEM account for their admin duties. How do you determine who > > did what? > > > I know this sounds fairly paranoid, and for people running 2- and 3- > > tier apps, this all sounds a bit weird, but we are just running > > through (a few of the endless number of) options. > > > 1. Give each admin a personalized admin account with no BYPASS (and > > maybe other privs also) > > 2. Lock down the SYSTEM account for use only when carrying out > > Maint, Upgrades or Patching. > > 3. Enable auditing of Privilege use and UAF modification. > > > Final comment, I could present an endless number of scenarios which > > represent risk, and for each one, someone would come up with a > > solution. However the solution always comes after the > > solution. > > Say what? > > > We are not asking for solutions, we are merely asking if > > anyone knows the answers to the two simple questions, > > > 1. Does anyone know of any function, particularly during system > > startup, which "absolutely" requires BYPASS" privilege. > > ANAL/DISK/REPAIR: > > NOPRIVDIRSUM, some directories protected against access cannot > recover lost files > > Facility: ANALDISK, Analyze/Disk_Structure Utility > > Explanation: During the directory scan, the utility could not read > a > directory because of a privilege error (for example, > the user > running the utility lacked sufficient privileges). > Since the > utility's method of determining whether a file is lost > is to > scan all directories for the file, the utility's list > of lost > files is incorrect. Therefore, no attempt will be made > to > retrieve lost files. > > User Action: Assign yourself BYPASS privilege and rerun the > utility. > > If you have TCPware (v5.3-3) you need BYPASS to shut it down, though > it seems to work without it, at least on my systems. > > Depending on which version of VMS you're running, file restores could > go a lot more easily with BYPASS (think write-protected directories) > but of course there is more danger, but restores are always > potentially dangerous. > > > 2. Does anyone know of any Admin function which "absolutely" > > requires the SYSTEM account. > > > thanks. > > > Dave. > > [...] > > AEF- Hide quoted text - > > - Show quoted text -- Hide quoted text - > > - Show quoted text -- Hide quoted text - > > - Show quoted text - One more thing: Don't forget about HAMMER privilege (physical access to the system)! AEF ------------------------------ Date: Tue, 12 Jun 2007 09:02:31 -0500 From: Dave Harrold Subject: Re: BYPASS privilege !! Message-ID: <5d7nboF33fbv5U1@mid.individual.net> BaxterD@tessco.com wrote: Hi Dave, [snip] > 2. Does anyone know of any Admin function which "absolutely" > requires the SYSTEM account. > I have only run across one thing that has (by default) required the use of the SYSTEM account. That is installing MQSeries. If you are not logged in as SYSTEM, it will refuse to install. You could, of course, modify the installation procedure to work around/remove that check. I stopped trying that when they went to PCSI installation. Other that that, you should be able to setup appropriate personal system manager accounts to perform all tasks needed to manage your systems. > thanks. > > Dave. > -- Dave Harrold, Lead Software Systems Engineer Aurora Health Care 3031 W. Montana Street Milwaukee, WI 53215 Phone: (414) 647-6204 FAX: (414) 647-4999 Email: David.Harrold@aurora.org http://www.AuroraHealthCare.org ------------------------------ Date: Tue, 12 Jun 2007 16:01:43 +0200 From: "P. Sture" Subject: Re: BYPASS privilege !! Message-ID: In article <1181606749.449032.311320@c77g2000hse.googlegroups.com>, BaxterD@tessco.com wrote: > Equally obvious, to a user with BYPASS privilege, it matters not how > well you lock down the security on your app, since BYPASS by > definition, will bypass all system security. Once the app is > properly secured, then the only way for a non-application, privileged > username to access the application directories or files is either to > grant themselves the necessary identifiers, or use BYPASS to bulldoze > their way in. Both of these actions, (and most other discrete > attempts) can be recorded in the Security Audit Journal. I have found the flowchart in Figure 4-3 in the "OpenVMS Guide to System Security" manual to be useful when explaining the sequence of access processing to auditors. In particular, note that the use of BYPASS to access an object will only be reported by the auditing subsystem when all other access checks fail. (IOW, if the user has "normal" access to an object, that is used instead of BYPASS.) > However, If there happen to be multiple Administrators, all using the > SYSTEM account for their admin duties. How do you determine who > did what? Give each administrator his/her own account. The relevant user name will not only show up in the audit journal, but also places like the PRODUCT database and VMSINSTAL.HISTORY files. This makes life easier for admins to see who did what on a day to day basis, so IMHO is desirable even before considering auditor's requirements. > 1. Does anyone know of any function, particularly during system > startup, which "absolutely" requires BYPASS" privilege. I think you are concentrating too much on BYPASS here. As others have pointed out, other privileges will get a malicious/"well meaning" user there eventually anyway. Don't forget that he "well meaning" user can be dangerous too. Note that a fair amount of stuff is started _before_ the audit server - shadow server, clustering, OPCOM, and SYLOGICALS.COM, to mention a few. -- Paul Sture ------------------------------ Date: Tue, 12 Jun 2007 16:10:14 +0200 From: "P. Sture" Subject: Re: BYPASS privilege !! Message-ID: In article , rdeininger@mindspringdot.com (Robert Deininger) wrote: > In article , Kilgallen@SpamCop.net > (Larry Kilgallen) wrote: > > > > > >> 1. Does anyone know of any function, particularly during system > >> startup, which "absolutely" requires BYPASS" privilege. > > > >I think your SOX auditor does not really know VMS. Does she realize > >that the system startup process has BYPASS privilege independent of > >any settings in the UAF ? > > > >> 2. Does anyone know of any Admin function which "absolutely" > >> requires the SYSTEM account. > > > >The breakin evasion case is the only proper requirement for the SYSTEM > >username. Anything else you find is a software defect. > > Thanks for pointing out the evasion case. I have missed that one > completely up to now. A me too there. I wish I had known that when I had a support contract, as I would have formally reported more than one installation procedure. -- Paul Sture ------------------------------ Date: 12 Jun 2007 10:39:49 -0500 From: Kilgallen@SpamCop.net (Larry Kilgallen) Subject: Re: BYPASS privilege !! Message-ID: In article <5d7nboF33fbv5U1@mid.individual.net>, Dave Harrold writes: > BaxterD@tessco.com wrote: > > Hi Dave, > > [snip] > >> 2. Does anyone know of any Admin function which "absolutely" >> requires the SYSTEM account. >> > > I have only run across one thing that has (by default) required the use > of the SYSTEM account. That is installing MQSeries. If you are not > logged in as SYSTEM, it will refuse to install. > > You could, of course, modify the installation procedure to work > around/remove that check. I stopped trying that when they went to PCSI > installation. Someone should talk to the vendor of MQSeries and ask them to conform to the VMS security model and not suggest that their customers abandon accountability. ------------------------------ Date: Tue, 12 Jun 2007 10:50:00 -0700 From: BaxterD@tessco.com Subject: Re: BYPASS privilege !! Message-ID: <1181670600.458562.124370@x35g2000prf.googlegroups.com> On Jun 12, 8:03 am, Kilgal...@SpamCop.net (Larry Kilgallen) wrote: > In article <1181606749.449032.311...@c77g2000hse.googlegroups.com>, Baxt...@tessco.com writes: > > > that the system startup process has BYPASS privilege independent of > any settings in the UAF ? Even I didn't know that. I assumed that the startup process ran under the SYSTEM username and got its privileges from there. I have never seen this written anywhere. Dave. ------------------------------ Date: Tue, 12 Jun 2007 14:47:59 -0400 From: JF Mezei Subject: Re: BYPASS privilege !! Message-ID: <7fd6a$466eea66$cef8887a$1814@TEKSAVVY.COM> AEF wrote: > Don't forget about HAMMER privilege (physical access to the system)! There is also the MAGNET privilege. ( gives the user the ability to roam around a computer room with a very strong degausser. ) ------------------------------ Date: Tue, 12 Jun 2007 20:40:11 +0200 From: "P. Sture" Subject: Re: BYPASS privilege !! Message-ID: In article <1181670600.458562.124370@x35g2000prf.googlegroups.com>, BaxterD@tessco.com wrote: > On Jun 12, 8:03 am, Kilgal...@SpamCop.net (Larry Kilgallen) wrote: > > In article <1181606749.449032.311...@c77g2000hse.googlegroups.com>, > > Baxt...@tessco.com writes: > > > > > > that the system startup process has BYPASS privilege independent of > > any settings in the UAF ? > > Even I didn't know that. I assumed that the startup process ran > under the SYSTEM username and got its privileges from there. > > I have never seen this written anywhere. > Neither have I. Running the startup with verify on (STARTUP_P2="VDC"), and searching for "/priv" is also interesting. -- Paul Sture ------------------------------ Date: 12 Jun 2007 14:49:40 -0500 From: briggs@encompasserve.org Subject: Re: BYPASS privilege !! Message-ID: In article <1181670600.458562.124370@x35g2000prf.googlegroups.com>, BaxterD@tessco.com writes: > On Jun 12, 8:03 am, Kilgal...@SpamCop.net (Larry Kilgallen) wrote: >> In article <1181606749.449032.311...@c77g2000hse.googlegroups.com>, Baxt...@tessco.com writes: >> >> >> that the system startup process has BYPASS privilege independent of >> any settings in the UAF ? > > Even I didn't know that. I assumed that the startup process ran > under the SYSTEM username and got its privileges from there. > > I have never seen this written anywhere. The startup process defines the SYSUAF logical name. You may safely conclude from that that the startup process does not depend on privileges determined from SYSUAF. ------------------------------ Date: Tue, 12 Jun 2007 16:02:26 -0400 From: JF Mezei Subject: Re: BYPASS privilege !! Message-ID: briggs@encompasserve.org wrote: > The startup process defines the SYSUAF logical name. You may > safely conclude from that that the startup process does not depend > on privileges determined from SYSUAF. Which means that even if you do not grant system managers BYPASS, they can effectively get it by editing SYSTARTUP_VMS.COM to add nifty commands and then wait for the next reboot for those commands to get executed. In fact, if they edit STARTUP.COM , they might even be able to get their commands to run before the audit server executes :-) ------------------------------ Date: Tue, 12 Jun 2007 17:47:49 -0700 From: AEF Subject: Re: BYPASS privilege !! Message-ID: <1181695669.097631.262900@x35g2000prf.googlegroups.com> On Jun 11, 2:35 pm, Baxt...@tessco.com wrote: > We are currently preparing for the dreaded Sarbanes-Oxley stuff > and are discussing the effects (if any) of removing BYPASS privilege > from the SYSTEM account. > > In particular, we are concerned whether this privilege is > "absolutely" required by anything in the system startup. > > One related question would also be, Does anyone know of any > SysAdmin function which "absolutely" must be done from the SYSTEM > account, i.e. any function which would fail even if the account used > was an exact copy of the system account (except the name). > > 1. Has anyone out there actually done this? (i.e. removed > BYPASS from the SYSTEM account) > > 2. Are there any white papers out there which discuss this in > detail?? > > TIA > > Dave. [The following is based in part on other posts in this thread.] It sounds like nothing short of pulling the plug would satisfy these SOX auditors: "Can you run the system without running the system?" "Is there any system function that _absolutley_ requires the system to be running?" Still Yet Again: "Who's guarding the guards?" This will probably always be a problem. AEF ------------------------------ Date: Wed, 13 Jun 2007 05:19:26 -0700 From: BaxterD@tessco.com Subject: Re: BYPASS privilege !! Message-ID: <1181737166.217317.248640@z28g2000prd.googlegroups.com> > > It sounds like nothing short of pulling the plug would satisfy these > SOX auditors: > > Still Yet Again: > > "Who's guarding the guards?" This will probably always be a > problem. > > AEF- I want to thank everyone who responded to this thread, and those who responded to me directly. Not only did this discussion contain some nuggets of real importance, but also provided many "points to ponder". Primarily however, the purpose of the thread has been served. The company that is helping us prepare for the SOX audit will be covering all our platforms, however as is sadly the case nowadays, they are not overly knowledgable about OpenVMS. So our purpose here is to do our "due diligence" and be able to discuss any perceived vunerabilities. We will obviously do everything that can reasonably be done to secure our systems, apps and data, however it is important that they understand that there are limits to this. There are some solutions which might be possible, but which are not necessarily advisable, etc. It is also important that we do not allow our OpenVMS systems to be discriminated against, just because the auditors are not familiar with the OS. By this we mean that we don't wat the OpenVMS platforms to be held to a higher standard than other systems just because of the way our Apps are structured. As an example, while it is important that the VMS SysAdmin Role and the AppAdmin Role be completely separated, They need to understand that this is not the same as separating Capabilities. Consider a VMWare admin -- he/she may be administering dozens of OS instances and have no Application Role at all, however that doesn't mean he has no "influence" over them. How does SOX deal with that?? What ever is acceptable to SOX in the above scenario should be the basic requirement for OpenVMS. Anyway thanks again to you all. Dave ------------------------------ Date: 13 Jun 2007 08:41:34 -0500 From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) Subject: Re: BYPASS privilege !! Message-ID: In article <1181586924.538206.314370@h2g2000hsg.googlegroups.com>, BaxterD@tessco.com writes: > We are currently preparing for the dreaded Sarbanes-Oxley stuff > and are discussing the effects (if any) of removing BYPASS privilege > from the SYSTEM account. > I can't answer this one, but I can tell you that I ran a VMS system with SYSTEM disuser'ed for yeaqrs with no ill affects. You can only log into SYSTEM from the console if it is disuser'ed (a special case, I think). You'll need other suitably privileged users to do system management. THere's no problem with boot and all the processes it will start up under the SYSTEM account. ------------------------------ Date: 13 Jun 2007 08:48:28 -0500 From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) Subject: Re: BYPASS privilege !! Message-ID: \In article <1181670600.458562.124370@x35g2000prf.googlegroups.com>, BaxterD@tessco.com writes: > On Jun 12, 8:03 am, Kilgal...@SpamCop.net (Larry Kilgallen) wrote: >> In article <1181606749.449032.311...@c77g2000hse.googlegroups.com>, Baxt...@tessco.com writes: >> >> >> that the system startup process has BYPASS privilege independent of >> any settings in the UAF ? > > Even I didn't know that. I assumed that the startup process ran > under the SYSTEM username and got its privileges from there. The startup process is started during boot before the SYSUAF has been identified and without any reference to it. The kernel of the OS can do this. The kernel can do anything if it needs to. Every OS I've ever seen uses a similar mechanism during boot. ------------------------------ Date: 13 Jun 2007 08:51:34 -0500 From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) Subject: Re: BYPASS privilege !! Message-ID: <8jDcEk5shINf@eisner.encompasserve.org> In article <1181737166.217317.248640@z28g2000prd.googlegroups.com>, BaxterD@tessco.com writes: > > Primarily however, the purpose of the thread has been served. The > company that is helping us prepare for the SOX audit will be covering > all our platforms, however as is sadly the case nowadays, they are not > overly knowledgable about OpenVMS. You can usually get around this by telling them that SYSTEM on VMS is like root on UNIX. There are technical differences, but it's not even possible to think of removing bypass functionality from root. ------------------------------ Date: Wed, 13 Jun 2007 15:59:13 GMT From: Tad Winters Subject: Re: BYPASS privilege !! Message-ID: AEF wrote in news:1181695669.097631.262900 @x35g2000prf.googlegroups.com: > > [The following is based in part on other posts in this thread.] > > > It sounds like nothing short of pulling the plug would satisfy these > SOX auditors: > > "Can you run the system without running the system?" > > "Is there any system function that _absolutley_ requires the > system to be running?" > > > Still Yet Again: > > "Who's guarding the guards?" This will probably always be a > problem. > > > AEF > I used to tell my supervisor that I _could_ provide the information the auditors wanted, but since the non-disclosure of the information was part of the security of the system, I'd have to immediately kill those auditors. ;-) ------------------------------ Date: 12 Jun 2007 07:40:57 -0500 From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) Subject: Re: Comparative patch installation (was Re: Message-ID: In article , JF Mezei writes: > Question: > > What percentage of shops running Linux in production have not only the > sources for all the stuff that came with Linux but also the tools to > build executables ? > > If only a very small percentage of Linux shops have the tools needed to > change the source and rebuild the faulty executable to put into > production, then the ability for a shop to make their own fixes to > Linux is only theoretical. The theory is that you're always running the latest so you just go get the latest source and run that. My son is a Linux "hobbyist". Spends a tremendous amount of time on that first part. I am a Linux user, running out of date RedHat distributions. Reality bites. ------------------------------ Date: 12 Jun 2007 07:42:57 -0500 From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) Subject: Re: Comparative patch installation (was Re: Message-ID: In article , Ron Johnson writes: > > This is 2007, not 1997. > I've been fixing software bugs since 1977. It hasn't changed. Oh, you were expecting someone else to provide the bug fix? 8-) ------------------------------ Date: 12 Jun 2007 07:44:55 -0500 From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) Subject: Re: Comparative patch installation (was Re: Message-ID: In article <466a2aa0$0$90274$14726298@news.sunsite.dk>, =?ISO-8859-1?Q?Arne_Vajh=F8j?= writes: > The end users advantage is that thery are not dependent on a > single company. So what do they do when RedHat no longer supports the version they bought? Start over with Debian? Hardly an option in a lot of cases, where _everything_ must be 100% tested and proven right. ------------------------------ Date: 12 Jun 2007 13:41:31 GMT From: bill@cs.uofs.edu (Bill Gunshannon) Subject: Re: Comparative patch installation (was Re: Message-ID: <5d7m4bF342pf9U4@mid.individual.net> In article , koehler@eisner.nospam.encompasserve.org (Bob Koehler) writes: > In article <466a2aa0$0$90274$14726298@news.sunsite.dk>, =?ISO-8859-1?Q?Arne_Vajh=F8j?= writes: > >> The end users advantage is that thery are not dependent on a >> single company. > > So what do they do when RedHat no longer supports the version they > bought? Start over with Debian? Hardly an option in a lot of cases, > where _everything_ must be 100% tested and proven right. I would guess the same thing they do when the vendor they bought OSF1. Tru64 or Ultrix from no longer supports them. (Hint: the same thing can happen to VMS!) bill -- Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves bill@cs.scranton.edu | and a sheep voting on what's for dinner. University of Scranton | Scranton, Pennsylvania | #include ------------------------------ Date: Tue, 12 Jun 2007 10:29:14 -0500 From: Ron Johnson Subject: Re: Comparative patch installation (was Re: Message-ID: On 06/12/07 07:40, Bob Koehler wrote: > In article , JF Mezei writes: >> Question: >> >> What percentage of shops running Linux in production have not only the >> sources for all the stuff that came with Linux but also the tools to >> build executables ? >> >> If only a very small percentage of Linux shops have the tools needed to >> change the source and rebuild the faulty executable to put into >> production, then the ability for a shop to make their own fixes to >> Linux is only theoretical. > > The theory is that you're always running the latest so you just go > get the latest source and run that. > > My son is a Linux "hobbyist". Spends a tremendous amount of time on > that first part. He needs Debian. Keeping it up-to-date is quick and simple. > I am a Linux user, running out of date RedHat > distributions. But then again, *you* need Debian. He probably *like* doing it. 35 years ago, he'd have been constantly fiddling with his car, and you'd have been grumbling about that... > Reality bites. Nah. What bites is not having a son who has the same priorities as you. :\ -- Ron Johnson, Jr. Jefferson LA USA Give a man a fish, and he eats for a day. Hit him with a fish, and he goes away for good! ------------------------------ Date: Tue, 12 Jun 2007 10:35:03 -0500 From: Ron Johnson Subject: Re: Comparative patch installation (was Re: Message-ID: On 06/12/07 07:42, Bob Koehler wrote: > In article , Ron Johnson writes: >> This is 2007, not 1997. >> > > I've been fixing software bugs since 1977. It hasn't changed. > > Oh, you were expecting someone else to provide the bug fix? 8-) You sound like a candidate for Linux From Scratch. http://www.linuxfromscratch.org/ -- Ron Johnson, Jr. Jefferson LA USA Give a man a fish, and he eats for a day. Hit him with a fish, and he goes away for good! ------------------------------ Date: 13 Jun 2007 09:22:35 -0500 From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) Subject: Re: Comparative patch installation (was Re: Message-ID: In article , Ron Johnson writes: > He needs Debian. Keeping it up-to-date is quick and simple. > No matter how easy it is to get and apply the update, in many shops testing and distributing on a regular basis is simply not in the budget. >> I am a Linux user, running out of date RedHat >> distributions. > > But then again, *you* need Debian. He probably *like* doing it. 35 > years ago, he'd have been constantly fiddling with his car, and > you'd have been grumbling about that... > No, I need to stick with VMS where I have no fear of some latent bug coming up in my out of date distribution. ------------------------------ Date: Wed, 13 Jun 2007 10:16:40 -0400 From: "David Turner, Island Computers" Subject: help running OpenVMS on Itanium 2 2620 WinXP variant Message-ID: Can someone point us in the right direction to getting VMS up and running on this RX2600? -- David B Turner Island Computers US Corp 2700 Gregory St, Suite 180 Savannah GA 31404 T: 877-6364332 x201 Intl: 001 912 447 6622 E: dturner@islandco.com F: 912 201 0402 W: http://www.islandco.com ------------------------------ Date: Wed, 13 Jun 2007 07:26:28 -0700 From: "Tom Linden" Subject: Re: help running OpenVMS on Itanium 2 2620 WinXP variant Message-ID: On Wed, 13 Jun 2007 07:16:40 -0700, David Turner, Island Computers wrote: > Can someone point us in the right direction to getting VMS up and > running on > this RX2600? > > > IIRC, we had to install new firmware to run VMS on zx2000. -- PL/I for OpenVMS www.kednos.com ------------------------------ Date: Wed, 13 Jun 2007 11:24:52 -0400 From: Stephen Hoffman Subject: Re: help running OpenVMS on Itanium 2 2620 WinXP variant Message-ID: David Turner, Island Computers wrote: > Can someone point us in the right direction to getting VMS up and running on > this RX2600? There's no Integrity rx2620 Microsoft Windows XP 64-bit Edition or Windows Server 2003 Enterprise variant -- other than the usual differences around I/O widget support within specific operating systems, all Integrity servers are the same. If you'd like to discuss whatever is going weird with this Integrity rx2620 box, contact me off-line with details of the problem(s). -- If anyone needs a chuckle, take a look at the DIGITAL RA8x disks and the DIGITAL (6000-, 7000- or 8000-class) boxes shown at the Microsoft page: http://www.microsoft.com/servers/64bit/itanium/overview.mspx -- www.HoffmanLabs.com Services for OpenVMS ------------------------------ Date: Wed, 13 Jun 2007 15:32:50 +0100 From: Anton Shterenlikht Subject: host based routing software? Message-ID: <20070613143250.GA23623@mech-aslap33.men.bris.ac.uk> Hello I'm trying to configure a cluster on ds10l under vms8.3. When I run NET$CONFIGURE.COM and try to make my node a ROUTER I get a warning: If you answer "Router," you must have the proper license for the host based routing software to function. I wonder if I do have a license for this software or not. Does anybody know how it is called, so I can check it with SHOW LIC. I'd like to have a cluster alias, but not sure if this software is included in the vmsedu license. thanks anton -- Anton Shterenlikht Room 2.6, Queen's Building Mech Eng Dept Bristol University University Walk, Bristol BS8 1TR, UK Tel: +44 (0)117 928 8233 Fax: +44 (0)117 929 4423 ------------------------------ Date: Wed, 13 Jun 2007 15:21:45 -0000 From: IanMiller Subject: Re: host based routing software? Message-ID: <1181748105.800130.188680@i13g2000prf.googlegroups.com> I think you need a DNVEXT or DNVRTG pak ------------------------------ Date: Wed, 13 Jun 2007 11:31:55 -0400 From: Stephen Hoffman Subject: Re: host based routing software? Message-ID: Anton Shterenlikht wrote: > I wonder if I do have a license for this [DECnet routing] software or not. > Does anybody know how it is called, so I can check it with SHOW LIC. > I'd like to have a cluster alias, but not sure if this software is > included in the vmsedu license. DVNETRTG is the full-function DECnet routing license. DVNETEXT is the license for DECnet cluster aliases, and this license is a subset of the DVNETRG license. The upper-end NAS (NET-APP-SUP) licenses can provide extra DECnet features, if you do not have DVNETEXT or DVNETRTG, look for a NET-APP-SUP license PAK and then check the internal tables for what is permitted. (search sys$update:vmsinstal_groups.com net-app command implies it's NET-APP-SUP-300 and up that have this.) OpenVMS Licensing Intro http://64.223.189.234/node/31 OpenVMS DECnet, DECnet-Plus Management, Troubleshooting http://64.223.189.234/node/61 -- www.HoffmanLabs.com Services for OpenVMS ------------------------------ Date: Wed, 13 Jun 2007 12:08:57 -0400 From: "Richard B. Gilbert" Subject: Re: host based routing software? Message-ID: <46701699.8080509@comcast.net> Anton Shterenlikht wrote: > Hello > > I'm trying to configure a cluster on ds10l under vms8.3. > When I run NET$CONFIGURE.COM and try to make my node a ROUTER I get a > warning: > > If you answer "Router," you must have the proper license for the host > based routing software to function. > > I wonder if I do have a license for this software or not. > Does anybody know how it is called, so I can check it with SHOW LIC. > I'd like to have a cluster alias, but not sure if this software is > included in the vmsedu license. > > thanks > anton > I believe it wants the "Full Function DECNet" License rather than the "End Node" license. You don't need to be a router to form or join a cluster. At one time DEC sold interfaces, mostly for VAX, for various "weird" communication protocols; e.g. those used for Wide Area Networks. You needed the full function license for some of this stuff. In the years since, this stuff has largely disappeared and "routing" is done by Cisco. It has been almost ten years since I had a cluster with an alias so pardon me if I don't recall the sordid details. ------------------------------ Date: Tue, 12 Jun 2007 12:48:29 -0400 From: "John Smith" Subject: Re: HP wasting millions of dollars on itanium! Message-ID: <10e11$466ece53$cef88391$20558@TEKSAVVY.COM-Free> JF Mezei wrote: > Arne Vajhřj wrote: > >> I just doubt that HP or the ISV's are that interested in porting. > > > If VMS were to be ported to the 8086 architecture, it would send a > very strong signal that HP is serious about growing VMS. It would > also put VMS on a platform whose future is not in question. It would > be on an equal footing with Linux, Solaris and Windows as well as > many other operating systems. > > Like it or not, IA64 has been plagued by rumours of its demise even > before Merced first booted Windows which is one reason the > announcement of porting VMS to IA64 was so poorly received. > > For all its technical weaknesses, the 8086 has market share and an > assured future. > > The saying used to be: Nobody has ever been fired for choosing IBM > > The saying is now: Nobody will be fired for porting to the 64 bit 8086 > architecture. > > > And right now, HP's refusal to port VMS to a viable platform is also > interpreted as HP abandonning VMS and allowing key ISVs like Cerner to > drop ou of VMS. > > HP has no duty to help Intel's financials. HP has a duty to its own > shareholders and its own customers. Don,t force customers to a > platform they don,t want just because you want to please Intel's CEO. HP legally has no obligations to its customers beyond anything explicitly written in a warranty agreement or written contract. -- OpenVMS - The never-advertised operating system with the dwindling ISV base. ------------------------------ Date: 13 Jun 2007 07:55:13 -0500 From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) Subject: RE: Is VMS losing the Financial Sector, also? Message-ID: In article , "Main, Kerry" writes: > > Yes, but most are ignoring the monthly security patch issues. I can = > almost guarantee that most senior IT managers have no idea that there = > are so many monthly security patches for Linux. And those in the IT shop = > that are promoting Linux as their new big thing are certainly not = > raising any alarms either. The current accepted standard in the IT industry is install and patch and patch ... The IT shop has no idea they're doing anything out of the ordinary that might be cause for alarm. And as long as the owners of more secure OS refuse to advertise what computers can actually do the IT shops of the world will continue to be clueless. There are lots of consultants who will teach you how to "secure" your low security systems and no one saying otherwise. \ ------------------------------ Date: 13 Jun 2007 07:57:37 -0500 From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) Subject: Re: Is VMS losing the Financial Sector, also? Message-ID: In article , Ron Johnson writes: > We cycle the application every Saturday night, to app patches and > feature upgrades. Most big businesses these days can no longer aford that downtime. Saturday night in the US is a fairly busy time in the world. Not everybody goes to church Sunday morning. ------------------------------ Date: Wed, 13 Jun 2007 10:12:59 -0500 From: Ron Johnson Subject: Re: Is VMS losing the Financial Sector, also? Message-ID: <%PTbi.177129$mJ1.143713@newsfe22.lga> On 06/13/07 07:57, Bob Koehler wrote: > In article , Ron Johnson writes: > >> We cycle the application every Saturday night, to app patches and >> feature upgrades. > > Most big businesses these days can no longer aford that downtime. > Saturday night in the US is a fairly busy time in the world. Not > everybody goes to church Sunday morning. I agree. Setting the web site to Not Available stuns the heck out of me, too. If I were a customer, I'd be pretty irate. This never happened when we wrote all our code in a DEC language. :( -- Ron Johnson, Jr. Jefferson LA USA Give a man a fish, and he eats for a day. Hit him with a fish, and he goes away for good! ------------------------------ Date: Wed, 13 Jun 2007 12:14:55 -0400 From: Stephen Hoffman Subject: Re: Mandatory Security (was: Re: Another opportunity Message-ID: Bob Koehler wrote: > In article <5d7lceF342pf9U2@mid.individual.net>, bill@cs.uofs.edu (Bill Gunshannon) writes: >> In article <1181640747.768522.7710@r19g2000prf.googlegroups.com>, >> IanMiller writes: >>> paragraph 3.6.1 is talking about Trusted Operating Systems with >>> mandatory access control. This has not been seen in VMS land since >>> SEVMS. >> I thought regular VMS had "mandatory access control"? I guess I >> was wrong. :-( But it still fits into the general model proposed >> by this paper. The nice folks that wrote up that paper neglected to mention that you'd either run system-high, or you'd have to modify the web server. MAC is an involved task to administer, and can either require multiple instantiations of an application (each instance running "system high") or it requires modifications to the application to make it multi-level. Most applications will run unmodified in system-high or single-level, but I'd be surprised if there was an applications that did not require modifications to run multi-level. I'd not want to try to create a multi-level web server, for instance. It's certainly feasible, but it's going to be a pile of work to create and maintain. And I'd be surprised if anybody would want to pay for it. The market for MAC security cratered due to its purchase cost and its management cost and its application cost, and the need to modify applications. Running multiple system-high instances in a virtual machine or multiple system-high computers was easier and cheaper. Comparison of Discretionary and of Mandatory Access Control Security http://64.223.189.234/node/356 > The "mandatory access control" available in SEVMS and specified in > vertain government applications is not the kind of file control > seen in VMS, UNIX, Windows, or other general purpose OS. It includes > concepts like write-up (to higher security level) and read-down (to > lower security level). As for OpenVMS, parts of the MAC security implementation are latent in base OpenVMS, but the administrative tools and related pieces are only available as part of SEVMS. MAC security is available in multiple operating systems, including in most (all?) of the current Linux kernels -- there are variations here, and SELinux and several other options can be plugged into the Linux kernel API that is available and allows for MAC security. SELinux was produced by the US National Security Administration (NSA), originally as a kernel patch IIRC. TCSEC and the Common Criteria are newer standards here, the older stuff is based on the DoD/NCSC/NIST "Rainbow Books" series of standards. There are side trips into multi-level security (MLS), something which was briefly popular and then disappeared. MLS was a set of extensions to NCSC Class B1 security, to the same level that SEVMS targeted. SecureWare was one of the Unix-oriented vendors in this market, and had various security software for traditional and the compartmented mode workstation (CMW) projects. None of this mandatory security got anywhere in the mass market -- it was rather specialized, and the folks that wanted it really could not afford to purchase it. And many folks could not afford to manage and use it. MAIL, for instance, works differently in NCSC Class B1. There are many other differences here, too. -- www.HoffmanLabs.com Services for OpenVMS ------------------------------ Date: Tue, 12 Jun 2007 18:38:33 +0000 (UTC) From: helbig@astro.multiCLOTHESvax.de (Phillip Helbig---remove CLOTHES to reply) Subject: Re: Minimum priv to run an audit Message-ID: In article <07061121114497_202003EE@antinode.org>, sms@antinode.org (Steven M. Schweda) writes: > From: john.s.haro@boeing.com > > > Now - anyone know a similar method to allow non-prived user the > > ability to list users fro sysuaf.dat ? > > According to the HELP in AUTHORIZE: > > [...] > o System user authorization file (SYSUAF.DAT) > [...] > o Network proxy authorization file [NET$PROXY.DAT] > [...] > o Rights database file (RIGHTSLIST.DAT) > [...] > To use AUTHORIZE, you must have write access to all three > of these files (you must have an account with the user > identification code (UIC) of [SYSTEM] or the SYSPRV privilege). > [...] > > If SYSPRV sounds like too much to give away, you may find it useful > to arrange for a highly privileged user/account to create (periodically > or on demand) a report containing only safe information for use by a > less privileged user/account. Two other options: a) COPY the SYSUAF and let him work on that, b) write a program to read and parse the SYSUAF (I believe the format is documented, and not likely to change soon). ------------------------------ Date: Tue, 12 Jun 2007 19:23:04 -0500 From: Ron Johnson Subject: More TCPIP nonsense Message-ID: ES40 Alpha VMS 8.2 TCPIP v5.5-1 When our SysAdmin tried to disable the RSH service about a half hour ago, the box *instantly* crashed. (Hasn't brought the box up, because we need RSH disabled.) VMS might not get daily patches, but all our Alphas sure do seem to crash with an inordinate frequency. You know, maybe VMS *should* get daily patches. It might not crash as often. $ SET FACE/MOUTH=FROWN=LARGE -- Ron Johnson, Jr. Jefferson LA USA Give a man a fish, and he eats for a day. Hit him with a fish, and he goes away for good! ------------------------------ Date: Tue, 12 Jun 2007 17:53:10 -0700 From: AEF Subject: Re: More TCPIP nonsense Message-ID: <1181695990.964813.41690@z28g2000prd.googlegroups.com> On Jun 12, 8:23 pm, Ron Johnson wrote: > ES40 > Alpha VMS 8.2 > TCPIP v5.5-1 > > When our SysAdmin tried to disable the RSH service about a half hour > ago, the box *instantly* crashed. (Hasn't brought the box up, > because we need RSH disabled.) > > VMS might not get daily patches, but all our Alphas sure do seem to > crash with an inordinate frequency. > > You know, maybe VMS *should* get daily patches. It might not crash > as often. > > $ SET FACE/MOUTH=FROWN=LARGE %DCL-E-NOSENSE, expression confused -DCL-F-BADGRMR, incompatible parts of speech equated to each other > > -- > Ron Johnson, Jr. > Jefferson LA USA > > Give a man a fish, and he eats for a day. > Hit him with a fish, and he goes away for good! Yeah, yeah. AEF ------------------------------ Date: Wed, 13 Jun 2007 09:15:43 +0800 From: "Richard Maher" Subject: Re: More TCPIP nonsense Message-ID: Hi, > When our SysAdmin tried to disable the RSH service about a half hour > ago, the box *instantly* crashed. Ok, crashing boxes is embarassing :-( When support identify the problem could you please provide the details here? Of course it might be as simple as Fred Kleinproblem sitting on the fix as, after all, 8.2 is a lightly used system and in the grand scheme of things, what does it really matter? Maybe support are just dishing out the fixes on a need-to-know basis. You don't have a log of the commands do you? Or a bugcheck footprint? Was it the "disable service" or "set noservice"? Bizarre! Cheers Richard Maher "Ron Johnson" wrote in message news:JNGbi.176706$mJ1.29486@newsfe22.lga... > > ES40 > Alpha VMS 8.2 > TCPIP v5.5-1 > > When our SysAdmin tried to disable the RSH service about a half hour > ago, the box *instantly* crashed. (Hasn't brought the box up, > because we need RSH disabled.) > > VMS might not get daily patches, but all our Alphas sure do seem to > crash with an inordinate frequency. > > You know, maybe VMS *should* get daily patches. It might not crash > as often. > > $ SET FACE/MOUTH=FROWN=LARGE > > -- > Ron Johnson, Jr. > Jefferson LA USA > > Give a man a fish, and he eats for a day. > Hit him with a fish, and he goes away for good! ------------------------------ Date: Tue, 12 Jun 2007 20:28:49 -0500 From: David J Dachtera Subject: Re: More TCPIP nonsense Message-ID: <466F4851.AF3F4C49@spam.comcast.net> Ron Johnson wrote: > > ES40 > Alpha VMS 8.2 > TCPIP v5.5-1 > > When our SysAdmin tried to disable the RSH service about a half hour > ago, the box *instantly* crashed. (Hasn't brought the box up, > because we need RSH disabled.) If you have to, disconnect it from the network and do this via the serial console: Boot it up, and then: TCPIP> SET NOENABLE SERVICE RSH ..., then shutdown, reconnect the network and boot it back up. > VMS might not get daily patches, but all our Alphas sure do seem to > crash with an inordinate frequency. Are you doing stuff in production that hasn't been thoroughly tested in development first? ...and of course, you *ARE* logging support cases on all of these crashes, right? -- David J Dachtera dba DJE Systems http://www.djesys.com/ Unofficial OpenVMS Marketing Home Page http://www.djesys.com/vms/market/ Unofficial Affordable OpenVMS Home Page: http://www.djesys.com/vms/soho/ Unofficial OpenVMS-IA32 Home Page: http://www.djesys.com/vms/ia32/ Unofficial OpenVMS Hobbyist Support Page: http://www.djesys.com/vms/support/ ------------------------------ Date: Wed, 13 Jun 2007 11:52:36 +1000 From: Jim Duff Subject: Re: More TCPIP nonsense Message-ID: <466f4de5$1@dnews.tpgi.com.au> Ron Johnson wrote: > > ES40 > Alpha VMS 8.2 > TCPIP v5.5-1 > > When our SysAdmin tried to disable the RSH service about a half hour > ago, the box *instantly* crashed. (Hasn't brought the box up, because > we need RSH disabled.) > > VMS might not get daily patches, but all our Alphas sure do seem to > crash with an inordinate frequency. > > You know, maybe VMS *should* get daily patches. It might not crash as > often. > > $ SET FACE/MOUTH=FROWN=LARGE > Alpha OpenVMS 8.2 with all patches except UPDATE-V0700 and DRIVER-V0200 TCPIP 5.5-1 RSH Configuration Service is defined in the SYSUAF. Service is defined in the TCPIP$SERVICE database. Service is enabled on specific node. Service is started. RSH configuration options: 1 - Enable service on all nodes 2 - Disable service on this node 3 - Stop service on this node 4 - Disable & Stop service on this node [E] - Exit RSH configuration Enter configuration option: 4 %TCPIP-I-INFO, service disabled %TCPIP-I-INFO, logical names deleted %TCPIP-I-INFO, image SYS$SYSTEM:TCPIP$RSH.EXE deinstalled %TCPIP-I-INFO, image SYS$SYSTEM:TCPIP$RCP.EXE deinstalled %TCPIP-S-SHUTDONE, TCPIP$RSH shutdown completed Works for me. What's the crash footprint? Jim. -- www.eight-cubed.com ------------------------------ Date: Tue, 12 Jun 2007 21:06:34 -0500 From: Ron Johnson Subject: Re: More TCPIP nonsense Message-ID: On 06/12/07 20:28, David J Dachtera wrote: > Ron Johnson wrote: >> ES40 >> Alpha VMS 8.2 >> TCPIP v5.5-1 >> >> When our SysAdmin tried to disable the RSH service about a half hour >> ago, the box *instantly* crashed. (Hasn't brought the box up, >> because we need RSH disabled.) > > If you have to, disconnect it from the network and do this via the serial > console: > > Boot it up, and then: > > TCPIP> SET NOENABLE SERVICE RSH > > ..., then shutdown, reconnect the network and boot it back up. > >> VMS might not get daily patches, but all our Alphas sure do seem to >> crash with an inordinate frequency. > > Are you doing stuff in production that hasn't been thoroughly tested in > development first? Ummm, uhh. Disregarding the fact that this system doesn't have a QA cluster sitting right next to it, since when is disabling a G*d D*mned network service supposed to *crash* (I said *CRASH*, hard) a machine? Are we supposed to try *everything* out on the QA box before doing it on the production machine? Christ on a stick! Windows is more frickin' reliable than that! Not to mention Linux (and even FreeBSD). > ...and of course, you *ARE* logging support cases on all of these crashes, > right? Well, no, *I* am not. But the SysAdmin will, tomorrow morning. -- Ron Johnson, Jr. Jefferson LA USA Give a man a fish, and he eats for a day. Hit him with a fish, and he goes away for good! ------------------------------ Date: Tue, 12 Jun 2007 21:08:06 -0500 From: Ron Johnson Subject: Re: More TCPIP nonsense Message-ID: On 06/12/07 20:15, Richard Maher wrote: > Hi, > >> When our SysAdmin tried to disable the RSH service about a half hour >> ago, the box *instantly* crashed. > > Ok, crashing boxes is embarassing :-( > > When support identify the problem could you please provide the details here? > > Of course it might be as simple as Fred Kleinproblem sitting on the fix as, > after all, 8.2 is a lightly used system and in the grand scheme of things, > what does it really matter? Maybe support are just dishing out the fixes on > a need-to-know basis. > > You don't have a log of the commands do you? Or a bugcheck footprint? Was it > the "disable service" or "set noservice"? Bizarre! I'll have to ask in the morning. -- Ron Johnson, Jr. Jefferson LA USA Give a man a fish, and he eats for a day. Hit him with a fish, and he goes away for good! ------------------------------ Date: Wed, 13 Jun 2007 10:57:55 GMT From: VAXman- @SendSpamHere.ORG Subject: Re: More TCPIP nonsense Message-ID: <00A69110.A19F7817@SendSpamHere.ORG> In article , Ron Johnson writes: > > > >ES40 >Alpha VMS 8.2 >TCPIP v5.5-1 > >When our SysAdmin tried to disable the RSH service about a half hour >ago, the box *instantly* crashed. (Hasn't brought the box up, >because we need RSH disabled.) > >VMS might not get daily patches, but all our Alphas sure do seem to >crash with an inordinate frequency. > >You know, maybe VMS *should* get daily patches. It might not crash >as often. > >$ SET FACE/MOUTH=FROWN=LARGE Have you contacted HP and provided OpenVMS support with a crash dump from these "crashes"? -- VAXman- A Bored Certified VMS Kernel Mode Hacker VAXman(at)TMESIS(dot)COM "Well my son, life is like a beanstalk, isn't it?" ------------------------------ Date: Wed, 13 Jun 2007 12:58:43 GMT From: rdeininger@mindspringdot.com (Robert Deininger) Subject: Re: More TCPIP nonsense Message-ID: In article , Ron Johnson wrote: >ES40 >Alpha VMS 8.2 >TCPIP v5.5-1 > >When our SysAdmin tried to disable the RSH service about a half hour >ago, the box *instantly* crashed. (Hasn't brought the box up, >because we need RSH disabled.) > >VMS might not get daily patches, but all our Alphas sure do seem to >crash with an inordinate frequency. I'll state the obvious... 1. Crashes suck! 2. Bugs do slip through, unfortunately. You might have hit a tcpip bug, or your tcpip might have been the victim of something else. It's hardly worth speculating without a profile of the crash. >You know, maybe VMS *should* get daily patches. It might not crash >as often. I believe you recently posted about some cluster-related crashes that happened concurrent with network problems. I don't think you posted any crash details at that time either. Most crashes that happen around network problems are expected, correct behavior. You may not have configured your cluster correctly, by which I mean your configuration may not be appropriate for your uptime and continuity goals. You likely need to review the VMS cluster documentation (which is very good IMHO) and check your configuration. You can configure a cluster to wait for temporary network problems to clear up, or to quickly lop off unresponsive nodes and continue with the rest. Your choice. If your network is prone to occasional seizures, you may want to make sure your cluster is configured to survive them. ------------------------------ Date: Wed, 13 Jun 2007 09:18:48 -0400 From: "Richard B. Gilbert" Subject: Re: More TCPIP nonsense Message-ID: <466FEEB8.8080007@comcast.net> David J Dachtera wrote: > Ron Johnson wrote: > >>ES40 >>Alpha VMS 8.2 >>TCPIP v5.5-1 >> >>When our SysAdmin tried to disable the RSH service about a half hour >>ago, the box *instantly* crashed. (Hasn't brought the box up, >>because we need RSH disabled.) > > > If you have to, disconnect it from the network and do this via the serial > console: > > Boot it up, and then: > > TCPIP> SET NOENABLE SERVICE RSH > > ..., then shutdown, reconnect the network and boot it back up. > > >>VMS might not get daily patches, but all our Alphas sure do seem to >>crash with an inordinate frequency. > > > Are you doing stuff in production that hasn't been thoroughly tested in > development first? > > ...and of course, you *ARE* logging support cases on all of these crashes, > right? > If Alphas crash with "inordinate frequency" something is very wrong somewhere, probably something specific to the site with the problem. I ran seven Alphas for about five years at my last job. I could count the crashes on the fingers of one hand! ------------------------------ Date: Wed, 13 Jun 2007 09:57:48 -0500 From: Ron Johnson Subject: Re: More TCPIP nonsense Message-ID: On 06/12/07 20:52, Jim Duff wrote: > Ron Johnson wrote: >> ES40 >> Alpha VMS 8.2 >> TCPIP v5.5-1 >> >> When our SysAdmin tried to disable the RSH service about a half hour >> ago, the box *instantly* crashed. (Hasn't brought the box up, because >> we need RSH disabled.) >> >> VMS might not get daily patches, but all our Alphas sure do seem to >> crash with an inordinate frequency. >> >> You know, maybe VMS *should* get daily patches. It might not crash as >> often. >> >> $ SET FACE/MOUTH=FROWN=LARGE >> > > Alpha OpenVMS 8.2 with all patches except UPDATE-V0700 and DRIVER-V0200 > TCPIP 5.5-1 > > RSH Configuration > > Service is defined in the SYSUAF. > Service is defined in the TCPIP$SERVICE database. > Service is enabled on specific node. > Service is started. > > RSH configuration options: > > 1 - Enable service on all nodes > 2 - Disable service on this node > > 3 - Stop service on this node > 4 - Disable & Stop service on this node > > [E] - Exit RSH configuration > > Enter configuration option: 4 > %TCPIP-I-INFO, service disabled > %TCPIP-I-INFO, logical names deleted > %TCPIP-I-INFO, image SYS$SYSTEM:TCPIP$RSH.EXE deinstalled > %TCPIP-I-INFO, image SYS$SYSTEM:TCPIP$RCP.EXE deinstalled > %TCPIP-S-SHUTDONE, TCPIP$RSH shutdown completed > > > Works for me. @SYS$STARTUP:RSH_SHUTDOWN.COM > What's the crash footprint? He was up really late last night, and hasn't had a chance to analyze the dump yet. -- Ron Johnson, Jr. Jefferson LA USA Give a man a fish, and he eats for a day. Hit him with a fish, and he goes away for good! ------------------------------ Date: Wed, 13 Jun 2007 10:04:23 -0500 From: Ron Johnson Subject: Re: More TCPIP nonsense Message-ID: On 06/13/07 08:18, Richard B. Gilbert wrote: [snip] > > If Alphas crash with "inordinate frequency" something is very wrong > somewhere, probably something specific to the site with the problem. 3 different sites. > I ran seven Alphas for about five years at my last job. I could count > the crashes on the fingers of one hand! So you'd think. Our VAXen never crashed like this. Our Alphas have always had the occasional squirrelly crash, but I'm wondering if even the ES40s (which are our youngest boxes) are getting to the upside of the bathtub curve. -- Ron Johnson, Jr. Jefferson LA USA Give a man a fish, and he eats for a day. Hit him with a fish, and he goes away for good! ------------------------------ Date: Wed, 13 Jun 2007 08:36:01 -0700 From: BaxterD@tessco.com Subject: Re: More TCPIP nonsense Message-ID: <1181748961.980514.38840@x35g2000prf.googlegroups.com> On Jun 12, 9:52 pm, Jim Duff wrote: > Ron Johnson wrote: > > > ES40 > > Alpha VMS 8.2 > > TCPIP v5.5-1 > > > When our SysAdmin tried to disable the RSH service about a half hour > > ago, the box *instantly* crashed. (Hasn't brought the box up, because > > we need RSH disabled.) > > > VMS might not get daily patches, but all our Alphas sure do seem to > > crash with an inordinate frequency. > > > You know, maybe VMS *should* get daily patches. It might not crash as > > often. > > > $ SET FACE/MOUTH=FROWN=LARGE > > Alpha OpenVMS 8.2 with all patches except UPDATE-V0700 and DRIVER-V0200 > TCPIP 5.5-1 > > RSH Configuration > > Service is defined in the SYSUAF. > Service is defined in the TCPIP$SERVICE database. > Service is enabled on specific node. > Service is started. > > RSH configuration options: > > 1 - Enable service on all nodes > 2 - Disable service on this node > > 3 - Stop service on this node > 4 - Disable & Stop service on this node > > [E] - Exit RSH configuration > > Enter configuration option: 4 > %TCPIP-I-INFO, service disabled > %TCPIP-I-INFO, logical names deleted > %TCPIP-I-INFO, image SYS$SYSTEM:TCPIP$RSH.EXE deinstalled > %TCPIP-I-INFO, image SYS$SYSTEM:TCPIP$RCP.EXE deinstalled > %TCPIP-S-SHUTDONE, TCPIP$RSH shutdown completed > > Works for me. > > What's the crash footprint? > > Jim. > --www.eight-cubed.com- Hide quoted text - > As pointed out by Jim, the correct way to shutdown the service is using the sys$manager:tcpip$config.com utility. If you shut it down manually, you should "disable" the service before shutting it down. See DISABLE SERVICE For most services, this command disables the specified service but does not stop the current process. This allows you to perform an orderly shutdown of the service, which prevents new connections while allowing current connections to continue. To stop and restart the current process: 1. Wait until the process exits, or stop it using the service- specific shutdown command procedure (TCPIP$service_ SHUTDOWN.COM). In this case that would be SYS$STARTUP:TCPIP$RSH_SHUTDOWN.COM (which is what I assume you meant to say.) finally, if you don't want the service to run at all, then 1) shutting down the service with tcpip$config will do that by modifying the TCPIP $CONFIGURATION.DAT file, or you can do it manually from within TCPIP by entering TCPIP> set config enable noservice RSH Dave ------------------------------ Date: Wed, 13 Jun 2007 12:22:57 -0400 From: "Richard B. Gilbert" Subject: Re: More TCPIP nonsense Message-ID: <467019E1.90400@comcast.net> Ron Johnson wrote: > On 06/13/07 08:18, Richard B. Gilbert wrote: > [snip] > >> >> If Alphas crash with "inordinate frequency" something is very wrong >> somewhere, probably something specific to the site with the problem. > > > 3 different sites. > >> I ran seven Alphas for about five years at my last job. I could count >> the crashes on the fingers of one hand! > > > So you'd think. Our VAXen never crashed like this. > > Our Alphas have always had the occasional squirrelly crash, but I'm > wondering if even the ES40s (which are our youngest boxes) are getting > to the upside of the bathtub curve. > The age of the hardware should not be a factor unless the crashes are hardware based. If the crashes are due to hardware problems, it's time to get the hardware fixed! I can recall, many years ago, having problems with 6000 and/or 7000 series VAXen crashing with memory errors; the chips were sensitive to cosmic rays or something. My Alphas were generally rock solid. Disk drives (RZ series) were another matter but I kept a few spares and when a disk started getting flaky, I swapped it out, called DECPAQ Field Service and they would send out a courier with a replacement. The courier would haul the defective disk away to wherever defective disks went. I don't know if anybody analyzes dumps any more but up until I left in 2004, there were "crash dump weenies" in Colorado who did five or six a day and could generally figure out what the problem was. It's not a job for amateurs; it needs access to the source listings, an excellent knowledge of VMS internals, and lots of practice! ------------------------------ Date: Tue, 12 Jun 2007 10:29:11 -0400 From: "David Turner, Island Computers" Subject: Off lease ES45 Message-ID: <136tbdd4odfee5b@news.supernews.com> We have two off lease ES45 Model 2 coming in We are going to sell them cheap They are configured as follows: ES45 Model 2 Dual Power Supplies Dual 1Ghz CPU 4GB (2 x 2GB) Memory BA610-6D Disk Cage 2 x 36GB 10KRPM Disk Only $4500 each + shipping First come first serve These do not have licenses and cannot have them applied so they are only good as an upgrade from an ES40 or spare/backup system David -- David B Turner Island Computers US Corp 2700 Gregory St, Suite 180 Savannah GA 31404 T: 877-6364332 x201 Intl: 001 912 447 6622 E: dturner@islandco.com F: 912 201 0402 W: http://www.islandco.com ------------------------------ Date: Tue, 12 Jun 2007 12:09:52 -0700 From: sean@obanion.us Subject: Re: Off lease ES45 Message-ID: <1181675392.207999.117530@n15g2000prd.googlegroups.com> Two questions: 1. What EV are the CPUs? I know I can look it up but I'm lazy... 2. No license also means that the Hobbiest license can be used? Sean On Jun 12, 7:29 am, "David Turner, Island Computers" wrote: > We have two off lease ES45 Model 2 coming in > > We are going to sell them cheap > > They are configured as follows: > > ES45 Model 2 > Dual Power Supplies > Dual 1Ghz CPU > 4GB (2 x 2GB) Memory > BA610-6D Disk Cage > 2 x 36GB 10KRPM Disk > > Only $4500 each + shipping > > First come first serve > These do not have licenses and cannot have them applied so they are only > good as an upgrade from an ES40 or spare/backup system > > David > > -- > David B Turner > Island Computers US Corp > 2700 Gregory St, Suite 180 > Savannah GA 31404 > > T: 877-6364332 x201 > Intl: 001 912 447 6622 > > E: dtur...@islandco.com > F: 912 201 0402 > W:http://www.islandco.com ------------------------------ Date: Wed, 13 Jun 2007 09:04:52 -0400 From: "David Turner, Island Computers" Subject: Re: Off lease ES45 Message-ID: <136vqr9gp218kdf@news.supernews.com> 1_ They are EV68CB 1Ghz 2) HObbyist Licenses are OK to use David wrote in message news:1181675392.207999.117530@n15g2000prd.googlegroups.com... > Two questions: > > 1. What EV are the CPUs? I know I can look it up but I'm lazy... > > 2. No license also means that the Hobbiest license can be used? > > > Sean > > > On Jun 12, 7:29 am, "David Turner, Island Computers" islandco.com> wrote: >> We have two off lease ES45 Model 2 coming in >> >> We are going to sell them cheap >> >> They are configured as follows: >> >> ES45 Model 2 >> Dual Power Supplies >> Dual 1Ghz CPU >> 4GB (2 x 2GB) Memory >> BA610-6D Disk Cage >> 2 x 36GB 10KRPM Disk >> >> Only $4500 each + shipping >> >> First come first serve >> These do not have licenses and cannot have them applied so they are only >> good as an upgrade from an ES40 or spare/backup system >> >> David >> >> -- >> David B Turner >> Island Computers US Corp >> 2700 Gregory St, Suite 180 >> Savannah GA 31404 >> >> T: 877-6364332 x201 >> Intl: 001 912 447 6622 >> >> E: dtur...@islandco.com >> F: 912 201 0402 >> W:http://www.islandco.com > > ------------------------------ Date: Tue, 12 Jun 2007 13:29:05 -0700 From: "Tom Linden" Subject: OT: Carla Message-ID: EE Times: Latest News Did you know?: HP's Compaq deal not a bust Bolaji Ojo EE Times (06/11/2007 9:00 AM EDT) History already might be judging Carly Fiorina much more positively. The widely disapproved acquisition of Compaq Computer Corp. engineered by the former Hewlett-Packard Co. chairman and CEO five years ago has helped double the company's sales and given it immense purchasing clout in the electronics industry. The extensive exposure to the electronics hardware market is both a curse and a blessing for HP, however. The company has trained a jealous eye on the higher-margin consulting, services and software sectors in which IBM Corp. is thriving. But it is likewise addicted to the spoils of the lower-margin PC and printing products market it has become so good at manufacturing and selling across the globe. It's a conundrum handed down by Fiorina. How is HP doing? By the end of its current fiscal year Oct. 31, HP's annual revenue is predicted to double, to about $100 billion, from $48.9 billion seven years ago. That's a feat for a company many thought would be crushed by the May 2002 Compaq deal. The rapid growth moves the Palo Alto, Calif., hardware, software and services company just ahead of IBM on EE Times' annual ranking of the world's biggest electronic OEMs (the latest list is scheduled to be published in August). The revenue jump, especially in hardware, is a testimony to HP's resilience as well as its R&D focus--annual R&D spending is about $3.6 billion, boosting patents to 30,000 from 25,000 in a mere two years--and to an invaluably hefty bargaining position during discussions with suppliers. But the implications of HP's growth go beyond the company, helping to determine the fortunes of suppliers, service providers in contract manufacturing and rivals. At the broadest range, its growth has implications for the economies of de- veloping countries vying to grab a slice of the high-tech pie. -- PL/I for OpenVMS www.kednos.com ------------------------------ Date: Wed, 13 Jun 2007 02:12:28 -0400 From: JF Mezei Subject: Re: OT: Lightning & Time to buy lottery tickets Message-ID: I keep finding more sequels to this event. Upon rebooting one vax, I find that it is missing a bunch of TX devices. Interestintly, the 3rd DHQ11 is showed in the >>> SHOW CONFIG, and VMS sees TXC0: but none of the TXC1 to TXC7 devices. And the green light on the DHQ11 only lights up momentarily during the power up self tests. One of the serial lines was going from the VAX to a MAC, and from the mac, I had audio/video cables to the stereo unit. I guess that may have been just too much :-( ;-( Must find out from local authorities if it is allowed to have a decent burial for a 19 year old DHQ11 or it it represents environmental issues :-( (yep, that one had been in my all mighthy Microvax II before being transplanted to a 4000-600. (Thankfully, I have a spare DHV11 (quad size module instead of the smaller DHQ11) so it shouldn't be a problem to get those serial ports back in business. ------------------------------ Date: Wed, 13 Jun 2007 07:59:26 GMT From: John Santos Subject: Re: OT: Question to Bob Message-ID: david20@alpha2.mdx.ac.uk wrote: > In article <1181477976.454093.231900@h2g2000hsg.googlegroups.com>, ultradwc@gmail.com writes: > >>On Jun 10, 6:48 am, davi...@alpha2.mdx.ac.uk wrote: >> >>>The end result in both cases is the same - suffering for Mankind. However >>>whereas in Greek Mythology Zeus' motivation is explicitly to punish Mankind >>>it is unclear why God sets up Adam and Eve in Genesis. >> >>It is very clear ... God setup created Adam in his image, and >>like the angels in heaven were tempted and had to prove >>themselves, Adam and Eve had to do the same > > > A test is probably a reasonable supposition but as far as I can see from > Genesis a supposition is all it is. > Now if it is a test what is God testing ? Is it that Adam and Eve would obey > him and not eat from a particular tree if ordered not to ? > Is it that they cannot be tempted to eat from said tree ? > If the latter then the serpent is carrying out God's wishes in providing > temptation and hence it seems strange for God to punish the serpent. > If the former then the serpent in providing temptation is interfering and > invalidating the test. > > In any case why use that particular tree ? Ordering them not to eat from a > tree which God created which would ,say, turn their skin green would be as > good a test ? Why plant the tree of knowledge of good and evil in the garden > and use that for the test - it seems foolhardy. > > Unless of course the point of the test was for Adam and Eve to disobey God and > gain that Knowledge - a rite of passage to maturity. But then if that was the > case then God's subsequent punishments seem excessive. > > I think the point is they acquired knowledge of good and evil and hence responsibility. Before that they were innocent animals. The test wasn't that they ate the fruit, but that when they were asked about it, they hid and lied, thus showing that they knew they had done wrong. In other words, they started out as innocents, and changed over time to become self-aware and capable of making moral choices. This passage proves the Bible supports evolution, and that humans descended from animals. >>... God even >>told them in His warning that if you eat from that tree you will >>die ... it couldn't be much clear or simpler than that, > > > Actually the warning is > > Genesis 2:17 > > " But of the tree of the knowledge of good and evil, thou shalt not eat of it: > for in the day that thou eatest thereof thou shalt surely die. > " > > Which is a bit strange since Adam didn't die on that day or for quite a few > days after > I don't know why I'm responding to this thread, :-( but... Clearly, the word "day" in the Bible doesn't mean 864000000000 100ns VMS clock ticks. He didn't literally die that day, but he became aware of his own mortality. > Genesis 5:5 > > " > And all the days that Adam lived were nine hundred and thirty years: and he > died. > " > > Of course if he and Eve had died immediately after eating the forbidden fruit > then there would, according to the Bible, be no Human race since at that time > they had no children. > > Alternatively if Adam and Eve had resisted temptation would they still be > there in the Garden immortal and innocent on their own tending the Garden ? > Would both Heaven and Hell be empty of souls ? > > > David Webb > Security team leader > CCSS > Middlesex University > > > > >>but they >>instead chose to believe the lies of the prince of lies ... the >>temptation was the same on that the devil uses on everyone, >>pride of life ... that you will be like God, which is want he >>wanted and still wants ... everyone has to choose their master, >>and knowing what I know, I would choose a loving God every >>time over hell and the lake of fire ... God has a set of rules that >>must be followed or evil results ... and look all around you today >>at the results of breaking Gods rules ... no way do I call this >>heaven! If you love God, your creator, you will do what He asks, >>but if you insist on being God, then you will be put outside His >>universe in the lake of fire ... God does not want a bunch of mind >>numbed robots serving Him, which is why even though He knows >>all He allows us to make our own choice on this matter ... where >>you end up will be by your own choice ... God has proved His love >>for you by sending His only Son to die for your sins ... and when >>His Son soon returns, He promises a world of no tears, no sickness >>and no sorrow ... we have all of these now because of Adam and >>Eves and our own continued revolt againset God by wanting to >>be one, and not letting Him be ... your current predicament is the >>result of sin ... the only question is, who will be your God ... >> >>why would you want to not serve your Creator and go againset >>Him? You can read about the life of His Son from many >>witnesses who tell of Jesus who did nothing but love and heal >>people, but they instead nailed Him to a cross! He saind those >>who have seen Him have seen the Father ... so God is love ... >> >>the prince of lies on the other hand is trying to pull you apart > >>from your loving Creator ... he is not called the destroyer for > >>nothing ... he is out to kill and destroy you and all of man >>because he does not want you to spend eternity with God >>in heaven ... this is who Adam and Eve listened to, and God >>let them be their own gods, and you now are seeing the >>results of sin ... sin destroys ... >> >>I think the first choice is obvious, but many will choose the >>latter unfortunately but will have nobody to blame but >>themselves ... God is allowing YOU to choose ... choose >>life so you do not end of in the group of those who >>are wailing and knashing teeth, because then it will be too >>late! >> >> >> >> -- John Santos Evans Griffiths & Hart, Inc. 781-861-0670 ext 539 ------------------------------ Date: Tue, 12 Jun 2007 06:20:40 GMT From: Tad Winters Subject: Re: Question for the Group Message-ID: David J Dachtera wrote in news:466DEA3C.C88A73AD@spam.comcast.net: [snip..] > So, I'd like to solicit your comments on that, and also pose a > question where you can, effectively, wish for "the world": in your > opinion, what would have to happen to stem what is viewed as an > endless stream of complaints and vitriol here in comp.os.vms? > [snip..] Until about 7 months ago, I only periodically made time to read this newsgroup. (In fact, I rarely read any news groups, because I didn't have the time.) It took me nearly 3 months to adjust to the expression of this group. Many individuals can easily be perceived as harsh, critical, and even threatening at times. Those who post most frequently are likely more experienced with VMS. They are more likely to have been displaced from VMS positions (since that fits me.) They have doubtless seen (and experienced) "rough roads" with their beloved VMS moving from one company to another (twice), and treated as a step-child... no, step-children are generally treated better. What you're seeing is a group of seasoned computer professionals who have been dismissed when it comes to business decisions. If HP simply spun off a company which was just OpenVMS, I think you'd see that company take a direction different from HP and that company would find a group eager to help make successful. At this time, those who post here most frequently are likely to experience a wide range of emotions that will be revealed in their posts, at times, even in subtle ways. Also, since this particular news group probably has a greater international representation than most non-binary news groups, the ways the posters express themselves is not always well understood by those reading. I appreciate this group and all those so willing to share their knowledge. I don't fault them in any way for expressing their views on what should or shouldn't be done to continue the existance of such a great operating system. As far as a solution for the above posed question, I think it has been said many times: Marketing It's not going to be cheap. I would suggest locating some very public customers whose operation depends on VMS. Run that as a television commercial, carefully selecting the time slot and the program that it will sponsor. Second, take some well known customers in some metropolitan areas whose operation depends on VMS. Run a half-page spread in the business section of the local paper most read by business people in that metropolitan area. Of course, this marketing must prominently and repeatedly display VMS. The HP moniker should be only minimal. No other products should appear in any form. Personally, I have mixed feelings about the shark. Perhaps if it was featured in action in the TV commercial... In any case, VMS must be seen as current and aggressive computer technology. It must be marketed for what it is. It does *not* need to be compared to anything else. It does the job, all the time, every time. Tad ------------------------------ Date: Tue, 12 Jun 2007 09:35:47 +0200 From: Michael Kraemer Subject: Re: Question for the Group Message-ID: JF Mezei schrieb: > Not long ago, there was an article on how airlines now assign employees > to monitor discussion groups on the internet to spot horror stories, > investigate internally and fix problems to prevent/reduce such horror > stories. > > Not only have airline realised that the bad publicity is hurting them, > but they have realised that these forums are a great place to spot > problems in their "systems" and bypass layers of employees who are > affraid to report bad news to their bosses. You seem to forget that for those airlines their main business is at stake, whereas for HP VMS is a negligible quantity. > HP HAS BEEN REPEATEDLY GIVEN SIMPLE TASKS IT CAN DO TO SHUT US UP AND > MAKE US FEEL COMFORTABLE (marketing) AND HP HAS STEADFASTEDLY REFUSED TO > CHANGE ITS POLICY TO PREVENT MARKETING OF VMS. You repeatedly seem to forget that it's not HPs task to make you feel comfortable but rather their shareholders. For them, VMS is entirely unimportant, as you can easily deduce from HPs quarterly results. > HP should know that the short live "renaissance" preiod not long before > the premedidated massacre of Alpha had caused VMS to grow by close to > 10% in a few months. There still is no evidence that one has to do with the other. Even if it was so, even a 100% growth wouldn't be noticeable on HPs bottom line. Also, I wasn't aware that the typical VMS customer is susceptible for short term marketing. > And that was a very modest marketing budget. But it > proves that VMS has great potential. It doesn't prove anything. Maybe HP is smarter than you think, they have analyzed their situation and concluded that it isn't worth a marketing dime to try expand their user base beyond the usual legacy crowd. This is essentially what that lady, Ann Livermore (?), publicly stated. There you have HPs official word on the whole story. > And if you are a former employee, then your letter to Hurd could have > far greater impact if you can freely "tell it like it is" and point to > the very poeple who are squandering a great source of revenus/profits > and misguiding Hurd on the true potential of VMS. What profits ? Look at those Q2 results and figure it out yourself. Even if you're optimistic and assume 1/3 of BCS to be VMS this would mean $300M revenue and $60M profit (assuming 20% margin is still true, which isn't that far away from HP average 8%, BTW), almost negligible compared to the $2000M profit of HP in total. ------------------------------ Date: Tue, 12 Jun 2007 08:57:57 +0200 From: Michael Kraemer Subject: Re: Question for the Group Message-ID: Richard B. Gilbert schrieb: > > The Robert Morris worm brought the Unix world to its knees a few years > ago. VMS was not affected. Did anybody notice that? This story is as old as 1988. BTW, a possible reason why VMS wasn't affected might by they didn't have TCP back then. Sometimes it seems to be an advantage to be behind. A little googling would reveal that around the same time there certainly were a lot of successful VMS hacks going on, some of them are listed at http://www.geocities.com/SiliconValley/Lab/7378/hacker.htm Wasn't there this easy possiblity to break in with some field engineer password ? OTOH, at our site I've seen the remains of clustered VMS systems going down immediately as a consequence of network disturbances, showing the "blue screen of death", whereas the Unix world continued to work, although at pathetic speed. > Did anybody step > up and say "that couldn't happen to VMS"? We knew that but, if the > marketing folks did, they didn't care to say so! > Maybe marketing folks knew that it isn't true ? ------------------------------ Date: Tue, 12 Jun 2007 02:08:56 -0700 From: IanMiller Subject: Re: Question for the Group Message-ID: <1181639336.587786.287470@z28g2000prd.googlegroups.com> I think Michael Kraemer comments are sensible. HP is not a charity and they exist to make money for their shareholders. The shareholders do not care how the money is made. If the VMS division disappeared then the impact on HP's profits and share price would be minimal. The VMS division could do better as a separate company in that selling VMS would then be the core business. However I don't know if the large companies that typically use VMS would think that the VMS company was big enough to deal with. I'm not a business person. To answer the original question - I think the complaints in this newsgroup have two negative effects 1. they provide material for the people who want to use the currently fashionable computing platforms a useful source of negative material to promote the decision they have already made. 2. any new people may have heard of VMS and read this newsgroup to find out more would gain a very negative picture. There is very little positive news here. My impression is that the majority of posts here appear to be off topic and/or negative. I don't read newsgroups dedicated to other operating systems to know if this is typical for this sort of newsgroup. If anyone here does read newsgroups for other OS then it would be interesting to know their thoughts. ------------------------------ Date: Tue, 12 Jun 2007 03:55:55 -0500 From: Ron Johnson Subject: Re: Question for the Group Message-ID: On 06/12/07 01:57, Michael Kraemer wrote: [snip] > > OTOH, at our site I've seen the remains of clustered VMS systems > going down immediately as a consequence of network disturbances, > showing the "blue screen of death", Welcome to the club. > whereas the Unix world > continued to work, although at pathetic speed. -- Ron Johnson, Jr. Jefferson LA USA Give a man a fish, and he eats for a day. Hit him with a fish, and he goes away for good! ------------------------------ Date: Tue, 12 Jun 2007 05:35:16 -0400 From: JF Mezei Subject: Re: Question for the Group Message-ID: <6e4f0$466e68db$cef8887a$27680@TEKSAVVY.COM> IanMiller wrote: > I think Michael Kraemer comments are sensible. HP is not a charity and > they exist to make money for their shareholders. The shareholders do > not care how the money is made. The current ticker symbol isn't HPC, it is HPQ to signify that the total equity is made of up HP and Compaq (which was Compaq, Digital and Tandem). HP shareholders therefore must expect HP management to leverage all assets they paid dearly for when HP bought Compaq. Remember that when Curly tried to kill VMS in 2000, the one big reason he was convinced not to kill it was that VMS was the cash cow for Compaq's unprofitable wintel business. Without VMS, Compaq was going down even faster. And Marcello told Curly that VMS customers would move to other vendors if Compaq were to announce end of VMS (and there was plenty of evidence in the 1990s when customer headed Palmer's calls to get off VMS, they also got off Digital). > If the VMS division disappeared then > the impact on HP's profits and share price would be minimal. Don't be so sure. While overall profits might not change much, the BCS and Services dvision profits would go down. "VMS" numbers may be strictly hidden, but they still are part of other divisions. > The VMS > division could do better as a separate company in that selling VMS > would then be the core business. However I don't know if the large > companies that typically use VMS would think that the VMS company was > big enough to deal with. I'm not a business person. Consider a case where Bruden were to buy VMS engineering, but would still get HP support contracts for hardware and software (with bruden acting as top level support). HP would still get business out of it, and Bruden could then market the hell out of VMS and port it to whatever platform it wanted and grow the business. At least give it a better chance. Right now, VMS has no chance. > To answer the original question - I think the complaints in this > newsgroup have two negative effects If HP is to want VMS to go away, the least the VMS community can do is to prove those who warned Stallard et all right: MAKE DAMNED SURE NO VMS CUSTOMER CONTINUES A BUSINESS RELATIONSHIP WITH HP. We cannot allow HP to get away with thinking customers are gullible and will be like good peaceful sheep and never run. I have news for you, and I tried it in New Zealand: a cycling imitating the dog bark can cause a whole heard to run and run away REALLY FAST. If HP doesn't like naysayers and really wants to grow VMS, it simply needs to show us a sign it cares. ------------------------------ Date: Tue, 12 Jun 2007 11:03:47 +0000 (UTC) From: david20@alpha2.mdx.ac.uk Subject: Re: Question for the Group Message-ID: In article <466e0aa8$0$90276$14726298@news.sunsite.dk>, =?ISO-8859-1?Q?Arne_Vajh=F8j?= writes: >Richard B. Gilbert wrote: >> I think I mentioned recently that, in the fall of 1998, I was offered a >> $5000 raise and a $5000 signing bonus to take a VMS job. When the >> company was acquired in the summer of 2004, my services were no longer >> required. By anyone! The demand for VMS people has vanished. The O/S >> has effectively vanished. It still runs in a lot of places where >> Ctrl-Alt-Del is not an option but most of those places are out of the >> public eye. > >That is the general direction since the late 90's. > >> The Robert Morris worm brought the Unix world to its knees a few years >> ago. VMS was not affected. Did anybody notice that? Did anybody step >> up and say "that couldn't happen to VMS"? We knew that but, if the >> marketing folks did, they didn't care to say so! > >"Few years" ?? > >It was in 1988 ! > And more to the point it is an extremely bad example. He has obviously never heard of the WANK worm which only attacked VAX/VMS systems in 1989 see http://www.cert.org/advisories/CA-1989-04.html or the Father Christmas worm which preceded it in 1988 see http://www.users.qwest.net/~eballen1/father_xmas.txt So yes it could happen on VMS and did happen on VMS at that point in time. Which is hardly surprising since up to that point noone had really considered the implications of weak passwords, default passwords and trust relationships between machines. These worms were the wake-up call for computer network and host security. David Webb Security team leader CCSS Middlesex University >> If your correspondent thinks the negativity here is damaging VMS, what >> does he think of HP's marketing? > >My guess is that he works there ! > >:-) > >Arne ------------------------------ Date: Tue, 12 Jun 2007 04:10:09 -0700 From: Neil Rieck Subject: Re: Question for the Group Message-ID: <1181646609.571374.3430@o11g2000prd.googlegroups.com> On Jun 11, 8:35 pm, David J Dachtera wrote: > Folks, > > I'll likely be severely chastised for this, but here goes... > > I've been carrying on an exchange by private e-mail where it was suggested that > the negativity expressed in this forum is greatly damaging to VMS. > > So, I'd like to solicit your comments on that, and also pose a question where > you can, effectively, wish for "the world": in your opinion, what would have to > happen to stem what is viewed as an endless stream of complaints and vitriol > here in comp.os.vms? > > Please express yourself freely (but take a lesson from the Illinois high school > senior who almost wound up doing time for carrying that to an extreme). I'd > recommend containing yourself only as far as to suppress obscenities and > profanity - (blank) and (Censored) work, at least for me these days - as well as > suppressing any talk of violence which could lead to untold troubles. We don't > need that distraction. > > Anyone who wishes to respond anonymously may send your reply directly to me - > how to demung the reply-to should be obvious. I will then "sanitize" and post > such messages, but be advised that I might clean up language, grammar, > punctuation, capitalization, etc. to mask characteristics that might divulge the > identity of an anonymous respondent. > > Have at it - or have at me, whatever works for you. > > -- > David J Dachtera > dba DJE Systemshttp://www.djesys.com/ In the world of engineering "positive and negative" are abstract labels but both are necessary. For example, if a robot is trying to go down the center of the road, having only positive feedback is just as bad as having only negative feedback. You need both for everything to work properly! Since many more HPQ employees lurk here than participate, I think it is wise to be honest and hope that your opinions get back into the HP rank-and-file. ### I have seen things at HPQ recently that "make me believe" that the HP division is trying to kill off the Compaq division. This may not be the intention of upper management but it seems to be happening nevertheless. At the FutureShop.ca web site you can currently by a Compaq PC that is half the price of an HP PC even though the products seem identical. I recently attended several Encompass seminars and they all seemed to lean in the direction of HP products. (OpenVMS was just mentioned in an off handed way). IMHO the only HPQ people promoting OpenVMS are the people from OpenVMS engineering like Sue and her friends. ### IMHO it was a big mistake for HPQ to kill off Alpha. So every time IBM or Sun releases a new chip I think it is wise to announce it here (HP may think we're rubbing their noses into it but in the final analysis knowing what the competition is up to only makes sense) ### IMHO both IBM and Sun are doing a better job "promoting software development tools" in order to leverage future hardware sales. If you take a look around the industry, this is the hallmark of PC businesses who usually offload that annoying software problem to Microsoft. Remember that IBM has pushed their PC business over to Lenovo while keeping the mini and mainframe business for themselves. In the mean time HP has become Dell. Neil Rieck Kitchener/Waterloo/Cambridge, Ontario, Canada. http://www3.sympatico.ca/n.rieck/ ------------------------------ Date: Tue, 12 Jun 2007 05:44:35 -0700 From: etmsreec@yahoo.co.uk Subject: Re: Question for the Group Message-ID: <1181652275.811068.157050@n15g2000prd.googlegroups.com> On the whole, there is a negative element that centres around "Itanium is dead, VMS is dead, HP have hung us out to dry, HP don't know what they've got," as well as the references to step parents etc that came in this thread. The issues that exist for VMS now are nothing to do with the people who are in charge now, the decisions were made quite a number of years ago. It's difficult to overturn the tide in IT these days with Microsoft being so all-covering. Anybody (whether HP, Dell or anyone else) who just says "we're going to support our in-house operating environments and we're not doing anything about PCs" are likely to consign themselves to a backwater and not do well with it. Sun find life hard even though they're the leaders in forgetting about Windows and going for their in-house stuff. It's called complain.os.vms for a reason... Steve On 12 Jun, 01:35, David J Dachtera wrote: > Folks, > > I'll likely be severely chastised for this, but here goes... > > I've been carrying on an exchange by private e-mail where it was suggested that > the negativity expressed in this forum is greatly damaging to VMS. > > So, I'd like to solicit your comments on that, and also pose a question where > you can, effectively, wish for "the world": in your opinion, what would have to > happen to stem what is viewed as an endless stream of complaints and vitriol > here in comp.os.vms? > > Please express yourself freely (but take a lesson from the Illinois high school > senior who almost wound up doing time for carrying that to an extreme). I'd > recommend containing yourself only as far as to suppress obscenities and > profanity - (blank) and (Censored) work, at least for me these days - as well as > suppressing any talk of violence which could lead to untold troubles. We don't > need that distraction. > > Anyone who wishes to respond anonymously may send your reply directly to me - > how to demung the reply-to should be obvious. I will then "sanitize" and post > such messages, but be advised that I might clean up language, grammar, > punctuation, capitalization, etc. to mask characteristics that might divulge the > identity of an anonymous respondent. > > Have at it - or have at me, whatever works for you. > > -- > David J Dachtera > dba DJE Systemshttp://www.djesys.com/ ------------------------------ Date: 12 Jun 2007 12:55:54 GMT From: bill@cs.uofs.edu (Bill Gunshannon) Subject: Re: Question for the Group Message-ID: <5d7jepF3350ndU2@mid.individual.net> In article <466E0065.9050500@comcast.net>, "Richard B. Gilbert" writes: > David J Dachtera wrote: >> Folks, >> >> I'll likely be severely chastised for this, but here goes... >> >> I've been carrying on an exchange by private e-mail where it was suggested that >> the negativity expressed in this forum is greatly damaging to VMS. >> >> So, I'd like to solicit your comments on that, and also pose a question where >> you can, effectively, wish for "the world": in your opinion, what would have to >> happen to stem what is viewed as an endless stream of complaints and vitriol >> here in comp.os.vms? >> >> Please express yourself freely (but take a lesson from the Illinois high school >> senior who almost wound up doing time for carrying that to an extreme). I'd >> recommend containing yourself only as far as to suppress obscenities and >> profanity - (blank) and (Censored) work, at least for me these days - as well as >> suppressing any talk of violence which could lead to untold troubles. We don't >> need that distraction. >> >> Anyone who wishes to respond anonymously may send your reply directly to me - >> how to demung the reply-to should be obvious. I will then "sanitize" and post >> such messages, but be advised that I might clean up language, grammar, >> punctuation, capitalization, etc. to mask characteristics that might divulge the >> identity of an anonymous respondent. >> >> Have at it - or have at me, whatever works for you. >> > > The "negativity" that I see appears to be a realistic assessment. H-P > does not and will not market VMS. Given that, there is little hope of > keeping the O/S alive. > > I think I mentioned recently that, in the fall of 1998, I was offered a > $5000 raise and a $5000 signing bonus to take a VMS job. When the > company was acquired in the summer of 2004, my services were no longer > required. By anyone! The demand for VMS people has vanished. The O/S > has effectively vanished. It still runs in a lot of places where > Ctrl-Alt-Del is not an option but most of those places are out of the > public eye. > While I agree with al of the above.... > The Robert Morris worm brought the Unix world to its knees a few years > ago. VMS was not affected. Did anybody notice that? Did anybody step > up and say "that couldn't happen to VMS"? We knew that but, if the > marketing folks did, they didn't care to say so! The Morris Worm did not "bring Unix to its knees". It brought any system running sendmail to its knees. Unix systems not running sendmail were not affected and if VMS had a port of sendmail running it, too, would have been affected (except that if it had sendmail it would likely have lacked enough features to remain invulnerable but that's like saying a Windows box is invulnerable to attack if you don't plug it in!!) What should be even more meaningful and disturbing is the fact that people continued to run the vulnerable versions of sendmail for years after the Worm incident. It continued to ship as the default MTA on SunOS, Solaris, IRIX and while I haven't actually had the chance to look, I would bet HP-UX, OSF1 and Tru64 as well. > > If your correspondent thinks the negativity here is damaging VMS, what > does he think of HP's marketing? It is amazing how everyone can see the problem with a lack of marketing except the management at HP. bill -- Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves bill@cs.scranton.edu | and a sheep voting on what's for dinner. University of Scranton | Scranton, Pennsylvania | #include ------------------------------ Date: 12 Jun 2007 12:47:38 GMT From: bill@cs.uofs.edu (Bill Gunshannon) Subject: Re: Question for the Group Message-ID: <5d7ivaF3350ndU1@mid.individual.net> In article <00A68FFB.C19EE991@sendspamhere.org>, VAXman- @SendSpamHere.ORG writes: > In article <466DEA3C.C88A73AD@spam.comcast.net>, David J Dachtera writes: >> >> >>Folks, >> >>I'll likely be severely chastised for this, but here goes... >> >>I've been carrying on an exchange by private e-mail where it was suggested that >>the negativity expressed in this forum is greatly damaging to VMS. >> >>So, I'd like to solicit your comments on that, and also pose a question where >>you can, effectively, wish for "the world": in your opinion, what would have to >>happen to stem what is viewed as an endless stream of complaints and vitriol >>here in comp.os.vms? > > I believe that most here are very positive about VMS. Any negativity is > the result of mistreatment by the step-parents of the bastard child VMS. Actually, I think a clear reading would show all of the negativity is towards HP and not VMS at all (even though I seem to get blamed for being negative even after fighting to keep VMS here in the CS department for years past its desired lifespan.) > I, and I'll wager others here, love VMS. Even unix lovers like VMS!! :-) > The "vitriol" of which you speak > is not directed at VMS. This is not present day public school! We do not > reward mediocre performance and turn our heads away from the substandard. > I really do believe that HP is the epitome of a "demotivational" poster I > made some time ago. It reads: > > MEDIOCRITY > Why excel when mundane is ubiquitous? > > I will now go back to proudly waving my VMS flag whilst the counter-intel- > ligence within HP attempts to subvert my ability to do so. But with their heads so deep in the sand how will they see your flag? bill -- Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves bill@cs.scranton.edu | and a sheep voting on what's for dinner. University of Scranton | Scranton, Pennsylvania | #include ------------------------------ Date: 12 Jun 2007 12:58:35 GMT From: bill@cs.uofs.edu (Bill Gunshannon) Subject: Re: Question for the Group Message-ID: <5d7jjrF3350ndU3@mid.individual.net> In article <466E0CC4.8040107@comcast.net>, "Richard B. Gilbert" writes: > Arne Vajhřj wrote: >> Richard B. Gilbert wrote: >> >>> I think I mentioned recently that, in the fall of 1998, I was offered >>> a $5000 raise and a $5000 signing bonus to take a VMS job. When the >>> company was acquired in the summer of 2004, my services were no longer >>> required. By anyone! The demand for VMS people has vanished. The >>> O/S has effectively vanished. It still runs in a lot of places where >>> Ctrl-Alt-Del is not an option but most of those places are out of the >>> public eye. >> >> >> That is the general direction since the late 90's. >> >>> The Robert Morris worm brought the Unix world to its knees a few years >>> ago. VMS was not affected. Did anybody notice that? Did anybody >>> step up and say "that couldn't happen to VMS"? We knew that but, if >>> the marketing folks did, they didn't care to say so! >> >> >> "Few years" ?? >> >> It was in 1988 ! > > When you're as old as I am, 1988 isn't all that long ago! Well put!! (From someone who still looks on his IBM 1401 and Univac 1005 days with fond memories.) bill -- Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves bill@cs.scranton.edu | and a sheep voting on what's for dinner. University of Scranton | Scranton, Pennsylvania | #include ------------------------------ Date: Tue, 12 Jun 2007 09:45:30 -0400 From: "Richard B. Gilbert" Subject: Re: Question for the Group Message-ID: <466EA37A.90402@comcast.net> Michael Kraemer wrote: > Richard B. Gilbert schrieb: > >> >> The Robert Morris worm brought the Unix world to its knees a few years >> ago. VMS was not affected. Did anybody notice that? > > > This story is as old as 1988. > BTW, a possible reason why VMS wasn't affected might by > they didn't have TCP back then. Sometimes it seems to be > an advantage to be behind. > > A little googling would reveal that around the same > time there certainly were a lot of successful VMS hacks going on, > some of them are listed at > http://www.geocities.com/SiliconValley/Lab/7378/hacker.htm > Wasn't there this easy possiblity to break in with some > field engineer password ? Many years ago, VMS shipped with known passwords for SYSTEM and FIELD (MANAGER and SERVICE). Those who neglected to change those passwords were, indeed, easily hacked. This flaw was corrected so long ago that I'm not sure when it was; some early release of V5.x or a late V4.x changed the installation process to prompt for passwords for SYSTEM and FIELD. I think there was a third default account but I can't think of the name of it. . . TEST? Now neither FIELD nor TEST exists by default; if you want them, there is a .COM file in SYS$MANAGER that will create them for you. DEC didn't offer TCP/IP but many others did: TGV, Wollongong, CMU. I had the CMU package for several years. It was free which was important. As for http://www.geocities.com/SiliconValley/Lab/7378/hacker.htm it doesn't mention many VMS hacks. Kevin Mitnick used "social engineering" to steal the VMS source, he phoned the operator on duty and claimed he had forgotten a password; I forget whether the operator reset it for him or just told him what it was. This was hardly a failure in VMS! There have been only two VMS viruses that I know of. Andy Goldstein wrote one to demonstrate the features of Secure VMS; it never left the laboratory. The other was a DCL virus written by the late Carl J. Lydick and posted to comp.os.vms/info-vax. It was a "proof of concept" that never made it into the wild. ------------------------------ Date: Tue, 12 Jun 2007 13:59:58 +0000 (UTC) From: david20@alpha2.mdx.ac.uk Subject: Re: Question for the Group Message-ID: In article <5d7jepF3350ndU2@mid.individual.net>, bill@cs.uofs.edu (Bill Gunshannon) writes: >In article <466E0065.9050500@comcast.net>, > "Richard B. Gilbert" writes: >> David J Dachtera wrote: >>> Folks, >>> >>> I'll likely be severely chastised for this, but here goes... >>> >>> I've been carrying on an exchange by private e-mail where it was suggested that >>> the negativity expressed in this forum is greatly damaging to VMS. >>> >>> So, I'd like to solicit your comments on that, and also pose a question where >>> you can, effectively, wish for "the world": in your opinion, what would have to >>> happen to stem what is viewed as an endless stream of complaints and vitriol >>> here in comp.os.vms? >>> >>> Please express yourself freely (but take a lesson from the Illinois high school >>> senior who almost wound up doing time for carrying that to an extreme). I'd >>> recommend containing yourself only as far as to suppress obscenities and >>> profanity - (blank) and (Censored) work, at least for me these days - as well as >>> suppressing any talk of violence which could lead to untold troubles. We don't >>> need that distraction. >>> >>> Anyone who wishes to respond anonymously may send your reply directly to me - >>> how to demung the reply-to should be obvious. I will then "sanitize" and post >>> such messages, but be advised that I might clean up language, grammar, >>> punctuation, capitalization, etc. to mask characteristics that might divulge the >>> identity of an anonymous respondent. >>> >>> Have at it - or have at me, whatever works for you. >>> >> >> The "negativity" that I see appears to be a realistic assessment. H-P >> does not and will not market VMS. Given that, there is little hope of >> keeping the O/S alive. >> >> I think I mentioned recently that, in the fall of 1998, I was offered a >> $5000 raise and a $5000 signing bonus to take a VMS job. When the >> company was acquired in the summer of 2004, my services were no longer >> required. By anyone! The demand for VMS people has vanished. The O/S >> has effectively vanished. It still runs in a lot of places where >> Ctrl-Alt-Del is not an option but most of those places are out of the >> public eye. >> >While I agree with al of the above.... > >> The Robert Morris worm brought the Unix world to its knees a few years >> ago. VMS was not affected. Did anybody notice that? Did anybody step >> up and say "that couldn't happen to VMS"? We knew that but, if the >> marketing folks did, they didn't care to say so! > >The Morris Worm did not "bring Unix to its knees". It brought any system >running sendmail to its knees. Unix systems not running sendmail were >not affected and if VMS had a port of sendmail running it, too, would >have been affected (except that if it had sendmail it would likely have >lacked enough features to remain invulnerable but that's like saying a >Windows box is invulnerable to attack if you don't plug it in!!) > As I recall the morris worm used rsh, fingerd and sendmail to spread not just sendmail. See http://homes.cerias.purdue.edu/~spaf/tech-reps/823.pdf Systems not running sendmail were infected. The comment "if VMS had a port of sendmail running it, too, would have been affected (except that if it had sendmail it would likely have lacked enough features to remain invulnerable but that's like saying a Windows box is invulnerable to attack if you don't plug it in!!)" is idiotic and I'm disappointed that you would make such a comment. The environment of VMS is sufficiently different from Unix that the worm would have needed to have been a different worm to have worked on VMS even if a port of Sendmail of some description had been available on VMS. As I have noted in another post VMS was not invulnerable to later worms such as the Father Christmas and WANK worms which were targetted at VMS in the same way as the Morris worm was targeted at Unix. >What should be even more meaningful and disturbing is the fact that >people continued to run the vulnerable versions of sendmail for years >after the Worm incident. It continued to ship as the default MTA on >SunOS, Solaris, IRIX and while I haven't actually had the chance to >look, I would bet HP-UX, OSF1 and Tru64 as well. > Sendmail has an extremely long history of different exploitable bugs. I remember talking to Unix colleagues over the years about Sendmail and for some reason despite it's history they always seemed to be convinced that all the problems had now been found and fixed. David Webb Security team leader CCSS Middlesex University >> >> If your correspondent thinks the negativity here is damaging VMS, what >> does he think of HP's marketing? > >It is amazing how everyone can see the problem with a lack of marketing >except the management at HP. > >bill > >-- >Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves >bill@cs.scranton.edu | and a sheep voting on what's for dinner. >University of Scranton | >Scranton, Pennsylvania | #include ------------------------------ Date: Tue, 12 Jun 2007 10:20:25 -0400 From: "Richard B. Gilbert" Subject: Re: Question for the Group Message-ID: <466EABA9.3080201@comcast.net> Bill Gunshannon wrote: > In article <466E0CC4.8040107@comcast.net>, > "Richard B. Gilbert" writes: > >>Arne Vajhřj wrote: >> >>>Richard B. Gilbert wrote: >>> >>> >>>>I think I mentioned recently that, in the fall of 1998, I was offered >>>>a $5000 raise and a $5000 signing bonus to take a VMS job. When the >>>>company was acquired in the summer of 2004, my services were no longer >>>>required. By anyone! The demand for VMS people has vanished. The >>>>O/S has effectively vanished. It still runs in a lot of places where >>>>Ctrl-Alt-Del is not an option but most of those places are out of the >>>>public eye. >>> >>> >>>That is the general direction since the late 90's. >>> >>> >>>>The Robert Morris worm brought the Unix world to its knees a few years >>>>ago. VMS was not affected. Did anybody notice that? Did anybody >>>>step up and say "that couldn't happen to VMS"? We knew that but, if >>>>the marketing folks did, they didn't care to say so! >>> >>> >>>"Few years" ?? >>> >>>It was in 1988 ! >> >>When you're as old as I am, 1988 isn't all that long ago! > > > Well put!! (From someone who still looks on his IBM 1401 and Univac 1005 > days with fond memories.) > > bill > > My first computer was an SDS 930 ca. 1965. Magnetic cores, discrete transistors. . . . Ahhhhhh, the nostalgia! ;-) But my PDA has more computing power than that thing had! ------------------------------ Date: Tue, 12 Jun 2007 10:26:19 -0400 From: Bill Todd Subject: Re: Question for the Group Message-ID: Michael Kraemer wrote: ... it's not HPs task to make > you feel comfortable but rather their shareholders. A job they have handled incompetently for the past five years in this area: does that mean people should stop pointing this out and demanding better? > For them, VMS is entirely unimportant, as you can easily > deduce from HPs quarterly results. Well, that's what 5 years of HP's incompetence preceded by another year of Compaq's tend to do to a product. In Y2K, despite a good many year of relative neglect, VMS systems still produced $4 billion in revenue and $800 million in profits for Compaq. Since VMS was not a major beneficiary of the dot-com boom, it was not a major casualty of the dot-com bust (as evidenced by revenues through mid-2001), and this by then fairly stable level of profitability could reasonably have been expected to continue had it not had the rug out from under it by the Alphacide. I suspect that HP's shareholders would be quite happy with an additional $800 million a year profit, let alone what they might have had had HP actually tried to *grow* the VMS market rather than studiously ignored it and left it to wither away at a greatly accelerated rate following the Alphacide. And, of course, those people whose livelihoods are related to some significant degree on VMS's health would be a lot happier as well (those are some of the people we find here saying embarrassing things about its owner). It's entirely appropriate for HP to feel whatever heat can be generated for its incompetent handling of VMS. And it's difficult to see how such criticism can make VMS any *worse* off than it is already: by far the primary influence on VMS's health, good or bad, is its owner. - bill ------------------------------ Date: 12 Jun 2007 14:26:36 GMT From: bill@cs.uofs.edu (Bill Gunshannon) Subject: Re: Question for the Group Message-ID: <5d7oosF33g12pU1@mid.individual.net> In article <466EABA9.3080201@comcast.net>, "Richard B. Gilbert" writes: > Bill Gunshannon wrote: >> In article <466E0CC4.8040107@comcast.net>, >> "Richard B. Gilbert" writes: >> >>>Arne Vajhřj wrote: >>> >>>>Richard B. Gilbert wrote: >>>> >>>> >>>>>I think I mentioned recently that, in the fall of 1998, I was offered >>>>>a $5000 raise and a $5000 signing bonus to take a VMS job. When the >>>>>company was acquired in the summer of 2004, my services were no longer >>>>>required. By anyone! The demand for VMS people has vanished. The >>>>>O/S has effectively vanished. It still runs in a lot of places where >>>>>Ctrl-Alt-Del is not an option but most of those places are out of the >>>>>public eye. >>>> >>>> >>>>That is the general direction since the late 90's. >>>> >>>> >>>>>The Robert Morris worm brought the Unix world to its knees a few years >>>>>ago. VMS was not affected. Did anybody notice that? Did anybody >>>>>step up and say "that couldn't happen to VMS"? We knew that but, if >>>>>the marketing folks did, they didn't care to say so! >>>> >>>> >>>>"Few years" ?? >>>> >>>>It was in 1988 ! >>> >>>When you're as old as I am, 1988 isn't all that long ago! >> >> >> Well put!! (From someone who still looks on his IBM 1401 and Univac 1005 >> days with fond memories.) >> >> bill >> >> > > My first computer was an SDS 930 ca. 1965. Magnetic cores, discrete > transistors. . . . Ahhhhhh, the nostalgia! ;-) But my PDA has more > computing power than that thing had! I always got a kick out of the "Army Standard System" It was a 360/40 that came in two "expandable" tractor trailers plus generators. 5 years later I had my first Unix box. It sat on my desk, had more memory and about 20 times the computing power of the 360. But I still miss my COBOL days. :-) bill -- Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves bill@cs.scranton.edu | and a sheep voting on what's for dinner. University of Scranton | Scranton, Pennsylvania | #include ------------------------------ Date: Tue, 12 Jun 2007 16:33:52 +0200 From: "P. Sture" Subject: Re: Question for the Group Message-ID: In article <466EA37A.90402@comcast.net>, "Richard B. Gilbert" wrote: > the installation process to prompt for passwords for SYSTEM and > FIELD. I think there was a third default account but I can't think of > the name of it. . . TEST? Now neither FIELD nor TEST exists by default; > if you want them, there is a .COM file in SYS$MANAGER that will create > them for you. SYSTEST / UETP and SYSTEST_CLIG, although I don't remember what password the latter had. -- Paul Sture ------------------------------ Date: Tue, 12 Jun 2007 08:14:31 -0700 From: ultradwc@gmail.com Subject: Re: Question for the Group Message-ID: <1181661271.039437.277200@z28g2000prd.googlegroups.com> On Jun 11, 8:35 pm, David J Dachtera wrote: > Folks, > > I'll likely be severely chastised for this, but here goes... > > I've been carrying on an exchange by private e-mail where it was suggested that > the negativity expressed in this forum is greatly damaging to VMS. > > So, I'd like to solicit your comments on that, and also pose a question where > you can, effectively, wish for "the world": in your opinion, what would have to > happen to stem what is viewed as an endless stream of complaints and vitriol > here in comp.os.vms? > > Please express yourself freely (but take a lesson from the Illinois high school > senior who almost wound up doing time for carrying that to an extreme). I'd > recommend containing yourself only as far as to suppress obscenities and > profanity - (blank) and (Censored) work, at least for me these days - as well as > suppressing any talk of violence which could lead to untold troubles. We don't > need that distraction. > > Anyone who wishes to respond anonymously may send your reply directly to me - > how to demung the reply-to should be obvious. I will then "sanitize" and post > such messages, but be advised that I might clean up language, grammar, > punctuation, capitalization, etc. to mask characteristics that might divulge the > identity of an anonymous respondent. > > Have at it - or have at me, whatever works for you. > > -- > David J Dachtera > dba DJE Systemshttp://www.djesys.com/ I used to talk on phone and thru email alot with the former managers Rich Marcello and Mark Gorham ... here is what they basically relayed ... OpenVMS will only be marketed and recommended to NICHE markets i.e. healthcare, stock exchanges, lotteries ... the mid and low end have been ignored, and only the high end customers and government are being paid attention ... To their credit, they would have loved to change the strategy of VMS, and they cracked the whip several times for me to get some product help, but their hands were tied from upper management ... has this scenario changed since their departure? It does not seem so ... and there in lies the problem ... ------------------------------ Date: Tue, 12 Jun 2007 10:52:22 -0500 From: Ron Johnson Subject: Re: Question for the Group Message-ID: On 06/12/07 09:26, Bill Gunshannon wrote: [snip] > about 20 times the computing power of the 360. But I still miss my COBOL > days. :-) Nobody here will deny that it's a great language for it's specified domain. There would be a lot fewer problems in the computing world if a lot more programs written in COBOL-85. -- Ron Johnson, Jr. Jefferson LA USA Give a man a fish, and he eats for a day. Hit him with a fish, and he goes away for good! ------------------------------ Date: Tue, 12 Jun 2007 12:00:12 -0500 From: Ron Johnson Subject: Re: Question for the Group Message-ID: On 06/12/07 08:59, david20@alpha2.mdx.ac.uk wrote: [snip] > Sendmail has an extremely long history of different exploitable bugs. > I remember talking to Unix colleagues over the years about Sendmail and for > some reason despite it's history they always seemed to be convinced that all > the problems had now been found and fixed. Complacent Unix colleagues. Exim and Postfix (originally named IBM Secure Mailer) were specifically because sendmail was recognized as being hopelessly non-securable. -- Ron Johnson, Jr. Jefferson LA USA Give a man a fish, and he eats for a day. Hit him with a fish, and he goes away for good! ------------------------------ Date: Tue, 12 Jun 2007 13:30:33 -0400 From: Dave Froble Subject: Re: Question for the Group Message-ID: > In article <466DEA3C.C88A73AD@spam.comcast.net>, David J Dachtera writes: >> >> Folks, >> >> I'll likely be severely chastised for this, but here goes... >> >> I've been carrying on an exchange by private e-mail where it was suggested that >> the negativity expressed in this forum is greatly damaging to VMS. In what manner? Seriously, if this is a valid claim, then there must be details of the damage. Challenge the correspondent to provide such details. >> So, I'd like to solicit your comments on that, and also pose a question where >> you can, effectively, wish for "the world": in your opinion, what would have to >> happen to stem what is viewed as an endless stream of complaints and vitriol >> here in comp.os.vms? When the comments no longer are true. I doubt there are many here that are interested in spreading untruths. Stifling the truth benefits whom? Answer that question, and maybe you'll be a bit closer to understanding the real issues. Let's look at a few details. Experienced developers are being let go, and when replaced, they are replaced by cheap overseas labor, which does not have the lost experience. VMS is not having features added that are now mainstream in other operating systems. It's not worth the effort to continue, it's already in the newsgroup posts. Oh, but that's what HP wants suppressed. -- David Froble Tel: 724-529-0450 Dave Froble Enterprises, Inc. E-Mail: davef@tsoft-inc.com DFE Ultralights, Inc. 170 Grimplin Road Vanderbilt, PA 15486 ------------------------------ Date: Tue, 12 Jun 2007 12:31:20 -0500 From: Ron Johnson Subject: Re: Question for the Group Message-ID: On 06/12/07 07:44, etmsreec@yahoo.co.uk wrote: [snip] > consign themselves to a backwater and not do well with it. Sun find > life hard even though they're the leaders in forgetting about Windows > and going for their in-house stuff. But even they understand the dominance of x86, and have certified Linux and Windows to run on much of their x86-64 hardware, and are selling quite a lot of x86-64 kit running Solaris 10. By open-sourcing it, they've also grown expanded techie knowledge of it to people who otherwise would have only used Linux. And by allowing ZFS to be ported to OS X, they are again expanding mindshare: "ZFS on my MacBook Pro is great. For that server I need to build at work, it'll be even better than Linux and ext3 (which is what I was planning to build)". Thus, Sun has the opportunity to sell kit and a service contract that it might not have had before, while building even more Solaris mindshare for when that person's organization needs even more, bigger kit. A very Microsoft-like plan, but without the Evilness. -- Ron Johnson, Jr. Jefferson LA USA Give a man a fish, and he eats for a day. Hit him with a fish, and he goes away for good! ------------------------------ Date: Tue, 12 Jun 2007 20:22:49 +0200 From: "P. Sture" Subject: Re: Question for the Group Message-ID: In article , Ron Johnson wrote: > On 06/12/07 07:44, etmsreec@yahoo.co.uk wrote: > [snip] > > consign themselves to a backwater and not do well with it. Sun find > > life hard even though they're the leaders in forgetting about Windows > > and going for their in-house stuff. > > But even they understand the dominance of x86, and have certified > Linux and Windows to run on much of their x86-64 hardware, and are > selling quite a lot of x86-64 kit running Solaris 10. > > By open-sourcing it, they've also grown expanded techie knowledge of > it to people who otherwise would have only used Linux. > > And by allowing ZFS to be ported to OS X, they are again expanding > mindshare: "ZFS on my MacBook Pro is great. For that server I need > to build at work, it'll be even better than Linux and ext3 (which is > what I was planning to build)". As a point of information, ZFS isn't due on OS X until the Leopard release later this year. > Thus, Sun has the opportunity to sell kit and a service contract > that it might not have had before, while building even more Solaris > mindshare for when that person's organization needs even more, > bigger kit. > > A very Microsoft-like plan, but without the Evilness. -- Paul Sture ------------------------------ Date: Tue, 12 Jun 2007 14:43:22 -0400 From: JF Mezei Subject: Re: Question for the Group Message-ID: <6efea$466ee952$cef8887a$1814@TEKSAVVY.COM> etmsreec@yahoo.co.uk wrote: > The issues that exist for VMS now are nothing to do with the people > who are in charge now, the decisions were made quite a number of years > ago. Very WRONG. Compaq has had Digital since 1999, HP since 2001. (even though the merger was only signed in may 2002, there are plenty of signs that Carly had already influence on Compaq before september 2001 when the wedding was announced). Why do restaurants often put up signs "UNDER NEW MANAGEMENT" ? Because they know that previous management was bad and customers stayed away, and want to tell everyone that the restaurant is now managed differently and will be much better. HP not only refused to put up a "under new management" sign, but they made things worse by sending the message that they would continue previous policies unchanged, right down to continued use of the "plan of record" words which evoke the huge betrayal of the Alpha massacre. HP had a chance to right the wrongs of Palmer and Curly and work from a clean sheet to gain the trust of its customers. Instead, they not only made no efforts to gain our trust, but they worked to destroy any goodwill there might have been and made things worse by allowing memos such as the Stallard memo. ------------------------------ Date: Tue, 12 Jun 2007 18:44:04 +0000 (UTC) From: helbig@astro.multiCLOTHESvax.de (Phillip Helbig---remove CLOTHES to reply) Subject: Re: Question for the Group Message-ID: In article <466DEA3C.C88A73AD@spam.comcast.net>, David J Dachtera writes: > I've been carrying on an exchange by private e-mail where it was suggested that > the negativity expressed in this forum is greatly damaging to VMS. I don't think so. Anyone reading this is probably already committed to VMS, in some way. > So, I'd like to solicit your comments on that, and also pose a question where > you can, effectively, wish for "the world": in your opinion, what would have to > happen to stem what is viewed as an endless stream of complaints and vitriol > here in comp.os.vms? The experienced people are retiring and dying, those who are still left are expensive (thought that's good for them) and on-the-job training is expensive and not of the same quality as that achieved in a less pressing environment. Thus, without youngsters learning the ropes, I don't see a long-term future for VMS, except in a niche environment. I remember the days where EVERYONE who had anything to do with computers learned on and about the VAX and VMS. Thus, I think VMS needs to re-conquer academia for it to have a long-term future. ------------------------------ Date: Tue, 12 Jun 2007 18:48:00 +0000 (UTC) From: helbig@astro.multiCLOTHESvax.de (Phillip Helbig---remove CLOTHES to reply) Subject: Re: Question for the Group Message-ID: In article <6e4f0$466e68db$cef8887a$27680@TEKSAVVY.COM>, JF Mezei writes: > Consider a case where Bruden were to buy VMS engineering, Do they have a spare billion. I know he's a strong Cubs fan, but still there has to be a limit to optimism! ------------------------------ Date: Tue, 12 Jun 2007 14:01:52 -0500 From: Chris Scheers Subject: Re: Question for the Group Message-ID: <466EEDA0.3070201@applied-synergy.com> David J Dachtera wrote: > Folks, > > I'll likely be severely chastised for this, but here goes... > > I've been carrying on an exchange by private e-mail where it was suggested that > the negativity expressed in this forum is greatly damaging to VMS. > > So, I'd like to solicit your comments on that, and also pose a question where > you can, effectively, wish for "the world": in your opinion, what would have to > happen to stem what is viewed as an endless stream of complaints and vitriol > here in comp.os.vms? As far as I can tell, the people left in this forum are those die-hards who are passionately pro-VMS. These are the people who desperately want VMS to succeed. Within this forum, the belief is that what is "greatly damaging to VMS" is its treatment by its owners. This is the source of the negativity. The only thing I can see that would reduce the negativity is a serious attempt by HP to grow the installed base of VMS. This would need to be more than the sale of a couple of large systems. It would need to recognize that small and medium system sales are required as seeds to have the chance to grow into large systems in the future. Basically, it would require an about face of what appears to be HP's current policies. Personally, I think that a port of VMS to Intel/AMD 80x86 "commodity" hardware would be a huge step in the right direction. I also don't believe (although I once did) that any of this will happen. This is the source of my negativity. NOTE: HP's policy of silence in regards to VMS has caused severe financial hardship to many in this forum as they lost jobs/clients because of their support for VMS. How could they not feel negative? -- ----------------------------------------------------------------------- Chris Scheers, Applied Synergy, Inc. Voice: 817-237-3360 Internet: chris@applied-synergy.com Fax: 817-237-3074 ------------------------------ Date: Tue, 12 Jun 2007 14:25:11 -0500 From: Ron Johnson Subject: Re: Question for the Group Message-ID: On 06/12/07 13:22, P. Sture wrote: [snip] >> >> And by allowing ZFS to be ported to OS X, they are again expanding >> mindshare: "ZFS on my MacBook Pro is great. For that server I need >> to build at work, it'll be even better than Linux and ext3 (which is >> what I was planning to build)". > > As a point of information, ZFS isn't due on OS X until the Leopard > release later this year. Well, yes, it *is* a bit of a forward-looking statement, but Apple isn't in the habit of promising the moon and delivering mud. -- Ron Johnson, Jr. Jefferson LA USA Give a man a fish, and he eats for a day. Hit him with a fish, and he goes away for good! ------------------------------ Date: Tue, 12 Jun 2007 12:34:01 -0700 From: DaveG Subject: Re: Question for the Group Message-ID: <1181676841.609771.15040@a26g2000pre.googlegroups.com> On Jun 12, 2:25 pm, Ron Johnson wrote: > On 06/12/07 13:22, P. Sture wrote: > [snip] > > > > >> And by allowing ZFS to be ported to OS X, they are again expanding > >> mindshare: "ZFS on my MacBook Pro is great. For that server I need > >> to build at work, it'll be even better than Linux and ext3 (which is > >> what I was planning to build)". > > > As a point of information, ZFS isn't due on OS X until the Leopard > > release later this year. > > Well, yes, it *is* a bit of a forward-looking statement, but Apple > isn't in the habit of promising the moon and delivering mud. > > -- > Ron Johnson, Jr. > Jefferson LA USA > > Give a man a fish, and he eats for a day. > Hit him with a fish, and he goes away for good! Can we all try to stick to the topic. Please. Thanks ------------------------------ Date: Tue, 12 Jun 2007 15:11:03 -0400 From: Chip Coldwell Subject: Re: Question for the Group Message-ID: On Mon, 11 Jun 2007, Richard B. Gilbert wrote: > > The Robert Morris worm brought the Unix world to its knees a few years ago. Quite a few years ago (almost 20): 1988. Chip -- Charles M. "Chip" Coldwell "Turn on, log in, tune out" ------------------------------ Date: Tue, 12 Jun 2007 12:43:19 -0700 From: DaveG Subject: Re: Question for the Group Message-ID: <1181677399.813557.308690@j4g2000prf.googlegroups.com> On Jun 12, 2:01 pm, Chris Scheers wrote: > David J Dachtera wrote: > > Folks, > > > I'll likely be severely chastised for this, but here goes... > > > I've been carrying on an exchange by private e-mail where it was suggested that > > the negativity expressed in this forum is greatly damaging to VMS. > > > So, I'd like to solicit your comments on that, and also pose a question where > > you can, effectively, wish for "the world": in your opinion, what would have to > > happen to stem what is viewed as an endless stream of complaints and vitriol > > here in comp.os.vms? > > As far as I can tell, the people left in this forum are those die-hards > who are passionately pro-VMS. These are the people who desperately want > VMS to succeed. > > Within this forum, the belief is that what is "greatly damaging to VMS" > is its treatment by its owners. This is the source of the negativity. > > The only thing I can see that would reduce the negativity is a serious > attempt by HP to grow the installed base of VMS. > > This would need to be more than the sale of a couple of large systems. > It would need to recognize that small and medium system sales are > required as seeds to have the chance to grow into large systems in the > future. > > Basically, it would require an about face of what appears to be HP's > current policies. > > Personally, I think that a port of VMS to Intel/AMD 80x86 "commodity" > hardware would be a huge step in the right direction. > > I also don't believe (although I once did) that any of this will happen. > > This is the source of my negativity. > > NOTE: HP's policy of silence in regards to VMS has caused severe > financial hardship to many in this forum as they lost jobs/clients > because of their support for VMS. How could they not feel negative? > > -- > ----------------------------------------------------------------------- > Chris Scheers, Applied Synergy, Inc. > > Voice: 817-237-3360 Internet: c...@applied-synergy.com > Fax: 817-237-3074 Well said Chris. And I'd like to echo his comments if Dave is keeping track of on topic comments here. Dave... ------------------------------ Date: Tue, 12 Jun 2007 15:57:39 -0400 From: JF Mezei Subject: Re: Question for the Group Message-ID: <1ad3a$466efabd$cef8887a$16234@TEKSAVVY.COM> Ron Johnson wrote: > Well, yes, it *is* a bit of a forward-looking statement, but Apple > isn't in the habit of promising the moon and delivering mud. Since beta kits to developpers are starting to be issued, I would have to assume that this is beyond "forward looking statements" stage and is actually implemented already. In the end, VMS loyalists are all jealous of Apple. They have the higher than average quality hardware, and they have the most excellent and innovative software that we know Digital was capable of doing, AND, Apple has the marketing savvy (understatement) that Digital was not able to do. The advantage of focusing for small/medium customers first is that when you then grow to larger customers, you are not cannabalising any sales. The problem with VMS and its ecosystem, especially now, is that it is priced for enterprise customers with large wallets. If you start to offer affordable VMS that includes clustering etc to small shops, then the large enterprise customers will also want those affordable boxes and this cannabalises the high-margin prices. Meanwhile, Apple can add feature after feature to its main product at USD $129 which attract more and more customers and it can then grow into larger customers with the same low prices. ------------------------------ Date: Tue, 12 Jun 2007 15:30:18 -0500 From: Ron Johnson Subject: Re: Question for the Group Message-ID: On 06/12/07 14:25, Ron Johnson wrote: > On 06/12/07 13:22, P. Sture wrote: > [snip] >>> >>> And by allowing ZFS to be ported to OS X, they are again expanding >>> mindshare: "ZFS on my MacBook Pro is great. For that server I need >>> to build at work, it'll be even better than Linux and ext3 (which is >>> what I was planning to build)". >> >> As a point of information, ZFS isn't due on OS X until the Leopard >> release later this year. > > Well, yes, it *is* a bit of a forward-looking statement, but Apple isn't > in the habit of promising the moon and delivering mud. Guess I'd better stop believing rumors! http://www.informationweek.com/story/showArticle.jhtml?articleID=199903281&cid=RSSfeed_IWK_News An Apple official on Monday said Sun Microsystems' open-source file system would not be in the next version of the Mac operating system, contradicting statements made last week by Sun's chief executive. -- Ron Johnson, Jr. Jefferson LA USA Give a man a fish, and he eats for a day. Hit him with a fish, and he goes away for good! ------------------------------ Date: 12 Jun 2007 16:34:06 -0500 From: frey@encompasserve.org (Sharon) Subject: Re: Question for the Group Message-ID: In article <466DEA3C.C88A73AD@spam.comcast.net>, David J Dachtera writes: > > So, I'd like to solicit your comments on that, and also pose a question where > you can, effectively, wish for "the world": in your opinion, what would have to > happen to stem what is viewed as an endless stream of complaints and vitriol > here in comp.os.vms? Personally, it saddens me that some people perceive us here as being too negative. As many have pointed out, most of us left here are passionate about our OS, myself included. I don't think our criticism of HP's business practices should scare off any potential customers. I think they should instead think "wow, these guys know their stuff!" It saddens me even more that HP has resisted our input, no matter how diplomatic we tried to make it. (And yes, SOME of us have been diplomatic.) It's like upper management who doesn't like their own employees to criticize; management who prefers to have only yes-men working under them. In this case, management wants only yes-men customers. That's my *perception*. I can also see many parallels between this and my own company. The product line I work on has been sold and resold to bigger and bigger companies. Now we're a tiny tiny fish in a huge ocean that offers so many other products and services that they don't really see or know us. To corporate upper management, we're nothing but numbers on a spreadsheet. They never come down to talk to us and ask us how we can improve our numbers. I guess they assume that this information will be propogated up the chain. Not likely since those who care enough to try are too busy covering for those who are skating to get a paycheck. The usual corporate environment. On a slightly different angle, most of the customers for my "obsolete" product line are small agencies. Here's a typical scenario: They got a large government grant sometime in 1973 and bought their first vaxes. They got another grant in 1989 and upgraded to alphas. They upgrade their VMS when they upgrade the hardware because that's all they can afford to do. HP probably has no clue these guys are even out there as their customers. The few richer customers who can stay relatively current on their equipment are now gradually upgrading to Itanium. The others are upgrading slowly to refurbished alphas. They're definitely NOT keeping up with current technology or any road map HP cares to offer. There's not much we can do about it either for two primary reasons: 1. cost and risk of downtime during the upgrade, and 2. if it aint broke, don't fix it. Of course, that #2 also tells you something... - Sharon "Gravity... is a harsh mistress!" VMS 4VR ------------------------------ Date: Tue, 12 Jun 2007 17:41:44 -0700 From: AEF Subject: Re: Question for the Group Message-ID: <1181695304.787334.21080@z28g2000prd.googlegroups.com> On Jun 12, 3:35 am, Michael Kraemer wrote: > JF Mezei schrieb: > > > Not long ago, there was an article on how airlines now assign employees > > to monitor discussion groups on the internet to spot horror stories, > > investigate internally and fix problems to prevent/reduce such horror > > stories. > > > Not only have airline realised that the bad publicity is hurting them, > > but they have realised that these forums are a great place to spot > > problems in their "systems" and bypass layers of employees who are > > affraid to report bad news to their bosses. > > You seem to forget that for those airlines their main business > is at stake, whereas for HP VMS is a negligible quantity. > > > HP HAS BEEN REPEATEDLY GIVEN SIMPLE TASKS IT CAN DO TO SHUT US UP AND > > MAKE US FEEL COMFORTABLE (marketing) AND HP HAS STEADFASTEDLY REFUSED TO > > CHANGE ITS POLICY TO PREVENT MARKETING OF VMS. > > You repeatedly seem to forget that it's not HPs task to make > you feel comfortable but rather their shareholders. Yes, but we believe HP is mistaken in allowing a proven money-maker (when supported properly by its owner) to languish for no apparent reason. We believe the shareholders would like more profits even if they came from VMS! > For them, VMS is entirely unimportant, as you can easily > deduce from HPs quarterly results. Yes, VMS is unimportant to them. But that ignores its POTENTIAL. We're saying the situation with VMS is bad and you're telling us "but the situation is bad, so why bother". That's EXACTLY why to bother. If it were good, we wouldn't be having this discussion! It's the POTENTIAL. > > HP should know that the short live "renaissance" preiod not long before > > the premedidated massacre of Alpha had caused VMS to grow by close to > > 10% in a few months. > > There still is no evidence that one has to do with the other. Is there a better competing explanation? > Even if it was so, even a 100% growth wouldn't be noticeable > on HPs bottom line. > Also, I wasn't aware that the typical VMS customer is > susceptible for short term marketing. If HP had allowed its printer and imaging dept. to shrink to VMS levels would you be saying the same things? Would it kill them to spend a small portion of VMS profits on some solid marketing? And if it worked, and I think it would, would the shareholders come yelling "What? All these increased profits are from sales of VMS? Horrors! I'm selling my shares right away. I don't want any profits if they're from selling VMS! I'm OUTRAGED!!!" > > > And that was a very modest marketing budget. But it > > proves that VMS has great potential. > > It doesn't prove anything. Maybe HP is smarter than you > think, they have analyzed their situation and concluded > that it isn't worth a marketing dime to try expand their > user base beyond the usual legacy crowd. This is essentially Maybe not. Businesses don't always do what's best for themselves. Banks fought the gov't against the requirement for a $50 maximum liability for lost or stolen credit cards, but that may well be what made their acceptance by customers so easy! And the banks have profited quite handsomely from credit cards. (Well, I remember reading this in an Op-Ed article.) > what that lady, Ann Livermore (?), publicly stated. > There you have HPs official word on the whole story. Can you please supply a link? I missed it. > > And if you are a former employee, then your letter to Hurd could have > > far greater impact if you can freely "tell it like it is" and point to > > the very poeple who are squandering a great source of revenus/profits > > and misguiding Hurd on the true potential of VMS. > > What profits ? Look at those Q2 results and figure it out yourself. > Even if you're optimistic and assume 1/3 of BCS to be VMS > this would mean $300M revenue and $60M profit > (assuming 20% margin is still true, which isn't that far away > from HP average 8%, BTW), almost negligible compared to the > $2000M profit of HP in total. Again you're justifying letting the patient die by saying, "Look, the patient is dying. Let's go home." It's the POTENTIAL profits. High- margin profits. History has proved that companies are willing to spend more for VMS if it weren't allowed to languish as it is. Would it kill HP to try? Would the shareholders revolt if profits from VMS increased? Doesn't it make sense to market your high-margin products? AEF ------------------------------ Date: Wed, 13 Jun 2007 02:48:08 -0400 From: Dave Froble Subject: Re: Question for the Group Message-ID: <-_mdndF8G-fSD_LbnZ2dnUVZ_jednZ2d@libcom.com> > In article <466DEA3C.C88A73AD@spam.comcast.net>, David J Dachtera writes: >> So, I'd like to solicit your comments on that, and also pose a question where >> you can, effectively, wish for "the world": in your opinion, what would have to >> happen to stem what is viewed as an endless stream of complaints and vitriol >> here in comp.os.vms? Ok, here's my perception on HP and VMS. First, HP "won the war" and gets to decide what business they want to be in. It's only natural for them to favor the traditional HP products over the new acqusitions. Hence Stallard and HP-UX. Then there is the questions of what Compaq wanted out of DEC, and HP wanted out of Compaq. In both cases, it sure wasn't VMS. So, if customers insist on continuing to give money to HP, well, HP will take it as long as it lasts, but won't do a damn thing to attempt to grow that particular market. Basically, it's a business that they just don't want. -- David Froble Tel: 724-529-0450 Dave Froble Enterprises, Inc. E-Mail: davef@tsoft-inc.com DFE Ultralights, Inc. 170 Grimplin Road Vanderbilt, PA 15486 ------------------------------ Date: Wed, 13 Jun 2007 09:55:06 +0200 From: Michael Kraemer Subject: Re: Question for the Group Message-ID: IanMiller schrieb: > My impression is that the majority of posts here appear to be off > topic and/or negative. I don't read newsgroups dedicated to other > operating systems to know if this is typical for this sort of > newsgroup. If anyone here does read newsgroups for other OS then it > would be interesting to know their thoughts. Well, the fraction of "advocacy posts" here is certainly higher than in the typical Unix admin groups, although recently some ranting was going on in comp.unix.aix too. What happens in c.o.v is similar to what happened in the OS/2 and Amiga newsgroups during their decline about a decade or so ago. ------------------------------ Date: Wed, 13 Jun 2007 10:05:44 +0200 From: Michael Kraemer Subject: Re: Question for the Group Message-ID: Ron Johnson schrieb: > On 06/12/07 01:57, Michael Kraemer wrote: > [snip] > >> >> OTOH, at our site I've seen the remains of clustered VMS systems >> going down immediately as a consequence of network disturbances, >> showing the "blue screen of death", > > > Welcome to the club. > Such things happened frequently more than a decade ago, when there was only BNC ethernet. Somebody left the cable open, and all the VAXstations downstream died and rebooted. An NFS-mounted Unix box just froze, but usually resumed operation when reconnected. If the whole VMS cluster was affected, and it happened friday afternoon, you could leave for the weekend. Such incidents were one of the reasons to leave VMS for greener Unix pastures. Now we have TP cabling, and the funny thing is, similar incidents occured several times as recent as last year. Which raises some doubts about the claimed superiority of VMS clustering. ------------------------------ Date: Wed, 13 Jun 2007 10:46:25 +0200 From: Michael Kraemer Subject: Re: Question for the Group Message-ID: AEF schrieb: > > Can you please supply a link? I missed it. It's the well-known webcast transcription: http://mail.openvms.org:8100/Lists/news/Message/18.html the way I read this is that HP has tried, but failed. > > Again you're justifying letting the patient die by saying, "Look, the > patient is dying. Let's go home." It's the POTENTIAL profits. High- > margin profits. > > History has proved that companies are willing to spend more for VMS if > it weren't allowed to languish as it is. Would it kill HP to try? > Would the shareholders revolt if profits from VMS increased? Doesn't > it make sense to market your high-margin products? Well, I'm not in HPs shoes and I have no business in defending their actions, I just find their strategy comprehensible. Why should they put extra effort on such a tiny fraction of their business ? Even if VMS revenue was several times larger at the time of the Compaq takeover, it still was dwarfed by HPs ink ocean. As far as the potential goes: I think (as does probably HP) you vastly overestimate that, the hey-days of VMS are long gone. The few companies who still believe VMS is indispensable for their IT will buy it anyway, without marketing. Its (almost) just like IBM treat their "legacy" iSeries/zSeries business. ------------------------------ Date: Wed, 13 Jun 2007 11:15:57 +0200 From: Michael Kraemer Subject: Re: Question for the Group Message-ID: Bill Todd schrieb: > A job they have handled incompetently for the past five years in this > area: does that mean people should stop pointing this out and demanding > better? I have the impression that people demand HP to roll back time into VMS' hey-days. Which is probably impossible, even if they wanted to. > > In Y2K, despite a good many year of relative neglect, VMS systems still > produced $4 billion in revenue and $800 million in profits for Compaq. > Since VMS was not a major beneficiary of the dot-com boom, it was not a > major casualty of the dot-com bust (as evidenced by revenues through > mid-2001), and this by then fairly stable level of profitability could > reasonably have been expected to continue had it not had the rug out > from under it by the Alphacide. > > I suspect that HP's shareholders would be quite happy with an additional > $800 million a year profit, let alone what they might have had had HP > actually tried to *grow* the VMS market rather than studiously ignored > it If this would have panned out or not is pure speculation, as is the projection of past profits into the future. > and left it to wither away at a greatly accelerated rate following > the Alphacide. Burning the boats before the bridge is ready certainly isn't a brilliant idea for somebody trying to cross a river. OTOH, it is a waste of time and energy to bitch endlessly about HPs past mistakes. > And, of course, those people whose livelihoods are related to some > significant degree on VMS's health would be a lot happier as well (those > are some of the people we find here saying embarrassing things about its > owner). that's certainly sad for those people, but such things happen when an ecological niche vanishes. The only way out is to diversify or to evolve away. The writing has been on the wall for quite some time now. ------------------------------ Date: Wed, 13 Jun 2007 02:35:58 -0700 From: Neil Rieck Subject: Re: Question for the Group Message-ID: <1181727358.499450.153810@x35g2000prf.googlegroups.com> On Jun 12, 10:26 am, Bill Todd wrote: [...snip...] > > It's entirely appropriate for HP to feel whatever heat can be generated > for its incompetent handling of VMS. And it's difficult to see how such > criticism can make VMS any *worse* off than it is already: by far the > primary influence on VMS's health, good or bad, is its owner. > > - bill > Well said. I agree 100% Neil Rieck Kitchener/Waterloo/Cambridge, Ontario, Canada. http://www3.sympatico.ca/n.rieck/ ------------------------------ Date: Wed, 13 Jun 2007 05:37:14 -0400 From: JF Mezei Subject: Re: Question for the Group Message-ID: <6bbcc$466fbacc$cef8887a$16700@TEKSAVVY.COM> Michael Kraemer wrote: > I have the impression that people demand HP to roll > back time into VMS' hey-days. Which is probably impossible, even > if they wanted to. We just want HP to at least try. We are not asking to subsidize VMS. But we are asking for VMS to be given the freedom to use its own money to market itself. We are asking that VMS be allowed to push press releases through the official HP channels. We are asking for VMS to be mentioned by HP corporate manegement as a product with lots of potential etc. If HP really does give it a good try and it still doesn't work, then we can all know what will happen next. But if HP doesn't try, or gives it a dishonest try (designed to fail, but also designed so they can tell us they tried) then it is not a fair treatment. The board could have thrown La Carly out when she started to want to distract from her poor performance by getting married to Compaq. If HP wasn't interested in getting all the baggage that came with Compaq, they shouldn't have bought Compaq. The only unique product HP got from Compaq that it was interested in was the Ipaq (now called HPAQ) and at that time, Compaq still had some sort of exclusivity deal for that platform. But HP could have negotiated something with Microsoft to also give it access to this platform. None of the other products from Compaq were of interest to HP since they already had their own. Note that the Compaq board, upon realising they didn't have what it took to attract a real CEO to replace Pfeiffer, they threw in the towel. They gave the accountant a permanent promotion as CEO and told him to meet with M&A bankers to find a buyer for Compaq. In his book, Lou Gerstner discusses how bankers approached him in 2000 to pitch the concept of IBM buying Compaq. Consider how Apple was able to bring its Macintosh back to life. It still isn't too late to put VMS back on a growth curve. ------------------------------ Date: Wed, 13 Jun 2007 11:03:07 GMT From: VAXman- @SendSpamHere.ORG Subject: Re: Question for the Group Message-ID: <00A69111.5BCAB1C0@SendSpamHere.ORG> In article <-_mdndF8G-fSD_LbnZ2dnUVZ_jednZ2d@libcom.com>, Dave Froble writes: {...snip...} >So, if customers insist on continuing to give money to HP, well, HP will >take it as long as it lasts, but won't do a damn thing to attempt to >grow that particular market. Basically, it's a business that they just >don't want. I can't even get them to take the money I give them. -- VAXman- A Bored Certified VMS Kernel Mode Hacker VAXman(at)TMESIS(dot)COM "Well my son, life is like a beanstalk, isn't it?" ------------------------------ Date: Wed, 13 Jun 2007 11:07:32 GMT From: VAXman- @SendSpamHere.ORG Subject: Re: Question for the Group Message-ID: <00A69111.F9A6C965@SendSpamHere.ORG> In article , Michael Kraemer writes: > > >Ron Johnson schrieb: >> On 06/12/07 01:57, Michael Kraemer wrote: >> [snip] >> >>> >>> OTOH, at our site I've seen the remains of clustered VMS systems >>> going down immediately as a consequence of network disturbances, >>> showing the "blue screen of death", >> >> >> Welcome to the club. >> > >Such things happened frequently more than a decade >ago, when there was only BNC ethernet. Somebody left the cable open, >and all the VAXstations downstream died and rebooted. >An NFS-mounted Unix box just froze, but usually resumed operation when >reconnected. If the whole VMS cluster was affected, and it happened >friday afternoon, you could leave for the weekend. >Such incidents were one of the reasons to leave VMS for greener Unix >pastures. >Now we have TP cabling, and the funny thing is, >similar incidents occured several times as recent as last year. >Which raises some doubts about the claimed superiority of VMS clustering. Such things happened frequently more than a decade ago. Somebody pulled the electric cord from the wall socket and there was darkness all around. Similar incidents occured several times as recent as this year. Which raises some doubts about the claimed superiority of the electric lamp. -- VAXman- A Bored Certified VMS Kernel Mode Hacker VAXman(at)TMESIS(dot)COM "Well my son, life is like a beanstalk, isn't it?" ------------------------------ Date: Wed, 13 Jun 2007 05:42:33 -0700 From: BaxterD@tessco.com Subject: Re: Question for the Group Message-ID: <1181738553.834005.64810@a26g2000pre.googlegroups.com> On Jun 13, 4:05 am, Michael Kraemer wrote: > Ron Johnson schrieb: > > > On 06/12/07 01:57, Michael Kraemer wrote: > > [snip] > > >> OTOH, at our site I've seen the remains of clustered VMS systems > >> going down immediately as a consequence of network disturbances, > >> showing the "blue screen of death", > > Such things happened frequently more than a decade > ago, when there was only BNC ethernet. Somebody left the cable open, > and all the VAXstations downstream died and rebooted. > An NFS-mounted Unix box just froze, but usually resumed operation when > reconnected. If the whole VMS cluster was affected, and it happened > friday afternoon, you could leave for the weekend. > Such incidents were one of the reasons to leave VMS for greener Unix > pastures. > Now we have TP cabling, and the funny thing is, > similar incidents occured several times as recent as last year. > Which raises some doubts about the claimed superiority of VMS clustering. In my experience, the type of incident described above are simply the result of poor cluster configuration. If you don't provide redundency then these things will happen to anyone. The failures of the technical staff who designed the configuration, be they local, HP/ Compaq/Digital, cannot and should not be blamed on the OS. Since UNIX systems tend to share nothing, a "freeze" is sufficient for them to survive, however in Real Clustering, nodes share everything therefore a break in communication requires a much more complex response. A proper configuration would ensure that communication could not be interupted. I dont know how long ago this incident occurred, but if the VAXStations clustered over the network died, then it was probably because they were booted over the network from the main cluster system disk. Had they been booted from internal system disks, (and no VOTES) they would have simply hung until the re-connection interval timed out. If the connection was restored within this time then they would simply have continued work. It really pisses me off when.... (No! I won't start!) Dave. ------------------------------ Date: 13 Jun 2007 08:57:02 -0500 From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) Subject: Re: Question for the Group Message-ID: In article , Michael Kraemer writes: > Richard B. Gilbert schrieb: > >> >> The Robert Morris worm brought the Unix world to its knees a few years >> ago. VMS was not affected. Did anybody notice that? > > This story is as old as 1988. > BTW, a possible reason why VMS wasn't affected might by > they didn't have TCP back then. Sometimes it seems to be > an advantage to be behind. We certainly did have IP back then. > A little googling would reveal that around the same > time there certainly were a lot of successful VMS hacks going on, > some of them are listed at > http://www.geocities.com/SiliconValley/Lab/7378/hacker.htm > Wasn't there this easy possiblity to break in with some > field engineer password ? Knowing a password will allow you to break in to any computer. ------------------------------ Date: Wed, 13 Jun 2007 12:42:16 -0400 From: Dave Froble Subject: Re: Question for the Group Message-ID: Michael Kraemer wrote: > Bill Todd schrieb: > >> A job they have handled incompetently for the past five years in this >> area: does that mean people should stop pointing this out and >> demanding better? > > I have the impression that people demand HP to roll > back time into VMS' hey-days. Which is probably impossible, even > if they wanted to. When there are competing products being marketed, what do producers do to attempt to promote their products? One answer is to publicize any differences that may cause one product to be preferred over others. It may be easy to make some blanket claim about obscurity, but, such is rather meaningless without some data to back it up. However, there is plenty of data to indicate that VMS would not be be victimized by many of the security breaches that have happened. Not all, and some could have happened to any system. But enough for a producer to 'beat the drums' for their product when security breaches are in the news. Same argument for disaster tolerant clusters. Now, I don't get out much, but even those who do haven't seen any such actions from HP. There appears to be no promotion of VMS occurring. People who are paying HP money for VMS and services have, in my opinion, the right to ask for such promotion. There are no demands to roll back time. There is just the reasonable requests to give the product a chance. -- David Froble Tel: 724-529-0450 Dave Froble Enterprises, Inc. E-Mail: davef@tsoft-inc.com DFE Ultralights, Inc. 170 Grimplin Road Vanderbilt, PA 15486 ------------------------------ Date: Wed, 13 Jun 2007 11:47:05 -0500 From: Ron Johnson Subject: Re: Question for the Group Message-ID: On 06/13/07 04:37, JF Mezei wrote: [snip] > > > Consider how Apple was able to bring its Macintosh back to life. It > still isn't too late to put VMS back on a growth curve. Tech comebacks are *extraordinarily* rare. It needs a visionary leader like Steve Jobs or Lou Gerstner. And even though Apple has come back from the brink, and is profitable, the Mac still has only ~5% market share (which I believe is less than in the late 80s). It's big cash cow is the iPod, which is why "Computer" isn't part of Apple's name anymore. -- Ron Johnson, Jr. Jefferson LA USA Give a man a fish, and he eats for a day. Hit him with a fish, and he goes away for good! ------------------------------ Date: Wed, 13 Jun 2007 11:49:10 -0500 From: Ron Johnson Subject: Re: Question for the Group Message-ID: On 06/13/07 03:46, Michael Kraemer wrote: [snip] > > As far as the potential goes: I think (as does probably HP) > you vastly overestimate that, the hey-days of VMS are long gone. > The few companies who still believe VMS is indispensable for their > IT will buy it anyway, without marketing. > Its (almost) just like IBM treat their "legacy" iSeries/zSeries business. IBM is expanding the z/Series (or whatever it's called now) market by selling it as a great Linux server consolidation platform. -- Ron Johnson, Jr. Jefferson LA USA Give a man a fish, and he eats for a day. Hit him with a fish, and he goes away for good! ------------------------------ Date: 13 Jun 2007 16:49:56 GMT From: bill@cs.uofs.edu (Bill Gunshannon) Subject: Re: Question for the Group Message-ID: <5dalhkF33r3kgU4@mid.individual.net> In article , Dave Froble writes: > Michael Kraemer wrote: >> Bill Todd schrieb: >> >>> A job they have handled incompetently for the past five years in this >>> area: does that mean people should stop pointing this out and >>> demanding better? >> >> I have the impression that people demand HP to roll >> back time into VMS' hey-days. Which is probably impossible, even >> if they wanted to. > > When there are competing products being marketed, what do producers do > to attempt to promote their products? One answer is to publicize any > differences that may cause one product to be preferred over others. > > It may be easy to make some blanket claim about obscurity, but, such is > rather meaningless without some data to back it up. However, there is > plenty of data to indicate that VMS would not be be victimized by many > of the security breaches that have happened. Not all, and some could > have happened to any system. But enough for a producer to 'beat the > drums' for their product when security breaches are in the news. > > Same argument for disaster tolerant clusters. And here's a good data point on thisone. We have had a lot of local press lately (Front page of all the Sunday papers this past weekend) about the fact that we are int he process of becoming "Wall Street West". Many of the big Wall Street business are in the process of constructing back-up sites here in Eastern PA, primarily n the Poconos but some as far west as Wilkes-Barre and Scranton. We are 120 road miles from NYC. Wouldn't this be an ideal example of a long distance VMS Cluster with the opportunity for plenty of free press not just in the IT rags, but in the general press and financial rags as well. bill -- Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves bill@cs.scranton.edu | and a sheep voting on what's for dinner. University of Scranton | Scranton, Pennsylvania | #include ------------------------------ Date: Wed, 13 Jun 2007 13:22:24 -0400 From: Stephen Hoffman Subject: Re: Question for the Group Message-ID: Ron Johnson wrote: > And even though Apple has come back from the brink, and is profitable, > the Mac still has only ~5% market share (which I believe is less than in > the late 80s). It's big cash cow is the iPod, which is why "Computer" > isn't part of Apple's name anymore. Market volume is something that the pundits and the marketeers can and do love to focus on. The "Mine is bigger than yours" advertising goes back a very long way. It's easy to write about, and it helps easily feed the content monsters; it fills column inches and web pages. It sounds good, too. With OpenVMS or Mac OS X or any other serious commercial product, it's the revenues and the revenue trends that are the key. How many you make and even how many you sell is irrelevant. How much profit you make, and how much you profit you might make again tomorrow is what is central. Vendors don't advertise this detail, and likely never will. If you have targeted and have the more profitable parts of a larger market, even 5% of a larger market looks a whole lot better than slogging away competing in the other and less-profitable parts of the larger market. Even if you have a rounding-error fraction of the market, you can still be set up to make profits -- OpenVMS targets a very small segment of the market. Apple has a focus on the richest parts of the market, and makes leading-edge products that target these markets -- both high features, and low prices, and signature industrial designs. There's a sweet spot here, in terms how how many widgets you might make, and how many you can sell. Make too many, or try to compete in markets with lower revenues, and your profits can or do go down. Make too few, and you might support and even increase your prices and profits, or you might not be not maximizing your profits. It's a form of calculus, and the area under the curves covers your costs and your profits. The return from particular markets -- whether Mac OS X, iPods, OpenVMS or otherwise -- is something most vendors guard carefully. Beyond what little is in the 10-Q, you usually won't find this sort of revenue and market break-down anywhere public. But you can be certain vendors are looking at this, and know this. The marketeers and the pundits never mention that any commercial entity (with deep enough pockets) can sell a gazillion widgets. The question is whether you can sell that gazillion widgets and recover a sufficiently large profit in the process. And nobody has a one-size-fits-all solution in any competitive market. Linux, Windows, Mac OS X, OpenVMS all have (different) market targets. -- www.HoffmanLabs.com Services for OpenVMS ------------------------------ Date: Tue, 12 Jun 2007 16:54:34 +0200 From: Michael Unger Subject: Re: Reflection's VT emulation Message-ID: <5d7r0dF33pm5eU1@mid.individual.net> On 2007-06-12 02:15, "David J Dachtera" wrote: > [...] > > Reflection/2, /4, etc. are character-cell terminal emulators. That's correct of course -- I was primarily replying to John's question regarding Reflection's VT emulation ... Michael -- Real names enhance the probability of getting real answers. My e-mail account at DECUS Munich is no longer valid. ------------------------------ Date: Wed, 13 Jun 2007 16:28:31 +0800 From: "Richard Maher" Subject: RMS equiv of ACP fch$m_directory? Message-ID: Hi, Does anyone know if there is a RMS (fab, nam, xab) bit somewhere that corresponds to the $QIO ACP file characteristic FCH$M_DIRECTORY? I can fully appreciate a possible "Yeah, it's called a file-type and it'll have '.DIR' in it." response, but before going down that path, I'd just like to check if RMS surfaced the directory characteristic somewhere else after an $open. Cheers Richard Maher ------------------------------ Date: Wed, 13 Jun 2007 19:46:27 +0930 From: Mark Daniel Subject: Re: RMS equiv of ACP fch$m_directory? Message-ID: <136vdm8hc710uc9@corp.supernews.com> Richard Maher wrote: > Hi, > > Does anyone know if there is a RMS (fab, nam, xab) bit somewhere that > corresponds to the $QIO ACP file characteristic FCH$M_DIRECTORY? > > I can fully appreciate a possible "Yeah, it's called a file-type and it'll > have '.DIR' in it." response, but before going down that path, I'd just like > to check if RMS surfaced the directory characteristic somewhere else after > an $open. > > Cheers Richard Maher http://h71000.www7.hp.com/wizard/wiz_2858.html itm.xab$b_bln = XAB$C_ITMLEN; /* no template available ?! */ itm.xab$b_cod = XAB$C_ITM; itm.xab$l_itemlist = (char *) &uchar_items; itm.xab$b_mode = XAB$K_SENSEMODE; http://wasd.vsm.com.au/conan/sys$common/syslib/sys$starlet_c.tlb?key=XABITMDEF #define XAB$_UCHAR_DIRECTORY 139 /* (sense) FCH$V_DIRECTORY */ -- Chrono-synclastic infundibulum ... those places ... where all the different kinds of truths fit together. [Kurt Vonnegut; The Sirens of Titan] ------------------------------ Date: Wed, 13 Jun 2007 10:09:00 -0400 From: Stephen Hoffman Subject: Re: RMS equiv of ACP fch$m_directory? Message-ID: Richard Maher wrote: > Does anyone know if there is a RMS (fab, nam, xab) bit somewhere that > corresponds to the $QIO ACP file characteristic FCH$M_DIRECTORY? XABITM with XAB$_UCHAR_DIRECTORY can read this attribute. -- www.HoffmanLabs.com Services for OpenVMS ------------------------------ Date: 13 Jun 2007 08:06:57 -0500 From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) Subject: Re: SAMBA not ready to be a replacement for PathWorks Message-ID: <4BC5xyWQsKFQ@eisner.encompasserve.org> In article <00A68EBE.15EB1E39@SendSpamHere.ORG>, VAXman- @SendSpamHere.ORG writes: > > Yesterday, I assisted a site in updated their V7.2-2 system to V8.3. > Mostly as a test to see what was needed to get them up in production > on V8.3. Since there is no more PathWorks or Advanced Server, they > were interested in trying SAMBA. At home, I have my Powerbook and I > can share files with VMS (some files ;) ). When I configured SAMBA > to serve one user directory at this site, this user tried to open a > text file using whatever one would use on a Weendoze box to open up > a text file (NoteEdit?). The text previewed as if it was typed with- > out ever hitting a carriage return. I then connected to this exact > same share with my Powerbook and the data was just fine. Go figya! > This user said that with PathWorks, they can open the same types of > files (most of these are reports written by their business apps) and > they appear as if carriage returns were there. This depends very much on which aqpplication was used. Some will only understand Windows CRLF files, some will be OK if they get UNIX LF files. The only "magic" available is to try a different application. emacs and Wordpad are better at this than Notepad. It doesn't matter whether the file is local or network served. The only "standard" application is whatever the user setup as this is trivial to change and will sometimes get changed without the realization by an inatentive user. There are utilities: dos2unix and unix2dos which will try to convert between the standards he two different OS use. For obvious reasons a round trip is not guarranteed to match the original. ------------------------------ Date: 13 Jun 2007 08:08:09 -0500 From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) Subject: Re: SAMBA not ready to be a replacement for PathWorks Message-ID: In article <00A68EC9.3F4E9F4F@SendSpamHere.ORG>, VAXman- @SendSpamHere.ORG writes: > > Written by Malmberg! Thanks, this explains what is being seen but it > still does not answer why HP is pushing it as a PathWorks replacement > *IF* it doesn't work. It probably works as well as it can given the lack of real file system on the client. ------------------------------ Date: Tue, 12 Jun 2007 23:49:28 GMT From: winston@SSRL.SLAC.STANFORD.EDU (Alan Winston - SSRL Central Computing) Subject: Secure IMAP on TCP/IP Services 5.6 on VMS 8.3I? Message-ID: <00A6909A.1AC863C5@SSRL.SLAC.STANFORD.EDU> VMSers -- Anybody out there got TCP/IP services IMAP configured to go over SSL? I'm looking at the manual at http://h71000.www7.hp.com/DOC/83final/6526/BA548_90006.PDF and it talks about how to do it for POP but doesn't discuss IMAP. (My other cluster systems are Alphas running PMDF and use the PMDF IMAP with TLS. I'll probably be doing that on this node eventually, but not now.) So, does this work? Can I just use the TCPIP$POP logical names and replace 'em set TCPIP$IMAP equivalents and expect anything good to happen? Thanks, -- ALan ------------------------------ Date: 12 Jun 2007 06:38:54 -0500 From: Kilgallen@SpamCop.net (Larry Kilgallen) Subject: Re: Security Standards (was: Another opportunity) Message-ID: In article <5d567qF335oqgU1@mid.individual.net>, bill@triangle.cs.uofs.edu (Bill Gunshannon) writes: > A draft document has just come out of NIST called "Guidelines on Securing > Public Web Servers (Draft)". > > Just started it but I already noticed a paragraph (3.6.1) that is right > up VMS's alley. So, anybody taking bets on wether or not HP will levarge > this great marketing opportunity? There is a difference between what government theories are published and what customers actually want to buy. The A1 Security Kernel DEC built for VAX is a great example. In fact, the market for Trusted Operating Systems has dwindled so that SEVMS is not longer offered on contemporary hardware. SEVMS V6.2 is the most recent versions, so far as I know. One of the points in that paragraph is: "What is the underlying OS and how has it fared in security testing ?" VMS has not been evaluated under the Common Criteria at all. The VMS Security Product Manager has repeatedly stood up at customer meetings and asked "to how many of you is Common Criteria evaluation important?" Such inquiries have been met by a resounding silence. ==================== If you want a draft government standard headed toward having the force of law behind it, look further up on page http://csrc.nist.gov/publications/drafts.html to the 800-53A Third Public Draft at http://csrc.nist.gov/publications/drafts/800-53A/SP-800-53A-tpd-final-sz.pdf Comments are open until July 31, 2007. I have found in many cases they _will_ make changes in response to comments (except for minimum password lifetimes, where they seem to be wearing Microsoft-blinders). ------------------------------ Date: Wed, 13 Jun 2007 08:27:01 -0700 From: "Tom Linden" Subject: Shells WAS: Re: Another opportunity Message-ID: On Wed, 13 Jun 2007 08:38:12 -0700, Ron Johnson wrote: > On 06/13/07 08:34, Bob Koehler wrote: >> In article , Ron Johnson >> writes: >>> Unix keeps reinventing it's innards and outards(??), though (newer, >>> better filesystems, newer shells with more features, fancier GUIs, >>> etc, etc ad nauseum). >>> >>> BSD and Linux internally look *nothing* like AT&T Unix. (Their >>> lawyers ensured that.) >> Much work has been done on the innards and outards of UNIX, but >> the two mode OS with a cryptic shell is and remains typical late >> 1960s design. Everyon else was doing those in the late 1960s, too. >> The sad thing is that children born of the late 1970s, and later, >> are exposed to is as the only example of things like how to write >> a powerfull shell. > > 4DOS was (and 4NT is) a powerful shell. But most Windows users stick > with the GUI. > >> Compare that to my wife, who left computing as a career in the early >> 1980s and can't understand why we put up with these things because >> "We had better". > > If DCL had been constantly improved like bash 1.0 was an improvement > over the Bourne shell (and how bash has improved over the years as has > the zsh, which some people rave over), then it would definitely be > greater than bash. REXX would be great on VMS, much better than bash (which I have used since early 80's) and also better than DCL > > OTOH, I occasionally have to use ksh on an HP-UX box, and man, it is > *painful*. > -- PL/I for OpenVMS www.kednos.com ------------------------------ Date: Tue, 12 Jun 2007 12:28:18 -0400 From: sol gongola Subject: Re: SMTP.CONFIG: Reject-Mail-From: for part of an address? Message-ID: Phillip Helbig---remove CLOTHES to reply wrote: > Will Reject-Mail-From: work with PART of an email address, or does it > need a whole address? In other words, can one use this to reject mail > from, for example, a certain (sub)domain or whatever? > I have been using it with things like *cool-offer*,*postmasterdirect*,*freelotto.com from http://ftp.openvms.compaq.com/doc/83final/6526/6526pro_044.html Reject-Mail-From A list of wildcarded patterns that are matched against the sender address. If a match occurs, the MAIL FROM command is rejected and the link is disconnected. ------------------------------ Date: Tue, 12 Jun 2007 18:57:36 +0000 (UTC) From: helbig@astro.multiCLOTHESvax.de (Phillip Helbig---remove CLOTHES to reply) Subject: Re: SMTP.CONFIG: Reject-Mail-From: for part of an address? Message-ID: In article , sol gongola writes: > Phillip Helbig---remove CLOTHES to reply wrote: > > Will Reject-Mail-From: work with PART of an email address, or does it > > need a whole address? In other words, can one use this to reject mail > > from, for example, a certain (sub)domain or whatever? > > > > I have been using it with things like > *cool-offer*,*postmasterdirect*,*freelotto.com > > from http://ftp.openvms.compaq.com/doc/83final/6526/6526pro_044.html > > Reject-Mail-From > A list of wildcarded patterns that are matched against the sender address. If > a match occurs, the MAIL FROM command is rejected and the link is disconnected. Sounds like it can do what I want. Much spam has a sender which is one of the domains I host, and no legitimate mail ever comes from such an address (it would be sent locally within the cluster via VMSMAIL). So, I could reject mail from my own domains etc since that must be spam. (Since I've been using zen.spamhaus.org as an RBL, much spam has gone away, but there is still some left.) ------------------------------ Date: Tue, 12 Jun 2007 15:03:23 -0400 From: JF Mezei Subject: Re: SMTP.CONFIG: Reject-Mail-From: for part of an address? Message-ID: <2e02b$466eee03$cef8887a$12446@TEKSAVVY.COM> Phillip Helbig---remove CLOTHES to reply wrote: > (Since I've been using zen.spamhaus.org as an RBL, much spam has gone > away, but there is still some left.) I don't think you can safely eliminate all spam without start to get some serious legitimate emails also bounced. ------------------------------ Date: Tue, 12 Jun 2007 20:55:29 +0000 (UTC) From: helbig@astro.multiCLOTHESvax.de (Phillip Helbig---remove CLOTHES to reply) Subject: Re: SMTP.CONFIG: Reject-Mail-From: for part of an address? Message-ID: In article <2e02b$466eee03$cef8887a$12446@TEKSAVVY.COM>, JF Mezei writes: > Phillip Helbig---remove CLOTHES to reply wrote: > > (Since I've been using zen.spamhaus.org as an RBL, much spam has gone > > away, but there is still some left.) > > I don't think you can safely eliminate all spam without start to get > some serious legitimate emails also bounced. No, not all of it, but a large fraction. I hesitated on the RBLs for a long time since I very occasionally got legitimate email from people sending directly from a "dial-up" IP address. Technically, there is nothing wrong with this, but the fact that most people in the world don't know any better than to run Windows which can be hijacked by script kiddies and spammers to send spam and do other unnecessary and nasty stuff means that in practice one needs to block email from such senders. In the end, I figured that if this person normally sends email from such an address, then most of it probably isn't arriving, and that I am doing more good by blocking it and providing an understandable error message than by doing nothing and leaving the situation as it is. My cluster receives email for various domains, none of which are relayed or forwarded elsewhere. There is no reason at all for mail to my cluster to appear to be from one of those domains, so I might as well block it all. I'm not doing any content-based blocking at all. ------------------------------ Date: Wed, 13 Jun 2007 00:06:20 +0000 (UTC) From: david20@alpha2.mdx.ac.uk Subject: Re: SMTP.CONFIG: Reject-Mail-From: for part of an address? Message-ID: In article , helbig@astro.multiCLOTHESvax.de (Phillip Helbig---remove CLOTHES to reply) writes: >In article , sol gongola >writes: > >> Phillip Helbig---remove CLOTHES to reply wrote: >> > Will Reject-Mail-From: work with PART of an email address, or does it >> > need a whole address? In other words, can one use this to reject mail >> > from, for example, a certain (sub)domain or whatever? >> > >> >> I have been using it with things like >> *cool-offer*,*postmasterdirect*,*freelotto.com >> >> from http://ftp.openvms.compaq.com/doc/83final/6526/6526pro_044.html >> >> Reject-Mail-From >> A list of wildcarded patterns that are matched against the sender address. If >> a match occurs, the MAIL FROM command is rejected and the link is disconnected. > >Sounds like it can do what I want. Much spam has a sender which is one >of the domains I host, and no legitimate mail ever comes from such an >address (it would be sent locally within the cluster via VMSMAIL). Are you 100% sure ? Are you sure you don't have any users of those domains who might send via an ISP but set the From address to the address in your domain so that replies are sent to their account on your domain ? If they also send a copy of the message they are sending to their account in your domain it will appear to come from outside with an address in your domain. (And of course this will also happen if they send to someone else in your domain). Also there are some mailing lists which instead of sending mail from the list with the from address set as the listname set the from address to that of the person who sent the mail message. If one of your users is a member of such a list and sends a mail message to the list then the copy of the mail message sent back to them will also appear to come from outside but be from their address in your domain. David Webb Security team leader CCSS Middlesex University >So, >I could reject mail from my own domains etc since that must be spam. >(Since I've been using zen.spamhaus.org as an RBL, much spam has gone >away, but there is still some left.) > ------------------------------ Date: 13 Jun 2007 01:38:38 GMT From: bill@cs.uofs.edu (Bill Gunshannon) Subject: Re: SMTP.CONFIG: Reject-Mail-From: for part of an address? Message-ID: <5d904tF342tfpU1@mid.individual.net> In article , david20@alpha2.mdx.ac.uk writes: > > Are you 100% sure ? > > Are you sure you don't have any users of those domains who might send via an > ISP but set the From address to the address in your domain so that replies are > sent to their account on your domain ? Users should not be playing with the From: address. That is what the Reply-To: address is for. Our MTA normalizes all From: addresses so this would not work anyway. bill -- Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves bill@cs.scranton.edu | and a sheep voting on what's for dinner. University of Scranton | Scranton, Pennsylvania | #include ------------------------------ Date: Wed, 13 Jun 2007 12:39:54 +0000 (UTC) From: david20@alpha2.mdx.ac.uk Subject: Re: SMTP.CONFIG: Reject-Mail-From: for part of an address? Message-ID: In article <5d904tF342tfpU1@mid.individual.net>, bill@cs.uofs.edu (Bill Gunshannon) writes: >In article , > david20@alpha2.mdx.ac.uk writes: >> >> Are you 100% sure ? >> >> Are you sure you don't have any users of those domains who might send via an >> ISP but set the From address to the address in your domain so that replies are >> sent to their account on your domain ? > >Users should not be playing with the From: address. That is what the >Reply-To: address is for. Users setting up mail clients on their PCs will setup the email address which will set the FROM address. Most have no knowledge of what a reply-to address is yet alone how to set it. The situation I described above has been a defacto standard way for users to setup their mail clients and send via their home ISP whilst getting replies sent to their work address. Of course nowadays it breaks with SPF since the user is forging their From address to be in one of your domains. >Our MTA normalizes all From: addresses so >this would not work anyway. In general your MTA would not see most such mail since it would be sent via another ISP. Your MTA would only see it when they send such mail either to their account on your system or to another user on your system. If you setup smtp auth on your mailhub and have ALL your users send via your MTA then you won't have the problem (you need the smtp auth to allow authenticated users to send to outside systems through your MTA but to stop non-authenticated users from relaying). The thing is you need to aware of these possibilities before just implementing rejection of all external mail which has a From address of your internal domains. (or before publishing strict SPF records). David Webb Security team leader CCSS Middlesex University > >bill > >-- >Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves >bill@cs.scranton.edu | and a sheep voting on what's for dinner. >University of Scranton | >Scranton, Pennsylvania | #include ------------------------------ Date: 13 Jun 2007 13:17:20 GMT From: bill@cs.uofs.edu (Bill Gunshannon) Subject: Re: SMTP.CONFIG: Reject-Mail-From: for part of an address? Message-ID: <5da930F33e0ebU1@mid.individual.net> In article , david20@alpha2.mdx.ac.uk writes: > In article <5d904tF342tfpU1@mid.individual.net>, bill@cs.uofs.edu (Bill Gunshannon) writes: >>In article , >> david20@alpha2.mdx.ac.uk writes: >>> >>> Are you 100% sure ? >>> >>> Are you sure you don't have any users of those domains who might send via an >>> ISP but set the From address to the address in your domain so that replies are >>> sent to their account on your domain ? >> >>Users should not be playing with the From: address. That is what the >>Reply-To: address is for. > > Users setting up mail clients on their PCs will setup the email address which > will set the FROM address. Most have no knowledge of what a reply-to address is > yet alone how to set it. Yet another reason why mail should not be accepted from PC's. All our mail, PC or otherwise has to go thru the departments MTA and it WILL change the From: address to the only one acceptable from here. I don't use the Email service with my DSL service but I am pretty sure that it will refuse to handle any message where the From: address is not inlude your valid Verizon Email address. > The situation I described above has been a defacto standard way for users to > setup their mail clients and send via their home ISP whilst getting replies > sent to their work address. Of course nowadays it breaks with SPF since the > user is forging their From address to be in one of your domains. And probably violates the RFC's although I haven't read it lately and it is possible that changed. > >>Our MTA normalizes all From: addresses so >>this would not work anyway. > > In general your MTA would not see most such mail since it would be sent via > another ISP. I meant for outgoing email and meant to point out that the ISP should be doing the same. But then, if they don't block outgoing port 25 traffic from anyone other than their MTA the point becomes moot. > Your MTA would only see it when they send such mail either to > their account on your system or to another user on your system. Not being authoritative, I don't touch incoming email, but I am the authority for all outgoing email. That's why all emails from here go out as user@cs.uofs.edu and not user@some.random.machine.name. Just think. If organizations blocked port 25 for all but their MTA and their MTA properly handled email headers it would become virtually impossible to forge email and spam would be much easier to deal with. All you would have to do is refuse email from any site that didn't play by the rules. Like that's ever likely to happen!! > > If you setup smtp auth on your mailhub and have ALL your users send via your > MTA then you won't have the problem (you need the smtp auth to allow > authenticated users to send to outside systems through your MTA but to stop > non-authenticated users from relaying). smtp auth is not really a requirement. Joe rando user can't get on my network. All users need to be authenticated to use any resource on my network so anyone on the inside is de facto "authorized". There are no open AP's and no open wall jacks. And un-plugging a system to plug your own machine in just disables the port. Port 25 is blocked for anyone other than my MTA at my firewall and then again at the University's firewall. My MTA will not relay for any machine that is not on the inside of my firewall with a valid (ie. issued by me) ip address. > > The thing is you need to aware of these possibilities before just implementing > rejection of all external mail which has a From address of your internal > domains. (or before publishing strict SPF records). If the email violates RFC's it should be rejected. And whent he user comes to complain you educate them and help them set up their system properly. You never bend the rules to allow for improper behavior. If more people did this a lot of the problems would go away and Email might even become more usable like it was 20 years ago. While the total number of emails I receive everyday has gone up by several hundred percent the number of real email messages has only gone up by 2-3 hundred percent. An eminently manageble number once all the garbage has been removed. That's why I have often suggested looking at bringing UUCP back for serious email traffic. While it seems a step back in technology, it more than makes up for it in social control which is the only way to solve a social problem. It owuld basicly set up a system where any email arriving via the UUCP path is automatically trusted and one can then much more aggressively filter email coming from other paths. With the INTERNET as the medium over which to run UUCP (as opposed to the phone lines the way it was int he old days) there would still be virtually no delay in the time an email traverses the system even if there were a dozen hops involved. bill -- Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves bill@cs.scranton.edu | and a sheep voting on what's for dinner. University of Scranton | Scranton, Pennsylvania | #include ------------------------------ Date: Wed, 13 Jun 2007 15:31:10 +0000 (UTC) From: david20@alpha2.mdx.ac.uk Subject: Re: SMTP.CONFIG: Reject-Mail-From: for part of an address? Message-ID: In article <5da930F33e0ebU1@mid.individual.net>, bill@cs.uofs.edu (Bill Gunshannon) writes: >In article , > david20@alpha2.mdx.ac.uk writes: >> In article <5d904tF342tfpU1@mid.individual.net>, bill@cs.uofs.edu (Bill Gunshannon) writes: >>>In article , >>> david20@alpha2.mdx.ac.uk writes: >>>> >>>> Are you 100% sure ? >>>> >>>> Are you sure you don't have any users of those domains who might send via an >>>> ISP but set the From address to the address in your domain so that replies are >>>> sent to their account on your domain ? >>> >>>Users should not be playing with the From: address. That is what the >>>Reply-To: address is for. >> >> Users setting up mail clients on their PCs will setup the email address which >> will set the FROM address. Most have no knowledge of what a reply-to address is >> yet alone how to set it. > >Yet another reason why mail should not be accepted from PC's. All our mail, >PC or otherwise has to go thru the departments MTA and it WILL change the >From: address to the only one acceptable from here. I don't use the Email >service with my DSL service but I am pretty sure that it will refuse to >handle any message where the From: address is not inlude your valid Verizon >Email address. > >> The situation I described above has been a defacto standard way for users to >> setup their mail clients and send via their home ISP whilst getting replies >> sent to their work address. Of course nowadays it breaks with SPF since the >> user is forging their From address to be in one of your domains. > >And probably violates the RFC's although I haven't read it lately and it >is possible that changed. > > >> >>>Our MTA normalizes all From: addresses so >>>this would not work anyway. >> >> In general your MTA would not see most such mail since it would be sent via >> another ISP. > >I meant for outgoing email and meant to point out that the ISP should >be doing the same. But then, if they don't block outgoing port 25 >traffic from anyone other than their MTA the point becomes moot. > >> Your MTA would only see it when they send such mail either to >> their account on your system or to another user on your system. > >Not being authoritative, I don't touch incoming email, but I am the >authority for all outgoing email. That's why all emails from here go >out as user@cs.uofs.edu and not user@some.random.machine.name. > >Just think. If organizations blocked port 25 for all but their MTA and >their MTA properly handled email headers it would become virtually >impossible to forge email and spam would be much easier to deal with. >All you would have to do is refuse email from any site that didn't play >by the rules. Like that's ever likely to happen!! > >> >> If you setup smtp auth on your mailhub and have ALL your users send via your >> MTA then you won't have the problem (you need the smtp auth to allow >> authenticated users to send to outside systems through your MTA but to stop >> non-authenticated users from relaying). > >smtp auth is not really a requirement. Joe rando user can't get on my >network. All users need to be authenticated to use any resource on my >network so anyone on the inside is de facto "authorized". There are >no open AP's and no open wall jacks. And un-plugging a system to plug >your own machine in just disables the port. Port 25 is blocked for >anyone other than my MTA at my firewall and then again at the University's >firewall. My MTA will not relay for any machine that is not on the >inside of my firewall with a valid (ie. issued by me) ip address. > I'm talking about people from outside sending mail with a FROM address set to your domainname. Most ISPs don't block direct sending of mail out through port 25 - a few do nowadays but most still don't. Very Very few ISPs if any restrict the FROM address of mail being sent out to coming from their own domain. Hence most users can forge the FROM address on mail they send out via their ISP to be whatever they wish. I assume you do receive mail messages on your systems. If you want to not allow such forging but allow your users to send mail from outside your organisation then you need to look at setting up SPF and only allowing them to send through your MTA from outside using smtp-auth. (Blocking external mail coming into your system with a FROM address of one of your internal domains is a poor mans SPF - ie It's equivalent to an SPF check just being done from your MTA with noone else on the internet checking. You face exactly the same problems with external sites forwarding, mailing lists etc that SPF faces.) >> >> The thing is you need to aware of these possibilities before just implementing >> rejection of all external mail which has a From address of your internal >> domains. (or before publishing strict SPF records). > >If the email violates RFC's it should be rejected. None of this violates any RFCs. >And whent he user >comes to complain you educate them and help them set up their system >properly. You never bend the rules to allow for improper behavior. >If more people did this a lot of the problems would go away and Email >might even become more usable like it was 20 years ago. While the total >number of emails I receive everyday has gone up by several hundred >percent the number of real email messages has only gone up by 2-3 >hundred percent. An eminently manageble number once all the garbage >has been removed. That's why I have often suggested looking at bringing >UUCP back for serious email traffic. While it seems a step back in >technology, it more than makes up for it in social control which is >the only way to solve a social problem. It owuld basicly set up a >system where any email arriving via the UUCP path is automatically trusted >and one can then much more aggressively filter email coming from other >paths. With the INTERNET as the medium over which to run UUCP (as >opposed to the phone lines the way it was int he old days) there would >still be virtually no delay in the time an email traverses the system >even if there were a dozen hops involved. > I think we had that conversation about a year ago and the flaws of that approach were well aired then. David Webb Security team leader CCSS Middlesex University >bill > >-- >Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves >bill@cs.scranton.edu | and a sheep voting on what's for dinner. >University of Scranton | >Scranton, Pennsylvania | #include ------------------------------ Date: 13 Jun 2007 16:15:23 GMT From: bill@triangle.cs.uofs.edu (Bill Gunshannon) Subject: Re: SMTP.CONFIG: Reject-Mail-From: for part of an address? Message-ID: <5dajgrF33r3kgU1@mid.individual.net> In article , david20@alpha2.mdx.ac.uk writes: > In article <5da930F33e0ebU1@mid.individual.net>, bill@cs.uofs.edu (Bill Gunshannon) writes: >>In article , >> david20@alpha2.mdx.ac.uk writes: >>> In article <5d904tF342tfpU1@mid.individual.net>, bill@cs.uofs.edu (Bill Gunshannon) writes: >>>>In article , >>>> david20@alpha2.mdx.ac.uk writes: >>>>> >>>>> Are you 100% sure ? >>>>> >>>>> Are you sure you don't have any users of those domains who might send via an >>>>> ISP but set the From address to the address in your domain so that replies are >>>>> sent to their account on your domain ? >>>> >>>>Users should not be playing with the From: address. That is what the >>>>Reply-To: address is for. >>> >>> Users setting up mail clients on their PCs will setup the email address which >>> will set the FROM address. Most have no knowledge of what a reply-to address is >>> yet alone how to set it. >> >>Yet another reason why mail should not be accepted from PC's. All our mail, >>PC or otherwise has to go thru the departments MTA and it WILL change the >>From: address to the only one acceptable from here. I don't use the Email >>service with my DSL service but I am pretty sure that it will refuse to >>handle any message where the From: address is not inlude your valid Verizon >>Email address. >> >>> The situation I described above has been a defacto standard way for users to >>> setup their mail clients and send via their home ISP whilst getting replies >>> sent to their work address. Of course nowadays it breaks with SPF since the >>> user is forging their From address to be in one of your domains. >> >>And probably violates the RFC's although I haven't read it lately and it >>is possible that changed. >> >> >>> >>>>Our MTA normalizes all From: addresses so >>>>this would not work anyway. >>> >>> In general your MTA would not see most such mail since it would be sent via >>> another ISP. >> >>I meant for outgoing email and meant to point out that the ISP should >>be doing the same. But then, if they don't block outgoing port 25 >>traffic from anyone other than their MTA the point becomes moot. >> >>> Your MTA would only see it when they send such mail either to >>> their account on your system or to another user on your system. >> >>Not being authoritative, I don't touch incoming email, but I am the >>authority for all outgoing email. That's why all emails from here go >>out as user@cs.uofs.edu and not user@some.random.machine.name. >> >>Just think. If organizations blocked port 25 for all but their MTA and >>their MTA properly handled email headers it would become virtually >>impossible to forge email and spam would be much easier to deal with. >>All you would have to do is refuse email from any site that didn't play >>by the rules. Like that's ever likely to happen!! >> >>> >>> If you setup smtp auth on your mailhub and have ALL your users send via your >>> MTA then you won't have the problem (you need the smtp auth to allow >>> authenticated users to send to outside systems through your MTA but to stop >>> non-authenticated users from relaying). >> >>smtp auth is not really a requirement. Joe rando user can't get on my >>network. All users need to be authenticated to use any resource on my >>network so anyone on the inside is de facto "authorized". There are >>no open AP's and no open wall jacks. And un-plugging a system to plug >>your own machine in just disables the port. Port 25 is blocked for >>anyone other than my MTA at my firewall and then again at the University's >>firewall. My MTA will not relay for any machine that is not on the >>inside of my firewall with a valid (ie. issued by me) ip address. >> > I'm talking about people from outside sending mail with a FROM address > set to your domainname. Most ISPs don't block direct sending of mail out > through port 25 - a few do nowadays but most still don't. > Very Very few ISPs if any restrict the FROM address of mail being sent out to > coming from their own domain. > Hence most users can forge the FROM address on mail they send out via their ISP > to be whatever they wish. Which is what I said was the biggest problem with email today. I can't control what people outside my network do. Email coming in from outside is taken in anad handled regardles of the From: address. What else could you do? > > I assume you do receive mail messages on your systems. Thousands and thousands every day!! > > If you want to not allow such forging but allow your users to send mail from > outside your organisation then you need to look at setting up SPF and only > allowing them to send through your MTA from outside using smtp-auth. If they are outside my organization they are not my problem and they can't send mail though my MTA. Period. If they are connected to the INTERNET then they should be sending their email through whoever is providing that connection. I used to allow exceptions for specific IP addresses (primarily for a couple of faculty members) but stopped doing it for security reasons several years ago. Yes, some academic sites care about security, too. :-) > > (Blocking external mail coming into your system with a FROM address of one of > your internal domains is a poor mans SPF - ie It's equivalent to an SPF check > just being done from your MTA with noone else on the internet checking. > You face exactly the same problems with external sites forwarding, mailing > lists etc that SPF faces.) I don't block any incoming email based on any header information as not being in control of the outside source I can not assume the headers have any validity at all so there is no basis to trust they are logically filterable. Thus the reason why I keep suggesting that we ned to go back to an email network where you can actually trust your mail peers. In the meantime, we muddle along as best we can anjd live with the SPAM and forged emails. But, I do everything I can to ensure that neither come from any system under my control. >>> >>> The thing is you need to aware of these possibilities before just implementing >>> rejection of all external mail which has a From address of your internal >>> domains. (or before publishing strict SPF records). >> >>If the email violates RFC's it should be rejected. > > None of this violates any RFCs. > > >>And whent he user >>comes to complain you educate them and help them set up their system >>properly. You never bend the rules to allow for improper behavior. >>If more people did this a lot of the problems would go away and Email >>might even become more usable like it was 20 years ago. While the total >>number of emails I receive everyday has gone up by several hundred >>percent the number of real email messages has only gone up by 2-3 >>hundred percent. An eminently manageble number once all the garbage >>has been removed. That's why I have often suggested looking at bringing >>UUCP back for serious email traffic. While it seems a step back in >>technology, it more than makes up for it in social control which is >>the only way to solve a social problem. It owuld basicly set up a >>system where any email arriving via the UUCP path is automatically trusted >>and one can then much more aggressively filter email coming from other >>paths. With the INTERNET as the medium over which to run UUCP (as >>opposed to the phone lines the way it was int he old days) there would >>still be virtually no delay in the time an email traverses the system >>even if there were a dozen hops involved. >> > > I think we had that conversation about a year ago and the flaws of that > approach were well aired then. Well, I don't remember any flaw that was not based on a mis-understanding of the proposed system but if you want to re-hash it I would be willing to do it via email as I am sure no one here even cares. I welcome the criticism because I think something is goingot have to be done or email may become totally useful for real work. And, as I have said repeatedly, you can't solve a social problem with technology. You have to go back to a social solution. This has proven true repeatedly in just about every field of endeavor, not just the IT world. bill -- Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves bill@cs.scranton.edu | and a sheep voting on what's for dinner. University of Scranton | Scranton, Pennsylvania | #include ------------------------------ Date: 13 Jun 2007 16:34:57 GMT From: bill@cs.uofs.edu (Bill Gunshannon) Subject: Re: SMTP.CONFIG: Reject-Mail-From: for part of an address? Message-ID: <5daklhF33r3kgU2@mid.individual.net> In article <5dajgrF33r3kgU1@mid.individual.net>, bill@cs.uofs.edu (Bill Gunshannon) writes: > In article , > david20@alpha2.mdx.ac.uk writes: >> In article <5da930F33e0ebU1@mid.individual.net>, bill@cs.uofs.edu (Bill Gunshannon) writes: >>>In article , >>> david20@alpha2.mdx.ac.uk writes: >>>> In article <5d904tF342tfpU1@mid.individual.net>, bill@cs.uofs.edu (Bill Gunshannon) writes: >>>>>In article , >>>>> david20@alpha2.mdx.ac.uk writes: >>>>>> >>>>>> Are you 100% sure ? >>>>>> >>>>>> Are you sure you don't have any users of those domains who might send via an >>>>>> ISP but set the From address to the address in your domain so that replies are >>>>>> sent to their account on your domain ? >>>>> >>>>>Users should not be playing with the From: address. That is what the >>>>>Reply-To: address is for. >>>> >>>> Users setting up mail clients on their PCs will setup the email address which >>>> will set the FROM address. Most have no knowledge of what a reply-to address is >>>> yet alone how to set it. >>> >>>Yet another reason why mail should not be accepted from PC's. All our mail, >>>PC or otherwise has to go thru the departments MTA and it WILL change the >>>From: address to the only one acceptable from here. I don't use the Email >>>service with my DSL service but I am pretty sure that it will refuse to >>>handle any message where the From: address is not inlude your valid Verizon >>>Email address. >>> >>>> The situation I described above has been a defacto standard way for users to >>>> setup their mail clients and send via their home ISP whilst getting replies >>>> sent to their work address. Of course nowadays it breaks with SPF since the >>>> user is forging their From address to be in one of your domains. >>> >>>And probably violates the RFC's although I haven't read it lately and it >>>is possible that changed. >>> >>> >>>> >>>>>Our MTA normalizes all From: addresses so >>>>>this would not work anyway. >>>> >>>> In general your MTA would not see most such mail since it would be sent via >>>> another ISP. >>> >>>I meant for outgoing email and meant to point out that the ISP should >>>be doing the same. But then, if they don't block outgoing port 25 >>>traffic from anyone other than their MTA the point becomes moot. >>> >>>> Your MTA would only see it when they send such mail either to >>>> their account on your system or to another user on your system. >>> >>>Not being authoritative, I don't touch incoming email, but I am the >>>authority for all outgoing email. That's why all emails from here go >>>out as user@cs.uofs.edu and not user@some.random.machine.name. >>> >>>Just think. If organizations blocked port 25 for all but their MTA and >>>their MTA properly handled email headers it would become virtually >>>impossible to forge email and spam would be much easier to deal with. >>>All you would have to do is refuse email from any site that didn't play >>>by the rules. Like that's ever likely to happen!! >>> >>>> >>>> If you setup smtp auth on your mailhub and have ALL your users send via your >>>> MTA then you won't have the problem (you need the smtp auth to allow >>>> authenticated users to send to outside systems through your MTA but to stop >>>> non-authenticated users from relaying). >>> >>>smtp auth is not really a requirement. Joe rando user can't get on my >>>network. All users need to be authenticated to use any resource on my >>>network so anyone on the inside is de facto "authorized". There are >>>no open AP's and no open wall jacks. And un-plugging a system to plug >>>your own machine in just disables the port. Port 25 is blocked for >>>anyone other than my MTA at my firewall and then again at the University's >>>firewall. My MTA will not relay for any machine that is not on the >>>inside of my firewall with a valid (ie. issued by me) ip address. >>> >> I'm talking about people from outside sending mail with a FROM address >> set to your domainname. Most ISPs don't block direct sending of mail out >> through port 25 - a few do nowadays but most still don't. >> Very Very few ISPs if any restrict the FROM address of mail being sent out to >> coming from their own domain. >> Hence most users can forge the FROM address on mail they send out via their ISP >> to be whatever they wish. > > Which is what I said was the biggest problem with email today. I can't > control what people outside my network do. Email coming in from outside > is taken in anad handled regardles of the From: address. What else could > you do? > >> >> I assume you do receive mail messages on your systems. > > Thousands and thousands every day!! > >> >> If you want to not allow such forging but allow your users to send mail from >> outside your organisation then you need to look at setting up SPF and only >> allowing them to send through your MTA from outside using smtp-auth. > > If they are outside my organization they are not my problem and they can't > send mail though my MTA. Period. If they are connected to the INTERNET > then they should be sending their email through whoever is providing that > connection. I used to allow exceptions for specific IP addresses (primarily > for a couple of faculty members) but stopped doing it for security reasons > several years ago. Yes, some academic sites care about security, too. :-) > >> >> (Blocking external mail coming into your system with a FROM address of one of >> your internal domains is a poor mans SPF - ie It's equivalent to an SPF check >> just being done from your MTA with noone else on the internet checking. >> You face exactly the same problems with external sites forwarding, mailing >> lists etc that SPF faces.) > > I don't block any incoming email based on any header information as not > being in control of the outside source I can not assume the headers have > any validity at all so there is no basis to trust they are logically > filterable. Thus the reason why I keep suggesting that we ned to go > back to an email network where you can actually trust your mail peers. > In the meantime, we muddle along as best we can anjd live with the SPAM > and forged emails. But, I do everything I can to ensure that neither > come from any system under my control. > >>>> >>>> The thing is you need to aware of these possibilities before just implementing >>>> rejection of all external mail which has a From address of your internal >>>> domains. (or before publishing strict SPF records). >>> >>>If the email violates RFC's it should be rejected. >> >> None of this violates any RFCs. >> >> >>>And whent he user >>>comes to complain you educate them and help them set up their system >>>properly. You never bend the rules to allow for improper behavior. >>>If more people did this a lot of the problems would go away and Email >>>might even become more usable like it was 20 years ago. While the total >>>number of emails I receive everyday has gone up by several hundred >>>percent the number of real email messages has only gone up by 2-3 >>>hundred percent. An eminently manageble number once all the garbage >>>has been removed. That's why I have often suggested looking at bringing >>>UUCP back for serious email traffic. While it seems a step back in >>>technology, it more than makes up for it in social control which is >>>the only way to solve a social problem. It owuld basicly set up a >>>system where any email arriving via the UUCP path is automatically trusted >>>and one can then much more aggressively filter email coming from other >>>paths. With the INTERNET as the medium over which to run UUCP (as >>>opposed to the phone lines the way it was int he old days) there would >>>still be virtually no delay in the time an email traverses the system >>>even if there were a dozen hops involved. >>> >> >> I think we had that conversation about a year ago and the flaws of that >> approach were well aired then. > > Well, I don't remember any flaw that was not based on a mis-understanding > of the proposed system but if you want to re-hash it I would be willing > to do it via email as I am sure no one here even cares. I welcome the > criticism because I think something is goingot have to be done or email > may become totally useful for real work. And, as I have said repeatedly, ^^^^^^^ This should obvliously be "useless" > you can't solve a social problem with technology. You have to go back to > a social solution. This has proven true repeatedly in just about every > field of endeavor, not just the IT world. > > bill > -- Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves bill@cs.scranton.edu | and a sheep voting on what's for dinner. University of Scranton | Scranton, Pennsylvania | #include ------------------------------ Date: 12 Jun 2007 07:32:52 -0500 From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) Subject: Re: Story Time Message-ID: In article <466a1e4c$0$90262$14726298@news.sunsite.dk>, =?windows-1252?Q?Arne_Vajh=F8j?= writes: > > You are probably thinking about WANK (Worms Against Nuclear Killers) > and the rather relaxed attitude to DECnet accounts before 5.something. Although I remember WANK, I'm thinking of swome thngs earlier and more serious. ------------------------------ Date: 12 Jun 2007 07:35:24 -0500 From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) Subject: Re: Story Time Message-ID: In article <00A68DE7.2038ADBB@SendSpamHere.ORG>, VAXman- @SendSpamHere.ORG writes: > > There are also a lot of people that do not! I have many machines surrounding > me at my desk. I'm proud to state that not a single one of them is a PeeCee! > (ie. no Weendoze) You are one of the lucky few who don't answer to a boss who insists on buying WIntel applications and a customer who provides access via the same type of things. The rest of us have to get by on doing as little with Windows as possible. ------------------------------ Date: 12 Jun 2007 08:06:57 -0500 From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) Subject: Re: Story Time Message-ID: In article , =?ISO-8859-1?Q?Jan-Erik_S=F6derholm?= writes: > > Which seems nothing but dumb to me. > There is clearly a lot of things (in particular > on the "desktop") where a Windows PC is a far > better choise the any VMS box. In the same way > that there are *other* areas where a VMS box > is better then a PC, of course. But what the > heck have *proud* whis this to do ? I've only found two things Windows can even think it's doing better than VMS: 1) run malware of all types 2) run applications from vendors who refuse to support anything which fails at 1 ------------------------------ Date: 12 Jun 2007 08:09:00 -0500 From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) Subject: Re: Story Time Message-ID: In article , =?ISO-8859-1?Q?Jan-Erik_S=F6derholm?= writes: > > Of course, but nothing to be particular proud about, is it ? > One have to be quite a bit more unique for that, IMHO. If I could get the work I like to do and get back to a no-Windows environment, I'd be proud of it. Avoiding junk is justification for pride. ] ------------------------------ Date: 12 Jun 2007 08:12:47 -0500 From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) Subject: Re: Story Time Message-ID: In article <466AFCD3.2070605@comcast.net>, "Richard B. Gilbert" writes: > > VMS is not too good with office applications like word processing, or > spreadsheets. AFAIK there's no Visio for VMS or any similar tool. VMS has had excellent office products and many of them will run on the latest versions. VMS just hasn't had an owner willing to support it. In the meantime, I find Digital Standard Runoff and Latex meet most of my word processing needs, except for the few places where I'm required to produce Word format document files. WYSIWYG tools from MS burn up too much of my time making random formating changes on thier own. ------------------------------ Date: 12 Jun 2007 08:13:55 -0500 From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) Subject: Re: Story Time Message-ID: In article <5d0mvjF31rbg8U2@mid.individual.net>, bill@cs.uofs.edu (Bill Gunshannon) writes: > > And how is a Mac running OS X any better than any other Unix desktop > solution? A Mac running OS X has the finest GUI in the industry. ------------------------------ Date: 12 Jun 2007 08:17:34 -0500 From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) Subject: Re: Story Time Message-ID: In article <466C1068.8060303@comcast.net>, "Richard B. Gilbert" writes: > > But. . . . The average moron can install and "configure" windows. And > use it. > As long as being configured as a virus execution platform is acceptable, that statement is true. ------------------------------ Date: 12 Jun 2007 08:21:42 -0500 From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) Subject: RE: Story Time Message-ID: In article , "Main, Kerry" writes: > > So, if you have your Help desk and junior level 1 staff supporting many > different platforms, would you not want them to have a point and click > environment vs giving them DCL or shell prompt access with elevated > priv's to do the things they need to do on all the platforms they > support? No. I would want them to learn what they need to know and use the OS' features to make sure they can do it without elevated privileges. Having a support staff that can't be trusted with DCL is like having an electrician who can't be trusted to run wire. ------------------------------ Date: 12 Jun 2007 08:24:25 -0500 From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) Subject: Re: Story Time Message-ID: In article <1181525558.697791.50910@d30g2000prg.googlegroups.com>, David B Sneddon writes: > Yes, we all know about clusters and application availability > but what about those systems that are not clustered? While application availability of 17 years was done via a cluster, a single VMS system did run for 14 years with no ECOs or reboots. ------------------------------ Date: 12 Jun 2007 13:37:06 GMT From: bill@cs.uofs.edu (Bill Gunshannon) Subject: Re: Story Time Message-ID: <5d7ls2F342pf9U3@mid.individual.net> In article , koehler@eisner.nospam.encompasserve.org (Bob Koehler) writes: > In article <5d0mvjF31rbg8U2@mid.individual.net>, bill@cs.uofs.edu (Bill Gunshannon) writes: >> >> And how is a Mac running OS X any better than any other Unix desktop >> solution? > > A Mac running OS X has the finest GUI in the industry. Now that's the funniest thing I have heard all week. Almost got coffee in my keyboard. And this in a group that advocates character cell terminals and interfaces!! bill -- Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves bill@cs.scranton.edu | and a sheep voting on what's for dinner. University of Scranton | Scranton, Pennsylvania | #include ------------------------------ Date: Tue, 12 Jun 2007 17:07:28 +0200 From: "P. Sture" Subject: Re: Story Time Message-ID: In article <5d7ls2F342pf9U3@mid.individual.net>, bill@cs.uofs.edu (Bill Gunshannon) wrote: > In article , > koehler@eisner.nospam.encompasserve.org (Bob Koehler) writes: > > In article <5d0mvjF31rbg8U2@mid.individual.net>, bill@cs.uofs.edu (Bill > > Gunshannon) writes: > >> > >> And how is a Mac running OS X any better than any other Unix desktop > >> solution? > > > > A Mac running OS X has the finest GUI in the industry. > > Now that's the funniest thing I have heard all week. Almost got > coffee in my keyboard. And this in a group that advocates character > cell terminals and interfaces!! > While I did have complaints that it wasn't as "intuitive" for a newcomer as advertised, it works well for me. OS X also provided _me_ with a means of picking up the *nix CLI stuff at my own pace. -- Paul Sture ------------------------------ Date: 12 Jun 2007 15:12:53 GMT From: bill@cs.uofs.edu (Bill Gunshannon) Subject: Re: Story Time Message-ID: <5d7rflF33q2kkU1@mid.individual.net> In article , "P. Sture" writes: > In article <5d7ls2F342pf9U3@mid.individual.net>, > bill@cs.uofs.edu (Bill Gunshannon) wrote: > >> In article , >> koehler@eisner.nospam.encompasserve.org (Bob Koehler) writes: >> > In article <5d0mvjF31rbg8U2@mid.individual.net>, bill@cs.uofs.edu (Bill >> > Gunshannon) writes: >> >> >> >> And how is a Mac running OS X any better than any other Unix desktop >> >> solution? >> > >> > A Mac running OS X has the finest GUI in the industry. >> >> Now that's the funniest thing I have heard all week. Almost got >> coffee in my keyboard. And this in a group that advocates character >> cell terminals and interfaces!! >> > > While I did have complaints that it wasn't as "intuitive" for a newcomer > as advertised, it works well for me. OS X also provided _me_ with a > means of picking up the *nix CLI stuff at my own pace. I have used lots of differetn Window Managers and I would never have put any of the Mac one's anywhere near the top. Just a matter of opinion, I guess. bill -- Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves bill@cs.scranton.edu | and a sheep voting on what's for dinner. University of Scranton | Scranton, Pennsylvania | #include ------------------------------ Date: Tue, 12 Jun 2007 10:46:37 -0500 From: Ron Johnson Subject: Re: Story Time Message-ID: On 06/12/07 08:13, Bob Koehler wrote: > In article <5d0mvjF31rbg8U2@mid.individual.net>, bill@cs.uofs.edu (Bill Gunshannon) writes: >> And how is a Mac running OS X any better than any other Unix desktop >> solution? > > A Mac running OS X has the finest GUI in the industry. No, Bill. FreeBSD has the finest GUI in the industry. -- Ron Johnson, Jr. Jefferson LA USA Give a man a fish, and he eats for a day. Hit him with a fish, and he goes away for good! ------------------------------ Date: Tue, 12 Jun 2007 13:15:06 -0500 From: Ron Johnson Subject: Re: Story Time Message-ID: On 06/12/07 10:12, Bill Gunshannon wrote: > In article , > "P. Sture" writes: >> In article <5d7ls2F342pf9U3@mid.individual.net>, >> bill@cs.uofs.edu (Bill Gunshannon) wrote: >> >>> In article , >>> koehler@eisner.nospam.encompasserve.org (Bob Koehler) writes: >>>> In article <5d0mvjF31rbg8U2@mid.individual.net>, bill@cs.uofs.edu (Bill >>>> Gunshannon) writes: >>>>> And how is a Mac running OS X any better than any other Unix desktop >>>>> solution? >>>> A Mac running OS X has the finest GUI in the industry. >>> >>> Now that's the funniest thing I have heard all week. Almost got >>> coffee in my keyboard. And this in a group that advocates character >>> cell terminals and interfaces!! >>> >> While I did have complaints that it wasn't as "intuitive" for a newcomer >> as advertised, it works well for me. OS X also provided _me_ with a >> means of picking up the *nix CLI stuff at my own pace. > > I have used lots of differetn Window Managers and I would never have > put any of the Mac one's anywhere near the top. Just a matter of > opinion, I guess. Probably because you're not used to it, or see any great benefit over FreeBSD's circa 1985 shell. It still makes you use bang paths, right? -- Ron Johnson, Jr. Jefferson LA USA Give a man a fish, and he eats for a day. Hit him with a fish, and he goes away for good! ------------------------------ Date: 12 Jun 2007 18:24:11 GMT From: bill@cs.uofs.edu (Bill Gunshannon) Subject: Re: Story Time Message-ID: <5d86mbF33o7bdU1@mid.individual.net> In article , Ron Johnson writes: > On 06/12/07 10:12, Bill Gunshannon wrote: >> In article , >> "P. Sture" writes: >>> In article <5d7ls2F342pf9U3@mid.individual.net>, >>> bill@cs.uofs.edu (Bill Gunshannon) wrote: >>> >>>> In article , >>>> koehler@eisner.nospam.encompasserve.org (Bob Koehler) writes: >>>>> In article <5d0mvjF31rbg8U2@mid.individual.net>, bill@cs.uofs.edu (Bill >>>>> Gunshannon) writes: >>>>>> And how is a Mac running OS X any better than any other Unix desktop >>>>>> solution? >>>>> A Mac running OS X has the finest GUI in the industry. >>>> >>>> Now that's the funniest thing I have heard all week. Almost got >>>> coffee in my keyboard. And this in a group that advocates character >>>> cell terminals and interfaces!! >>>> >>> While I did have complaints that it wasn't as "intuitive" for a newcomer >>> as advertised, it works well for me. OS X also provided _me_ with a >>> means of picking up the *nix CLI stuff at my own pace. >> >> I have used lots of differetn Window Managers and I would never have >> put any of the Mac one's anywhere near the top. Just a matter of >> opinion, I guess. > > Probably because you're not used to it, Give me a break. I have been using Macs since the very first one. I have used the Lisa, too. > or see any great benefit > over FreeBSD's circa 1985 shell. Shell != GUI. Or do you believe that Unix doesn't have GUI's, too. > > It still makes you use bang paths, right? Plonk. bill -- Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves bill@cs.scranton.edu | and a sheep voting on what's for dinner. University of Scranton | Scranton, Pennsylvania | #include ------------------------------ Date: Tue, 12 Jun 2007 14:22:33 -0500 From: Ron Johnson Subject: Re: Story Time Message-ID: <_nCbi.1322$a84.686@newsfe21.lga> On 06/12/07 13:24, Bill Gunshannon wrote: [snip] > > Give me a break. I have been using Macs since the very first one. I > have used the Lisa, too. > >> or see any great benefit >> over FreeBSD's circa 1985 shell. > > Shell != GUI. Or do you believe that Unix doesn't have GUI's, too. Real Programmers read Usenet with tin and write mail with cat and mailx. >> It still makes you use bang paths, right? > > Plonk. Jeez, aren't you touchy. Can't take a little ribbing? But since you plonked me, I guess you won't be reading this. -- Ron Johnson, Jr. Jefferson LA USA Give a man a fish, and he eats for a day. Hit him with a fish, and he goes away for good! ------------------------------ Date: 13 Jun 2007 12:17:00 GMT From: bill@cs.uofs.edu (Bill Gunshannon) Subject: Re: Story Time Message-ID: <5da5hsF33d71uU1@mid.individual.net> In article , John Santos writes: > Bill Gunshannon wrote: >> In article <1181566402.844859.269170@c77g2000hse.googlegroups.com>, >> AEF writes: >> >>>On Jun 11, 8:44 am, b...@cs.uofs.edu (Bill Gunshannon) wrote: >>> >>>>In article , >>>> "P. Sture" writes: >>>> >>>> >>>>>In article <5d32h7F33hn9...@mid.individual.net>, >>>>> b...@cs.uofs.edu (Bill Gunshannon) wrote: >>>> >>>>>>The hardware has been back to Mac at least three times in the year he >>>>>>has had it and I don't even know how many times the OS has been upgraded. >>>> >>>>>Sounds like it could be a Monday morning machine. >>>> >>>>Which somehow excuses it? >>> >>>Well, you could also interpret this to mean that this laptop is not >>>representative. I'm sure other companies suffer from such. >> >> >> The only other system we saw anywhere near this kind of a reliability >> problem with was the Toshiba Satellite. We dumped them. But Mac users >> seem much more willing to accept this behavior. God only knows why. >> > > I wouldn't accept this kind of behavior, but then again, my Powerbook > has never exhibited this kind of behavior so what would I know? > > (I do carry it in a padded bag, and I've only dropped it once (oops!), > but it kept on ticking...) His has not been from mis-handling, it was a battery (they made him return the whole thing for replacement) and it looks like the whole guts were changed out twice because the machine would randomly hang or reboot. Seems it would have been easier to just give him a new one, but they don't work that way. > >> >>>> >>>> >>>>>>Seems like he is always having to install something which frequently >>>>>>makes other things stop working. >>>> >>>>>That doesn't sound right. Is he prone to "playing around" with settings, >>>>>or trying out some "neat thing" he's seen on a web site? >>>> >>>>Of course he is. But again, the Mac seems much less tolerant of >>>>use than any other system we have around here. Mac may have had >>> >>>Less tolerant of use? Use? >>> >>>Tech repair person: OHHHHHHH! Using your laptop, eh??? >> >> >> Well, I merely meant that these are faculty members who "play" with their >> systems all the time. The Mac takes this behavior much less tolerantly >> than the IBM Thinkpads or Lenovo or even Gateway laptops running XP, >> Linux or BSD. >> > > Play? What do you mean? Mess around with the hardware, or the software, or > hook it up to "funny" devices or what? Just installing all kinds of whiz bang applications he thinks might be usefull for teaching. Doesn't appear to take much to trash the OS. Now, granted, it would not be a good thing for a Windows box either, but this is a user device and if it can't stand up to the kind of use you can expect from auser who is going to be swayed by hype and have little if any admin experience, well........ > >> >>>>something back in the days when they actually had their own OS. >>>>I wasn't overly impressed with it even then (I do have about a >>>>half-dozen M68K Macs I play around with when I am killing time >>>>and a a whole stack of the Developers CD's) but now it's just a >>>>bad Unix implementation. >>> >>>So how would you rank it compared to Windows? >> >> >> HArder to work with. Harder to integrate into our overall infrastructure. >> Less reliable. More work to admin. I would never want one. >> > > Huh? My experience is it is much easier to admin and much more reliable > than any PC I've ever used. Many tasks that are trivial on either Windows or real Unix are well hidden on the Mac. And if his is an example, reliability is not its strong suit. > >> >>>>"Those who do not understand UNIX are condemned to reinvent it -- badly." >>>> -Henry Spencer >>> >>>Amusing. >> >> >> But very old and very true as evidenced by some of todays options. >> >> >>>>Actually, I had never really thought about before but this quote applies >>>>equally well to Linux. > > IIRC, Mac OS X is based on BSD, not Linux Didn't say it was. It is, however, an example of someone re-implementing Unix, badly. (IMHO) And, as an afterthought I realized that Henry's quote applies equally well to Linux considering how muc before its advent he actually said it. Brings up another good quote that seems to apply equally well to our industry lately: "Those who do not learn from histopry are doomed to repeat it." -- George Santayana bill -- Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves bill@cs.scranton.edu | and a sheep voting on what's for dinner. University of Scranton | Scranton, Pennsylvania | #include ------------------------------ Date: 13 Jun 2007 08:21:55 -0500 From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) Subject: Re: Story Time Message-ID: In article <5d7ls2F342pf9U3@mid.individual.net>, bill@cs.uofs.edu (Bill Gunshannon) writes: > In article , > koehler@eisner.nospam.encompasserve.org (Bob Koehler) writes: >> In article <5d0mvjF31rbg8U2@mid.individual.net>, bill@cs.uofs.edu (Bill Gunshannon) writes: >>> >>> And how is a Mac running OS X any better than any other Unix desktop >>> solution? >> >> A Mac running OS X has the finest GUI in the industry. > > Now that's the funniest thing I have heard all week. Almost got > coffee in my keyboard. And this in a group that advocates character > cell terminals and interfaces!! I don't think I've ever advocated either of them, but I do use cygwyn's bash shell window to get around a lot of what Windows won't do. Which simpy verifies my belief that Windows is even worse than UNIX. ------------------------------ Date: 13 Jun 2007 08:24:10 -0500 From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) Subject: Re: Story Time Message-ID: In article <5d7rflF33q2kkU1@mid.individual.net>, bill@cs.uofs.edu (Bill Gunshannon) writes: > > I have used lots of differetn Window Managers and I would never have > put any of the Mac one's anywhere near the top. Just a matter of > opinion, I guess. A window manager does not a GUI make. But my sin runs just about whatever window manager he wants on his Mac. Fairly easy to port most of them (one of UNIX' few strong points). ------------------------------ Date: 13 Jun 2007 13:39:25 GMT From: bill@cs.uofs.edu (Bill Gunshannon) Subject: Re: Story Time Message-ID: <5daacdF33nvr1U1@mid.individual.net> In article , koehler@eisner.nospam.encompasserve.org (Bob Koehler) writes: > In article <5d7rflF33q2kkU1@mid.individual.net>, bill@cs.uofs.edu (Bill Gunshannon) writes: >> >> I have used lots of differetn Window Managers and I would never have >> put any of the Mac one's anywhere near the top. Just a matter of >> opinion, I guess. > > A window manager does not a GUI make. OK, beyond a unique look & feel, what exactly does the Mac proprietary GUI offer that is not in all the other Window managers avaiable for Unix? > But my sin runs just about > whatever window manager he wants on his Mac. Fairly easy to port > most of them (one of UNIX' few strong points). True, of course, but beyond the one unique GUI what does a Mac have that isn't available cheaper and easier somewhere else? :-) After all, under the hood it's just Unix anymore. bill -- Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves bill@cs.scranton.edu | and a sheep voting on what's for dinner. University of Scranton | Scranton, Pennsylvania | #include ------------------------------ Date: Wed, 13 Jun 2007 10:30:48 -0500 From: Ron Johnson Subject: Re: Story Time Message-ID: On 06/13/07 08:39, Bill Gunshannon wrote: > In article , > koehler@eisner.nospam.encompasserve.org (Bob Koehler) writes: >> In article <5d7rflF33q2kkU1@mid.individual.net>, bill@cs.uofs.edu (Bill Gunshannon) writes: >>> I have used lots of differetn Window Managers and I would never have >>> put any of the Mac one's anywhere near the top. Just a matter of >>> opinion, I guess. >> A window manager does not a GUI make. > > OK, beyond a unique look & feel, what exactly does the Mac proprietary > GUI offer that is not in all the other Window managers avaiable for Unix? Integration and a single-user mentality. For example: OS X stores the wifi passcode in the main user's keychain. So, when s/he turns it on a logs in, the networking system knows where to look for the wifi passcode. This *can* be done on FreeBSD & Linux, but is a foreign concept to the developers and (most) users, since we see boot-up and login as two separate entities and may very well want wifi to be enabled before anyone logs in. >> But my sin runs just about >> whatever window manager he wants on his Mac. Fairly easy to port >> most of them (one of UNIX' few strong points). > > True, of course, but beyond the one unique GUI what does a Mac have > that isn't available cheaper and easier somewhere else? :-) After > all, under the hood it's just Unix anymore. You're absolutely correct. *However*, Apple thought long and hard about how to make Unix usable by the masses. GNOME is just a pale imitation. (But good enough for me.) -- Ron Johnson, Jr. Jefferson LA USA Give a man a fish, and he eats for a day. Hit him with a fish, and he goes away for good! ------------------------------ Date: Wed, 13 Jun 2007 01:32:35 -0400 From: JF Mezei Subject: SYSMAN IO SET EXCLUDE and satellites Message-ID: <9430f$466f8175$cef8887a$7113@TEKSAVVY.COM> I switched satellite and boot servers around today. BIKE was the boot node and had a working SYSMAN> IO SET EXCLUDE list. CHAIN was the satellite and its IO SET EXCLUDE list was ignored. I switched the setup with CHAIN now the boot node and BIKE the satellite and low and behold, CHAIN's exclude list now works, and BIKE doesn't. The system disk was copied over with backup/image, and both nodes are using the same root as before. ------------------------------ Date: Tue, 12 Jun 2007 12:34:34 +0100 From: Anton Shterenlikht Subject: VMS analogue of FBSD and linux hier(7) man pages Message-ID: <20070612113434.GA70321@mech-aslap33.men.bris.ac.uk> On FBSD and linux (at least) the hier(7) man pages give a brief overview of the filesystem, including all major system directories and their intended use. I refer to these quite often. Is there anything similar on VMS? thanks anton -- Anton Shterenlikht Room 2.6, Queen's Building Mech Eng Dept Bristol University University Walk, Bristol BS8 1TR, UK Tel: +44 (0)117 928 8233 Fax: +44 (0)117 929 4423 ------------------------------ Date: Tue, 12 Jun 2007 14:30:35 +0200 From: "P. Sture" Subject: Re: VMS analogue of FBSD and linux hier(7) man pages Message-ID: In article <20070612113434.GA70321@mech-aslap33.men.bris.ac.uk>, Anton Shterenlikht wrote: > On FBSD and linux (at least) the hier(7) man pages give a brief overview > of the filesystem, including all major system directories and their > intended use. I refer to these quite often. Is there anything similar on VMS? > > thanks > anton $ HELP Sys_Files This also tells you how to extract the appropriate help into a text file. -- Paul Sture ------------------------------ Date: 12 Jun 2007 13:25:34 GMT From: bill@cs.uofs.edu (Bill Gunshannon) Subject: Re: VMS analogue of FBSD and linux hier(7) man pages Message-ID: <5d7l6eF342pf9U1@mid.individual.net> In article <20070612113434.GA70321@mech-aslap33.men.bris.ac.uk>, Anton Shterenlikht writes: > On FBSD and linux (at least) the hier(7) man pages give a brief overview > of the filesystem, including all major system directories and their > intended use. I refer to these quite often. Is there anything similar on VMS? I am sure someone will correct me if I am wrong, :-) but I don't think the VMS filesystem would be considered "hierarchical" which would preclude such a listing. bill -- Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves bill@cs.scranton.edu | and a sheep voting on what's for dinner. University of Scranton | Scranton, Pennsylvania | #include ------------------------------ Date: Wed, 13 Jun 2007 03:05:19 GMT From: John Santos Subject: Re: VMS analogue of FBSD and linux hier(7) man pages Message-ID: Bill Gunshannon wrote: > In article <20070612113434.GA70321@mech-aslap33.men.bris.ac.uk>, > Anton Shterenlikht writes: > >>On FBSD and linux (at least) the hier(7) man pages give a brief overview >>of the filesystem, including all major system directories and their >>intended use. I refer to these quite often. Is there anything similar on VMS? > > > I am sure someone will correct me if I am wrong, :-) but I don't > think the VMS filesystem would be considered "hierarchical" which > would preclude such a listing. > Okay, will do :-) AFAIK, "hierarchical" in the context of file systems basically means you can nest directories. By this definition, VMS (ODS-2 and ODS-5) is most definitely hierarchical. Someone else already pointed to "help sys_files" > bill > -- John Santos Evans Griffiths & Hart, Inc. 781-861-0670 ext 539 ------------------------------ Date: 13 Jun 2007 12:24:55 GMT From: bill@cs.uofs.edu (Bill Gunshannon) Subject: Re: VMS analogue of FBSD and linux hier(7) man pages Message-ID: <5da60nF33d71uU2@mid.individual.net> In article , John Santos writes: > Bill Gunshannon wrote: >> In article <20070612113434.GA70321@mech-aslap33.men.bris.ac.uk>, >> Anton Shterenlikht writes: >> >>>On FBSD and linux (at least) the hier(7) man pages give a brief overview >>>of the filesystem, including all major system directories and their >>>intended use. I refer to these quite often. Is there anything similar on VMS? >> >> >> I am sure someone will correct me if I am wrong, :-) but I don't >> think the VMS filesystem would be considered "hierarchical" which >> would preclude such a listing. >> > > Okay, will do :-) AFAIK, "hierarchical" in the context of file systems > basically means you can nest directories. By this definition, VMS (ODS-2 > and ODS-5) is most definitely hierarchical. > > Someone else already pointed to "help sys_files" > Well, because I would really like to see someone with more experience address this let me clarify what I said above. I know you can nest directories in VMS, but is there any portion of this nesting that is common to all VMS systems or is it strictly user preference? While it would be possible to put Unix files anywhere, there is a hierarchy that is considered standard and upon which a number of assumptions have been made. Even if many of us think VMS is slowly dying, there is still much some of us would like to learn about it. :-) bill -- Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves bill@cs.scranton.edu | and a sheep voting on what's for dinner. University of Scranton | Scranton, Pennsylvania | #include ------------------------------ Date: 13 Jun 2007 09:05:59 -0500 From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) Subject: Re: VMS analogue of FBSD and linux hier(7) man pages Message-ID: In article <20070612113434.GA70321@mech-aslap33.men.bris.ac.uk>, Anton Shterenlikht writes: > On FBSD and linux (at least) the hier(7) man pages give a brief overview > of the filesystem, including all major system directories and their > intended use. I refer to these quite often. Is there anything similar on VMS? Yes. ------------------------------ Date: 13 Jun 2007 09:07:11 -0500 From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) Subject: Re: VMS analogue of FBSD and linux hier(7) man pages Message-ID: In article <5d7l6eF342pf9U1@mid.individual.net>, bill@cs.uofs.edu (Bill Gunshannon) writes: > > I am sure someone will correct me if I am wrong, :-) but I don't > think the VMS filesystem would be considered "hierarchical" which > would preclude such a listing. Why not? Look at RSX-11M for an example of a non-hierarchical filesystem. ------------------------------ Date: 13 Jun 2007 14:15:23 GMT From: bill@cs.uofs.edu (Bill Gunshannon) Subject: Re: VMS analogue of FBSD and linux hier(7) man pages Message-ID: <5dacfrF334k19U1@mid.individual.net> In article , koehler@eisner.nospam.encompasserve.org (Bob Koehler) writes: > In article <5d7l6eF342pf9U1@mid.individual.net>, bill@cs.uofs.edu (Bill Gunshannon) writes: >> >> I am sure someone will correct me if I am wrong, :-) but I don't >> think the VMS filesystem would be considered "hierarchical" which >> would preclude such a listing. > > Why not? Well, I thought the locations of files was not particularly relevant and the system would function just fine if the filesystem was kept completely flat like, say, CPM. I thought LOGICALS were used to identify all the important things like SYSEXE, etc. Is there anything in VMS that expects files to be in any particular hierarchy? Or can the system be setup with the directories in pretty much any location? > Look at RSX-11M for an example of a non-hierarchical > filesystem. Oh, I know plenty of them. RSX, RSTS, RT-11, CPM, TRSDOS, UCSD-Pascal, MSDOS (alowed directories, but didn't require any. I hav e seen completely flat systems which were usually a nightmare to work with once hard disks increased the amount of space users had to fill up. :-) bill -- Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves bill@cs.scranton.edu | and a sheep voting on what's for dinner. University of Scranton | Scranton, Pennsylvania | #include ------------------------------ Date: 13 Jun 2007 09:15:30 -0500 From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) Subject: Re: VMS analogue of FBSD and linux hier(7) man pages Message-ID: In article <5da60nF33d71uU2@mid.individual.net>, bill@cs.uofs.edu (Bill Gunshannon) writes: > > I know you can nest directories in VMS, but is there any portion > of this nesting that is common to all VMS systems or is it strictly > user preference? While it would be possible to put Unix files anywhere, > there is a hierarchy that is considered standard and upon which a > number of assumptions have been made. The layout of the OS is certainly standard amoungst all VMS systems of the same version. Just as is on any one vendor's UNIX, although there are variations between vendors. The layout of user's directories is up to the user, just as it is on UNIX. Where the users' directories start varies amoungst VMS systems according to the desires of the system manager, but [000000] on a device or a rooted logical are the usual places. Where the users' directories start varies amoungst UNIX systems according to the desires of the system admin, but /home, /user, /home/mount-point-goes-here, and /user/mount-point-goes-here are common. Lots of applicsattions, such as web browsers, stuff thier data in directories off of the user's log in directory on VMS, UNIX, and other OS. I don't see what you're getting at. ------------------------------ Date: Wed, 13 Jun 2007 15:51:05 +0000 (UTC) From: moroney@world.std.spaamtrap.com (Michael Moroney) Subject: Re: VMS analogue of FBSD and linux hier(7) man pages Message-ID: bill@cs.uofs.edu (Bill Gunshannon) writes: >Well, because I would really like to see someone with more experience >address this let me clarify what I said above. >I know you can nest directories in VMS, but is there any portion >of this nesting that is common to all VMS systems or is it strictly >user preference? All VMS disks have a top-level [000000] directory as the root of the directory structure. In this directory are certain files with data necessary for the file system, such as INDEXF.SYS (contains the approximate equivalent to Unix inodes, the bootblock and a couple of other things), BITMAP.SYS and a couple of others. There are also directories where, within them or their subdirectories, all other files on the drive exist. The [000000] directory is also entered into itself here. On a bootable system disk, there is a [VMS$COMMON] directory. There are also [SYSx] directories, one for each node in a cluster, or you can have alternate configurations in different ones). In each of the [SYSx] directories, there is an equivalent to a hard link to VMS$COMMON under the name SYSCOMMON. There are parallel directory trees in the [SYSx] and [VMS$COMMON] directories, such as SYSEXE (executable images mostly), SYSLIB (library files), SYSMGR (system management) and many others. Layered products may have their own. There's a start. ------------------------------ Date: Wed, 13 Jun 2007 16:30:30 +0000 (UTC) From: david20@alpha2.mdx.ac.uk Subject: Re: VMS analogue of FBSD and linux hier(7) man pages Message-ID: In article <5dacfrF334k19U1@mid.individual.net>, bill@cs.uofs.edu (Bill Gunshannon) writes: >In article , > koehler@eisner.nospam.encompasserve.org (Bob Koehler) writes: >> In article <5d7l6eF342pf9U1@mid.individual.net>, bill@cs.uofs.edu (Bill Gunshannon) writes: >>> >>> I am sure someone will correct me if I am wrong, :-) but I don't >>> think the VMS filesystem would be considered "hierarchical" which >>> would preclude such a listing. >> >> Why not? > >Well, I thought the locations of files was not particularly relevant and >the system would function just fine if the filesystem was kept completely >flat like, say, CPM. I thought LOGICALS were used to identify all the >important things like SYSEXE, etc. Is there anything in VMS that expects >files to be in any particular hierarchy? Or can the system be setup with >the directories in pretty much any location? > The basic directory structure of the VMS system disk is well defined. The only complication is that the directory structure is duplicated so as to provide system-specific roots and a cluster-common root. So if you have three systems booting of the disk DSA0 called ALPHA1, ALPHA2 and ALPHA3 then if they boot using roots 0,1 and 2 (specified on the boot command) then on the disk there would be the following top-level directories DSA0:[SYS0] DSA0:[SYS1] DSA0:[SYS2] and DSA0:[VMS$COMMON] The system-specific directory DSA0:[SYS0] would contain a number of sub-directories such as DSA0:[SYS0.SYSEXE] DSA0:[SYS0.SYSHLP] DSA0:[SYS0.SYSLIB] DSA0:[SYS0.SYSMGR] etc which would contain any system specific versions of configuration files, executables, help files etc Different types of files in different directories. Similarly for the [SYS1] and [SYS2] roots So the node ALPHA1 would use the system-specific files in the SYS0 hierarchy whereas the node ALPHA2 would use the system-specific files in the SYS1 hierarchy. The cluster-common DSA0:[VMS$COMMON] would contain similar directories eg DSA0:[VMS$COMMON.SYSEXE] DSA0:[VMS$COMMON.SYSHLP] DSA0:[VMS$COMMON.SYSLIB] DSA0:[VMS$COMMON.SYSMGR] etc Logical names such as SYSEXE are then used to point at both the SYSEXE directory in the system-specific root for a particular node and the SYSEXE directory in the cluster-common root so that the OS first looks in the node specific directory and then if it doesn't find it there looks in the cluster-common directory. Hence ALPHA1 would see files in the SYS0 hierarchy and in the VMS$COMMON heirarchy ALPHA2 would see files in the SYS1 hierarchy and in the VMS$COMMON heirarchy and ALPHA3 would see files in the SYS2 hierarchy and in the VMS$COMMON heirarchy. The only other complication is that the system-specific roots include a SYSCOMMON sub-directory eg DSA0:[SYS0.SYSCOMMON] which is actually a link to the DSA0:[VMS$COMMON] directory. David Webb Security team leader CCSS Middlesex University >> Look at RSX-11M for an example of a non-hierarchical >> filesystem. > >Oh, I know plenty of them. RSX, RSTS, RT-11, CPM, TRSDOS, UCSD-Pascal, >MSDOS (alowed directories, but didn't require any. I hav e seen completely >flat systems which were usually a nightmare to work with once hard disks >increased the amount of space users had to fill up. :-) > >bill > >-- >Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves >bill@cs.scranton.edu | and a sheep voting on what's for dinner. >University of Scranton | >Scranton, Pennsylvania | #include ------------------------------ Date: 13 Jun 2007 16:37:27 GMT From: bill@cs.uofs.edu (Bill Gunshannon) Subject: Re: VMS analogue of FBSD and linux hier(7) man pages Message-ID: <5dakq7F33r3kgU3@mid.individual.net> My thanks to everyone for the explanations of the file structure. I never used anything but the default created by the install process and it's probably a good thinkg, too. :-) bill -- Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves bill@cs.scranton.edu | and a sheep voting on what's for dinner. University of Scranton | Scranton, Pennsylvania | #include ------------------------------ Date: Tue, 12 Jun 2007 11:54:37 -0400 From: "Ken Robinson" Subject: What's the implication of this development if any... Message-ID: <7dd80f60706120854u1983c890w4f74f63180e3ad63@mail.gmail.com> Headline: Unisys Hires Former HP Exec to Head Up Server Development (from the Linux Beacon) Start of story: "Server maker Unisys has hired away a top executive from Hewlett-Packard's Business Critical Systems division to take over the management of its own Systems & Technology Group. Rich Marcello, who had a long career at the former Digital Equipment and who stayed in charge of various server units as Digital was eaten by Compaq in 1998 and then Compaq was eaten by HP in 2001, is now president of the Unisys Systems & Technology Group, and reports directly to Unisys president and chief executive officer, Joe McGrath. Marcello is replacing Leo Daiuto, who has spent 39 years at Unisys (and its predecessors) and is now retiring." The rest of the story can be read at Ken ------------------------------ Date: Tue, 12 Jun 2007 16:09:25 -0000 From: IanMiller Subject: Re: What's the implication of this development if any... Message-ID: <1181664565.019076.86400@r19g2000prf.googlegroups.com> Rich Marcello departed last year from HP. At the time it was stated he was retiring to perform volunteer work. http://www.openvms.org/stories.php?story=06/11/01/7052290 ------------------------------ Date: Tue, 12 Jun 2007 12:24:04 -0400 From: "John Smith" Subject: Re: What's the implication of this development if any... Message-ID: <88f0d$466ec899$cef88391$17611@TEKSAVVY.COM-Free> Ken Robinson wrote: > Headline: Unisys Hires Former HP Exec to Head Up Server Development > (from the Linux Beacon) > > Start of story: > > "Server maker Unisys has hired away a top executive from > Hewlett-Packard's Business Critical Systems division to take over the > management of its own Systems & Technology Group. > > Rich Marcello, who had a long career at the former Digital Equipment > and who stayed in charge of various server units as Digital was eaten > by Compaq in 1998 and then Compaq was eaten by HP in 2001, is now > president of the Unisys Systems & Technology Group, and reports > directly to Unisys president and chief executive officer, Joe McGrath. > Marcello is replacing Leo Daiuto, who has spent 39 years at Unisys > (and its predecessors) and is now retiring." > > The rest of the story can be read at > It means that he has a position which does not have multiple layers of sniviling sycophants between him and the decision-maker. I can imagine that alone will make it an exciting and enjoyable job for him. -- OpenVMS - The never-advertised operating system with the dwindling ISV base. ------------------------------ Date: Tue, 12 Jun 2007 14:56:52 -0400 From: JF Mezei Subject: Re: What's the implication of this development if any... Message-ID: Ken Robinson wrote: > Rich Marcello, who had a long career at the former Digital Equipment > and who stayed in charge of various server units as Digital was eaten > by Compaq in 1998 and then Compaq was eaten by HP in 2001, is now > president of the Unisys Systems & Technology Group, It depends on whether Marcello is there as a obedient sheep until retirement, or whether he is there to lead and make things happen. Employees in downsizing companies at Marcello's level tend to become quiet sheep who prefer to just obey their superiors and not be shit disturbers because they think it increases their odds of NOT being layed off. But if a new CEO comes along who doesnt like those quiet sheep, then all bets are off. ------------------------------ Date: Tue, 12 Jun 2007 13:23:29 -0700 From: "Tom Linden" Subject: Re: What's the implication of this development if any... Message-ID: On Tue, 12 Jun 2007 11:56:52 -0700, JF Mezei wrote: > Ken Robinson wrote: >> Rich Marcello, who had a long career at the former Digital Equipment >> and who stayed in charge of various server units as Digital was eaten >> by Compaq in 1998 and then Compaq was eaten by HP in 2001, is now >> president of the Unisys Systems & Technology Group, > > > It depends on whether Marcello is there as a obedient sheep until > retirement, or whether he is there to lead and make things happen. What did he make happen at Digital, retain trust? Newspeak doubletalk. > > Employees in downsizing companies at Marcello's level tend to become > quiet sheep who prefer to just obey their superiors and not be shit > disturbers because they think it increases their odds of NOT being layed > off. > > But if a new CEO comes along who doesnt like those quiet sheep, then all > bets are off. -- PL/I for OpenVMS www.kednos.com ------------------------------ Date: Tue, 12 Jun 2007 22:10:06 GMT From: "John Wallace" Subject: Re: What's the implication of this development if any... Message-ID: <2REbi.79$aS5.1@fe1.news.blueyonder.co.uk> "Ken Robinson" wrote in message news:7dd80f60706120854u1983c890w4f74f63180e3ad63@mail.gmail.com... > Headline: Unisys Hires Former HP Exec to Head Up Server Development > (from the Linux Beacon) > > Start of story: > > "Server maker Unisys has hired away a top executive from > Hewlett-Packard's Business Critical Systems division to take over the > management of its own Systems & Technology Group. > > Rich Marcello, who had a long career at the former Digital Equipment > and who stayed in charge of various server units as Digital was eaten > by Compaq in 1998 and then Compaq was eaten by HP in 2001, is now > president of the Unisys Systems & Technology Group, and reports > directly to Unisys president and chief executive officer, Joe McGrath. > Marcello is replacing Leo Daiuto, who has spent 39 years at Unisys > (and its predecessors) and is now retiring." > > The rest of the story can be read at > > > Ken Unisys appear to have realised that although the mainframe isn't quite dead yet, it's largely surviving because of mainframe software, not because of any unique magick which couldn't possibly exist on x86-64 hardware (eg RAS features). Consequently they've recently announced that their mainframe OS environment is now supported on Xeon-based kit. E.g. http://www.unisys.com/about__unisys/news_a_events/05158777.htm It's not going to be any old Xeon kit, but even so, these are folks who already have a finger in the mainframe market, the x86 market, and the Itanium market, and they've made their decision about which way the market is going... Let's hope that approach is more succesful for them (and thus for Mr Marcello) than Unisys's previous "x86 mainframe" (the ES7000, iirc), which didn't exactly sell like hot cakes, even when Compaq rebadged it (as the Proliant 9000?). Part of its problem was that although virtualisation, and in particular VMware, has been flavour of the month for a couple of years now, the ES7000 was a bit restricted in terms of supported VMware versions. But other than VMware instances, what else do you do with a 32-processor Windows (or more recently, Linux) box? One UK customer reportedly bought one to run SAP, goodness only knows why (and they didn't know why after a while either, so it went back). regards John ------------------------------ Date: Tue, 12 Jun 2007 23:20:05 -0000 From: ultradwc@gmail.com Subject: Re: What's the implication of this development if any... Message-ID: <1181690405.625327.86960@q19g2000prn.googlegroups.com> On Jun 12, 11:54 am, "Ken Robinson" wrote: > Headline: Unisys Hires Former HP Exec to Head Up Server Development > (from the Linux Beacon) > > Start of story: > > "Server maker Unisys has hired away a top executive from > Hewlett-Packard's Business Critical Systems division to take over the > management of its own Systems & Technology Group. > > Rich Marcello, who had a long career at the former Digital Equipment > and who stayed in charge of various server units as Digital was eaten > by Compaq in 1998 and then Compaq was eaten by HP in 2001, is now > president of the Unisys Systems & Technology Group, and reports > directly to Unisys president and chief executive officer, Joe McGrath. > Marcello is replacing Leo Daiuto, who has spent 39 years at Unisys > (and its predecessors) and is now retiring." > > The rest of the story can be read at > > > Ken maybe he will buy vms from HP and make them number one ... :) ------------------------------ Date: Wed, 13 Jun 2007 05:49:11 +0200 From: "P. Sture" Subject: Re: What's the implication of this development if any... Message-ID: In article <2REbi.79$aS5.1@fe1.news.blueyonder.co.uk>, "John Wallace" wrote: > "Ken Robinson" wrote in message > news:7dd80f60706120854u1983c890w4f74f63180e3ad63@mail.gmail.com... > > Headline: Unisys Hires Former HP Exec to Head Up Server Development > > (from the Linux Beacon) > > > > Start of story: > > > > "Server maker Unisys has hired away a top executive from > > Hewlett-Packard's Business Critical Systems division to take over the > > management of its own Systems & Technology Group. > > > > Rich Marcello, who had a long career at the former Digital Equipment > > and who stayed in charge of various server units as Digital was eaten > > by Compaq in 1998 and then Compaq was eaten by HP in 2001, is now > > president of the Unisys Systems & Technology Group, and reports > > directly to Unisys president and chief executive officer, Joe McGrath. > > Marcello is replacing Leo Daiuto, who has spent 39 years at Unisys > > (and its predecessors) and is now retiring." > > > > The rest of the story can be read at > > > > > > Ken > > Unisys appear to have realised that although the mainframe isn't quite dead > yet, it's largely surviving because of mainframe software, not because of > any unique magick which couldn't possibly exist on x86-64 hardware (eg RAS > features). Consequently they've recently announced that their mainframe OS > environment is now supported on Xeon-based kit. E.g. > http://www.unisys.com/about__unisys/news_a_events/05158777.htm It's not > going to be any old Xeon kit, but even so, these are folks who already have > a finger in the mainframe market, the x86 market, and the Itanium market, > and they've made their decision about which way the market is going... In a May 2006 article referenced in the ITjungle item Ken posted, the Unisys E7000 also supports Itaniums. http://www.itjungle.com/tlb/tlb050906-story02.html > Let's hope that approach is more succesful for them (and thus for Mr > Marcello) than Unisys's previous "x86 mainframe" (the ES7000, iirc), which > didn't exactly sell like hot cakes, even when Compaq rebadged it (as the > Proliant 9000?). Part of its problem was that although virtualisation, and > in particular VMware, has been flavour of the month for a couple of years > now, the ES7000 was a bit restricted in terms of supported VMware versions. > But other than VMware instances, what else do you do with a 32-processor > Windows (or more recently, Linux) box? One UK customer reportedly bought one > to run SAP, goodness only knows why (and they didn't know why after a while > either, so it went back). > > regards > John -- Paul Sture ------------------------------ Date: Wed, 13 Jun 2007 10:56:07 GMT From: VAXman- @SendSpamHere.ORG Subject: Re: What's the implication of this development if any... Message-ID: <00A69110.6197818B@SendSpamHere.ORG> In article <1181690405.625327.86960@q19g2000prn.googlegroups.com>, ultradwc@gmail.com writes: > > >On Jun 12, 11:54 am, "Ken Robinson" wrote: >> Headline: Unisys Hires Former HP Exec to Head Up Server Development >> (from the Linux Beacon) >> >> Start of story: >> >> "Server maker Unisys has hired away a top executive from >> Hewlett-Packard's Business Critical Systems division to take over the >> management of its own Systems & Technology Group. >> >> Rich Marcello, who had a long career at the former Digital Equipment >> and who stayed in charge of various server units as Digital was eaten >> by Compaq in 1998 and then Compaq was eaten by HP in 2001, is now >> president of the Unisys Systems & Technology Group, and reports >> directly to Unisys president and chief executive officer, Joe McGrath. >> Marcello is replacing Leo Daiuto, who has spent 39 years at Unisys >> (and its predecessors) and is now retiring." >> >> The rest of the story can be read at >> >> >> Ken > >maybe he will buy vms from HP and make them >number one ... :) :D Then he can where his purple "Can't keep it up? You need VMS!" shirt proudly. -- VAXman- A Bored Certified VMS Kernel Mode Hacker VAXman(at)TMESIS(dot)COM "Well my son, life is like a beanstalk, isn't it?" ------------------------------ Date: Wed, 13 Jun 2007 11:12:28 GMT From: VAXman- @SendSpamHere.ORG Subject: Re: What's the implication of this development if any... Message-ID: <00A69112.AA1D34F5@SendSpamHere.ORG> In article <00A69110.6197818B@SendSpamHere.ORG>, VAXman- @SendSpamHere.ORG writes: > > >In article <1181690405.625327.86960@q19g2000prn.googlegroups.com>, ultradwc@gmail.com writes: >> >> >>On Jun 12, 11:54 am, "Ken Robinson" wrote: >>> Headline: Unisys Hires Former HP Exec to Head Up Server Development >>> (from the Linux Beacon) >>> >>> Start of story: >>> >>> "Server maker Unisys has hired away a top executive from >>> Hewlett-Packard's Business Critical Systems division to take over the >>> management of its own Systems & Technology Group. >>> >>> Rich Marcello, who had a long career at the former Digital Equipment >>> and who stayed in charge of various server units as Digital was eaten >>> by Compaq in 1998 and then Compaq was eaten by HP in 2001, is now >>> president of the Unisys Systems & Technology Group, and reports >>> directly to Unisys president and chief executive officer, Joe McGrath. >>> Marcello is replacing Leo Daiuto, who has spent 39 years at Unisys >>> (and its predecessors) and is now retiring." >>> >>> The rest of the story can be read at >>> >>> >>> Ken >> >>maybe he will buy vms from HP and make them >>number one ... :) > >:D Then he can where his purple "Can't keep it up? You need VMS!" shirt >proudly. where => wear. More coffee please. -- VAXman- A Bored Certified VMS Kernel Mode Hacker VAXman(at)TMESIS(dot)COM "Well my son, life is like a beanstalk, isn't it?" ------------------------------ Date: 13 Jun 2007 09:24:34 -0500 From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) Subject: Re: What's the implication of this development if any... Message-ID: IanMiller writes: > Rich Marcello departed last year from HP. At the time it was stated he > was retiring to perform volunteer work. > http://www.openvms.org/stories.php?story=06/11/01/7052290 Like volunteeering to prop up UNISYS? ------------------------------ Date: Wed, 13 Jun 2007 05:07:33 GMT From: Tad Winters Subject: Who's in the Phoenix area? Message-ID: I need someone to rescue an AlphaServer in the Phoenix area. I seem to recall someone posting here who was living in that area. Tad ------------------------------ Date: Tue, 12 Jun 2007 20:51:34 -0400 From: JF Mezei Subject: Why partitioned disks on VMS would be useful Message-ID: <532c1$466f3f97$cef8887a$10077@TEKSAVVY.COM> If disk partitioning existed in the VMS world, it would allow for the following: Workstation with a single hard disk, partitioned into 2 drives. One drive has just a page file. Other drive can then be a shadowed system drive. Each workstation would then have its local copy of the system disk and its read/writes to page file would not propagate to other members of the system disk shadow set. ------------------------------ Date: Tue, 12 Jun 2007 18:07:19 -0700 From: AEF Subject: Re: Why partitioned disks on VMS would be useful Message-ID: <1181696839.385193.137890@g37g2000prf.googlegroups.com> On Jun 12, 8:51 pm, JF Mezei wrote: > If disk partitioning existed in the VMS world, it would allow for the > following: > > Workstation with a single hard disk, partitioned into 2 drives. One > drive has just a page file. Other drive can then be a shadowed system drive. > > Each workstation would then have its local copy of the system disk and > its read/writes to page file would not propagate to other members of the > system disk shadow set. But then what's the point? If the partitioned disk crashes, you lose your pagefile. AEF ------------------------------ Date: Tue, 12 Jun 2007 21:16:06 -0400 From: JF Mezei Subject: Re: Why partitioned disks on VMS would be useful Message-ID: AEF wrote: > But then what's the point? If the partitioned disk crashes, you lose > your pagefile. The point is that you can have shadowed system disk that does not have the performance issue of shadowing page files from all systems that have a disk member of that shadow set. When you look at current workstation and small server machines, they come with one drive. The ability to partition that one drives gives that ability to show the system disk AND still have a local page file. ------------------------------ Date: Tue, 12 Jun 2007 20:34:35 -0500 From: David J Dachtera Subject: Re: Why partitioned disks on VMS would be useful Message-ID: <466F49AB.5CADA33C@spam.comcast.net> JF Mezei wrote: > > If disk partitioning existed in the VMS world, it would allow for the > following: > > Workstation with a single hard disk, partitioned into 2 drives. One > drive has just a page file. Other drive can then be a shadowed system drive. I think you left out the detail you're doing LAVc. Otherwise, you'd need three partitions: 1. Page/swap disk 2. system disk shadow-set member 1 3. system disk shadow-set member 2. > Each workstation would then have its local copy of the system disk and > its read/writes to page file would not propagate to other members of the > system disk shadow set. Could be done with an HSZ and at least one shelf, I suppose... -- David J Dachtera dba DJE Systems http://www.djesys.com/ Unofficial OpenVMS Marketing Home Page http://www.djesys.com/vms/market/ Unofficial Affordable OpenVMS Home Page: http://www.djesys.com/vms/soho/ Unofficial OpenVMS-IA32 Home Page: http://www.djesys.com/vms/ia32/ Unofficial OpenVMS Hobbyist Support Page: http://www.djesys.com/vms/support/ ------------------------------ Date: Wed, 13 Jun 2007 11:42:05 +1000 From: Jim Duff Subject: Re: Why partitioned disks on VMS would be useful Message-ID: <466f4b70@dnews.tpgi.com.au> JF Mezei wrote: > If disk partitioning existed in the VMS world, it would allow for the > following: > > Workstation with a single hard disk, partitioned into 2 drives. One > drive has just a page file. Other drive can then be a shadowed system > drive. > > Each workstation would then have its local copy of the system disk and > its read/writes to page file would not propagate to other members of the > system disk shadow set. http://h71000.www7.hp.com/openvms/storage/raidpage.html "HP RAID software for OpenVMS ensures data availability and performance with software-based RAID technology. HP RAID software uses RAID technology to manage groups of disk drives as arrays. HP RAID software supports Striping (RAID Level 0), Striping with Parity (RAID Level 5), and Partitioning." I have used this software, and while it's a bit of a pain to manage, it does work quite well. Your second paragraph is confusing. You specify the workstation has one hard disk in the first sentence, then your second sentence mentions a shadowed system disk. What are you shadowing to? Over a network? Then why not have a central system disk on a boot server (with a shadowed system disk consisting of two or three disks local to the server) and use the workstation's local disk for the page file? This is the standard "NI" cluster. Or why not buy another drive and put your page file on that? Disks are cheap. There is certainly no reason you have to put a page file on the system disk, and I would recommend against doing so in a production system. Jim -- www.eight-cubed.com ------------------------------ Date: Tue, 12 Jun 2007 19:07:13 -0700 From: AEF Subject: Re: Why partitioned disks on VMS would be useful Message-ID: <1181700433.237190.80200@q19g2000prn.googlegroups.com> On Jun 12, 9:16 pm, JF Mezei wrote: > AEF wrote: > > But then what's the point? If the partitioned disk crashes, you lose > > your pagefile. > > The point is that you can have shadowed system disk that does not have > the performance issue of shadowing page files from all systems that have > a disk member of that shadow set. > > When you look at current workstation and small server machines, they > come with one drive. The ability to partition that one drives gives that > ability to show the system disk AND still have a local page file. But half of your shadowing benefits are nullified. Normally in a 2- member shadow set, you can lose either member and you're still up. But here, if you lose the member with the unshadowed pagefile on it, you're down anyway! AEF ------------------------------ Date: Tue, 12 Jun 2007 22:47:06 -0400 From: JF Mezei Subject: Re: Why partitioned disks on VMS would be useful Message-ID: AEF wrote: > But half of your shadowing benefits are nullified. Normally in a 2- > member shadow set, you can lose either member and you're still up. But > here, if you lose the member with the unshadowed pagefile on it, > you're down anyway! True, but during normal times, you get the performance benefits of having local reads instead of having all your system disk MSCP served from some other node. ------------------------------ Date: Wed, 13 Jun 2007 03:43:50 -0000 From: ultradwc@gmail.com Subject: Re: Why partitioned disks on VMS would be useful Message-ID: <1181706230.891540.116650@i38g2000prf.googlegroups.com> On Jun 12, 8:51 pm, JF Mezei wrote: > If disk partitioning existed in the VMS world, it would allow for the > following: > > Workstation with a single hard disk, partitioned into 2 drives. One > drive has just a page file. Other drive can then be a shadowed system drive. > > Each workstation would then have its local copy of the system disk and > its read/writes to page file would not propagate to other members of the > system disk shadow set. you already have this available on vms! It is called DECram ... :) http://h18000.www1.hp.com/info/SP3426/SP3426PF.PDF ------------------------------ Date: Wed, 13 Jun 2007 07:46:11 +0200 From: "P. Sture" Subject: Re: Why partitioned disks on VMS would be useful Message-ID: In article , JF Mezei wrote: > AEF wrote: > > But then what's the point? If the partitioned disk crashes, you lose > > your pagefile. > > The point is that you can have shadowed system disk that does not have > the performance issue of shadowing page files from all systems that have > a disk member of that shadow set. CLUSTER_CONFIG.COM already puts the pagefile on the local disk for you, so it isn't on a shadowed disk anyway. A more profitable activity is to set up the dump file on the local disk (DOSD), to avoid shadow copies when a workstation reboots. > When you look at current workstation and small server machines, they > come with one drive. The ability to partition that one drives gives that > ability to show the system disk AND still have a local page file. One slight problem. Shadowing only supports 3 shadow set members. Unless you are using RAID for the system disk on the server(s), you will have used up two of those members already, so your proposal allows the no more than one workstation to use this scheme. Back to the drawing board? :-) -- Paul Sture ------------------------------ Date: Wed, 13 Jun 2007 02:16:46 -0400 From: JF Mezei Subject: Re: Why partitioned disks on VMS would be useful Message-ID: <729f0$466f8bd0$cef8887a$7819@TEKSAVVY.COM> P. Sture wrote: > CLUSTER_CONFIG.COM already puts the pagefile on the local disk for you, OK, in a standard satellite, you have the workstation with its local disk used only for the pagefile and all "system" io done via MSCP/ethernet to the boot node's system drive. My point was that if you could partition that workstation's only drive, you could then have one logical disk being the system disk, and one logical disk for the page file. The "system disk" could then be shadowed with other workstations or servers. This not only adds redundancy, but also allows each workstation to have a local "up to date" version of the system disk and thus not resort to using ethernet to access the system disk. And since the pagefile would be in a different logical disk, the shadowing software would not try to shadow read/writes to pagefiles on each workstation. And yes, to those with "large system" mentalities, this doesn't make sense. You need to put yourself into shoes of small systems/workstations that only have one physical drive. ------------------------------ Date: Wed, 13 Jun 2007 08:36:19 +0200 From: "P. Sture" Subject: Re: Why partitioned disks on VMS would be useful Message-ID: In article , JF Mezei wrote: > AEF wrote: > > But half of your shadowing benefits are nullified. Normally in a 2- > > member shadow set, you can lose either member and you're still up. But > > here, if you lose the member with the unshadowed pagefile on it, > > you're down anyway! > > > True, but during normal times, you get the performance benefits of > having local reads instead of having all your system disk MSCP served > from some other node. A decade or so ago, a former colleague spent a considerable amount of time setting up what he called a "Partial Local System Disk" on a large fleet of VAXstations. Simply put, he placed as many system and application objects as possible onto each workstation's local disks, using search lists as appropriate. This decreased the network bandwidth required to the extent of improved response times for a trading application. But this was in the days of 10Mb/s networks. It's likely not worth that amount effort nowadays - think identifying what needs to be updated every time a new version of VMS, layered software, or patches comes along. -- Paul Sture ------------------------------ Date: Wed, 13 Jun 2007 08:40:05 +0200 From: "P. Sture" Subject: Re: Why partitioned disks on VMS would be useful Message-ID: In article <729f0$466f8bd0$cef8887a$7819@TEKSAVVY.COM>, JF Mezei wrote: > P. Sture wrote: > > CLUSTER_CONFIG.COM already puts the pagefile on the local disk for you, > > OK, in a standard satellite, you have the workstation with its local > disk used only for the pagefile and all "system" io done via > MSCP/ethernet to the boot node's system drive. > > My point was that if you could partition that workstation's only drive, > you could then have one logical disk being the system disk, and one > logical disk for the page file. The "system disk" could then be shadowed > with other workstations or servers. But you still have the problem of a maximum of 3 shadowset members. -- Paul Sture ------------------------------ Date: Wed, 13 Jun 2007 09:10:43 -0400 From: "Richard B. Gilbert" Subject: Re: Why partitioned disks on VMS would be useful Message-ID: <466FECD3.5090101@comcast.net> JF Mezei wrote: > If disk partitioning existed in the VMS world, it would allow for the > following: > > Workstation with a single hard disk, partitioned into 2 drives. One > drive has just a page file. Other drive can then be a shadowed system > drive. > > Each workstation would then have its local copy of the system disk and > its read/writes to page file would not propagate to other members of the > system disk shadow set. Don't most workstations have TWO drive bays? Partitioning disks is a Unix style nightmare that I'd rather not see in VMS! It generally means either several tries to get the partitioning "right"; e.g. making each partition neither too large nor too small, or wasting space with partitions that are too large. Using two spindles is far better for performance. ------------------------------ Date: Wed, 13 Jun 2007 07:19:52 -0700 From: Dave Gullen Subject: Re: Why partitioned disks on VMS would be useful Message-ID: <1181744392.614554.258040@z28g2000prd.googlegroups.com> On Jun 13, 1:51 am, JF Mezei wrote: > If disk partitioning existed in the VMS world, it would allow for the > following: > > Workstation with a single hard disk, partitioned into 2 drives. One > drive has just a page file. Other drive can then be a shadowed system drive. > > Each workstation would then have its local copy of the system disk and > its read/writes to page file would not propagate to other members of the > system disk shadow set. Tried the LD utility? "The logical disk utility is a system management tool available to any user for controlling logical disk usage. A Logical Disk is a file available on a Physical Disk, which acts as a real Physical Disk (The file is contiguous.) The Logical Disks are available in any directory of the Physical Disk. A large disk can be divided into smaller sections, each a Logi- cal Disk, supporting the same I/O functions as the Physical Disk. By giving the Logical Disk File a good protection level and mounting it private or with device protection, you are able to add a number of protection levels to your file system. The logical disk is controlled by the LD utility, which can be directly invoked from DCL." You can shadow LD drives, and I've read that you can also use them to shadow RAM disks and so make the RAM disk resillient. Haven't tried this though. D. ------------------------------ Date: 13 Jun 2007 09:30:53 -0500 From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) Subject: Re: Why partitioned disks on VMS would be useful Message-ID: In article <532c1$466f3f97$cef8887a$10077@TEKSAVVY.COM>, JF Mezei writes: > If disk partitioning existed in the VMS world, it would allow for the > following: > > Workstation with a single hard disk, partitioned into 2 drives. One > drive has just a page file. Other drive can then be a shadowed system drive. > > Each workstation would then have its local copy of the system disk and > its read/writes to page file would not propagate to other members of the > system disk shadow set. That capability already exists without partitioning. Just buy two smaller disks, or better yet, keep the non-pagefile stuff on the server's disks. ------------------------------ Date: 13 Jun 2007 09:33:14 -0500 From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) Subject: Re: Why partitioned disks on VMS would be useful Message-ID: In article <729f0$466f8bd0$cef8887a$7819@TEKSAVVY.COM>, JF Mezei writes: > > My point was that if you could partition that workstation's only drive, > you could then have one logical disk being the system disk, and one > logical disk for the page file. The "system disk" could then be shadowed > with other workstations or servers. Buying two smaller disks gives you the same functionality and higher performance. ------------------------------ Date: Wed, 13 Jun 2007 15:05:42 +0000 (UTC) From: david20@alpha2.mdx.ac.uk Subject: Re: Why partitioned disks on VMS would be useful Message-ID: In article <466FECD3.5090101@comcast.net>, "Richard B. Gilbert" writes: >JF Mezei wrote: >> If disk partitioning existed in the VMS world, it would allow for the >> following: >> >> Workstation with a single hard disk, partitioned into 2 drives. One >> drive has just a page file. Other drive can then be a shadowed system >> drive. >> >> Each workstation would then have its local copy of the system disk and >> its read/writes to page file would not propagate to other members of the >> system disk shadow set. > >Don't most workstations have TWO drive bays? > >Partitioning disks is a Unix style nightmare that I'd rather not see in >VMS! It generally means either several tries to get the partitioning >"right"; e.g. making each partition neither too large nor too small, or >wasting space with partitions that are too large. > >Using two spindles is far better for performance. > As far as I am concerned there are only two good uses for partitioning :- 1) Cutting up a very large disk into smaller disks so as to be able to use a smaller clustersize (usually on older versions of VMS). 2) Being able to boot multiple OSs from a single disk (eg Windows, Linux) David Webb Security team leader CCSS Middlesex University ------------------------------ Date: Wed, 13 Jun 2007 11:51:07 -0400 From: Stephen Hoffman Subject: Re: Why partitioned disks on VMS would be useful Message-ID: david20@alpha2.mdx.ac.uk wrote: > As far as I am concerned there are only two good uses for partitioning :- > > > 1) Cutting up a very large disk into smaller disks so as to be able to use a > smaller clustersize (usually on older versions of VMS). > > 2) Being able to boot multiple OSs from a single disk (eg Windows, Linux) Add: Multiple different operating systems, and multiple versions of one operating system. And partitions can be good for scratch areas, and for setting aside storage for specific tasks -- this is a classic IBM mainframe approach that avoids disk-full errors in mid-flight, something which does have its application for monster-scale batch and critical applications. Most of these partitioning tasks can be transparently implemented by all but the lowest-end RAID storage controllers, without involving the host system. At all. (The Drobo USB widget is slick, but currently has knowledge of the file system. Which means it won't work with OpenVMS.) I'd personally place ZFS at least a kilometer above disk partitioning on the to-do list, however. ZFS changes many of the ways that storage is processed, and it massively extends the existing 32-bit limits within current OpenVMS storage I/O. (1 TB now, and architecturally 2 TB.) As for multiple storage bays, the low-end server boxes have three or eight bays. Even the BL860c blade has two bays built in. Laptops, the iPAQ Desktop, the thin clients, and the MicroVAX and VAXstation 2000 series had a single fixed-disk bay, but most anything else I can think of within the low- to mid-range has multiple bays. You could even stuff two disks into a BA23. I can't recall any current or even remotely recent OpenVMS systems with just one fixed-disk bay. (Yes, some of the big servers either have/had no bays, or you could stuff a BA356 or newer in the cabinet, or you had to connect to external storage via SCSI or FC or such.) -- www.HoffmanLabs.com Services for OpenVMS ------------------------------ Date: Wed, 13 Jun 2007 08:19:12 +0200 From: "P. Sture" Subject: [OT] ZFS and OS X 10.5 (Leopard) Message-ID: In article , Ron Johnson wrote: > On 06/12/07 14:25, Ron Johnson wrote: > > On 06/12/07 13:22, P. Sture wrote: > > [snip] > >>> > >>> And by allowing ZFS to be ported to OS X, they are again expanding > >>> mindshare: "ZFS on my MacBook Pro is great. For that server I need > >>> to build at work, it'll be even better than Linux and ext3 (which is > >>> what I was planning to build)". > >> > >> As a point of information, ZFS isn't due on OS X until the Leopard > >> release later this year. > > > > Well, yes, it *is* a bit of a forward-looking statement, but Apple isn't > > in the habit of promising the moon and delivering mud. > > Guess I'd better stop believing rumors! > > http://www.informationweek.com/story/showArticle.jhtml?articleID=199903281&cid > =RSSfeed_IWK_News > > An Apple official on Monday said Sun Microsystems' open-source > file system would not be in the next version of the Mac > operating system, contradicting statements made last week > by Sun's chief executive. Yep. I've just watched the Sun video showing that Jonathan Schwartz (Sun's CEO) announced that ZFS would be _the_ file system on Leopard. He was out of order there. It's highly unlikely that a brand new file system would be anything but an optional extra at this stage. For a more up to date report on the state of ZFS within Leaopard, see http://www.theregister.co.uk/2007/06/12/sun_apple_zfs_denial/ but we'll have to wait to see what actually ships. Let's not forget what happened to Spiralog :-) PS, and more on topic for this news group, Schwartz did have a positive message about the penetration of OpenOffice in schools and universities. -- Paul Sture ------------------------------ Date: 12 Jun 2007 07:48:28 -0500 From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) Subject: Re: [Q]Pascal packed arrary of char and varying of char Message-ID: In article <1181348614.361921.146850@z28g2000prd.googlegroups.com>, stuie_norris@yahoo.com.au writes: > > [inherit ('sys$library:starlet', 'sys$library:pascal$lib_routines')] > program test (input, output); > > type > mystring = varying [256] of char; > > var > namepacked : packed array [1..50] of char; > namevary : mystring; > > begin > > namepacked := 'the cat sat on the mat'; > namevary := namepacked; > > writeln ('Length = ', length(namevary), ' .Length > =',namevary.length); > end. I'm not a PASCAL expert, but I think when I put a string of fixed length 50 into a string of varying length I should get a length of 50. I think you want to truncate the string after "mat" when or after you copy it. I suspect there's some way to do that in PASCAL. ------------------------------ End of INFO-VAX 2007.320 ************************