|
Driving system requirements for installing z/OS® by way of ServerPac or dump-by-data-set SystemPac are: - An operating system. Use either of the following:
- z/OS V1R12 or later.
- The Customized Offerings Driver. This entitled driving system
is provided for those (1) who do not have an existing system to use
as a driving system or (2) whose existing system does not meet the
requirements of a driving system and who choose to not upgrade their
driving system. For more information, see What is the Customized Offerings Driver?.
- A TSO/E session. A TSO/E session on the IPLed system must
be established using a locally-attached or network-attached terminal.
- Proper authority. Use the RACFDRV installation job as a
sample of the security system definitions required so that you can
perform the installation tasks.
- Proper security. In order for you to install
the z/OS UNIX files, the following is required:
- The user ID you use must be a superuser (UID=0) or have read access
to the BPX.SUPERUSER resource in the RACF® FACILITY
class.
- The user ID you use must have read access to FACILITY class resources
BPX.FILEATTR.APF, BPX.FILEATTR.PROGCTL, and BPX.FILEATTR.SHARELIB
(or BPX.FILEATTR.* if you choose to use a generic name for these resources).
The commands to define these FACILITY class resources are in SYS1.SAMPLIB
member BPXISEC1.
- Group IDs uucpg and TTY, and user ID uucp, must be defined in
your security database. These IDs must contain OMVS segments with
a GID value for each group and a UID value for the user ID. (For ease
of use and manageability, define the names in uppercase.)
Rules: - The group ID and user ID values assigned to these IDs cannot be
used by any other IDs. They must be unique.
- You must duplicate the required user ID and group names in each
security database, including the same user ID and group ID values
in the OMVS segment. This makes it easier to transport the z/OS UNIX file
systems (HFS or zFS) from test systems to production systems. For
example, the group name TTY on System 1 must have the same group ID
value on System 2 and System 3. If it is not possible to synchronize
your databases you will need to continue running the FOMISCHO job
against each system after z/OS UNIX is installed.
If names such as uucp, uucpg, and TTY are not allowed
on your system, or if they conflict with existing names, you can create
and activate a user ID alias table.
For information about defining
these group and user IDs to RACF and
about creating a user ID alias table (USERIDALIASTABLE), see z/OS UNIX System Services Planning.
Another source of information is SYS1.SAMPLIB member BPXISEC1.
Note: You
can use the RACFDRV installation job as a sample of the security system
definitions required to perform the installation tasks.
- In order for you to install into the zFS, the user ID you use
must have read access to the SUPERUSER.FILESYS.PFSCTL resource in
the RACF UNIXPRIV class.
- OMVS address space active. For ServerPac only (not SystemPac), an activated OMVS
address space with z/OS UNIX kernel services operating in
full function mode is required.
- SMS active. The Storage Management Subsystem (SMS) must
be active to allocate z/OS UNIX file systems (HFS or zFS) and
PDSE data sets, whether they are SMS-managed or non-SMS-managed. Also,
the use of z/OS UNIX file systems (HFS or zFS) is supported
only when SMS is active in at least a null configuration, even when
the file systems are not SMS-managed. Do either of the following:
- To allocate non-SMS-managed z/OS UNIX file systems (HFS or zFS) and
PDSE data sets, you must activate SMS on the driving system in at
least a null configuration. You must also activate SMS on the target
system.
- To allocate SMS-managed z/OS UNIX file systems (HFS or zFS) and
PDSE data sets, you must activate SMS on the driving system in at
least a minimal configuration. Then you must define a storage group,
create SMS-managed volumes, and write, translate, and activate a storage
class ACS routine that allows the allocation of z/OS UNIX file
systems (HFS or zFS) and PDSE data sets with the names in the ALLOCDS
job. You must also activate SMS on the target system.
- Language Environment® requirements. The CustomPac Installation Dialog
uses the Language
Environment run time library, SCEERUN. If SCEERUN is not in the
link list on the driving system, you must edit the ServerPac installation
jobs to add it to the JOBLIB or STEPLIB DD statements.
Do not specify
the following Language
Environment run time options as nonoverrideable (NONOVR) in the
CEEDOPT CSECT or the CEEDOPT group of the CEEPRM xx parmlib
member: - ALL31
- ANYHEAP
- BELOWHEAP
- DEPTHCONDLMT
- ERRCOUNT
- HEAP
- HEAPCHK
- HEAPPOOLS
- INTERRUPT
- LIBSTACK
- PLITASKCOUNT
- STACK
- STORAGE
- THREADHEAP
- THREADSTACK
- CustomPac Installation Dialog. If you are installing
a ServerPac or dump-by-data-set SystemPac for
the first time, you need to install the CustomPac Installation Dialog
on your driving system. See ServerPac: Using the Installation
Dialog or SystemPac:
CustomPac Installation Dialog Reference Manual for instructions.
For subsequent orders you do not need to reinstall the dialog. IBM® ships dialog updates with each
order. If your current dialog level is not at level 26.00.00 or higher,
you need to update the dialog before receiving your order. For more
information the user can reference the ServerPac: Using the
Installation Dialog or SystemPac: CustomPac Dialog Reference.
You
should check the PSP bucket for possible updates to the CustomPac
Installation Dialog. For ServerPac, the upgrade is ZOSV2R1 and the
subset is SERVERPAC. For SystemPac dump-by-data-set
orders, the upgrade is CUSTOMPAC and the subset is SYSPAC/DBD.
- Proper level for service. In order for you to install service
on the target system that you are building, your driving system must
minimally meet the driving system requirements for CBPDO Wave 1 (see Driving system Wave 1 requirements) and must have the current (latest) levels
of the program management binder, SMP/E, and HLASM.
The
service jobs generated by the CustomPac Installation Dialog use the
target system's (and therefore current) level of the program management
binder, SMP/E, and HLASM. If you choose to use your own jobs, model
them after the jobs provided by ServerPac or dump-by-data-set SystemPac by adding STEPLIB
DD statements to access MIGLIB (for the program management binder
and SMP/E) and SASMMOD1 (for HLASM). Be sure that the SASMMOD1 and
SYS1.MIGLIB data sets are APF authorized.
Another way to install
service is from a copy of your target system.
- SMP/E ++JAR support. If your ServerPac
order contains any product that uses the ++JAR support introduced
in SMP/E V3R2 (which is the SMP/E in z/OS V1R5),
your driving system requires IBM SDK
for z/OS, Java™ 2 Technology Edition, V1 (5655-I56) at
SDK 1.4 or later. z/OS itself
does not use the ++JAR support. .
- zFS configured properly. If you will use a zFS for installation,
then you must be sure that the zFS has been installed and configured,
as described in z/OS Distributed File Service zFS Administration
- Internet delivery requirements. If you intend to receive your ServerPac or SystemPac dump-by-data-set order by way of the
Internet, you need the following:
- If you intend to receive your order using Standard FTP (FTP):
- SMP/E V3R6 or higher
- ICSF configured and active or Java 2 Technology Edition, V1 (5655-I56) or later
installed, which enables SMP/E to calculate SHA-1 hash values to verify the integrity of
data being transmitted. If ICSF is not configured and active, SMP/E will use its Java
application class instead for calculating the SHA-1 hash values. IBM recommends the ICSF
method because it is likely to perform better than the SMP/E method. (To find out how to
configure and activate ICSF, see
).
- A download file system. Your order is provided in a compressed format and is saved in a
download file system. The size of this file system should be approximately twice the
compressed size of your order to accommodate the order and workspace to process it.
- Firewall configuration. If your enterprise requires specific commands to allow the
download of your order through a local firewall, you must identify these commands for later
use in the CustomPac Installation Dialog, which manages the download of your order.
- If you intend to receive your order using Secure FTP (FTPS):
- SMP/E V3R6 or higher
- ICSF configured and active or Java 2 Technology Edition, V1 (5655-I56) or later
installed, which enables SMP/E to calculate SHA-1 hash values to verify the integrity of
data being transmitted. If ICSF is not configured and active, SMP/E will use its Java
application class instead for calculating the SHA-1 hash values. IBM recommends the ICSF
method because it is likely to perform better than the SMP/E method. (To find out how to
configure and activate ICSF, see
).
- A download file system. Your order is provided in a compressed format and is saved in a
download file system. The size of this file system should be approximately twice the
compressed size of your order to accommodate the order and workspace to process it.
- Firewall configuration. If your enterprise requires specific commands to allow the
download of your order through a local firewall, you must identify these commands for later
use in the CustomPac Installation Dialog, which manages the download of your order.
- Ensure that the Root 2 - GeoTrust Global CA Certificate is connected
to your security manager keyring and trusted on your system, and that the user ID that
executes SMP/E is authorized to use the keyring.
- Ensure that your FTP.DATA data set statements used in the RECEIVE job are set
appropriately for your environment. For example, an FTPKEEPALIVE statement with a value of
0 (the default) can cause an FTP control connection to time out in some environments. Also,
the security manager keyring file specified by the KEYRING statement in the FTP.DATA file
might require certificates to be added. For details about specifying FTP.DATA statements,
see .
- If you intend to download your order using HTTP Secure (HTTPS):
- SMP/E V3R6 with PTFs UO01693 (Base) and UO01695 (Japanese) or higher
- SMP/E will use the services of Java 6 (IBM 31-bit SDK for z/OS, Java 2 Technology
Edition (5655-R31) or IBM 64-bit SDK for z/OS, Java 2 Technology Edition Version 6 (5655-R32)) or
higher.
- A download file system. Your order is provided in a compressed format and is saved in a
download file system. The size of this file system should be approximately twice the
compressed size of your order to accommodate the order and workspace to process it.
- Proper level of CustomPac Installation Dialog to support HTTPS downloads. The CustomPac
Installation Dialog must be at a level of 26.20.00 or higher. For further details see
"Updating Your Dialogs" and "required migration step" in ServerPac: Using the
Installation Dialog.
- HTTP or SOCKS Proxy Server configuration. If your enterprise requires specific commands
to allow the download of your order through an HTTP or SOCKS Proxy Server, you must
identify these commands for later use in the CustomPac Installation Dialog, which manages
the download of your order.
- Ensure that the Root 2 - GeoTrust Global CA Certificate is connected
to your security manager keyring or stored in your default Java keystore file and trusted
on your system, and that the user ID that executes SMP/E is authorized to use the keyring
or default Java keystore file.
- Go to the Connectivity Test for SW Download Readiness web site
at: https://www14.software.ibm.com/webapp/iwm/web/preLogin.do?lang=en_US&source=cbct for
instructions on how to set up and verify that your system can connect to the IBM download
servers.
- For more detailed information on how to set up FTPS or HTTPS, see
.
- Additional Internet delivery requirements for
intermediate download. If you plan to download your ServerPac
or SystemPac dump-by-data-set
order to a workstation, and go from there to z/OS, follow the requirements listed below:
- Download Director. This is a Java applet
used to transfer IBM software
to your workstation. For Download Director requirements, see http://www14.software.ibm.com/dldirector/faq.html.
- The ServerPac or SystemPac dump-by-data-set
order accessible to the host. To make the order (files) accessible
to z/OS, you can do either
of the following:
- Configure the workstation as an FTP server. After you download the order to your
workstation, the dialogs used to install a ServerPac or SystemPac dump-by-data-set order can point to a network location (in this case, your
workstation) to access the order. Consult the documentation for your workstation operating system to
determine if this FTP capability is provided or if you have to install additional software.
Commercial, shareware, and freeware applications are available to provide this support. However, IBM cannot directly recommend or endorse any specific application.
This option requires the use of ICSF or the SMP/E Java
application class for calculation of SHA-1 hash values.
Use FTP commands to
upload your package. The ServerPac Internet Delivery Installation Checklist (https://www14.software.ibm.com/ShopzSeries/eServerPac_checklist.pdf) or CustomPac Internet
Delivery Installation Checklist for Dump by Dataset (DD) (https://www14.software.ibm.com/ShopzSeries/eCustomPac_DDS_checklist.pdf) contains sample FTP
commands that you can use to transfer your package to the host. You can copy/paste and update as
required to provide a user ID and password, and to replace your_package_id with
the actual workstation location (directory) and packid with the host location
(directory) for your environment. To make the transfer easier, you can create a text file that
contains these FTP commands. This file then becomes input to the FTP program on your
workstation.
- Use network drives that are mounted to z/OS. The mounting can be accomplished using
the NFS base element, server message block (SMB) support provided
by the Distributed File Service base element, or the Distributed FileManager
component of the DFSMSdfp base
element. The package is received from the file system defined as your
SMPNTS.
For information about NFS, see z/OS Network File System Guide and Reference.
For information about using the Distributed FileManager, see z/OS DFSMS DFM Guide and Reference.
- CD write capability. If you specified that 100% electronic delivery
is required, there might be CD images associated with your order.
The images are delivered in ISO9660 format and are packaged in zip
files (with an extension of .zip). These files require your workstation
to have CD write capability and you might have to acquire software
to support this capability.
- DVD delivery requirements. If you intend to receive your ServerPac or SystemPac dump-by-data-set order by way of DVD, you need the
following:
- SMP/E V3R6 or higher
- Proper dialog level. The CustomPac Installation Dialog must be at a level of 26.00.00 or
higher. This dialog supports electronic delivery on the dialog panel CPPPPOLI. For further details
see "Updating Your Dialogs" in ServerPac: Using the Installation Dialog and "Ensure
your CustomPac Installation Dialog is updated" in z/OS Migration.
- Additional DVD delivery requirements. If you plan
to copy the contents of the DVD(s) to a workstation before making
them available on a z/OS host
system, then the following requirements apply:
- The ability to share or transfer data to the z/OS host system where the order will be installed.
- Disk space for storing DVD files. The amount of disk space required
varies by order. You need to have sufficient space for the compressed
package. The package will be uncompressed on your host.
- If you plan to use the 'S' option in ServerPac/SystemPac using
the workstation as the server, do the following:
- You must set up an FTP server on that workstation.
- ICSF must be configured and active or Java 2 Technology Edition V1 (5655-I56) or
later must be installed so that SMP/E can calculate SHA-1 hash values
in order to verify the integrity of data being transmitted.
If
ICSF is not configured and active, SMP/E will use its Java application class instead for calculating
the SHA-1 hash values. IBM recommends
the ICSF method because it is likely to perform better than the SMP/E
method. To find out how to configure and activate ICSF, see .z/OS Cryptographic Services ICSF System Programmer's Guide For
the required SMP/E setup, see .SMP/E for z/OS User's Guide
.
.
|