OpenVMS Tutorial


The remainder of this chapter is an OpenVMS tutorial. It is brief and includes references for the reader who is interested in more details. This is information about OpenVMS that a manager, but not necessarily the unprivileged user, must know. Therefore, this section supplements the introductory topics found in most OpenVMS tutorials. Documents referenced in this section can be found at www.openvms.com:8000.

As with any other operating system, certain terms and concepts are unique to OpenVMS. The rest of this chapter introduces some of those unique characteristics. Without some understanding of Digital Command Language (DCL), the remainder of the book may not be as helpful as intended. This is by no means a complete treatment of the subject, however, and the reader is encouraged to delve into one of the references, especially Digital Press's OpenVMS User's Guide, before attempting any hands-on system management.

DCL is a command-line interface (not graphical) to the operating system. It tends to be more DOS-like than UNIX-like in that the commands are closer to English (e.g., dir, not ls). Commands (and file names) are not case sensitive, and most commands can be abbreviated.

Commands

DCL commands (sometimes called verbs) are the human-machine interface, like a UNIX shell. There is only one OpenVMS "shell" language. Commands are entered either interactively, from a command file (command program file or script [4]), or via a batch job (see Chapter 4). Commands are not case sensitive, but I will show them as uppercase to more easily distinguish them in the text. As a convenience, a freeware program called DCLCOMPLETE is available for OpenVMS on VAX computers. The user need only type the first few letters of the command and then press the <TAB> key. DCLCOMPLETE will echo the complete command on the screen. Likewise, DCLCOMPLETE will finish file names.

There is no concept in OpenVMS like the UNIX hash table. Instead, two mechanisms are used for command execution:

  • Commands are defined in SYS$LIBRARY:DCLTABLES.EXE, which includes the complete syntactical definition of the command and the exact location of the executable image.

  • To speed up access to commonly used images, they are declared to the system via the INSTALL command. This mechanism is also exploited to secure the system. This is somewhat like the combination of the UNIX sudo command and UID execution permission concept. See Chapter 8.

The system manager may extend DCLTABLES.EXE with SET COMMAND. A freeware utility called VERB can be used to display the contents of DCLTABLES.EXE. To give a flavor for the complexity of this data, a partial display of the DIRECTORY command is as follows:

     $ VERB DIRECTORY     define verb DIRECTORY        image DIRECTORY        parameter P1, label=INPUT, prompt="File"           value (list,impcat,type=$infile)        qualifier ACL        qualifier BACKUP        qualifier BEFORE           value (default="TODAY",type=$datetime)        qualifier BRIEF, nonnegatable, default        qualifier BY_OWNER           value (type=$uic)        qualifier COLUMNS, default           value (default="4") 

The HELP command (similar to the UNIX man) describes all of the commands. HELP HINTS is probably the best starting point for a novice user; however, HELP is intended only as an online reference. Here is an example of what HELP HINTS provides:

     $ help hints     HINTS       Type the name of one of the categories listed below to obtain a list     of related commands and topics. To obtain detailed information on a     topic, press the RETURN key until you reach the "Topic?" prompt and     then type the name of the topic.     Additional information available:       Batch_and_print_jobs  Command_procedures    Contacting_people       Creating_processes    Developing_programs   Executing_programs       Files_and_directories Logical_names         Operators_in_expressions       Physical_devices      Security              System_management       Terminal_environment  User_environment     HINTS Subtopic? command 

The complete description for each command is given in the OpenVMS DCL Dictionary and in Chapter 3 of the OpenVMS User's Manual. Commands are English words that indicate the action to be taken (e.g., DIRECTORY, PRINT, and SEARCH) and can be abbreviated, in these cases to DIR, PRI, and SEA. DCL command syntax normally appears as follows:

     $ verb [subverb] [[[/qualifier] =value]...] [[parameter]...] 

where [...] indicate optional fields.

Subverbs further limit the verb (e.g., SET and SHOW have many subverbs). In order to display the current date and time, use the following command. In this example, TIME is a subverb and the space is required:

     $ SHOW TIME 

Command qualifiers (sometimes called switches) modify the action of the verb. Qualifiers are English words such as LIST and OUTPUT. Qualifiers are consistent across all commands. For instance, if the maximum detail is to be displayed for a command, the qualifier /FULL is always used rather than a confusing variation in which some commands use /FULL and others use /ALL. Qualifiers may be abbreviated also.

The following command displays detailed information about the previous command's error message. Notice that there is no subverb and no parameter. The space is optional.

     $ HELP /MESSAGE 

The previous command is particularly helpful to a novice. It provides useful information about a particular error message. For instance, falling back on UNIX habits, I might enter:

     $ Man show     %DCL-IVVERB, unrecognized command verb - check validity and     spelling      \MAN\ 

Because OpenVMS error messages may be unfamiliar, a better explanation might be required. Using the HELP/MESS in the following example, OpenVMS displays additional detailed information. Notice also that this example illustrates that OpenVMS is not case sensitive.

     $ help/mess ivverb     IVVERB,  unrecognized command verb  -  check validity and spelling       Facility:     CLI, Command Language Interpreter (DCL)       Explanation:  The first word in the command is not a valid DCL                     command or a symbol name equated with a command.                     The rejected portion of the command is displayed                     between backslashes.       User Action:  Check the spelling of the command name or symbol                     name, then reenter the command. 

Some qualifiers require values. Some verbs require parameters, usually in the form of file names. This final example shows a command with all of the fields present. Also notice that the command has multiple qualifiers. It will print pages 3 through 6 of the specified file and display the file's name on the top of each page.

     $ PRINT /HEADER/PAGE=(3:6) MYFILE.TXT 

Editing a command is done with a combination of the left- and right-arrow keys and the delete/backspace key. Control-A toggles between overwrite and insert mode for the corrections. The up- and down-arrow keys can be used to scroll through previously entered command lines. The RECALL command can be used to display a full screen of previously entered commands, or it can be used to search for a specific command.

For the benefit of the system manager and users, several HELP files are available in the SYS$HELP directory. The following command lists the latest version of all help libraries (.HLB;0):

     $ DIR SYS$HELP:*.HLB;0     Directory SYS$COMMON:[SYSHLP]     ACLEDT.HLB;1        ACS$DWCI.HLB;3      ADA$DWCI.HLB;3     ANALAUDIT$HELP.HLB;1                    ANLRMSHLP.HLB;1     ATK$HELP.HLB;6     BKM$HELP.HLB;1      CC$DWCI.HLB;2       CLUE.HLB;1          CMS$DW_HELP.HLB;1     DBG$DSHELP.HLB;1    DBG$DSUIHELP.HLB;1  DBG$HELP.HLB;1      DBG$UIHELP.HLB;1     DECCHART$MOTIF.HLB;1                    DECSET$ENVMGR.HLB;3     DECW$DXMHELP_HELP.HLB;1                 DECW$HELPHELP.HLB;1 DECW$MAIL.HLB;1     DECW$PRINTWGT.HLB;1 DEFRAGMENT.HLB;1    DISKQUOTA.HLB;1     DTEHELP.HLB;1     DTRHELP.HLB;1       DTSDTR.HLB;1        EDFHLP.HLB;1        EDTHELP.HLB;1     ESS$LADCP.HLB;1     ESS$LASTCPHELP.HLB;1                    EVE$HELP.HLB;1     EVE$KEYHELP.HLB;1   EXCHNGHLP.HLB;1     FORTRAN$DWCI.HLB;2  FTP.HLB;1     HELPLIB.HLB;13      INSTALHLP.HLB;1     IPNCP.HLB;1         KERMIT.HLB;1     LANCP$HELP.HLB;1    LAST.HLB;1          LATCP$HELP.HLB;1    LMCP$HLB.HLB;1     LSE$CLIHELP.HLB;2   LSE$HELP.HLB;2      LSE$KEYPAD.HLB;3    LSE$MENU.HLB;3     LSEHELP.HLB;1       LWK$LBASE_HELP.HLB;2                    MACRO$DWCI.HLB;1     MAILHELP.HLB; 1     MAILUAF.HLB;1       MMG.HLB;l           MMS$DW_HELP.HLB;1     MNRHELP.HLB;1       MSA$MANAGER.HLB;6   NCPHELP.HLB;1       NOTES$DWHELP.HLB;2     NOTES$HELP.HLB;2    PASCAL$DWCI.HLB;2   PATCHHELP.HLB;1     PCDISKHLP.HLB;12     PCSA_MANAGER.HLB;7  PHONEHELP.HLB;1     PRETTY.HLB;1        PSDC$EDITHELP.HLB;1     PSDC$FILES.HLB;1    PSPA$COMMAND.HLB;1  PWRK$ADMIN.HLB;5     PWRK$MOP_MANAGER.HLB;5                  PWRK$PCSA_MANAGER.HLB;5     PWRK$SHOWINI.HLB;5  PWRK$UPGRADE.HLB;5  SDA.HLB;1           SHWCLHELP.HLB;1     SSU$HELP.HLB;1      SYSGEN.HLB;1        SYSMANHELP.HLB;1    TECO.HLB;1     TELNET.HLB;1        TFF$TFUHELP.HLB;1   TPUHELP.HLB;1       UAFHELP.HLB;1     UCX$FTP_HELP.HLB;7  UCX$NSLOOKUP_HELP.HLB;4     UCX$TELNET_HELP.HLB;7                   UCX$UCP_HELP.HLB;7  UISHELP.HLB;1     VAXAPL.HLB;1        VUIT.HLB;2          WCP_HELPLIB.HLB;1   WP.HLB;1     WRITE$EQUATION.HLB;1                    WRITE$HELP.HLB;1    XMODEM.HLB;1     Total of 94 files. 

Normally, these help libraries are accessed by the particular utility through its internal HELP command. For instance, the following command accesses UAFHELP.HLB:

     $ run authorize     UAF> help       Information available:       ADD        Command_Summary       COPY      CREATE     DEFAULT     EXIT       GRANT      HELP       LIST       MODIFY    REMOVE     RENAME      REVOKE       SHOW       Usage_Summary     Topic? 

Files and Devices

OpenVMS file names are more like the DOS/Windows standard than the UNIX standard. There are actually two file structures supported by OpenVMS, called ODS-2 [5] and ODS-5. The latter is Windows NT and UNIX style naming: upper- and lowercase, blanks, and other special characters are permitted. ODS-2 is more restrictive: no special characters (with some exceptions) and case insensitive. A fully qualified ODS-2 file name has the following format:

     node::device:[directory.sub-dir.sub-sub-dir]file.extension;version 

The punctuation (::,:, [, ],., and ;) is important, and spaces are not permitted in any part of the file name. Reading from the left, node refers to the network name of the computer. See Chapter 9 for the network discussion. OpenVMS files are based on devices, not partitions like most other operating systems. Devices are made known to OpenVMS via the MOUNT command. Each disk is rooted at a directory called [000000], [6] and there is only one root on a device. There are no tools that search for a particular file across multiple devices.

The file name and extension are limited to 39 characters, although certain three-letter extensions have special meanings and conventions in OpenVMS, much like DOS's conventions. Some examples are presented as follows:

  • COM is a command procedure file.

  • CC is a C source file.

  • CXX is a C++ source file.

  • DIR is a directory file. The UNIX convention,. and .., is not used in OpenVMS.

  • EXE is an executable file created by LINK.

  • LIS is a displayable or printable file usually created by a compiler.

  • OBJ is an object file created by a compiler.

Unlike any other operating system, the existence of multiple copies of a file is supported by OpenVMS. Usually this is an automatic feature supported by the editors, and DCL commands such as COPY also create a new version. A limit to the number of versions can be managed at either the file level or at any level in the directory tree. Usually the system manager sets up the user directory tree to limit five versions of all files. Thus, when the sixth version is created, the oldest file (based on version number) with the same name is deleted. The version number is suffixed to the file name and separated from the file name with a semicolon. File concepts are discussed in the OpenVMS User's Manual, Chapters 4 and 5.

An example of a DIRECTORY command, as follows, illustrates how the fully qualified file name is presented to the user. The node name is not displayed, but all versions are shown. To display additional information about the files, additional qualifiers are added to the DIRECTORY command:

     $ dir login     Directory FACULTY:[DMILLER]     LOGIN.COM;101       LOGIN.COM;100       LOGIN.COM;99 

ODS-5 files were added to OpenVMS with release 7.2, but this function is not fully implemented at this time. The complete description document is called OpenVMS Guide to Extended File Specifications. OpenVMS supports both conventions on a single system, but the user (and system manager) must be aware of certain restrictions that this feature imposes (e.g., how a file name with more than one dot is parsed). Furthermore, ODS-5 names are not fully supported by some layered products (e.g., many compilers) but are supported by others (e.g., Java).

OpenVMS will support RAID 0 and 5 (striping with or without parity) across a maximum of 32 disks, permitting very large directory trees. OpenVMS will also support a rooted file tree across several devices. This function is similar to striping, except each file resides on a single physical disk. This structure is called a Bound Volume Set. RAID 1 (mirroring) across a maximum of three disks is also permitted. See the OpenVMS User's Manual, Chapter 14, which discusses variations.

The OpenVMS file manager, Record Management System (RMS), supports three distinct file formats. All OpenVMS files should be thought of as record-oriented, not character-oriented as UNIX files are. The file formats are the following:

  • Sequential access (somewhat like UNIX files except at the record level). To access the nth record, all n-1 records must be first read (or written). Going backward in the file is not permitted; instead, the file must be first repositioned at the beginning. This class is subdivided (e.g., FORTRAN-generated files are uniquely identified because the first character of the line is a printer carriage control).

  • Relative access. All records in this class are the same length; thus, to read the nth record, RMS will skip n-1 records and directly access the desired record. Relative access files are bidirectional in that records can be accessed in any order. The file may be written in any order as well. Multiple users may read and write relative access files simultaneously.

  • Indexed access. All records contain at least one "key" field. The records are accessed according to the key, not according to the record's position in the file. Hence, the file is randomly accessed using a key field in the data itself. This is a logical extension of relative access files in that the data (rather than a record number) is used to read and write records.

Several utilities are included in OpenVMS to create, manage, and optimize these files. In particular, indexed files must be defined (with CREATE/FDL) before they can be populated (using CONVERT) with data. To examine a file's characteristics, ANALYZE/RMS is used. The following display shows a portion of the information displayed by this command. Because of its complexity, the display for this file is four pages long, but only a portion is shown, as follows:

     $ analyze/rms sys$system:sysuaf     Check RMS File Integrity                  14-SEP-2002 17:01:16.06     Page 1     SYS$COMMON:[SYSEXE]SYSUAF.DAT;1     FILE HEADER             File Spec: SYS$COMMON:[SYSEXE]SYSUAF.DAT;1             File ID: (9370,11,0)             Owner UIC: [SYSTEM]             Protection:  System: RWE, Owner: RWE, Group: RWE, World:             Creation Date:   19-JUN-1998 11:34:34.67             Revision Date:   14-SEP-2002 17:00:52.16, Number: 26183             Expiration Date: none specified             Backup Date:     none posted             Contiguity Options:  contiguous-best-try             Performance Options: none             Reliability Options: none             Journaling Enabled:  none     RMS FILE ATTRIBUTES             File Organization: indexed             Record Format: variable             Record Attributes:             Maximum Record Size: 1412             Blocks Allocated: 670, Default Extend Size: 3             Bucket Size: 3             File Monitoring: disabled             Global Buffer Count: 100 

File characteristics are changed with the SET FILE command. Thus, the UNIX commands—chmod, chown, and chgrp—are all rolled into SET FILE. Because OpenVMS supports so many different file types, SET FILE has many more capabilities.

The file database is kept in the devices root directory, [000000]. The two most important files are BITMAP.SYS, containing the disk's bitmap, and INDEXF.SYS, which is a bitmap indicating the status of each file's descriptions (also called file headers).

There are no tools to examine BITMAP.SYS, but ANALYZE/DISK/REPAIR will correct it if necessary. INDEXF.SYS can be examined with DUMP:

     $ DUMP/HEADER/BLOCK=COUNT=0 LOGIN.COM     Dump of file FACULTY:[DMILLER]LOGIN.COM;101 on 18-OCT-2002 15:06:26.47     File ID (23019,49,0) End of file block 7 / Allocated 9                                File Header     Header area         Identification area offset:         40         Map area offset:                    100         Access control area offset:         249         Reserved area offset:               255         Extension segment number:           0         Structure level and version:        2, 1         File identification:                (23019,49,0)         Extension file identification:      (0,0,0)         VAX-11 RMS attributes             Record type:                    Variable             File organization:              Sequential             Record attributes:              Implied carriage control             Record size:                    75             Highest block:                  9             End of file block:              7             End of file byte:               8             Bucket size:                    0             Fixed control area size:        0             Maximum record size:            255             Default extension size:         0             Global buffer count:            0             Directory version limit:        0         File characteristics:               <none specified>         Map area words in use:              2         Access mode:                        0         File owner UIC:                     [DMILLER]         File protection:                    S:RWED, 0:RWED, G:, W:         Back link file identification:      (766,2,0)         Journal control flags:              <none specified>         Active recovery units:              None         Highest block written:              7     Identification area         File name:                          LOGIN.COM;101         Revision number:                    8         Creation date:                      24-MAR-1999 07:51:35.60         Revision date:                      10-AUG-2002 12:05:26.23         Expiration date:                    <none specified>         Backup date:                        <none specified>     Map area         Retrieval pointers             Count:          9       LBN:    1937841     Access Control List         (IDENTIFIER=DM_RIGHT,ACCESS=READ)     Checksum:                                16655 

The DIRECTORY command is used to both list files and to find files in a directory tree. This single command combines the capabilities of the two UNIX commands: ls and find. To find a command within a directory tree, the ellipses (...) syntax is used. For example, to find DCLTABLES.EXE anywhere on the system disk, the system manager would use the command:

     $ DIR SYS$SYSDISK:[000000...]DCLTABLES.EXE 

Only SYSTEM has access to the root directory for security reasons.

Logical Definitions

Logical names are somewhat like environment variables in NT and UNIX. Usually, a logical name applies to file name. For instance, SYS$SYSTEM is the logical name of the directory in which many of the OpenVMS utilities reside. More generally, OpenVMS products reside in their own directory (e.g., the HELP facility files are located in the SYS$HELP directory). Systemwide logicals are defined at boot time in SYLOGICALS.COM; however, local logicals are defined when a user logs in (e.g., SYS$LOGIN is the user's directory and SYS$INPUT is the user's terminal). In the following example, FACULTY is a logical and not to be confused with [FACULTY.] the subdirectory. The SHOW command displays its definition. In English, this display indicates that the FACULTY logical is equated with (or synonymous to) the BEAVER$DKB0 disk drive and rooted at [000000.FACULTY]. In this definition, the dot is included to make it easier to use.

     $ show logical faculty        "FACULTY" = "BEAVER$DKB0:[FACULTY.]" (LNM$SYSTEM_TABLE) 

The device name in the previous definition is coded this way: BEAVER is the name of the node to which the disk is physically attached, and the $ is a lexical separator. The DK means it is a SCSI device; B stands for the second device channel installed in the computer; and 0 is the SCSI address. The DCL tool used to create logicals is DEFINE. Logicals are discussed in some detail in Chapter 32 of the OpenVMS Programming Concepts Manual.

If [DMILLER] is a subdirectory of [FACULTY.] (the [000000.] is unnecessary), then the following command permits an authorized user to list a file's characteristics. The benefit of this scheme is that the physical device name does not need to be known.

     $ DIR FACULTY:[DMILLER]LOGIN.COM 

Although logicals usually are equated to files, they are not restricted to that purpose. Logical definitions are stored in tables. In the previous example, the table name is displayed on the right in brackets. Each logical table has an access privilege associated with it. This prohibits the user from changing systemwide logicals such as SYS$SYSDISK, the logical name of the system disk. Logical definitions residing in system tables are retained until the system is shut down. Systemwide logical definitions, such as FACULTY, are normally placed in SYS$MANAGER:SYLOGICALS.COM by the manager. This specially named file is automatically executed by the boot script. The boot sequence is discussed in Chapter 2.

Any user may create his or her private logicals, which no other user may access. In fact, the user may create a private definition for SYS$SYSDISK, although that is probably a bad idea. Personal logical definitions are automatically destroyed at the end of the session.

Symbols

Symbols are created with the assignment operation. Most often they are defined in command procedures. The manager usually includes assignment statements and logical definitions in SYS$MANAGER:SYLOGIN.COM, thus making them universal for all users because SYLOGIN.COM is a script invoked before the user's LOGIN.COM file. Used in this way, a symbol is like a UNIX alias. Assignment is discussed in the Open VMS DCL Dictionary in the Assignment Statement and String Assignment sections.

LOGIN.COM is commonly found in all user accounts and is the equivalent of UNIX's .login. It is a command procedure (or script file) that is invoked automatically each time a user logs in. Symbols created in LOGIN.COM are private and inaccessible by other users. A typical user assignment is shown as follows. It creates a new symbol, LS (which, after it is defined, can be used like a verb), to customize the DIRECTORY command:

     $ LS :== DIR/SIZE/COL=1 

When entered by the user, it would produce the following display:

     $ ls login.com     Directory FACULTY:[DMILLER]     LOGIN.COM;101              7     LOGIN.COM;100              7     LOGIN.COM;99               7     Total of 3 files, 21 blocks. 

Incidentally, in OpenVMS, file sizes are measured in units of blocks, not characters. A block is 512 characters.

Logicals and symbols are often confused. In simplistic terms, there are two differences:

  1. Logicals are recursive, but symbols are not. That is, a logical may be defined using another logical, but a symbol defined in this way cannot contain another symbol.

  2. Logicals are translated anywhere in the command line, but symbols are translated only at the left side of the command. This means DIR SYSUAF and LS are the proper usage for the definitions. DIR LS would result in an error message.

Symbols are also used in command procedures as computational variables in the traditional, computer language sense. For instance:

     $ counter = counter + 1 

and

     $ spaces = columna + width*5 

There are other, more subtle differences between logicals and symbols. The definitive resources are Digital Press's Writing Real Programs in DCL, Chapter 14, and the OpenVMS User's Manual, Chapters 14, 15, and 16.

Life of a Process

Unlike UNIX, piping and child processes are not part of the OpenVMS paradigm, although both facilities are available. When a user logs in, a process is created. As DCL commands are entered, they are executed in the context of that same process; no child is created. Likewise, there are no background processes as in UNIX. Instead, the user creates subprocesses with the SPAWN/NOWAIT command. Alternately, command procedures can be queued to a batch queue using the SUBMIT command, although this facility is normally used only for executing a lengthy series of commands. Batch jobs are not interactive.

OpenVMS executes one image (also called executable file) after another in the context of the login process. This is unlike UNIX, which creates a child process for each command. In OpenVMS, normally only one process is created from login to logout. Creation of a process is a relatively expensive operation (in terms of CPU time and file accesses), whereas activation of an image is inexpensive. Processes are discussed in detail in Chapter 18 of the OpenVMS User's Manual.

From a user's viewpoint, all of the system images he or she needs are ready to execute. For instance, commands to invoke compilers and editors are defined. But from the system manager's viewpoint, not all system tools are defined to execute so easily. In particular, many of the tools in SYS$SYSTEM must be executed in one of two ways (the two are equivalent):

  • By prefixing the file name with RUN, for instance RUN SYS$SYSTEM:AUTHORIZE (no file name abbreviations are permitted).

  • By prefixing the file name with MCR, [7] for instance MCR AUTHORIZE (again, no abbreviations are permitted). In this case OpenVMS assumes the image is in SYS$SYSTEM.

The more convenient method, however, is to define a symbol (discussed previously) in the SYSTEM account's LOGIN.COM by adding a line similar to this one:

     $ UAF :== RUN SYS$SYSTEM:AUTHORIZE 

or the shorthand form

     $ UAF :== $SYS$SYSTEM:AUTHORIZE [8] 

This assignment creates a "new" verb, UAF, and permits the system manager to simply enter UAF at the prompt to invoke the AUTHORIZE.EXE utility. The leading $-sign implies the verb RUN. In order to avoid confusion, however, this book does not take the liberty of assuming that any of these shortcuts exist.

Each process (and subprocess) has many quota limits, which OpenVMS manages. Even the SYSTEM account is subject to these quotas. These are shown with the SHOW PROCESS/QUOTA command in the following example:

     $ show process/quota     17-AUG-2002 18:30:53.71   User: DMILLER          Process ID:   202060A4                               Node: BEAVER           Process name: "DMILLER"     Process Quotas:      Account name:      CPU limit:                      Infinite  Direct I/O limit:       100      Buffered I/O byte count quota:     49872  Buffered I/O limit:     100      Timer queue entry quota:              10  Open file quota:        100      Paging file quota:                 48453  Subprocess quota:         8      Default page fault cluster:           64  AST quota:              198      Enqueue quota:                      4000  Shared file limit:        0      Max detached processes:                0  Max active jobs:         10 

Only a few of these quotas will be described. The "Paging file quota" defines the size limit of the process (i.e., a process cannot grow in memory indefinitely). The "Subprocess quota" defines the limit of child processes that can be active simultaneously. "Max active jobs" limits the number of simultaneous logins.

OpenVMS not only regulates quota limits, but it also records actual resources usage for accounting and performance purposes. A typical display follows:

     $ show process/accounting     Accounting information:      Buffered I/O count:       150  Peak working set size:        458      Direct I/O count:          30  Peak virtual size:           4451      Page faults:             1673  Mounted volumes:                0      Images activated:          14      Elapsed CPU time:          0 00:00:00.54      Connect time:              0 00:01:06.84 

This information can be useful to charge the user for resources consumed. If a user exceeds any of the quota limits, this information is helpful in determining which one is causing the problem. The point is that resources for every account are restricted, managed, and measured. The out-of-the-box user default configuration is adequate for a "normal" account; however, the manager may need to increase these quotas via RUN AUTHORIZE for special cases. For instance, the quotas may have to be adjusted for Motif users. User account management is discussed more fully in Chapter 4. Accounting is discussed in Chapter 7.

As an image executes, two important attributes are modified. The first managed attribute is CPU time. The process's [9] priority is increased if it tends to be interactive and decreased if it tends to be CPU-bound. This means that CPU-bound processes are executed only if there are no interactive processes ready for execution. Furthermore, when an interactive process needs to run, the CPU process is suspended. This is called preemptive scheduling. This dynamic priority scheme is enforced by OpenVMS in order to favor keyboard response time, thus making the system as interactive as possible.

The second attribute that is carefully managed by OpenVMS is physical memory. Pages of an image are copied from disk to physical memory as needed. This activity is termed demand paging. Every process has a limited physical memory quota, however, and at some point, when a new page is requested, it must replace an old one belonging to the process. The old one is either written in the "page file" (if it has been modified) or discarded (if there are no changes on the page.) If all of physical memory is consumed, inactive processes are copied to the "swap file." Then the physical memory quota of all active processes is reduced to accommodate additional processes.

Privileged Images

Privileged images are a major security mechanism used by OpenVMS. This is the way OpenVMS allows an unprivileged user to perform operations he or she is not normally permitted to do. For instance, the commands SHOW USER (the UNIX equivalent of who) and SHOW SYSTEM (the UNIX equivalent of ps) must access normally inaccessible databases to extract information that is to be displayed. When a user executes a privileged image, it is executed in the context of the login process. This is done by granting additional privileges to the user's process temporarily, executing that image, and finally removing those privileges again. Normally, images are installed with privileges at boot time using the INSTALL command. It is the responsibility of OpenVMS to locate the privileged image in the installed database, modify user privileges, and execute the image. Any abnormal termination of a privileged image also removes the special privileges from the user process to maintain system security. Naturally, INSTALL is a privileged command that only the manager can use. This concept is expanded in Chapter 8.

Superuser

To become a "superuser" in OpenVMS, you must log into the system account (or some other account you created with all privileges). Alternatively, log in to any account, and enter the command

     $ SET HOST 0  ! read set host zero 

which will allow anyone to log in again. This is a more general form of the su command in UNIX. When logged into SYSTEM, the manager should be in the root of the SYS$MANAGER directory tree.

In the name of security, the OpenVMS out-of-the-box SYSTEM account's password expires every 30 days, whereas user passwords expire after 90 days. When installing OpenVMS for the first time, the manager must supply a password for SYSTEM; there is no default password option.

[4]Command files offer additional capabilities unavailable to interactive entry, such as conditional execution and subroutines.

[5]ODS-1 is the file system used on PDP-11 (hardware) running RSX (an operating system called a Resource Sharing Executive). RSX is the immediate ancestor of OpenVMS. Early versions of VMS (not OpenVMS) supported ODS-1 so that RSX applications and users could easily migrate to VMS. ODS means On-Disk Structure.

[6][000000] was chosen for historical reasons. [000,000] was the root of the ODS-1 file system.

[7]MCR is a term that dates to the RSX operating system. The acronym stands for Monitor Console Routine, which is the "shell" of RSX. It was carried into the early VMS world to permit easy migration from RSX.

[8]This $ prefix convention also dates to RSX usage, where system executables were stored in the [3,54] directory.

[9]Technically the executing image is one component of the process. The process includes the image, the DCL shell, and the OpenVMS kernel.




Getting Started with OpenVMS System Management
Getting Started with OpenVMS System Management (HP Technologies)
ISBN: 1555582818
EAN: 2147483647
Year: 2004
Pages: 130
Authors: David Miller

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net