Seminar 1024
Download
1 / 266

seminar 1024 - PowerPoint PPT Presentation


  • 167 Views
  • Uploaded on

Seminar 1024. OpenVMS System Management Techniques, Tools, and Tricks David J. Dachtera [email protected] DJE Systems http://www.djesys.com/. Agenda. Basic DCL Concepts Commands Command Procedures Verbs Symbols Flow Control (IF, GOTO, GOSUB, CALL) Useful Lexical Functions. Agenda.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'seminar 1024' - albert


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Seminar 1024 l.jpg
Seminar 1024

  • OpenVMS System Management Techniques, Tools, and Tricks

  • David J. Dachtera

  • [email protected]

  • DJE Systems

  • http://www.djesys.com/


Agenda l.jpg
Agenda

  • Basic DCL Concepts

    • Commands

    • Command Procedures

    • Verbs

    • Symbols

    • Flow Control (IF, GOTO, GOSUB, CALL)

    • Useful Lexical Functions


Agenda3 l.jpg
Agenda

  • Logical names

    • Logical name tables

    • Logical name table search order

      • Modifying the search order

    • Logical name types

      • Single Translation

      • Search list

      • “Rooted” (Concealed) logical names

    • Lexical Function Caveat

      • F$TRNLNM() differs from F$LOGICAL()


Agenda4 l.jpg
Agenda

  • Logical names, cont’d

    • Cluster-wide logical names

      • Caveats

    • SYS$COMMON Notes

      • Caveats (VMS$COMMON)

    • Site-Specific Paths

      • Organizing local system management code


Agenda5 l.jpg
Agenda

  • Network Topics

    • TCP/IP

      • TCP/IP Services (fka UCX)

      • Multinet

      • TCPware

      • CMU/IP (VAX only)

    • DECnet

      • Access control

      • FAL logging


Agenda6 l.jpg
Agenda

  • Network Topics, cont’d

    • Remote procedures

      • Types

      • Security concerns

    • Network Alerts

      • OPCOM alerts for DECnet network access

      • OPCOM alerts for FTP network access


Agenda7 l.jpg
Agenda

  • System Startup

    • STARTUP phases

    • STARTUP parameters

    • Site-Specific startups

      • Logging SYSTARTUP_VMS.COM

      • Node-specific startups

      • Saving a crash dump at start-up time

      • Soft-coding # of logins allowed at startup

    • SYSMAN and STARTUP


Agenda8 l.jpg
Agenda

  • System Shutdown

    • SHUTDOWN parameters

    • SHUTDOWN$xxxx logical names

    • AUTOGEN Shutdowns

      • AGEN$SHUTDOWN_TIME logical name

  • Cluster Shutdown

    • REMOVE_NODE

    • Using SYSMAN


Agenda9 l.jpg
Agenda

  • System/Startup File Caveats

    • Deprecated Lexical Functions

    • Lexical Function names misspelled

  • AUTOGEN

    • MODPARAMS.DAT

    • Reports and outputs


Agenda10 l.jpg
Agenda

  • OpenVMS Management Tools

    • StorageWorks Command Console (SWCC)

    • OpenVMS Management Station

    • AMDS

      • Accessibility Manager for Distributed Systems

    • Availability Manager

      • Like AMDS, runs on MS-Windows


Agenda11 l.jpg
Agenda

  • OpenVMS Security

    • Essentials

    • UICs and File/Directory Protection

    • Access Control Lists (ACLs)

    • Access Control Entries (ACEs)

    • Rights Identifiers and ACEs

    • Propagating ACEs and Default Protections


Seminar 102412 l.jpg
Seminar 1024

  • Basic DCL

  • Concepts


Basic dcl concepts l.jpg
Basic DCL Concepts

  • Command Elements

    • $ verb parameter_1 parameter_2

    • DCL commands consist of a verb and one or more parameters.


Dcl command proc s l.jpg
DCL Command Proc.’s

  • $ @procedure_name

  • Top level (or terminal) is DEPTH 0.

  • Each new command procedure invoked is a new procedure DEPTH.

  • Maximum depth is still 32.


Dcl command proc s15 l.jpg
DCL Command Proc.’s

  • Parameters

  • $ @procedure_name p1 p2 p3 … p8

  • Notes:

    • Only eight(8) parameters are passed from the command line, P1 through P8

    • Parameters with embedded spaces must be quoted strings.

    • Parameters are separated by a space.


Dcl command proc s16 l.jpg
DCL Command Proc.’s

  • Parameters, cont’d

  • $ @procedure_name p1 p2 p3 … p8

  • Notes, Cont’d:

    • Reference parameters via the variable names P1 through P8.

    • No built-in “shift” function. If you need it, write it as a GOSUB.


Dcl verbs l.jpg
DCL Verbs

  • Internal commands

    • ASSIGN, CALL, DEFINE, GOSUB, GOTO, IF, RETURN, SET, STOP, others…

  • External commands

    • APPEND, BACKUP, COPY, DELETE, PRINT, RENAME, SET, SUBMIT, others...


Dcl verbs cont d l.jpg
DCL Verbs, Cont’d

  • “Foreign” Commands

    • $ symbol = value

  • Examples:

    • $ DIR :== DIRECTORY/SIZE=ALL/DATE

    • $ ZIP :== $ZIP/VMS


Command qualifiers l.jpg
Command Qualifiers

  • $ command/qualifier

  • $ command/qualifier=value

  • $ command/qualifier=(value,value)

  • $ command/qualifier=keyword=value

  • $ command/qualifier=-

  • (keyword=value,keyword=(value,value))


Non positional qualifiers l.jpg
Non-positional Qualifiers

  • Apply to the entire command, no matter where they appear.

    • $ command param1/qual param2

  • Example:

    • $ COPY A.DAT A.NEW/LOG

    • $ DELETE/LOG C.TMP;


Positional qualifiers l.jpg
Positional Qualifiers

  • Apply only to the object they qualify.

    • $ command param1/qual=value1 -

    • param2/qual=value2

  • Examples:

    • $ PRINT/COPIES=2 RPT1.LIS, RPT2.LIS

    • $ PRINT RPT1.LIS/COPIES=1,-

    • RPT2.LIS/COPIES=3


Common qualifiers l.jpg
Common Qualifiers

  • Many commands support a set of common qualifiers:

    • /BACKUP /BEFORE /CREATED /EXCLUDE /EXPIRED /INCLUDE /MODIFIED /OUTPUT /PAGE /SINCE

    • See the on-line HELP for specifics.


Dcl statement elements l.jpg
DCL Statement Elements

  • $ vbl = value

  • DCL statements are typically assignments where a variable receives a value.


Assignment statements l.jpg
Assignment Statements

  • $ vbl = F$lexical_function( params )

  • Examples:

    • $ FSP = F$SEARCH(“*.TXT”)

    • $ DFLT = F$ENVIRONMENT (“DEFAULT”)

    • $ NODE = F$GETSYI(“NODENAME”)


Assignment statements25 l.jpg
Assignment Statements

  • $ vbl = string_expression

  • Examples:

    • $ A = “String 1 “ + “String 2”

    • $ B = A - “String “ - “String “

    • $ C = ‘A’

  • Maximum string length

    • 255 bytes (<=V7.3)

    • 4096 bytes (>=V7.3-1)


Assignment statements26 l.jpg
Assignment Statements

  • $ vbl = numeric_expression

  • Examples:

    • $ A = 1

    • $ B = A +1

    • $ C = B + A + %X7F25

    • $ D = %O3776


Assignment statements27 l.jpg
Assignment Statements

  • $ vbl[start_bit,bit_count]=numeric_exp

  • Examples:

    • $ ESC[0,8]=%X1B

    • $ CR[0,8]=13

    • $ LF[0,8]=10

    • $ FF[0,8]=12

    • $ CRLF[0,8]=13

    • $ CRLF[8,8]=10


Assignment statements28 l.jpg
Assignment Statements

  • $ ESC[0,8]=%X1B

  • $ SHOW SYMBOL ESC

  • ESC = "."

  • $ CR[0,8]=13

  • $ SHOW SYMBOL CR

  • CR = "."

  • $ LF[0,8]=10

  • $ SHOW SYMBOL LF

  • LF = "."


Assignment statements29 l.jpg
Assignment Statements

  • $ FF[0,8]=12

  • $ SHOW SYMBOL FF

  • FF = "."

  • $ CRLF[0,8]=13

  • $ SHOW SYMBOL CRLF

  • CRLF = "."

  • $ CRLF[8,8]=10

  • $ SHOW SYMBOL CRLF

  • CRLF = ".."


Assignment statements30 l.jpg
Assignment Statements

  • DCL provides for substring replacement.

  • $ A := abcde

  • $ SHOW SYMBOL A

  • “ABCDE”

  • $ A[3,2]:=XX

  • $ SHOW SYMBOL A

  • “ABCXX”


Assignment statements31 l.jpg
Assignment Statements

  • $ vbl = boolean_expression

  • Examples:

    • $ MANIA = (“TRUE” .EQS. “FALSE”)

    • $ TRUE = (1 .EQ. 1)

    • $ FALSE = (1 .EQ. 0)

    • $ YES = 1

    • $ NO = 0


Assignment statements32 l.jpg
Assignment Statements

  • Local Assignment:

    • $ vbl = value

  • Global Assignment:

    • $ vbl == value


Assignment statements33 l.jpg
Assignment Statements

  • Quoted String:

    • $ vbl = “quoted string”

    • Case is preserved.

  • Examples:

    • $ PROMPT = “Press RETURN to continue “

    • $ INVRSP = “% Invalid response!”


Assignment statements34 l.jpg
Assignment Statements

  • Unquoted string:

    • $ vbl := unquoted string

    • Case is NOT preserved, becomes uppercase. Leading/trailing spaces are trimmed off.

  • Examples:

    • $ SAY := Write Sys$Output

    • $ SYSMAN :== $SYSMAN ! Comment


Foreign commands l.jpg
Foreign Commands

  • $ vbl := $filespec[ param[ param[ …]]]

  • “filespec” defaults to SYS$SYSTEM:.EXE

  • Maximum string length:

    • 510 bytes (<=V7.3)

    • 4096 bytes (>=V7.3-1)


Symbol scope l.jpg
Symbol Scope

  • SET SYMBOL/SCOPE=

    • NOLOCAL

      • All “outer” level local symbols are “invisible”

    • LOCAL

      • Undoes NOLOCAL

    • NOGLOBAL

      • All “outer” level global symbols are “invisible”

    • GLOBAL

      • Undoes NOGLOBAL


Symbol scope37 l.jpg
Symbol Scope

  • SET SYMBOL/GENERAL/SCOPE=xxxx

  • Specifies that the values of the /SCOPE qualifier pertain to the translation of all symbols except the first token on a command line.

  • /GENERAL is incompatible with /ALL or /VERB.


Symbol scope38 l.jpg
Symbol Scope

  • SET SYMBOL/VERB/SCOPE=xxxx

  • Specifies that the values of the /SCOPE qualifier pertain to the translation of the first token on a command line as a symbol before processing only. It does not affect general symbol substitution.

  • /VERB is incompatible with /ALL or /GENERAL.


Symbol scope39 l.jpg
Symbol Scope

  • SET SYMBOL/ALL/SCOPE=xxxx

  • Specifies that the values of the /SCOPE qualifier pertain both to the translation of the first token on a command line and to general symbol substitution.

  • /ALL is incompatible with /GENERAL or /VERB.


Conditional expressions l.jpg
Conditional Expressions

  • $ IF condition THEN statement

  • Variations:

  • $ IF condition THEN $ statement

  • $ IF condition THEN -

  • $ statement


Conditional expressions41 l.jpg
Conditional Expressions

  • $ IF condition

  • $ THEN

  • $ statement(s)

  • $ ENDIF


Conditional expressions42 l.jpg
Conditional Expressions

  • $ IF condition

  • $ THEN

  • $ IF condition

  • $ THEN

  • $ statement(s)

  • $ ENDIF

  • $ ENDIF


Conditional expressions43 l.jpg
Conditional Expressions

  • $ IF condition

  • $ THEN

  • $ IF condition

  • $ THEN

  • $ statement(s)

  • $ ENDIF

  • $ statement(s)

  • $ ENDIF


Conditional expressions44 l.jpg
Conditional Expressions

  • $ IF condition

  • $ THEN statement(s)

  • $ IF condition

  • $ THEN

  • $ statement(s)

  • $ ENDIF

  • $ ENDIF

  • This may not work in pre-V6 VMS!


Conditional expressions45 l.jpg
Conditional Expressions

  • $ IF condition

  • $ THEN

  • $ statement(s)

  • $ ELSE

  • $ statement(s)

  • $ ENDIF


Labels goto l.jpg
Labels, GOTO

  • $ GOTO label_1

  • .

  • .

  • .

  • $label_1:


Gosub return l.jpg
GOSUB, RETURN

  • $ GOSUB label_1

  • .

  • .

  • .

  • $label_1:

  • $ statement(s)

  • $ RETURN


Gosub return48 l.jpg
GOSUB, RETURN

  • Emulate UN*X/DOS shell SHIFT:

    • $SHIFT:

    • $ P1 = P2

    • $ P2 = P3

    • $ P3 = P4

    • $ P4 = P5

    • $ P5 = P6

    • $ P6 = P7

    • $ P7 = P8

    • $ P8 = ""

    • $ RETURN


Subroutine endsub l.jpg
SUBROUTINE - ENDSUB...

  • $ CALL label_1[ param[ param[ …]]

  • .

  • .

  • .

  • $label_1: SUBROUTINE

  • $ statement(s)

  • $ END SUBROUTINE


Lexical functions l.jpg
Lexical Functions

  • Functions built into the DCL Lexicon

    • F$CONTEXT F$CSID F$CVSI F$CVTIME F$CVUI F$DEVICE F$DIRECTORY F$EDIT F$ELEMENT F$ENVIRONMENT F$EXTRACT F$FAO F$FILE_ATTRIBUTES F$GETDVI F$GETJPI F$GETQUI F$GETSYI F$IDENTIFIER F$INTEGER F$LENGTH F$LOCATE F$MESSAGE F$MODE F$PARSE F$PID F$PRIVILEGE F$PROCESS F$SEARCH F$SETPRV F$STRING F$TIME F$TRNLNM F$TYPE F$USER F$VERIFY


Common lexical functions l.jpg
Common Lexical Functions

  • $ vbl = F$CVTIME(string[, keyword[, keyword]])

    • “string” = Absolute time expression

    • “keyword” = (1st instance) is one of “ABSOLUTE”, “COMPARISION”, “DELTA”

    • “keyword” = (2nd instance) is one of “DATE”, “DATETIME”, “DAY”, “MONTH”, “YEAR”, “HOUR”, “MINUTE”, “SECOND”, “HUNDREDTH”, “WEEKDAY”


Common lexical functions52 l.jpg
Common Lexical Functions

  • F$CVTIME(), Continued…

  • Defaults:

  • $ vbl = F$CVTIME(string, -

  • ”COMPARISON”, -

  • ”DATETIME” )

  • Pre-defined date strings:

    • TODAY, YESTERDAY, TOMORROW, BOOT


Common lexical functions53 l.jpg
Common Lexical Functions

  • F$CVTIME(), Continued…

  • Date Formats:

  • Comparison

  • YYYY-MM-DD HH:MM:SS.CC

  • Absolute

  • DD-MMM-YYYY HH:MM:SS.CC

  • Delta

  • +/-DDDDD HH:MM:SS.CC


Common lexical functions54 l.jpg
Common Lexical Functions

  • $ vbl = F$GETDVI( dev_name, keyword )

    • “dev_name” is a valid device name

    • “keyword” is a quoted string

  • Examples:

  • $ FBLK = F$GETDVI( “DUA0”,”FREEBLOCKS”)

  • $ MNTD = F$GETDVI( “DKA500”,”MNT”)

  • $ DVNM := DUA0:

  • $ VLNM := VOLNAM

  • $ VNAM = F$GETDVI( DVNM, VLNM )


Common lexical functions55 l.jpg
Common Lexical Functions

  • $ vbl = F$QETQUI( -

  • function,-

  • item,-

  • value,-

  • keyword(s))

  • See the on-line help for descriptions.


Common lexical functions56 l.jpg
Common Lexical Functions

  • $ VBL = F$GETJPI( pid, keyword )

  • Examples:

    • $ USN = F$GETJPI( 0, “USERNAME” )

    • $ MOD = F$GETJPI( 0, “MODE” )


Common lexical functions57 l.jpg
Common Lexical Functions

  • $ vbl = F$GETSYI( item[, node[, csid]] )

  • Examples:

    • $ NODE = F$GETSYI( “NODENAME” )

    • $ FGP = F$GETSYI( “FREE_GBLPAGES” )

    • $ FGS = F$GETSYI( “FREE_GBLSECTS” )


Common lexical functions58 l.jpg
Common Lexical Functions

  • $ vbl = F$ELEMENT( idx, delim, string )

    • Find the nth (delim) delimited element of a string.

  • Examples:

    • $ A = F$ELEM( 2, “,”, “A,B,C,D,E,F” )

    • $ B = F$ELEM( 1, “ ”, “Turn it off” )


Seminar 102459 l.jpg
Seminar 1024

  • OpenVMS

  • Logical Names


Logical names l.jpg
Logical Names

  • A form of symbol with limited or system-wide scope.

  • $ show logical sys$sysroot

  • "SYS$SYSROOT" = "DJAS01$DKA300:[SYS0.]" (LNM$SYSTEM_TABLE)

  • = "SYS$COMMON:"

  • 1 "SYS$COMMON" = "DJAS01$DKA300:[SYS0.SYSCOMMON.]" (LNM$SYSTEM_TABLE)


Logical name tables l.jpg
Logical Name Tables

  • LNM$SYSTEM_DIRECTORY

    • LNM$JOB_xxxxxxxx

    • LNM$GROUP_xxxxxx

    • LNM$SYSTEM_TABLE

    • DECW$LOGICAL_NAMES

  • LNM$PROCESS_DIRECTORY


Logical name tables62 l.jpg
Logical Name Tables

  • Search Order:

  • $ sh log/tab=* lnm$file_dev

  • "LNM$FILE_DEV" = "LNM$PROCESS" (LNM$SYSTEM_DIRECTORY)

  • = "LNM$JOB"

  • = "LNM$GROUP"

  • = "LNM$SYSTEM"

  • = "DECW$LOGICAL_NAMES"


Logical name tables63 l.jpg
Logical Name Tables

  • Modifying the search order:

  • $ DEFINE/TABLE=LNM$PROCESS_DIRECTORY -

  • LNM$FILE_DEV LNM$PROCESS,LNM_PRIVATE,-

  • LNM$GROUP,LNM$SYSTEM,-

  • DECW$LOGICAL_NAMES

  • Defines a new search list in supervisor mode.

    • Some software will only use “trusted” logical names in certain directories or those DEFINEd in an “inner’ (more privileged) mode.


Logical names64 l.jpg
Logical Names

  • Single translation

    • $ DEFINE lnm value

  • Search List

    • $ DEFINE lnm value,value[,…]

  • Concealed Logical Names

    • $ DEFINE lnm value/TRANS=CONCEAL

  • Rooted Logical Names

    • $ DEFINE lnm ddcu:[dir.]/TRANS=CONCEAL


Logical names65 l.jpg
Logical Names

  • Creating

    • $ DEFINE lnm value

    • $ ASSIGN value lnm

  • Deleting

    • $ DEASSIGN lnm


Logical names66 l.jpg
Logical Names

  • Access Modes

    • User DEFINE/USER

    • Supervisor DEFINE (/SUPER is default)

    • Executive DEFINE/EXECUTIVE,

    • requires CMEXEC privilege.

    • Kernel Can only be created by using

    • the $CRELNM system service,

    • requires CMKRNL privilege.

    • Executive and Kernel mode logical names are “trusted” since privilege is required to create them.


Logical names67 l.jpg
Logical Names

  • Single Translation

    • $ DEFINE lnm value

  • Examples:

  • "LNM$PROCESS" = "LNM$PROCESS_TABLE" (LNM$PROCESS_DIRECTORY)

  • "LNM$JOB" = "LNM$JOB_80D27B00" (LNM$PROCESS_DIRECTORY)

  • "LNM$GROUP" = "LNM$GROUP_000030" (LNM$PROCESS_DIRECTORY)

  • "LNM$SYSTEM" = "LNM$SYSTEM_TABLE" (LNM$SYSTEM_DIRECTORY)

  • “SYS$LOGIN" = "DKA0:[DDACHTERA]" (LNM$JOB_80D27B00)


Logical names68 l.jpg
Logical Names

  • Search Lists

    • $ DEFINE lnm value,value[,…]

    • Examples:

  • $ sh log sys$sysroot

  • "SYS$SYSROOT" = "DJAS01$DKA300:[SYS0.]" (LNM$SYSTEM_TABLE)

  • = "SYS$COMMON:"

  • 1 "SYS$COMMON" = "DJAS01$DKA300:[SYS0.SYSCOMMON.]" (LNM$SYSTEM_TABLE)

  • $ sh log user_exe ! Presenter’s environment, not provided by VMS.

  • "USER_EXE" = "USER_IMG:" (LNM$JOB_80D27B00)

  • = "USER_COM:"

  • = "SYS$SPECIFIC:[SYSEXE]"

  • = "SYS$COMMON:[SYSEXE]"

  • 1 "USER_IMG" = "USER_ROOT:[EXE.ALPHA]" (LNM$JOB_80D27B00)

  • 1 "USER_COM" = "USER_ROOT:[EXE]" (LNM$JOB_80D27B00)


Logical names69 l.jpg
Logical Names

  • Concealed Logical Names

    • $ DEFINE lnm value/TRANS=CONCEAL

  • Example:

  • $ sh log sys$sysdevice

  • "SYS$SYSDEVICE" = "DJAS01$DKA300:" (LNM$SYSTEM_TABLE)

  • $ sh log sys$sysdevice/full

  • "SYS$SYSDEVICE" [exec] = "DJAS01$DKA300:" [concealed,terminal] (LNM$SYSTEM_TABLE)


Logical names70 l.jpg
Logical Names

  • “Rooted” Logical Names

    • $ DEFINE lnm ddcu:[dir.]/TRANS=CONCEAL

  • Examples:

  • $ show logical sys$specific,sys$common,user_root

  • "SYS$SPECIFIC" = "DJAS01$DKA300:[SYS0.]" (LNM$SYSTEM_TABLE)

  • "SYS$COMMON" = "DJAS01$DKA300:[SYS0.SYSCOMMON.]" (LNM$SYSTEM_TABLE)

  • "USER_ROOT" = "DKA0:[DDACHTERA.]" (LNM$JOB_80D27B00)


Logical names71 l.jpg
Logical Names

  • Using rooted logical names

  • Examples:

  • $ show logical sys$sysroot,user_root,user_com,user_img

  • "SYS$SYSROOT" = "DJAS01$DKA300:[SYS0.]" (LNM$SYSTEM_TABLE)

  • = "SYS$COMMON:"

  • 1 "SYS$COMMON" = "DJAS01$DKA300:[SYS0.SYSCOMMON.]" (LNM$SYSTEM_TABLE)

  • "USER_ROOT" = "DKA0:[DDACHTERA.]" (LNM$JOB_80D27B00)

  • "USER_COM" = "USER_ROOT:[EXE]" (LNM$JOB_80D27B00)

  • "USER_IMG" = "USER_ROOT:[EXE.ALPHA]" (LNM$JOB_80D27B00)


Logical names lexicals l.jpg
Logical Names & Lexicals

  • Beware:

  • F$LOGICAL() (deprecated) differs from F$TRNLNM().

  • F$LOGICAL() uses hard-coded search list internally: Process, Job, Group, System.

  • F$TRNLNM() uses LNM$FILE_DEV


Cluster wide logical names l.jpg
Cluster-Wide Logical Names

  • New in V7.2.

  • Defined in table LNM$SYSCLUSTER

  • LNM$SYSTEM is now a search list:

  • $ show log/tab=* lnm$system

  • "LNM$SYSTEM" = "LNM$SYSTEM_TABLE" (LNM$SYSTEM_DIRECTORY)

  • = "LNM$SYSCLUSTER"

  • 1 "LNM$SYSCLUSTER" = "LNM$SYSCLUSTER_TABLE" (LNM$SYSTEM_DIRECTORY)


Cluster wide logical names74 l.jpg
Cluster-Wide Logical Names

  • Caveat:

  • There is no /CLUSTER qualifier for DEFINE, ASSIGN or DEASSIGN.

  • Use /TABLE= LNM$SYSCLUSTER


Logical names75 l.jpg
Logical Names

  • Notes:

    • VMS$COMMON usually not found in system logical names.

    • It IS possible to have a system with a missing or corrupted VMS$COMMON.

      • OpenVMS upgrades will fail.

      • Difficult to recover.

      • Running in this condition is not supported.


Logical names76 l.jpg
Logical Names

  • Leave OpenVMS-provided logical names alone.

    • ReDEFINE-ing things like SYS$SYSROOT can jeopardize support position or system certification (Healthcare, etc.)

    • If any of these are reDEFINEd, do it at the /PROCESS level, not system-wide and make sure to leave the system account “pristine”.


Logical names77 l.jpg
Logical Names

  • Leave OpenVMS-provided logical names alone.

    • Probably okay to do this in a privileged account other than SYSTEM.

    • If these are needed at SYSTARTUP_VMS time, invoke a proc. to do the DEFINEs, then invoke the proc.’s that need the local logical names, then clean up using DEASSIGN/PROCESS.


Logical names78 l.jpg
Logical Names

  • It is possible to organize your site-specific procedures and keep them separated from the OpenVMS files without reDEFINE-ing any logical names provided by OpenVMS.


Logical names79 l.jpg
Logical Names

  • OpenVMS Logical Names:

    • Usually contain a “$” (dollar sign).

  • User (Site-Specific) Logical Names

    • Avoid “$” – use underscore:

      • SYS_MANAGER

      • SYS_BACKUP

      • SYS_OPERATOR

      • SYS_HELP

      • SYS_ROOT


Logical names80 l.jpg
Logical Names

  • $ sho log sys_*

  • (LNM$PROCESS_TABLE)

  • (LNM$JOB_80D128C0)

  • (LNM$GROUP_000030)

  • (LNM$SYSTEM_TABLE)

  • "SYS_BACKUP" = "SYS_ROOT:[BACKUP]"

  • "SYS_HELP" = “SYS_ROOT:[SYSHLP]"

  • "SYS_MANAGER" = "SYS_ROOT:[SYSMGR]"

  • "SYS_OPERATOR" = "SYS_ROOT:[OPERATOR]”

  • “SYS_ROOT“ = “SYS$SYSDEVICE:[XYZCORP.]”

  • = ”SYS$SYSROOT:”


Logical names81 l.jpg
Logical Names

  • Site-specific logical names for system management can be organized in their own logical name tables.

    • User Logical name table can be added to LNM$FILE_DEV, but don’t do that system-wide – DEFINE things /PROCESS.

      • See the earlier example of how to modify the LNM$FILE_DEV search list for a process.

      • /PROCESS is the default for DEFINE and ASSIGN if not specified.


Logical names82 l.jpg
Logical Names

  • None of us is immortal.

  • Remember to document your customizations THOROUGHLY!

    • If you get hit by a bus today, will someone else be able to come in and understand what you’ve done?


Seminar 102483 l.jpg
Seminar 1024

  • OpenVMS

  • Networking


Networking l.jpg
Networking

  • Network stacks for OpenVMS:

  • TCP/IP

  • DECnet

    • Phase IV

    • Phase V (DECnet/OSI)

  • Utilities:

  • LANCP (works without DECnet)

  • SET HOST/MOP (Phase V - NET$CCR)


Networking tcp ip l.jpg
Networking - TCP/IP

  • TCP/IP Services for OpenVMS

    • Formerly known as UCX (Ultrix Connection)

    • Developed, sold and supported by HP, shares code base with Tru64 TCP/IP

    • Management interface somewhat weak.

      • Some features (like adding secondary name server) require editing config. files manually. Access to non-volatile Database inconsistent: sometimes SET CONFIG, sometimes SET/PERMANENT.


Networking tcp ip86 l.jpg
Networking TCP/IP

  • TCPware

    • Native to and developed on OpenVMS (originally on VAX/VMS, ported to Alpha).

    • Developed, sold and supported by Process Software, Inc.

    • Proprietary Management Interface, now similar to Multinet in some ways.

    • Slightly more functionality than (UCX), performs better than Multinet and *UCX).


Networking tcp ip87 l.jpg
Networking - TCP/IP

  • Multinet

    • Developed from BSD V4.3 code by TGV, Inc. on VAX/VMS, ported to Alpha. Now developed, sold and supported by Process Software, Inc.

    • Proprietary Management Interface.

    • Functionality similar to TCPware.

    • Performance is somewhat better than (UCX), less than TCPware.


Networking tcp ip88 l.jpg
Networking - TCP/IP

  • Author’s opinion re: Marvel:

  • TCP/IP Services for OpenVMS will probably be Marvel-ready sooner than Process Software’s products; however, TCPware and Multinet provide more robust functionality - should be worth waiting for on Marvel. (SMP considerations)


Networking tcp ip89 l.jpg
Networking - TCP/IP

  • CMU/IP

  • Freeware, a bit old.

  • Originally developed by TEK, released to Carnegie Mellon Univ. C.S. department - became freeware.

  • VAX only - no known Alpha port.

  • TCP/IP-V4 only.


Networking decnet l.jpg
Networking - DECnet

  • Developed by Digital for PDP-11, migrated to VAX and ported to Alpha.

  • Phase-IV is in use widely.

  • Phase V used where it is needed. Also known as DECnet-Plus or DECnet/OSI.


Networking decnet91 l.jpg
Networking - DECnet

  • DECnet Phase IV is very SysAdmin friendly, but takes some getting used to.

  • “Set it and forget it” - easily configured, does not issue a lot of OPCOM messages unless there is trouble on the line(s).

  • Specification was published, no longer publicly available on the web.


Networking decnet92 l.jpg
Networking - DECnet

  • DECnet Phase IV

    • Permanent database

      • DEFINE commands in NCP

    • Volatile database

      • SET commands in NCP


Networking decnet93 l.jpg
Networking - DECnet

  • DECnet Phase IV

    • Provides MOP Remote Console

      • CONNECT command in NCP

    • Provides MOP downline load, upline dump

      • LOAD and TRIGGER commands in NCP

    • Provides for remote management of other nodes.

      • SET EXECUTOR NODE command in NCP, requires privilege and remote password.


Networking decnet94 l.jpg
Networking - DECnet

  • DECnet Phase V (DECnet-Plus)

    • More complicated to manage - management paradigm follows the OSI seven-layer model.

    • Circuits are built from the bottom up, following the OSI seven-layer model.

    • Management is performed using NCL (Network Control Language).

    • Non-volatile database is .NCL files - no “permanent” database.


Networking decnet95 l.jpg
Networking - DECnet

  • DECnet Phase V (DECnet-Plus)

    • OPCOM messages are more plentiful and more verbose than Phase IV.

    • Allows for diagnosis of trouble in each layer.

    • Provides some features not available in Phase IV.

    • Complete specification is not published.


Networking decnet96 l.jpg
Networking - DECnet

  • Access Control

    • Set up proxy records in SYS$SYSTEM:NET$PROXY.DAT using the AUTHORIZE program.

    • Enable proxy access in NCP (Phase-IV): incoming, outgoing.

      • Incoming proxy access, if disabled, defaults to the access control info of the target object instead of the source node/user.


Networking decnet97 l.jpg
Networking - DECnet

  • Access Control

    • Create the proxy database if it doesn’t already exist. Use AUTHORIZE, CREATE/PROXY

    • Set up proxy records in Authorize.

    • Enable proxy access in NCL (Phase-V): See the SET SESSION CONTROL statements.


Networking decnet98 l.jpg
Networking - DECnet

  • FAL Logging

  • Two Logical Names:

    • FAL$LOG

    • FAL$OUTPUT


Networking decnet99 l.jpg
Networking - DECnet

  • FAL Logging

  • FAL$LOG

  • In SYLOGIN or the DECnet object file:

  • $ DEFINE FAL$LOG “1/disable=8”

    • This is an unsupported feature

    • “1”: file name and file type access information

    • disable=8 disables “Poor Man’s Routing”: dir node1::node2::node3::


Networking decnet100 l.jpg
Networking - DECnet

  • FAL Logging

  • FAL$LOG, cont’d

    • Produces copious output - use with discretion.

  • FAL$OUTPUT

    • Can be used to specify the name of the log file to create in place of SYS$OUTPUT

    • $ DEFINE FAL$OUTPUT FAL.LOG


Networking lat l.jpg
Networking - LAT

  • LAT - Local Area Transport

  • Robust, Efficient

    • Can package data for multiple sessions at the same MAC address into common packets.

  • Not routable

    • No routable info in the network layer

  • DEC-proprietary (licensed)

    • Specification published under license


Networking lat102 l.jpg
Networking - LAT

  • LAT Control Program (LATCP)

  • Managememt interface for LAT

  • Controls services broadcast by an OpenVMS node

  • Used to create, manage and delete LTA devices on OpenVMS nodes.


Networking mop l.jpg
Networking MOP

  • Maintenance Operation Protocol

  • Not routable

    • No routable info in the network layer

  • DEC-proprietary (licensed)

    • Specification published under license

  • Remote Console facility

  • Downline load, upline dump.


Networking mop104 l.jpg
Networking MOP

  • Maintenance Operation Protocol

  • User interfaces - Remote Console:

    • NCP (DECnet Phase IV)

      • CONNECT NODE

      • CONNECT VIA circuit_id PHYS ADDR mac_addr

    • LANCP

      • CONNECT NODE name/DEVICE=enet_dev:

    • SET HOST/MOP (DECnet Phase V)

      • SET HOST/MOP node_name

      • SET HOST/MOP/ADDR=mac_addr/CIRC=xxxx


Networking mop105 l.jpg
Networking MOP

  • Maintenance Operation Protocol

  • User interfaces - Downline Load, Upline dump:

    • NCP (DECnet Phase IV)

      • DEFINE/SET NODE name -

      • ADDRESS xx-xx-xx-xx-xx-xx -

      • SERVICE CIRCUIT xxx-n -

      • LOAD FILE filespec -

      • SECONDARY LOADER filespec -

      • DUMP FILE filespec


Networking mop106 l.jpg
Networking MOP

  • Maintenance Operation Protocol

  • User interfaces - Downline Load:

    • LANCP

      • DEFINE NODE name -

      • /ADDRESS=xx-xx-xx-xx-xx-xx-

      • /FILE=filespec

      • Mostly for use in booting LAVc nodes

      • LANCP does not provide for upline dump


Networking remote access l.jpg
Networking - Remote Access

  • Types of remote Access:

  • DECnet

    • SET HOST (CTERM)

    • Remote File Access

    • NML (NCP SET EXECUTOR NODE)

  • LAT

    • Connect (from terminal server or PC w/LAT)

    • SET HOST/LAT


Networking remote access108 l.jpg
Networking - Remote Access

  • Types of remote Access, cont’d:

  • TCP/IP:

    • TELNET

    • Rshell

    • Rlogin


Networking remote proc s l.jpg
Networking - Remote Proc.’s

  • Types of Remote Procedures:

  • DECnet

    • DECnet objects

    • SUBMIT/REMOTE, PRINT/REMOTE

  • TCP/IP

    • RPC (Remote Procedure Call)

    • Secure Socket Layer (SSL)


Networking remote proc s110 l.jpg
Networking - Remote Proc.’s

  • Security Concerns

  • DECnet objects like TASK

  • Unsecured accounts by any access method. (This is not a security presentation.)


Network alerts l.jpg
Network Alerts

  • OPCOM Alerts for network access

  • SET AUDIT/ENABLE=CONNECTION

    • DECnet (Phase IV)

    • $IPC

    • SYSMAN

  • SET AUDIT/ENABLE=LOGIN=

    • ALL, BATCH, DETACHED, DIALUP, LOCAL, NETWORK, REMOTE, SUBPROCESS


Network alerts112 l.jpg
Network Alerts

  • Additional OPCOM Alerts for FTP

  • Add commands to the DCL proc. associated with the FTP service.

    • Example: MULTINET:FTP_SERVER.COM

  • Can be as general or specific needed.

  • See the documentation and example code for your TCP/IP stack.


Seminar 1024113 l.jpg
Seminar 1024

  • System Startup

  • Procedure


System startup l.jpg
System Startup

  • Default /STARTUP procedure:

  • SYS$SYSTEM:STARTUP.COM

  • Set using SYSBOOT, SYSGEN or SYSMAN.


System startup115 l.jpg
System Startup

  • STARTUP Phases:

  • In SYS$STARTUP:VMS$VMS.DAT

    • RMS Indexed file

    • Changes to this area of the startup are *NOT* supported by HP.


System startup116 l.jpg
System Startup

  • STARTUP Phases:

  • $ TY SYS$STARTUP:VMS$VMS.DAT

  • BASEENVIRON DVMS$BASEENVIRON-050_VMS.COM

  • E*BASEENVIRON DVMS$BASEENVIRON-050_SMISERVER.COM

  • E*BASEENVIRON DVMS$BASEENVIRON-050_LIB.COM

  • E*BASEENVIRON DDECDTM$STARTUP.COM

  • E*BASEENVIRON DLICENSE_CHECK.EXE

  • E*CONFIG DVMS$CONFIG-050_VMS.COM

  • E*CONFIG DVMS$CONFIG-050_ERRFMT.COM

  • E*CONFIG DVMS$CONFIG-050_CACHE_SERVER.COM

  • E*CONFIG DVMS$CONFIG-050_CSP.COM

  • E*CONFIG DVMS$CONFIG-050_OPCOM.COM

  • E*CONFIG DVMS$CONFIG-050_AUDIT_SERVER.COM

  • E*CONFIG DVMS$CONFIG-050_JOBCTL.COM

  • E*CONFIG DVMS$CONFIG-050_LMF.COM

  • E*CONFIG DVMS$CONFIG-050_SHADOW_SERVER.COM

  • E*CONFIG DVMS$CONFIG-050_SECURITY_SERVER.COM

  • E*DEVICES DVMS$DEVICE_STARTUP.COM

  • E*INITIAL DVMS$INITIAL-050_VMS.COM

  • E*INITIAL DVMS$INITIAL-050_LIB.COM

  • E*INITIAL CVMS$INITIAL-050_CONFIGURE.COM

  • E*LPBEGIN DVMS$LPBEGIN-050_STARTUP.COM

  • E*PRECONFIG DIPC$STARTUP.COM

  • E*PRECONFIG DVMS$SPIRALOG_STARTUP.COM

  • E*


System startup phases files l.jpg
System Startup Phases, Files

  • INITIAL

  • DEVICES

    • SYCONFIG

    • SYLOGICALS

    • SYPAGSWPFILES

  • PRECONFIG

  • CONFIG

    • SYSECURITY

  • BASEENVIRON

  • LPBEGIN

    • SYSTARTUP_VMS

  • LPMAIN

  • LPBETA

  • END


System startup phases files118 l.jpg
System Startup Phases, Files

  • INITIAL

  • DEVICES

    • SYCONFIG These files are always

    • SYLOGICALS executed, even during a

    • SYPAGSWPFILES “MIN”-imum boot.

  • PRECONFIG

  • CONFIG

    • SYSECURITY

  • BASEENVIRON

  • LPBEGIN

    • SYSTARTUP_VMS

  • LPMAIN

  • LPBETA

  • END


System startup119 l.jpg
System Startup

  • Site-Specific STARTUPs:

  • SYSTARTUP_VMS.COM in SYS$MANAGER path.

  • SYSTARTUP_V5.COM in V5.x

  • SYSTARTUP.COM in V4 and earlier.


System startup120 l.jpg
System Startup

  • STARTUP Parameters:

  • STARTUP_P1

    • blank - Normal System Startup

    • “MIN” - Minimal Startup

      • No SYSTARTUP_VMS but

      • Most of the other SY*.COM proc.’s will still be run.


System startup121 l.jpg
System Startup

  • STARTUP Parameters:

  • STARTUP_P2

    • blank - Normal System Startup

    • “1”, “YES” or “TRUE” - Verify on

  • STARTUP_P3 thru _P8

    • Reserved for future use


System startup122 l.jpg
System Startup

  • SYSTARTUP_VMS :

  • Author prefers to keep procedure modular for easier maintenance, invoke modules from SYSTARTUP_VMS:

    • $ SET NOON

    • .

    • .

    • .

    • $ @MOUNT_DISKS

    • $ @DEFINE_GROUP_LOGICALS


System startup123 l.jpg
System Startup

  • SYSTARTUP_VMS :

  • Author prefers to keep procedure modular for easier maintenance, invoke node-specific proc.’s from SYSTARTUP_VMS:

    • $ FSP = F$SEARCH( -

    • “SYS$MANAGER:SYSTARTUP.COM” )

    • $ IF FSP .NES. “” THEN @&FSP

  • Avoids redundant, cut-and-paste code.


System startup124 l.jpg
System Startup

  • SYSTARTUP_VMS :

  • Logging SYSTARTUP_VMS:

    • $ SET NOON

    • $ DEFINE SYS$OUTPUT -

    • SYS$MANAGER:SYSTARTUP_VMS.LOG

    • .

    • .

    • .

    • $ DEASSIGN SYS$OUTPUT


System startup125 l.jpg
System Startup

  • Saving/reporting a crash dump at System Startup time:

    • $ ANALYZE/CRASH_DUMP SYS$SYSTEM:SYSDUMP.DMP

    • COPY ddcu:<dir>:SAVEDUMP.DMP ! copy to wherever is convenient.

    • SET OUTPUT SYS$MANAGER:SYSDUMP.LIS ! Set this as you like

    • READ/EXEC

    • ! READ SYS$SYSTEM:SYSDEF ! For VAX

    • READ SYS$LOADABLE_IMAGES:SYSDEF ! For Alpha

    • SHOW CRASH

    • SHOW STACK /ALL

    • SHOW SUMMARY

    • SHOW PROCESS /PCB /PHD /REGISTERS

    • SHOW SYMBOL /ALL

    • EXIT


System startup126 l.jpg
System Startup

  • DEFINE-ing Group Logicals at Startup:

    • SET up a DCL procedure to DEFINE (or assign) the needed logicals using /GROUP and whatever access mode is appropriate.

    • Invoke that procedure as a detached process at system startup time.


System startup127 l.jpg
System Startup

  • DEFINE-ing Group Logicals at Startup:

  • Example:

    • $ RUN SYS$SYSTEM:LOGINOUT.EXE-

    • /UIC=[300,1]-

    • /INPUT=GROUP_300_LOGICALS.COM-

    • /OUTPUT=GROUP_300_LOGICALS.LOG

  • The UIC specified does not need to exist in the UAF.


System startup128 l.jpg
System Startup

  • DEFINE-ing Group Logicals at Startup:

  • Alternate Example:

    • $ RUN SYS$SYSTEM:LOGINOUT.EXE-

    • /UIC=[300,1]/INPUT=NLA0:/OUTPUT=NLA0:

  • The UIC specified does not need to exist in the UAF.

  • The example creates the LNM$GROUP_000300 table.

  • Logical names can then be created in that table by any suitably privileged process.


System startup129 l.jpg
System Startup

  • Setting logins at Startup:

  • Global DCL symbol (STARTUP process) is set up during SYS$STARTUP:VMS$BASEENVIRON-050_VMS.COM:

    • $startup$interactive_logins == 64


System startup130 l.jpg
System Startup

  • Setting logins at Startup, cont’d:

  • Global DCL symbol (STARTUP process) is used in SYS$STARTUP:VMS$LPBEGIN-050_STARTUP.COM:

    • $set logins/interactive='startup$interactive_logins


System startup131 l.jpg
System Startup

  • Setting logins at Startup, cont’d:

  • Change the value of startup$interactive_logins during SYSTARTUP_VMS:

  • $ startup$interactive_logins == -

  • F$GETSYI( “IJOBLIM” )


System startup132 l.jpg
System Startup

  • Setting logins at Startup, cont’d:

  • $ startup$interactive_logins == -

  • F$GETSYI( “IJOBLIM” )

  • Notes:

  • Set the desired value for IJOBLIM in MODPARAMS and run AUTOGEN, or change the CURRENT value using SYSMAN or SYSGEN. Change takes effect on next boot.


System startup133 l.jpg
System Startup

  • Setting logins at Startup, cont’d:

  • $ startup$interactive_logins == -

  • F$GETSYI( “IJOBLIM” )

  • Notes, cont’d:

  • IJOBLIM is a dynamic parameter. The SET LOGINS/INTERACTIVE command displays or varies its value. See the HELP.


System startup134 l.jpg
System Startup

  • Setting logins at Startup, cont’d:

  • SET LOGINS/INTERACTIVE caveat:

  • Largely undocumented, little known fact: until this command is issued for the first time after a reboot, the job controller will not create interactive processes.

  • If used in SYSTARTUP_VMS, it may enable logins before the system is ready for users to log in.


System startup135 l.jpg
System Startup

  • Setting logins at Startup, cont’d:

  • SET LOGINS/INTERACTIVE caveat:

  • DO NOT USE THIS COMMAND IN SYSTARTUP_VMS!!!

  • …or any proc. that it invokes!!!

  • Use the global DCL symbol instead (STARTUP$INTERACTIVE_LOGINS).


System startup vms files l.jpg
System Startup - VMS Files

  • Must never be changed unless software documentation or VMS support instructs you to do so.

  • May be replaced when VMS or layered products are upgraded.

  • May use deprecated lexical functions (like F$LOGICAL()), or may contain misspelled function names (like F$GETSYS(), DCL sees only F$GETS).


System startup vms files137 l.jpg
System Startup - VMS Files

  • Site-specific startups are usually found in the SYS$MANAGER path.


Seminar 1024138 l.jpg
Seminar 1024

  • SYSMAN and

  • STARTUP


Sysman startup l.jpg
SYSMAN & STARTUP

  • SYSMAN can be used to modify the “user” portion of the startup database.

    • Two database files used by SYSMAN:

      • STARTUP$STARTUP_VMS

        • Used for the VMS startup

        • DO NOT MODIFY!!!

      • STARTUP$STARTUP_LAYERED

        • When you add an item using SYSMAN it goes here.


Sysman startup140 l.jpg
SYSMAN & STARTUP

  • SYSMAN can be used to modify the “user” portion of the startup database.

    • Not as flexible the traditional method using SYSTARTUP_VMS.

    • Not as widely used. Incoming SysAdmins may be unware of previous modifications to the startup database using SYSMAN.

    • Allows for specifying that some startup procedures run in BATCH, in-line (DIRECT) or in sub-processes (SPAWN).


Sysman startup141 l.jpg
SYSMAN & STARTUP

  • Allows for entering startup items that run after SYSTARTUP_VMS.

    • SYSTARTUP_VMS is invoked during the LPBEGIN phase.

    • Valid phases for SYSMAN STARTUP entries are LPBEGIN, LPMAIN, LPBETA and END.

    • Premature logins are possible if SYSTARTUP_VMS enables logins before startups in later phases (LPMAIN, LPBETA or END) have run.


Seminar 1024142 l.jpg
Seminar 1024

  • Conversational Boot,

  • Minimum Startup


Conversational boot l.jpg
Conversational Boot

  • Most Current Alphas, VAX 7000:

    • >>> boot –fl x,1

  • VAX 6000

    • >>> BOOT boot_profile/R5=1

    • >>> BOOT boot_profile/R5=x0000001

  • Older small VAXes

    • >>> B/R5:1 or B/R5:x0000001

  • VAX 8000’s

    • See the manual


Minimum boot l.jpg
Minimum Boot

  • >>> b –fl 10,1

  • SYSBOOT> SET STARTUP_P1 “MIN”

  • SYSBOOT> CONTINUE

  • Use SET WRITESYSPARAMS 0 before CONTINUE for a one-time minimum boot.


Seminar 1024145 l.jpg
Seminar 1024

  • System Shutdown

  • Procedure


System shutdown l.jpg
System Shutdown

  • $ @SYS$SYSTEM:SHUTDOWN

    • Prompts interactively for parameters

    • Parameters can also be specified on the command line that invokes the procedure.

      • See the SHUTDOWN and REBOOT symbols in SYS$MANAGER:LOGIN.TEMPLATE


System shutdown147 l.jpg
System Shutdown

  • SYS$SYSTEM:SHUTDOWN.COM

  • Parameters:

    • P1 = Minutes to final shutdown

    • P2 = Reason for Shutdown

    • P3 = Spin down disk volumes? (Y/N)

    • P4 = Invoke SYSHUTDWN.COM? (Y/N)

    • P5 = When will system be rebooted?

    • P6 = Should auto. reboot be performed? (Y/N)

    • P7 = Options (SAVE_FEEDBACK, etc.)

    • P5 and P6 are reverse order to the prompts.


Site specific shutdown proc l.jpg
Site-Specific Shutdown Proc.

  • SYSHUTDWN.COM

  • Found in the SYS$MANAGER path.


System shutdown149 l.jpg
System Shutdown

  • SYS$SYSTEM:SHUTDOWN.COM

  • Logical Names

    • SHUTDOWN$MINIMUM_MINUTES

      • Default value for minutes to final shutdown.

    • AGEN$SHUTDOWN_TIME

      • Used by AUTOGEN as minutes to final SHUTDOWN or REBOOT.


Shutdown options l.jpg
Shutdown Options

  • REBOOT_CHECK

  • SAVE_FEEDBACK

  • DISABLE_AUTOSTART

  • POWER_OFF


Shutdown options151 l.jpg
Shutdown Options

  • REBOOT_CHECK

  • Performs a basic check for the existence of files needed to reboot the system.

  • Not comprehensive - cannot detect a damaged boot block, corrupted bootstrap image, etc.


Shutdown options152 l.jpg
Shutdown Options

  • SAVE_FEEDBACK

  • Saves some vital statistics about the system that can be used by AUTOGEN after the system comes back up.

  • Same as the SAVPARAMS phase of AUTOGEN.


Shutdown options153 l.jpg
Shutdown Options

  • DISABLE_AUTOSTART

  • Use this if needed to prevent AUTOSTART queues on this node from being restarted once SHUTDOWN has STOPped them.


Shutdown options154 l.jpg
Shutdown Options

  • POWER_OFF

  • If the system console supports it, request that the machine power itself down once VMS has been SHUTDOWN.


Shutdown options clusters l.jpg
Shutdown Options - Clusters

  • REMOVE_NODE for all but the last node.

    • Node exits the cluster gracefully.

  • CLUSTER_SHUTDOWN for the last cluster node to be shutdown.

    • If used on all nodes, each node waits for other nodes to reach the point of exiting the cluster, then proceeds to shutdown (“dissolves” the cluster).


Every shutdown l.jpg
Every Shutdown

  • Author recommends you always specify option REBOOT_CHECK for all nodes.

  • Has been helpful in preventing some nasty surprises.


Seminar 1024157 l.jpg
Seminar 1024

  • AUTOGEN


Autogen l.jpg
AUTOGEN

  • SYS$UPDATE:AUTOGEN.COM

  • DCL procedure supplied by OpenVMS as an aid in tuning the OpenVMS system.

  • Not a replacement for diligent system management.


Autogen159 l.jpg
AUTOGEN

  • Applies changes to the default system parameters as specified in the file

    • SYS$SYSTEM:MODPARAMS.DAT

  • Is invoked during installs and upgrades, sometimes more than once.

  • Can be used to help size the swap and page files.


Autogen modparams l.jpg
AUTOGEN - MODPARAMS

  • SYS$SYSTEM:MODPARAMS.DAT

  • This is where changes to the default values are made so they persist from one AUTOGEN to the next.

  • Entries look like this:

    • parameter_name = needed_value

    • MIN_parameter_name = needed_value

    • MAX_parameter_name = needed_value

    • ADD_ parameter_name = needed_value


Autogen modparams161 l.jpg
AUTOGEN - MODPARAMS

  • parameter_name = needed_value

  • Provides a hard-coded value for the parameter.

    • SCSNODE = “ALPHAONE”

    • GBLPAGES = 121589

  • AUTOGEN calculations do not over-ride hard-coded values.


Autogen modparams162 l.jpg
AUTOGEN - MODPARAMS

  • MIN_parameter_name = minimum_value

  • Provides a minimum value for the parameter.

    • MIN_GBLPAGES = 121589

  • AUTOGEN may calculate and use a higher value, but will always use the MIN_ if it calculates a lower value.


Autogen modparams163 l.jpg
AUTOGEN - MODPARAMS

  • MAX_parameter_name = maximum_value

  • Provides a maximum value for the parameter.

    • MAX_GBLPAGES = 12158900

  • AUTOGEN may calculate and use a lower value, but will always use the MAX_ if it calculates a higher value.


Autogen modparams164 l.jpg
AUTOGEN - MODPARAMS

  • ADD_parameter_name = addtl_value

  • Provides an addition to the default value for the parameter.

    • ADD_GBLPAGES = 81920

  • AUTOGEN can use feedback to calculate a new value, then adds the specified value to the calculated value.


Autogen phases l.jpg
AUTOGEN - Phases

  • SAVPARAMS - Collects Feedback

  • GETDATA - Collects all other data

  • GENPARAMS - Generates new parameters

  • TESTFILES - Calculates new sys file sizes

  • GENFILES - Generates new system files

  • SETPARAMS - Creates new boot param.’s

  • SHUTDOWN - Shutdown the system

  • REBOOT - Reboot the system

  • HELP - Displays AUTOGEN info


Autogen phases166 l.jpg
AUTOGEN - Phases

  • SAVPARAMS

  • Saves dynamic feedback from the running system.

  • Same as SAVE_FEEBACK option of SHUTDOWN.


Autogen phases167 l.jpg
AUTOGEN - Phases

  • GETDATA

  • Collects all data to be used in AUTOGEN calculations.

  • Includes existing feedback data if it is not over 30 days old.

  • Includes MODPARAMS info.


Autogen phases168 l.jpg
AUTOGEN - Phases

  • GENPARAMS

  • Performs calculations and generates the new system parameters (but does not yet set them into the “Current” parameters).

  • Creates the new list of installed images based on the state of the currently running system.


Autogen phases169 l.jpg
AUTOGEN - Phases

  • TESTFILES

  • Calculates new page and swap file sizes, but does not apply any changes.


Autogen phases170 l.jpg
AUTOGEN - Phases

  • GENFILES

  • Generates new swap and page files based on AUTOGEN calculations.

  • Use entries in MODPARAMS to override:

  • DUMPFILE=0

  • SWAPFILE=0

  • PAGEFILE=0


Autogen phases171 l.jpg
AUTOGEN - Phases

  • SETPARAMS

  • Creates the new boot-time (“current”) parameters.

  • Changes take effect on the next boot.


Autogen phases172 l.jpg
AUTOGEN - Phases

  • SHUTDOWN

  • Shutdown the system and leave it ready for a manual boot or other console-level operations.


Autogen phases173 l.jpg
AUTOGEN - Phases

  • REBOOT

  • Reboot the system using the newly generated parameters and/or system files.


Autogen phases174 l.jpg
AUTOGEN - Phases

  • HELP

  • Display HELP information for how to use AUTOGEN.

  • Useful to output this to a file:

  • $ @SYS$UPDATE:AUTOGEN-

  • /OUTPUT=AGEN_HELP.LIS HELP


Autogen phases175 l.jpg
AUTOGEN - Phases

  • Typical uses:

    • See if current MODPARAMS settings are suitable:

    • $ @SYS$UPDATE:AUTOGEN -

    • SAVPARAMS TESTFILES

    • Generate new system parameters for next boot:

    • $ @SYS$UPDATE:AUTOGEN -

    • SAVPARAMS SETPARAMS

    • AUTOGEN using previously saved feedback:

    • $ @SYS$UPDATE:AUTOGEN -

    • GENPARAMS SETPARAMS


Autogen phases176 l.jpg
AUTOGEN - Phases

  • Typical uses:

    • AUTOGEN ignoring feedback:

    • $ @SYS$UPDATE:AUTOGEN -

    • GENPARAMS SETPARAMS NOFEEDBACK

    • AUTOGEN using previously saved feedback, if it is

    • valid:

    • $ @SYS$UPDATE:AUTOGEN -

    • GENPARAMS SETPARAMS - CHECK_FEEDBACK


Autogen report l.jpg
AUTOGEN - Report

  • SYS$SYSTEM:AGEN$PARAMS.REPORT

  • Generated on each run of AUTOGEN during the GENPARAMS phase.

  • Indicates any MODPARAMS errors detected by AUTOGEN.

  • Indicates the results of AUTOGEN calculations and resulting changes to system parameters.


Autogen logging l.jpg
AUTOGEN - Logging

  • AUTOGEN issues useful information on SYS$OUTPUT, also.

  • Some SysAdmins find this useful:

    • $ @SYS$UPDATE:AUTOGEN/OUT=AGEN.LOG -

    • start_phase end_phase


Seminar 1024179 l.jpg
Seminar 1024

  • Useful Tips

  • and Tricks


Useful tips and tricks l.jpg
Useful Tips and Tricks

  • An “uptime” command:

  • $ SHOW SYSTEM/NOPROCESS

  • $ UPT*TIME :== SHOW SYSTEM/NOPROCESS


Useful tips and tricks181 l.jpg
Useful Tips and Tricks

  • An simple command to show usage:

  • $ SHL :== -

  • PIPE SHOW USERS/FULL | -

  • (READ SYS$PIPE P9 ; -

  • WRITE SYS$OUTPUT P9 ; -

  • READ SYS$PIPE P9 ; -

  • WRITE SYS$OUTPUT P9 ; -

  • SET LOGINS)


Seminar 1024182 l.jpg
Seminar 1024

  • OpenVMS System

  • Management Tools


System management tools l.jpg
System Management Tools

  • Supplied as no-charge additional software, licensed with OpenVMS.

  • StorageWorks Command Console(SWCC)

  • OpenVMS Management Station(“TNT” or “Argus”)

  • Accessibility Manager for Distributed Systems (AMDS), Availability Manager


Seminar 1024184 l.jpg
Seminar 1024

  • StorageWorks

  • Command Console


Storageworks cmd console l.jpg
StorageWorks Cmd Console

  • Provides MS/Win GUI for management of StorageWorks storage array controllers.

    • HSJ (CI)

    • HSZ (SCSI)

    • HSG (FC-SF)

  • Uses TCP/IP to communicate with server agent on OpenVMS.

  • Behaves like other “Explorer” software.


Storageworks cmd console186 l.jpg
StorageWorks Cmd Console

  • Limitations:

  • PC’s IP address must back-translate

    • DHCP is o.k. so long as DNS is updated when address lease is obtained / renewed.

  • Does not work over WAN unless PC’s DNS name is “visible” outside of firewall and firewall allows the TCP ports.

  • OpenVMS server agent will only run on one node of a cluster.


Storageworks cmd console187 l.jpg
StorageWorks Cmd Console

  • Limitations, cont’d:

  • Unit names and storage-set names are assigned randomly and arbitrarily.

    • Some names can be changed manually using the CLI.

  • Can hold onto the virtual console so that other access means are denied:

    • SET HOST/DUP, SET HOST/SCSI


Storageworks cmd console188 l.jpg
StorageWorks Cmd Console

  • Limitations, cont’d:

  • Disks falling into the Failed Set are detected and reported as warnings; however, CLI messages are not passed through to the GUI - you must still connect to the CLI to get them.

    • “Other controller restarted”

    • Cache battery alerts


Storageworks cmd console189 l.jpg
StorageWorks Cmd Console

  • Limitations, cont’d:

  • No provisions for running HSx utilities and diagnostics.

  • No performance data available via the GUI - use the CLI to run VTDPY.


Storageworks cmd console190 l.jpg
StorageWorks Cmd Console

  • Management Considerations

  • PCs must be authorized to access OpenVMS server agent. Use the SWCC configuration utility supplied with the OpenVMS-side software.

  • Controllers and/or controller pairs must be set up using the SWCC configuration utility supplied with the OpenVMS-side software.


Storageworks cmd console191 l.jpg
StorageWorks Cmd Console

  • Management Considerations

  • HSZ and HSG controller pairs present only a single virtual device for remote access - cannot connect to an individual controller by name using the CLI window.

  • You will still need to access the physical console terminal port from time to time, as when a controller fails out of the pair.





















Seminar 1024211 l.jpg
Seminar 1024

  • OpenVMS

  • Management

  • Station


Openvms mgt station l.jpg
OpenVMS Mgt Station

  • Provides an MS/Win GUI for management of some areas of OpenVMS:

  • User records and identifiers

  • OpenVMS storage

  • Printer (but not batch) queues.

  • Uses TCP/IP to communicate between Windows client and OpenVMS Server.


Openvms mgt station213 l.jpg
OpenVMS Mgt Station

  • Considerations:

  • No interfaces for application-specific user setups.

  • Provides only for “traditional” OpenVMS printer queues - no provisions for TCP/IP considerations.

  • V3.0 is still available for Alpha/NT. Later versions are Intel only.


Openvms mgt station214 l.jpg
OpenVMS Mgt Station

  • Considerations:

  • Runs on W/NT and W2K, W/98, and W/95, but needs Internet Explorer V3.02 or later to provide some support.

  • V3.2 Server needs OpenVMS V6.2 or later.




Openvms mgt station217 l.jpg
OpenVMS Mgt Station

  • Set up Wizard


Openvms mgt station218 l.jpg
OpenVMS Mgt Station

  • Set up Wizard


Openvms mgt station219 l.jpg
OpenVMS Mgt Station

  • Set up Wizard


Openvms mgt station220 l.jpg
OpenVMS Mgt Station

  • Set up Wizard


Openvms mgt station221 l.jpg
OpenVMS Mgt Station

  • Set up Wizard



Openvms mgt station223 l.jpg
OpenVMS Mgt Station

  • Logon to a managed system


Openvms mgt station224 l.jpg
OpenVMS Mgt Station

  • Accounts Window


Openvms mgt station225 l.jpg
OpenVMS Mgt Station

  • Account

  • Detail


Openvms mgt station226 l.jpg
OpenVMS Mgt Station

  • Printers and other Symbiont Queues


Openvms mgt station227 l.jpg
OpenVMS Mgt Station

  • Detail of Printers / Symbiont Queues


Openvms mgt station228 l.jpg
OpenVMS Mgt Station

  • OpenVMS Storage


Openvms mgt station229 l.jpg
OpenVMS Mgt Station

  • OpenVMS Storage Detail


Openvms mgt station230 l.jpg
OpenVMS Mgt Station

  • OpenVMS Server reads OMS configuration when it starts.

  • Storage configured in OMS and not yet MOUNTed gets MOUNTed (if enabled).

  • Symbiont queues configured in OMS and not yet STARTed get STARTed.


Openvms mgt station231 l.jpg
OpenVMS Mgt Station

  • OpenVMS Server builds a DCL procedure that can be used to MOUNT your storage, even if the server cannot be started for whatever reason:TNT$EMERGENCY_MOUNT.COM


Openvms mgt station232 l.jpg
OpenVMS Mgt Station

  • Can be useful to ease certain system management tasks that would otherwise require the use of command-line utilities, but is not a replacement for those utilities.


Openvms mgt station233 l.jpg
OpenVMS Mgt Station

  • Download URL:

  • http://www.openvms.compaq.com/openvms/products/argus/download.html


Seminar 1024234 l.jpg
Seminar 1024

  • Accessibility Manager for

  • Distributed Systems

  • (AMDS) and

  • Availability Manager


Slide235 l.jpg
AMDS

  • Provides DECwindows interface for

  • system or cluster management, some

  • performance monitoring.

  • Warnings can be issued when performance metrics go out of spec. - you determine the thresholds for your environment.

  • Can (maybe) be used to “un-hang” a cluster (force quorum adjustment).


Slide236 l.jpg
AMDS

  • Considerations:

  • Uses a proprietary, non-routable network protocol.

  • For optimum availability management, needs to run on a separate OpenVMS workstation (not a cluster member).

  • AMDS workstation must be on same LAN segment as cluster nodes or protocol must be bridged bt segments.


Slide237 l.jpg
AMDS

  • Considerations:

  • AMDS workstation can be accessed remotely (X on Linux, Solaris or *BSD; Reflection/X or Exceed, etc. on MS Win; DECwindows on OpenVMS).


Slide238 l.jpg
AMDS

  • Licensing:

  • AMDS license is now included in the OpenVMS base license (as of AMDS V7.1).

  • Software Kit:

  • On the OpenVMS binary CD.

  • On the OpenVMS website.


Slide239 l.jpg
AMDS

  • Startup Procedure:

  • $ @SYS$STARTUP:AMDS$STARTUP

    • Specify START as the first parameter.


Slide240 l.jpg
AMDS

  • Logical Names:

    • Defined in AMDS$SYSTEM:AMDS$LOGICALS.COM

      • AMDS$GROUP_NAME is the node information display group, default is DECAMDS

        • Define a group name for each cluster

      • AMDS$DEVICE defines the network device to use if multiple LAN connections are present.


Availability mgr l.jpg
Availability Mgr

  • Availability Manager

  • An MS Windows tool (W/NT, W2K)

  • Does not require an X-server on the PC.

  • Uses the same non-routable protocol as AMDS - similar restrictions.

  • Could be accessed remotely using PCAnywhere, or maybe Citrix.


Slide242 l.jpg
AMDS

  • AMDS Screen shots follow.

  • Many display objects can be selected to “drill down” for more information.









Seminar 1024250 l.jpg
Seminar 1024

  • OpenVMS

  • Security Elements


Openvms security elements l.jpg
OpenVMS Security Elements

  • An OpenVMS system is only as secure as the SysAdmin makes it.

  • Understanding and using the elements of OpenVMS Security is the best way to help ensure the security and integrity of an OpenVMS system.


Openvms security elements252 l.jpg
OpenVMS Security Elements

  • Points to remember:

  • TELNET and FTP sessions are not encrypted, passwords are sent as clear text. Use Secure Shell and Secure FTP for best security.

  • LAT and DECnet are not encrypted, passwords are sent as clear text.


Openvms security elements253 l.jpg
OpenVMS Security Elements

  • User Identification Codes

  • [group,user]

  • Similar to UN*X UIDs, except digits are always octal.

  • Users belong to only one UIC group. Use Rights Identifiers to grant additional access.


Openvms security elements254 l.jpg
OpenVMS Security Elements

  • Protection Masks

  • Based on the UIC.

  • Four classes of permission:

    • System

    • Owner

    • Group

    • World

      • UN*X only has Owner, Group, World


Openvms security elements255 l.jpg
OpenVMS Security Elements

  • Levels of Permission in each class:

  • Files

  • Read - Open read only

  • Write - Open write only

  • Execute - Run (if it’s a program/proc.)

  • Delete - Delete the file

    • (Requires write access to parent directory.)


Openvms security elements256 l.jpg
OpenVMS Security Elements

  • Levels of Permission in each class:

  • Directories

  • Read - List files

  • Write - Create/delete files

  • Execute - Traverse the directory (Look up files)

  • Delete - Delete the directory (Requires Write access to parent).


Openvms security elements257 l.jpg
OpenVMS Security Elements

  • Levels of Permission in each class:

  • Devices

  • READ

  • WRITE

  • LOGICAL I/O

  • PHYSICAL I/O


Openvms security elements258 l.jpg
OpenVMS Security Elements

  • Levels of Permission in each class:

  • Queues

  • READ - Display queue, jobs

  • MODIFY - Modify queue, jobs

  • SUBMIT - SUBMIT/PRINT jobs

  • DELETE - Delete jobs or the queue


Openvms security elements259 l.jpg
OpenVMS Security Elements

  • Access Control Lists

  • Specify access control beyond the UIC based protections.

  • Consist of access control entries.


Openvms security elements260 l.jpg
OpenVMS Security Elements

  • Access Control Entries

  • Associate access control with UICs or Rights Identifiers

  • Levels of access:

  • READ DELETE

  • WRITE CONTROL

  • EXECUTE

  • Object owner always has CONTROL


Openvms security elements261 l.jpg
OpenVMS Security Elements

  • Rights Identifiers

  • Created using AUTHORIZE.

  • Can be associated with a resource (disk file - to control disk quotas).

  • GRANTed to or REVOKEd from users using AUTHORIZE.

  • Can be dynamic – non-privileged users can acquire and release using SET RIGHTS_LIST in DCL.


Openvms security elements262 l.jpg
OpenVMS Security Elements

  • Propagating ACEs, Default Protections

  • Set an ACE on a directory with the DEFAULT attribute.

  • Default Protection ACE is set on a directory.

  • Will be applied to new files, or use SET SECURITY/DEFAULT to propagate to existing files.


Openvms security elements263 l.jpg
OpenVMS Security Elements

  • Set ACEs in the proper sequence

  • First matching ACE determines access.

  • Enter ACEs from least restrictive to most restrictive. EDIT/ACL can be helpful.

  • ACL takes priority over UIC based protection mask.


Seminar 1024264 l.jpg
Seminar 1024

  • Closing Comments,

  • Q & A


Freeware sources l.jpg
Freeware Sources

  • The OpenVMS Freeware CDs are online at the OpenVMS website.

  • The DFWCUG DECUS CD-ROM Archive:ftp://ftp.montagar.com/decus/

  • DFWCUG OVMS Freeware V3 Archive:ftp://ftp.montagar.com/freeware-v3/

  • DJE Systems OpenVMS Freeware archive:http://www.djesys.com/freeware/vms/

  • OpenVMS FAQhttp://www.openvms.compaq.com/wizard/faq/vmsfaq.html


Seminar 1024266 l.jpg
Seminar 1024

  • Thanks for coming!

  • Disclaimer: All information is correct to the best of the author’s knowledge.

  • Please fill out the evaluation forms, if available.


ad