seminar 1024 l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Seminar 1024 PowerPoint Presentation
Download Presentation
Seminar 1024

Loading in 2 Seconds...

play fullscreen
1 / 266

Seminar 1024 - PowerPoint PPT Presentation


  • 186 Views
  • Uploaded on

Seminar 1024. OpenVMS System Management Techniques, Tools, and Tricks David J. Dachtera djesys@fsi.net DJE Systems http://www.djesys.com/. Agenda. Basic DCL Concepts Commands Command Procedures Verbs Symbols Flow Control (IF, GOTO, GOSUB, CALL) Useful Lexical Functions. Agenda.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Seminar 1024' - albert


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
seminar 1024
Seminar 1024
  • OpenVMS System Management Techniques, Tools, and Tricks
  • David J. Dachtera
  • djesys@fsi.net
  • DJE Systems
  • http://www.djesys.com/
agenda
Agenda
  • Basic DCL Concepts
    • Commands
    • Command Procedures
    • Verbs
    • Symbols
    • Flow Control (IF, GOTO, GOSUB, CALL)
    • Useful Lexical Functions
agenda3
Agenda
  • Logical names
    • Logical name tables
    • Logical name table search order
      • Modifying the search order
    • Logical name types
      • Single Translation
      • Search list
      • “Rooted” (Concealed) logical names
    • Lexical Function Caveat
      • F$TRNLNM() differs from F$LOGICAL()
agenda4
Agenda
  • Logical names, cont’d
    • Cluster-wide logical names
      • Caveats
    • SYS$COMMON Notes
      • Caveats (VMS$COMMON)
    • Site-Specific Paths
      • Organizing local system management code
agenda5
Agenda
  • Network Topics
    • TCP/IP
      • TCP/IP Services (fka UCX)
      • Multinet
      • TCPware
      • CMU/IP (VAX only)
    • DECnet
      • Access control
      • FAL logging
agenda6
Agenda
  • Network Topics, cont’d
    • Remote procedures
      • Types
      • Security concerns
    • Network Alerts
      • OPCOM alerts for DECnet network access
      • OPCOM alerts for FTP network access
agenda7
Agenda
  • System Startup
    • STARTUP phases
    • STARTUP parameters
    • Site-Specific startups
      • Logging SYSTARTUP_VMS.COM
      • Node-specific startups
      • Saving a crash dump at start-up time
      • Soft-coding # of logins allowed at startup
    • SYSMAN and STARTUP
agenda8
Agenda
  • System Shutdown
    • SHUTDOWN parameters
    • SHUTDOWN$xxxx logical names
    • AUTOGEN Shutdowns
      • AGEN$SHUTDOWN_TIME logical name
  • Cluster Shutdown
    • REMOVE_NODE
    • Using SYSMAN
agenda9
Agenda
  • System/Startup File Caveats
    • Deprecated Lexical Functions
    • Lexical Function names misspelled
  • AUTOGEN
    • MODPARAMS.DAT
    • Reports and outputs
agenda10
Agenda
  • OpenVMS Management Tools
    • StorageWorks Command Console (SWCC)
    • OpenVMS Management Station
    • AMDS
      • Accessibility Manager for Distributed Systems
    • Availability Manager
      • Like AMDS, runs on MS-Windows
agenda11
Agenda
  • OpenVMS Security
    • Essentials
    • UICs and File/Directory Protection
    • Access Control Lists (ACLs)
    • Access Control Entries (ACEs)
    • Rights Identifiers and ACEs
    • Propagating ACEs and Default Protections
seminar 102412
Seminar 1024
  • Basic DCL
  • Concepts
basic dcl concepts
Basic DCL Concepts
  • Command Elements
    • $ verb parameter_1 parameter_2
    • DCL commands consist of a verb and one or more parameters.
dcl command proc s
DCL Command Proc.’s
  • $ @procedure_name
  • Top level (or terminal) is DEPTH 0.
  • Each new command procedure invoked is a new procedure DEPTH.
  • Maximum depth is still 32.
dcl command proc s15
DCL Command Proc.’s
  • Parameters
  • $ @procedure_name p1 p2 p3 … p8
  • Notes:
    • Only eight(8) parameters are passed from the command line, P1 through P8
    • Parameters with embedded spaces must be quoted strings.
    • Parameters are separated by a space.
dcl command proc s16
DCL Command Proc.’s
  • Parameters, cont’d
  • $ @procedure_name p1 p2 p3 … p8
  • Notes, Cont’d:
    • Reference parameters via the variable names P1 through P8.
    • No built-in “shift” function. If you need it, write it as a GOSUB.
dcl verbs
DCL Verbs
  • Internal commands
    • ASSIGN, CALL, DEFINE, GOSUB, GOTO, IF, RETURN, SET, STOP, others…
  • External commands
    • APPEND, BACKUP, COPY, DELETE, PRINT, RENAME, SET, SUBMIT, others...
dcl verbs cont d
DCL Verbs, Cont’d
  • “Foreign” Commands
    • $ symbol = value
  • Examples:
    • $ DIR :== DIRECTORY/SIZE=ALL/DATE
    • $ ZIP :== $ZIP/VMS
command qualifiers
Command Qualifiers
  • $ command/qualifier
  • $ command/qualifier=value
  • $ command/qualifier=(value,value)
  • $ command/qualifier=keyword=value
  • $ command/qualifier=-
  • (keyword=value,keyword=(value,value))
non positional qualifiers
Non-positional Qualifiers
  • Apply to the entire command, no matter where they appear.
    • $ command param1/qual param2
  • Example:
    • $ COPY A.DAT A.NEW/LOG
    • $ DELETE/LOG C.TMP;
positional qualifiers
Positional Qualifiers
  • Apply only to the object they qualify.
    • $ command param1/qual=value1 -
    • param2/qual=value2
  • Examples:
    • $ PRINT/COPIES=2 RPT1.LIS, RPT2.LIS
    • $ PRINT RPT1.LIS/COPIES=1,-
    • RPT2.LIS/COPIES=3
common qualifiers
Common Qualifiers
  • Many commands support a set of common qualifiers:
    • /BACKUP /BEFORE /CREATED /EXCLUDE /EXPIRED /INCLUDE /MODIFIED /OUTPUT /PAGE /SINCE
    • See the on-line HELP for specifics.
dcl statement elements
DCL Statement Elements
  • $ vbl = value
  • DCL statements are typically assignments where a variable receives a value.
assignment statements
Assignment Statements
  • $ vbl = F$lexical_function( params )
  • Examples:
    • $ FSP = F$SEARCH(“*.TXT”)
    • $ DFLT = F$ENVIRONMENT (“DEFAULT”)
    • $ NODE = F$GETSYI(“NODENAME”)
assignment statements25
Assignment Statements
  • $ vbl = string_expression
  • Examples:
    • $ A = “String 1 “ + “String 2”
    • $ B = A - “String “ - “String “
    • $ C = ‘A’
  • Maximum string length
    • 255 bytes (<=V7.3)
    • 4096 bytes (>=V7.3-1)
assignment statements26
Assignment Statements
  • $ vbl = numeric_expression
  • Examples:
    • $ A = 1
    • $ B = A +1
    • $ C = B + A + %X7F25
    • $ D = %O3776
assignment statements27
Assignment Statements
  • $ vbl[start_bit,bit_count]=numeric_exp
  • Examples:
    • $ ESC[0,8]=%X1B
    • $ CR[0,8]=13
    • $ LF[0,8]=10
    • $ FF[0,8]=12
    • $ CRLF[0,8]=13
    • $ CRLF[8,8]=10
assignment statements28
Assignment Statements
  • $ ESC[0,8]=%X1B
  • $ SHOW SYMBOL ESC
  • ESC = "."
  • $ CR[0,8]=13
  • $ SHOW SYMBOL CR
  • CR = "."
  • $ LF[0,8]=10
  • $ SHOW SYMBOL LF
  • LF = "."
assignment statements29
Assignment Statements
  • $ FF[0,8]=12
  • $ SHOW SYMBOL FF
  • FF = "."
  • $ CRLF[0,8]=13
  • $ SHOW SYMBOL CRLF
  • CRLF = "."
  • $ CRLF[8,8]=10
  • $ SHOW SYMBOL CRLF
  • CRLF = ".."
assignment statements30
Assignment Statements
  • DCL provides for substring replacement.
  • $ A := abcde
  • $ SHOW SYMBOL A
  • “ABCDE”
  • $ A[3,2]:=XX
  • $ SHOW SYMBOL A
  • “ABCXX”
assignment statements31
Assignment Statements
  • $ vbl = boolean_expression
  • Examples:
    • $ MANIA = (“TRUE” .EQS. “FALSE”)
    • $ TRUE = (1 .EQ. 1)
    • $ FALSE = (1 .EQ. 0)
    • $ YES = 1
    • $ NO = 0
assignment statements32
Assignment Statements
  • Local Assignment:
    • $ vbl = value
  • Global Assignment:
    • $ vbl == value
assignment statements33
Assignment Statements
  • Quoted String:
    • $ vbl = “quoted string”
    • Case is preserved.
  • Examples:
    • $ PROMPT = “Press RETURN to continue “
    • $ INVRSP = “% Invalid response!”
assignment statements34
Assignment Statements
  • Unquoted string:
    • $ vbl := unquoted string
    • Case is NOT preserved, becomes uppercase. Leading/trailing spaces are trimmed off.
  • Examples:
    • $ SAY := Write Sys$Output
    • $ SYSMAN :== $SYSMAN ! Comment
foreign commands
Foreign Commands
  • $ vbl := $filespec[ param[ param[ …]]]
  • “filespec” defaults to SYS$SYSTEM:.EXE
  • Maximum string length:
    • 510 bytes (<=V7.3)
    • 4096 bytes (>=V7.3-1)
symbol scope
Symbol Scope
  • SET SYMBOL/SCOPE=
    • NOLOCAL
      • All “outer” level local symbols are “invisible”
    • LOCAL
      • Undoes NOLOCAL
    • NOGLOBAL
      • All “outer” level global symbols are “invisible”
    • GLOBAL
      • Undoes NOGLOBAL
symbol scope37
Symbol Scope
  • SET SYMBOL/GENERAL/SCOPE=xxxx
  • Specifies that the values of the /SCOPE qualifier pertain to the translation of all symbols except the first token on a command line.
  • /GENERAL is incompatible with /ALL or /VERB.
symbol scope38
Symbol Scope
  • SET SYMBOL/VERB/SCOPE=xxxx
  • Specifies that the values of the /SCOPE qualifier pertain to the translation of the first token on a command line as a symbol before processing only. It does not affect general symbol substitution.
  • /VERB is incompatible with /ALL or /GENERAL.
symbol scope39
Symbol Scope
  • SET SYMBOL/ALL/SCOPE=xxxx
  • Specifies that the values of the /SCOPE qualifier pertain both to the translation of the first token on a command line and to general symbol substitution.
  • /ALL is incompatible with /GENERAL or /VERB.
conditional expressions
Conditional Expressions
  • $ IF condition THEN statement
  • Variations:
  • $ IF condition THEN $ statement
  • $ IF condition THEN -
  • $ statement
conditional expressions41
Conditional Expressions
  • $ IF condition
  • $ THEN
  • $ statement(s)
  • $ ENDIF
conditional expressions42
Conditional Expressions
  • $ IF condition
  • $ THEN
  • $ IF condition
  • $ THEN
  • $ statement(s)
  • $ ENDIF
  • $ ENDIF
conditional expressions43
Conditional Expressions
  • $ IF condition
  • $ THEN
  • $ IF condition
  • $ THEN
  • $ statement(s)
  • $ ENDIF
  • $ statement(s)
  • $ ENDIF
conditional expressions44
Conditional Expressions
  • $ IF condition
  • $ THEN statement(s)
  • $ IF condition
  • $ THEN
  • $ statement(s)
  • $ ENDIF
  • $ ENDIF
  • This may not work in pre-V6 VMS!
conditional expressions45
Conditional Expressions
  • $ IF condition
  • $ THEN
  • $ statement(s)
  • $ ELSE
  • $ statement(s)
  • $ ENDIF
labels goto
Labels, GOTO
  • $ GOTO label_1
  • .
  • .
  • .
  • $label_1:
gosub return
GOSUB, RETURN
  • $ GOSUB label_1
  • .
  • .
  • .
  • $label_1:
  • $ statement(s)
  • $ RETURN
gosub return48
GOSUB, RETURN
  • Emulate UN*X/DOS shell SHIFT:
      • $SHIFT:
      • $ P1 = P2
      • $ P2 = P3
      • $ P3 = P4
      • $ P4 = P5
      • $ P5 = P6
      • $ P6 = P7
      • $ P7 = P8
      • $ P8 = ""
      • $ RETURN
subroutine endsub
SUBROUTINE - ENDSUB...
  • $ CALL label_1[ param[ param[ …]]
  • .
  • .
  • .
  • $label_1: SUBROUTINE
  • $ statement(s)
  • $ END SUBROUTINE
lexical functions
Lexical Functions
  • Functions built into the DCL Lexicon
      • F$CONTEXT F$CSID F$CVSI F$CVTIME F$CVUI F$DEVICE F$DIRECTORY F$EDIT F$ELEMENT F$ENVIRONMENT F$EXTRACT F$FAO F$FILE_ATTRIBUTES F$GETDVI F$GETJPI F$GETQUI F$GETSYI F$IDENTIFIER F$INTEGER F$LENGTH F$LOCATE F$MESSAGE F$MODE F$PARSE F$PID F$PRIVILEGE F$PROCESS F$SEARCH F$SETPRV F$STRING F$TIME F$TRNLNM F$TYPE F$USER F$VERIFY
common lexical functions
Common Lexical Functions
  • $ vbl = F$CVTIME(string[, keyword[, keyword]])
    • “string” = Absolute time expression
    • “keyword” = (1st instance) is one of “ABSOLUTE”, “COMPARISION”, “DELTA”
    • “keyword” = (2nd instance) is one of “DATE”, “DATETIME”, “DAY”, “MONTH”, “YEAR”, “HOUR”, “MINUTE”, “SECOND”, “HUNDREDTH”, “WEEKDAY”
common lexical functions52
Common Lexical Functions
  • F$CVTIME(), Continued…
  • Defaults:
  • $ vbl = F$CVTIME(string, -
  • ”COMPARISON”, -
  • ”DATETIME” )
  • Pre-defined date strings:
    • TODAY, YESTERDAY, TOMORROW, BOOT
common lexical functions53
Common Lexical Functions
  • F$CVTIME(), Continued…
  • Date Formats:
  • Comparison
  • YYYY-MM-DD HH:MM:SS.CC
  • Absolute
  • DD-MMM-YYYY HH:MM:SS.CC
  • Delta
  • +/-DDDDD HH:MM:SS.CC
common lexical functions54
Common Lexical Functions
  • $ vbl = F$GETDVI( dev_name, keyword )
    • “dev_name” is a valid device name
    • “keyword” is a quoted string
  • Examples:
  • $ FBLK = F$GETDVI( “DUA0”,”FREEBLOCKS”)
  • $ MNTD = F$GETDVI( “DKA500”,”MNT”)
  • $ DVNM := DUA0:
  • $ VLNM := VOLNAM
  • $ VNAM = F$GETDVI( DVNM, VLNM )
common lexical functions55
Common Lexical Functions
  • $ vbl = F$QETQUI( -
  • function,-
  • item,-
  • value,-
  • keyword(s))
  • See the on-line help for descriptions.
common lexical functions56
Common Lexical Functions
  • $ VBL = F$GETJPI( pid, keyword )
  • Examples:
    • $ USN = F$GETJPI( 0, “USERNAME” )
    • $ MOD = F$GETJPI( 0, “MODE” )
common lexical functions57
Common Lexical Functions
  • $ vbl = F$GETSYI( item[, node[, csid]] )
  • Examples:
    • $ NODE = F$GETSYI( “NODENAME” )
    • $ FGP = F$GETSYI( “FREE_GBLPAGES” )
    • $ FGS = F$GETSYI( “FREE_GBLSECTS” )
common lexical functions58
Common Lexical Functions
  • $ vbl = F$ELEMENT( idx, delim, string )
    • Find the nth (delim) delimited element of a string.
  • Examples:
    • $ A = F$ELEM( 2, “,”, “A,B,C,D,E,F” )
    • $ B = F$ELEM( 1, “ ”, “Turn it off” )
seminar 102459
Seminar 1024
  • OpenVMS
  • Logical Names
logical names
Logical Names
  • A form of symbol with limited or system-wide scope.
  • $ show logical sys$sysroot
  • "SYS$SYSROOT" = "DJAS01$DKA300:[SYS0.]" (LNM$SYSTEM_TABLE)
  • = "SYS$COMMON:"
  • 1 "SYS$COMMON" = "DJAS01$DKA300:[SYS0.SYSCOMMON.]" (LNM$SYSTEM_TABLE)
logical name tables
Logical Name Tables
  • LNM$SYSTEM_DIRECTORY
    • LNM$JOB_xxxxxxxx
    • LNM$GROUP_xxxxxx
    • LNM$SYSTEM_TABLE
    • DECW$LOGICAL_NAMES
  • LNM$PROCESS_DIRECTORY
logical name tables62
Logical Name Tables
  • Search Order:
  • $ sh log/tab=* lnm$file_dev
  • "LNM$FILE_DEV" = "LNM$PROCESS" (LNM$SYSTEM_DIRECTORY)
  • = "LNM$JOB"
  • = "LNM$GROUP"
  • = "LNM$SYSTEM"
  • = "DECW$LOGICAL_NAMES"
logical name tables63
Logical Name Tables
  • Modifying the search order:
  • $ DEFINE/TABLE=LNM$PROCESS_DIRECTORY -
  • LNM$FILE_DEV LNM$PROCESS,LNM_PRIVATE,-
  • LNM$GROUP,LNM$SYSTEM,-
  • DECW$LOGICAL_NAMES
  • Defines a new search list in supervisor mode.
    • Some software will only use “trusted” logical names in certain directories or those DEFINEd in an “inner’ (more privileged) mode.
logical names64
Logical Names
  • Single translation
    • $ DEFINE lnm value
  • Search List
    • $ DEFINE lnm value,value[,…]
  • Concealed Logical Names
    • $ DEFINE lnm value/TRANS=CONCEAL
  • Rooted Logical Names
    • $ DEFINE lnm ddcu:[dir.]/TRANS=CONCEAL
logical names65
Logical Names
  • Creating
    • $ DEFINE lnm value
    • $ ASSIGN value lnm
  • Deleting
    • $ DEASSIGN lnm
logical names66
Logical Names
  • Access Modes
    • User DEFINE/USER
    • Supervisor DEFINE (/SUPER is default)
    • Executive DEFINE/EXECUTIVE,
    • requires CMEXEC privilege.
    • Kernel Can only be created by using
    • the $CRELNM system service,
    • requires CMKRNL privilege.
    • Executive and Kernel mode logical names are “trusted” since privilege is required to create them.
logical names67
Logical Names
  • Single Translation
    • $ DEFINE lnm value
  • Examples:
  • "LNM$PROCESS" = "LNM$PROCESS_TABLE" (LNM$PROCESS_DIRECTORY)
  • "LNM$JOB" = "LNM$JOB_80D27B00" (LNM$PROCESS_DIRECTORY)
  • "LNM$GROUP" = "LNM$GROUP_000030" (LNM$PROCESS_DIRECTORY)
  • "LNM$SYSTEM" = "LNM$SYSTEM_TABLE" (LNM$SYSTEM_DIRECTORY)
  • “SYS$LOGIN" = "DKA0:[DDACHTERA]" (LNM$JOB_80D27B00)
logical names68
Logical Names
  • Search Lists
    • $ DEFINE lnm value,value[,…]
    • Examples:
  • $ sh log sys$sysroot
  • "SYS$SYSROOT" = "DJAS01$DKA300:[SYS0.]" (LNM$SYSTEM_TABLE)
  • = "SYS$COMMON:"
  • 1 "SYS$COMMON" = "DJAS01$DKA300:[SYS0.SYSCOMMON.]" (LNM$SYSTEM_TABLE)
  • $ sh log user_exe ! Presenter’s environment, not provided by VMS.
  • "USER_EXE" = "USER_IMG:" (LNM$JOB_80D27B00)
  • = "USER_COM:"
  • = "SYS$SPECIFIC:[SYSEXE]"
  • = "SYS$COMMON:[SYSEXE]"
  • 1 "USER_IMG" = "USER_ROOT:[EXE.ALPHA]" (LNM$JOB_80D27B00)
  • 1 "USER_COM" = "USER_ROOT:[EXE]" (LNM$JOB_80D27B00)
logical names69
Logical Names
  • Concealed Logical Names
    • $ DEFINE lnm value/TRANS=CONCEAL
  • Example:
  • $ sh log sys$sysdevice
  • "SYS$SYSDEVICE" = "DJAS01$DKA300:" (LNM$SYSTEM_TABLE)
  • $ sh log sys$sysdevice/full
  • "SYS$SYSDEVICE" [exec] = "DJAS01$DKA300:" [concealed,terminal] (LNM$SYSTEM_TABLE)
logical names70
Logical Names
  • “Rooted” Logical Names
    • $ DEFINE lnm ddcu:[dir.]/TRANS=CONCEAL
  • Examples:
  • $ show logical sys$specific,sys$common,user_root
  • "SYS$SPECIFIC" = "DJAS01$DKA300:[SYS0.]" (LNM$SYSTEM_TABLE)
  • "SYS$COMMON" = "DJAS01$DKA300:[SYS0.SYSCOMMON.]" (LNM$SYSTEM_TABLE)
  • "USER_ROOT" = "DKA0:[DDACHTERA.]" (LNM$JOB_80D27B00)
logical names71
Logical Names
  • Using rooted logical names
  • Examples:
  • $ show logical sys$sysroot,user_root,user_com,user_img
  • "SYS$SYSROOT" = "DJAS01$DKA300:[SYS0.]" (LNM$SYSTEM_TABLE)
  • = "SYS$COMMON:"
  • 1 "SYS$COMMON" = "DJAS01$DKA300:[SYS0.SYSCOMMON.]" (LNM$SYSTEM_TABLE)
  • "USER_ROOT" = "DKA0:[DDACHTERA.]" (LNM$JOB_80D27B00)
  • "USER_COM" = "USER_ROOT:[EXE]" (LNM$JOB_80D27B00)
  • "USER_IMG" = "USER_ROOT:[EXE.ALPHA]" (LNM$JOB_80D27B00)
logical names lexicals
Logical Names & Lexicals
  • Beware:
  • F$LOGICAL() (deprecated) differs from F$TRNLNM().
  • F$LOGICAL() uses hard-coded search list internally: Process, Job, Group, System.
  • F$TRNLNM() uses LNM$FILE_DEV
cluster wide logical names
Cluster-Wide Logical Names
  • New in V7.2.
  • Defined in table LNM$SYSCLUSTER
  • LNM$SYSTEM is now a search list:
  • $ show log/tab=* lnm$system
  • "LNM$SYSTEM" = "LNM$SYSTEM_TABLE" (LNM$SYSTEM_DIRECTORY)
  • = "LNM$SYSCLUSTER"
  • 1 "LNM$SYSCLUSTER" = "LNM$SYSCLUSTER_TABLE" (LNM$SYSTEM_DIRECTORY)
cluster wide logical names74
Cluster-Wide Logical Names
  • Caveat:
  • There is no /CLUSTER qualifier for DEFINE, ASSIGN or DEASSIGN.
  • Use /TABLE= LNM$SYSCLUSTER
logical names75
Logical Names
  • Notes:
    • VMS$COMMON usually not found in system logical names.
    • It IS possible to have a system with a missing or corrupted VMS$COMMON.
      • OpenVMS upgrades will fail.
      • Difficult to recover.
      • Running in this condition is not supported.
logical names76
Logical Names
  • Leave OpenVMS-provided logical names alone.
    • ReDEFINE-ing things like SYS$SYSROOT can jeopardize support position or system certification (Healthcare, etc.)
    • If any of these are reDEFINEd, do it at the /PROCESS level, not system-wide and make sure to leave the system account “pristine”.
logical names77
Logical Names
  • Leave OpenVMS-provided logical names alone.
    • Probably okay to do this in a privileged account other than SYSTEM.
    • If these are needed at SYSTARTUP_VMS time, invoke a proc. to do the DEFINEs, then invoke the proc.’s that need the local logical names, then clean up using DEASSIGN/PROCESS.
logical names78
Logical Names
  • It is possible to organize your site-specific procedures and keep them separated from the OpenVMS files without reDEFINE-ing any logical names provided by OpenVMS.
logical names79
Logical Names
  • OpenVMS Logical Names:
    • Usually contain a “$” (dollar sign).
  • User (Site-Specific) Logical Names
    • Avoid “$” – use underscore:
      • SYS_MANAGER
      • SYS_BACKUP
      • SYS_OPERATOR
      • SYS_HELP
      • SYS_ROOT
logical names80
Logical Names
  • $ sho log sys_*
  • (LNM$PROCESS_TABLE)
  • (LNM$JOB_80D128C0)
  • (LNM$GROUP_000030)
  • (LNM$SYSTEM_TABLE)
  • "SYS_BACKUP" = "SYS_ROOT:[BACKUP]"
  • "SYS_HELP" = “SYS_ROOT:[SYSHLP]"
  • "SYS_MANAGER" = "SYS_ROOT:[SYSMGR]"
  • "SYS_OPERATOR" = "SYS_ROOT:[OPERATOR]”
  • “SYS_ROOT“ = “SYS$SYSDEVICE:[XYZCORP.]”
  • = ”SYS$SYSROOT:”
logical names81
Logical Names
  • Site-specific logical names for system management can be organized in their own logical name tables.
    • User Logical name table can be added to LNM$FILE_DEV, but don’t do that system-wide – DEFINE things /PROCESS.
      • See the earlier example of how to modify the LNM$FILE_DEV search list for a process.
      • /PROCESS is the default for DEFINE and ASSIGN if not specified.
logical names82
Logical Names
  • None of us is immortal.
  • Remember to document your customizations THOROUGHLY!
      • If you get hit by a bus today, will someone else be able to come in and understand what you’ve done?
seminar 102483
Seminar 1024
  • OpenVMS
  • Networking
networking
Networking
  • Network stacks for OpenVMS:
  • TCP/IP
  • DECnet
    • Phase IV
    • Phase V (DECnet/OSI)
  • Utilities:
  • LANCP (works without DECnet)
  • SET HOST/MOP (Phase V - NET$CCR)
networking tcp ip
Networking - TCP/IP
  • TCP/IP Services for OpenVMS
    • Formerly known as UCX (Ultrix Connection)
    • Developed, sold and supported by HP, shares code base with Tru64 TCP/IP
    • Management interface somewhat weak.
      • Some features (like adding secondary name server) require editing config. files manually. Access to non-volatile Database inconsistent: sometimes SET CONFIG, sometimes SET/PERMANENT.
networking tcp ip86
Networking TCP/IP
  • TCPware
    • Native to and developed on OpenVMS (originally on VAX/VMS, ported to Alpha).
    • Developed, sold and supported by Process Software, Inc.
    • Proprietary Management Interface, now similar to Multinet in some ways.
    • Slightly more functionality than (UCX), performs better than Multinet and *UCX).
networking tcp ip87
Networking - TCP/IP
  • Multinet
    • Developed from BSD V4.3 code by TGV, Inc. on VAX/VMS, ported to Alpha. Now developed, sold and supported by Process Software, Inc.
    • Proprietary Management Interface.
    • Functionality similar to TCPware.
    • Performance is somewhat better than (UCX), less than TCPware.
networking tcp ip88
Networking - TCP/IP
  • Author’s opinion re: Marvel:
  • TCP/IP Services for OpenVMS will probably be Marvel-ready sooner than Process Software’s products; however, TCPware and Multinet provide more robust functionality - should be worth waiting for on Marvel. (SMP considerations)
networking tcp ip89
Networking - TCP/IP
  • CMU/IP
  • Freeware, a bit old.
  • Originally developed by TEK, released to Carnegie Mellon Univ. C.S. department - became freeware.
  • VAX only - no known Alpha port.
  • TCP/IP-V4 only.
networking decnet
Networking - DECnet
  • Developed by Digital for PDP-11, migrated to VAX and ported to Alpha.
  • Phase-IV is in use widely.
  • Phase V used where it is needed. Also known as DECnet-Plus or DECnet/OSI.
networking decnet91
Networking - DECnet
  • DECnet Phase IV is very SysAdmin friendly, but takes some getting used to.
  • “Set it and forget it” - easily configured, does not issue a lot of OPCOM messages unless there is trouble on the line(s).
  • Specification was published, no longer publicly available on the web.
networking decnet92
Networking - DECnet
  • DECnet Phase IV
    • Permanent database
      • DEFINE commands in NCP
    • Volatile database
      • SET commands in NCP
networking decnet93
Networking - DECnet
  • DECnet Phase IV
    • Provides MOP Remote Console
      • CONNECT command in NCP
    • Provides MOP downline load, upline dump
      • LOAD and TRIGGER commands in NCP
    • Provides for remote management of other nodes.
      • SET EXECUTOR NODE command in NCP, requires privilege and remote password.
networking decnet94
Networking - DECnet
  • DECnet Phase V (DECnet-Plus)
    • More complicated to manage - management paradigm follows the OSI seven-layer model.
    • Circuits are built from the bottom up, following the OSI seven-layer model.
    • Management is performed using NCL (Network Control Language).
    • Non-volatile database is .NCL files - no “permanent” database.
networking decnet95
Networking - DECnet
  • DECnet Phase V (DECnet-Plus)
    • OPCOM messages are more plentiful and more verbose than Phase IV.
    • Allows for diagnosis of trouble in each layer.
    • Provides some features not available in Phase IV.
    • Complete specification is not published.
networking decnet96
Networking - DECnet
  • Access Control
    • Set up proxy records in SYS$SYSTEM:NET$PROXY.DAT using the AUTHORIZE program.
    • Enable proxy access in NCP (Phase-IV): incoming, outgoing.
      • Incoming proxy access, if disabled, defaults to the access control info of the target object instead of the source node/user.
networking decnet97
Networking - DECnet
  • Access Control
    • Create the proxy database if it doesn’t already exist. Use AUTHORIZE, CREATE/PROXY
    • Set up proxy records in Authorize.
    • Enable proxy access in NCL (Phase-V): See the SET SESSION CONTROL statements.
networking decnet98
Networking - DECnet
  • FAL Logging
  • Two Logical Names:
    • FAL$LOG
    • FAL$OUTPUT
networking decnet99
Networking - DECnet
  • FAL Logging
  • FAL$LOG
  • In SYLOGIN or the DECnet object file:
  • $ DEFINE FAL$LOG “1/disable=8”
    • This is an unsupported feature
    • “1”: file name and file type access information
    • disable=8 disables “Poor Man’s Routing”: dir node1::node2::node3::
networking decnet100
Networking - DECnet
  • FAL Logging
  • FAL$LOG, cont’d
    • Produces copious output - use with discretion.
  • FAL$OUTPUT
    • Can be used to specify the name of the log file to create in place of SYS$OUTPUT
    • $ DEFINE FAL$OUTPUT FAL.LOG
networking lat
Networking - LAT
  • LAT - Local Area Transport
  • Robust, Efficient
    • Can package data for multiple sessions at the same MAC address into common packets.
  • Not routable
    • No routable info in the network layer
  • DEC-proprietary (licensed)
    • Specification published under license
networking lat102
Networking - LAT
  • LAT Control Program (LATCP)
  • Managememt interface for LAT
  • Controls services broadcast by an OpenVMS node
  • Used to create, manage and delete LTA devices on OpenVMS nodes.
networking mop
Networking MOP
  • Maintenance Operation Protocol
  • Not routable
    • No routable info in the network layer
  • DEC-proprietary (licensed)
    • Specification published under license
  • Remote Console facility
  • Downline load, upline dump.
networking mop104
Networking MOP
  • Maintenance Operation Protocol
  • User interfaces - Remote Console:
    • NCP (DECnet Phase IV)
      • CONNECT NODE
      • CONNECT VIA circuit_id PHYS ADDR mac_addr
    • LANCP
      • CONNECT NODE name/DEVICE=enet_dev:
    • SET HOST/MOP (DECnet Phase V)
      • SET HOST/MOP node_name
      • SET HOST/MOP/ADDR=mac_addr/CIRC=xxxx
networking mop105
Networking MOP
  • Maintenance Operation Protocol
  • User interfaces - Downline Load, Upline dump:
    • NCP (DECnet Phase IV)
      • DEFINE/SET NODE name -
      • ADDRESS xx-xx-xx-xx-xx-xx -
      • SERVICE CIRCUIT xxx-n -
      • LOAD FILE filespec -
      • SECONDARY LOADER filespec -
      • DUMP FILE filespec
networking mop106
Networking MOP
  • Maintenance Operation Protocol
  • User interfaces - Downline Load:
    • LANCP
      • DEFINE NODE name -
      • /ADDRESS=xx-xx-xx-xx-xx-xx-
      • /FILE=filespec
      • Mostly for use in booting LAVc nodes
      • LANCP does not provide for upline dump
networking remote access
Networking - Remote Access
  • Types of remote Access:
  • DECnet
    • SET HOST (CTERM)
    • Remote File Access
    • NML (NCP SET EXECUTOR NODE)
  • LAT
    • Connect (from terminal server or PC w/LAT)
    • SET HOST/LAT
networking remote access108
Networking - Remote Access
  • Types of remote Access, cont’d:
  • TCP/IP:
    • TELNET
    • Rshell
    • Rlogin
networking remote proc s
Networking - Remote Proc.’s
  • Types of Remote Procedures:
  • DECnet
    • DECnet objects
    • SUBMIT/REMOTE, PRINT/REMOTE
  • TCP/IP
    • RPC (Remote Procedure Call)
    • Secure Socket Layer (SSL)
networking remote proc s110
Networking - Remote Proc.’s
  • Security Concerns
  • DECnet objects like TASK
  • Unsecured accounts by any access method. (This is not a security presentation.)
network alerts
Network Alerts
  • OPCOM Alerts for network access
  • SET AUDIT/ENABLE=CONNECTION
    • DECnet (Phase IV)
    • $IPC
    • SYSMAN
  • SET AUDIT/ENABLE=LOGIN=
    • ALL, BATCH, DETACHED, DIALUP, LOCAL, NETWORK, REMOTE, SUBPROCESS
network alerts112
Network Alerts
  • Additional OPCOM Alerts for FTP
  • Add commands to the DCL proc. associated with the FTP service.
    • Example: MULTINET:FTP_SERVER.COM
  • Can be as general or specific needed.
  • See the documentation and example code for your TCP/IP stack.
seminar 1024113
Seminar 1024
  • System Startup
  • Procedure
system startup
System Startup
  • Default /STARTUP procedure:
  • SYS$SYSTEM:STARTUP.COM
  • Set using SYSBOOT, SYSGEN or SYSMAN.
system startup115
System Startup
  • STARTUP Phases:
  • In SYS$STARTUP:VMS$VMS.DAT
    • RMS Indexed file
    • Changes to this area of the startup are *NOT* supported by HP.
system startup116
System Startup
  • STARTUP Phases:
  • $ TY SYS$STARTUP:VMS$VMS.DAT
  • BASEENVIRON DVMS$BASEENVIRON-050_VMS.COM
  • E*BASEENVIRON DVMS$BASEENVIRON-050_SMISERVER.COM
  • E*BASEENVIRON DVMS$BASEENVIRON-050_LIB.COM
  • E*BASEENVIRON DDECDTM$STARTUP.COM
  • E*BASEENVIRON DLICENSE_CHECK.EXE
  • E*CONFIG DVMS$CONFIG-050_VMS.COM
  • E*CONFIG DVMS$CONFIG-050_ERRFMT.COM
  • E*CONFIG DVMS$CONFIG-050_CACHE_SERVER.COM
  • E*CONFIG DVMS$CONFIG-050_CSP.COM
  • E*CONFIG DVMS$CONFIG-050_OPCOM.COM
  • E*CONFIG DVMS$CONFIG-050_AUDIT_SERVER.COM
  • E*CONFIG DVMS$CONFIG-050_JOBCTL.COM
  • E*CONFIG DVMS$CONFIG-050_LMF.COM
  • E*CONFIG DVMS$CONFIG-050_SHADOW_SERVER.COM
  • E*CONFIG DVMS$CONFIG-050_SECURITY_SERVER.COM
  • E*DEVICES DVMS$DEVICE_STARTUP.COM
  • E*INITIAL DVMS$INITIAL-050_VMS.COM
  • E*INITIAL DVMS$INITIAL-050_LIB.COM
  • E*INITIAL CVMS$INITIAL-050_CONFIGURE.COM
  • E*LPBEGIN DVMS$LPBEGIN-050_STARTUP.COM
  • E*PRECONFIG DIPC$STARTUP.COM
  • E*PRECONFIG DVMS$SPIRALOG_STARTUP.COM
  • E*
system startup phases files
System Startup Phases, Files
  • INITIAL
  • DEVICES
    • SYCONFIG
    • SYLOGICALS
    • SYPAGSWPFILES
  • PRECONFIG
  • CONFIG
    • SYSECURITY
  • BASEENVIRON
  • LPBEGIN
    • SYSTARTUP_VMS
  • LPMAIN
  • LPBETA
  • END
system startup phases files118
System Startup Phases, Files
  • INITIAL
  • DEVICES
    • SYCONFIG These files are always
    • SYLOGICALS executed, even during a
    • SYPAGSWPFILES “MIN”-imum boot.
  • PRECONFIG
  • CONFIG
    • SYSECURITY
  • BASEENVIRON
  • LPBEGIN
    • SYSTARTUP_VMS
  • LPMAIN
  • LPBETA
  • END
system startup119
System Startup
  • Site-Specific STARTUPs:
  • SYSTARTUP_VMS.COM in SYS$MANAGER path.
  • SYSTARTUP_V5.COM in V5.x
  • SYSTARTUP.COM in V4 and earlier.
system startup120
System Startup
  • STARTUP Parameters:
  • STARTUP_P1
    • blank - Normal System Startup
    • “MIN” - Minimal Startup
      • No SYSTARTUP_VMS but
      • Most of the other SY*.COM proc.’s will still be run.
system startup121
System Startup
  • STARTUP Parameters:
  • STARTUP_P2
    • blank - Normal System Startup
    • “1”, “YES” or “TRUE” - Verify on
  • STARTUP_P3 thru _P8
    • Reserved for future use
system startup122
System Startup
  • SYSTARTUP_VMS :
  • Author prefers to keep procedure modular for easier maintenance, invoke modules from SYSTARTUP_VMS:
    • $ SET NOON
    • .
    • .
    • .
    • $ @MOUNT_DISKS
    • $ @DEFINE_GROUP_LOGICALS
system startup123
System Startup
  • SYSTARTUP_VMS :
  • Author prefers to keep procedure modular for easier maintenance, invoke node-specific proc.’s from SYSTARTUP_VMS:
      • $ FSP = F$SEARCH( -
      • “SYS$MANAGER:SYSTARTUP.COM” )
      • $ IF FSP .NES. “” THEN @&FSP
    • Avoids redundant, cut-and-paste code.
system startup124
System Startup
  • SYSTARTUP_VMS :
  • Logging SYSTARTUP_VMS:
    • $ SET NOON
    • $ DEFINE SYS$OUTPUT -
    • SYS$MANAGER:SYSTARTUP_VMS.LOG
    • .
    • .
    • .
    • $ DEASSIGN SYS$OUTPUT
system startup125
System Startup
  • Saving/reporting a crash dump at System Startup time:
    • $ ANALYZE/CRASH_DUMP SYS$SYSTEM:SYSDUMP.DMP
    • COPY ddcu:<dir>:SAVEDUMP.DMP ! copy to wherever is convenient.
    • SET OUTPUT SYS$MANAGER:SYSDUMP.LIS ! Set this as you like
    • READ/EXEC
    • ! READ SYS$SYSTEM:SYSDEF ! For VAX
    • READ SYS$LOADABLE_IMAGES:SYSDEF ! For Alpha
    • SHOW CRASH
    • SHOW STACK /ALL
    • SHOW SUMMARY
    • SHOW PROCESS /PCB /PHD /REGISTERS
    • SHOW SYMBOL /ALL
    • EXIT
system startup126
System Startup
  • DEFINE-ing Group Logicals at Startup:
    • SET up a DCL procedure to DEFINE (or assign) the needed logicals using /GROUP and whatever access mode is appropriate.
    • Invoke that procedure as a detached process at system startup time.
system startup127
System Startup
  • DEFINE-ing Group Logicals at Startup:
  • Example:
      • $ RUN SYS$SYSTEM:LOGINOUT.EXE-
      • /UIC=[300,1]-
      • /INPUT=GROUP_300_LOGICALS.COM-
      • /OUTPUT=GROUP_300_LOGICALS.LOG
    • The UIC specified does not need to exist in the UAF.
system startup128
System Startup
  • DEFINE-ing Group Logicals at Startup:
  • Alternate Example:
      • $ RUN SYS$SYSTEM:LOGINOUT.EXE-
      • /UIC=[300,1]/INPUT=NLA0:/OUTPUT=NLA0:
    • The UIC specified does not need to exist in the UAF.
    • The example creates the LNM$GROUP_000300 table.
    • Logical names can then be created in that table by any suitably privileged process.
system startup129
System Startup
  • Setting logins at Startup:
  • Global DCL symbol (STARTUP process) is set up during SYS$STARTUP:VMS$BASEENVIRON-050_VMS.COM:
    • $startup$interactive_logins == 64
system startup130
System Startup
  • Setting logins at Startup, cont’d:
  • Global DCL symbol (STARTUP process) is used in SYS$STARTUP:VMS$LPBEGIN-050_STARTUP.COM:
    • $set logins/interactive='startup$interactive_logins
system startup131
System Startup
  • Setting logins at Startup, cont’d:
  • Change the value of startup$interactive_logins during SYSTARTUP_VMS:
  • $ startup$interactive_logins == -
  • F$GETSYI( “IJOBLIM” )
system startup132
System Startup
  • Setting logins at Startup, cont’d:
  • $ startup$interactive_logins == -
  • F$GETSYI( “IJOBLIM” )
  • Notes:
  • Set the desired value for IJOBLIM in MODPARAMS and run AUTOGEN, or change the CURRENT value using SYSMAN or SYSGEN. Change takes effect on next boot.
system startup133
System Startup
  • Setting logins at Startup, cont’d:
  • $ startup$interactive_logins == -
  • F$GETSYI( “IJOBLIM” )
  • Notes, cont’d:
  • IJOBLIM is a dynamic parameter. The SET LOGINS/INTERACTIVE command displays or varies its value. See the HELP.
system startup134
System Startup
  • Setting logins at Startup, cont’d:
  • SET LOGINS/INTERACTIVE caveat:
  • Largely undocumented, little known fact: until this command is issued for the first time after a reboot, the job controller will not create interactive processes.
  • If used in SYSTARTUP_VMS, it may enable logins before the system is ready for users to log in.
system startup135
System Startup
  • Setting logins at Startup, cont’d:
  • SET LOGINS/INTERACTIVE caveat:
  • DO NOT USE THIS COMMAND IN SYSTARTUP_VMS!!!
  • …or any proc. that it invokes!!!
  • Use the global DCL symbol instead (STARTUP$INTERACTIVE_LOGINS).
system startup vms files
System Startup - VMS Files
  • Must never be changed unless software documentation or VMS support instructs you to do so.
  • May be replaced when VMS or layered products are upgraded.
  • May use deprecated lexical functions (like F$LOGICAL()), or may contain misspelled function names (like F$GETSYS(), DCL sees only F$GETS).
system startup vms files137
System Startup - VMS Files
  • Site-specific startups are usually found in the SYS$MANAGER path.
seminar 1024138
Seminar 1024
  • SYSMAN and
  • STARTUP
sysman startup
SYSMAN & STARTUP
  • SYSMAN can be used to modify the “user” portion of the startup database.
    • Two database files used by SYSMAN:
      • STARTUP$STARTUP_VMS
        • Used for the VMS startup
        • DO NOT MODIFY!!!
      • STARTUP$STARTUP_LAYERED
        • When you add an item using SYSMAN it goes here.
sysman startup140
SYSMAN & STARTUP
  • SYSMAN can be used to modify the “user” portion of the startup database.
    • Not as flexible the traditional method using SYSTARTUP_VMS.
    • Not as widely used. Incoming SysAdmins may be unware of previous modifications to the startup database using SYSMAN.
    • Allows for specifying that some startup procedures run in BATCH, in-line (DIRECT) or in sub-processes (SPAWN).
sysman startup141
SYSMAN & STARTUP
  • Allows for entering startup items that run after SYSTARTUP_VMS.
    • SYSTARTUP_VMS is invoked during the LPBEGIN phase.
    • Valid phases for SYSMAN STARTUP entries are LPBEGIN, LPMAIN, LPBETA and END.
    • Premature logins are possible if SYSTARTUP_VMS enables logins before startups in later phases (LPMAIN, LPBETA or END) have run.
seminar 1024142
Seminar 1024
  • Conversational Boot,
  • Minimum Startup
conversational boot
Conversational Boot
  • Most Current Alphas, VAX 7000:
    • >>> boot –fl x,1
  • VAX 6000
    • >>> BOOT boot_profile/R5=1
    • >>> BOOT boot_profile/R5=x0000001
  • Older small VAXes
    • >>> B/R5:1 or B/R5:x0000001
  • VAX 8000’s
    • See the manual
minimum boot
Minimum Boot
  • >>> b –fl 10,1
  • SYSBOOT> SET STARTUP_P1 “MIN”
  • SYSBOOT> CONTINUE
  • Use SET WRITESYSPARAMS 0 before CONTINUE for a one-time minimum boot.
seminar 1024145
Seminar 1024
  • System Shutdown
  • Procedure
system shutdown
System Shutdown
  • $ @SYS$SYSTEM:SHUTDOWN
    • Prompts interactively for parameters
    • Parameters can also be specified on the command line that invokes the procedure.
      • See the SHUTDOWN and REBOOT symbols in SYS$MANAGER:LOGIN.TEMPLATE
system shutdown147
System Shutdown
  • SYS$SYSTEM:SHUTDOWN.COM
  • Parameters:
      • P1 = Minutes to final shutdown
      • P2 = Reason for Shutdown
      • P3 = Spin down disk volumes? (Y/N)
      • P4 = Invoke SYSHUTDWN.COM? (Y/N)
      • P5 = When will system be rebooted?
      • P6 = Should auto. reboot be performed? (Y/N)
      • P7 = Options (SAVE_FEEDBACK, etc.)
      • P5 and P6 are reverse order to the prompts.
site specific shutdown proc
Site-Specific Shutdown Proc.
  • SYSHUTDWN.COM
  • Found in the SYS$MANAGER path.
system shutdown149
System Shutdown
  • SYS$SYSTEM:SHUTDOWN.COM
  • Logical Names
    • SHUTDOWN$MINIMUM_MINUTES
      • Default value for minutes to final shutdown.
    • AGEN$SHUTDOWN_TIME
      • Used by AUTOGEN as minutes to final SHUTDOWN or REBOOT.
shutdown options
Shutdown Options
  • REBOOT_CHECK
  • SAVE_FEEDBACK
  • DISABLE_AUTOSTART
  • POWER_OFF
shutdown options151
Shutdown Options
  • REBOOT_CHECK
  • Performs a basic check for the existence of files needed to reboot the system.
  • Not comprehensive - cannot detect a damaged boot block, corrupted bootstrap image, etc.
shutdown options152
Shutdown Options
  • SAVE_FEEDBACK
  • Saves some vital statistics about the system that can be used by AUTOGEN after the system comes back up.
  • Same as the SAVPARAMS phase of AUTOGEN.
shutdown options153
Shutdown Options
  • DISABLE_AUTOSTART
  • Use this if needed to prevent AUTOSTART queues on this node from being restarted once SHUTDOWN has STOPped them.
shutdown options154
Shutdown Options
  • POWER_OFF
  • If the system console supports it, request that the machine power itself down once VMS has been SHUTDOWN.
shutdown options clusters
Shutdown Options - Clusters
  • REMOVE_NODE for all but the last node.
    • Node exits the cluster gracefully.
  • CLUSTER_SHUTDOWN for the last cluster node to be shutdown.
    • If used on all nodes, each node waits for other nodes to reach the point of exiting the cluster, then proceeds to shutdown (“dissolves” the cluster).
every shutdown
Every Shutdown
  • Author recommends you always specify option REBOOT_CHECK for all nodes.
  • Has been helpful in preventing some nasty surprises.
autogen
AUTOGEN
  • SYS$UPDATE:AUTOGEN.COM
  • DCL procedure supplied by OpenVMS as an aid in tuning the OpenVMS system.
  • Not a replacement for diligent system management.
autogen159
AUTOGEN
  • Applies changes to the default system parameters as specified in the file
    • SYS$SYSTEM:MODPARAMS.DAT
  • Is invoked during installs and upgrades, sometimes more than once.
  • Can be used to help size the swap and page files.
autogen modparams
AUTOGEN - MODPARAMS
  • SYS$SYSTEM:MODPARAMS.DAT
  • This is where changes to the default values are made so they persist from one AUTOGEN to the next.
  • Entries look like this:
    • parameter_name = needed_value
    • MIN_parameter_name = needed_value
    • MAX_parameter_name = needed_value
    • ADD_ parameter_name = needed_value
autogen modparams161
AUTOGEN - MODPARAMS
  • parameter_name = needed_value
  • Provides a hard-coded value for the parameter.
    • SCSNODE = “ALPHAONE”
    • GBLPAGES = 121589
  • AUTOGEN calculations do not over-ride hard-coded values.
autogen modparams162
AUTOGEN - MODPARAMS
  • MIN_parameter_name = minimum_value
  • Provides a minimum value for the parameter.
    • MIN_GBLPAGES = 121589
  • AUTOGEN may calculate and use a higher value, but will always use the MIN_ if it calculates a lower value.
autogen modparams163
AUTOGEN - MODPARAMS
  • MAX_parameter_name = maximum_value
  • Provides a maximum value for the parameter.
    • MAX_GBLPAGES = 12158900
  • AUTOGEN may calculate and use a lower value, but will always use the MAX_ if it calculates a higher value.
autogen modparams164
AUTOGEN - MODPARAMS
  • ADD_parameter_name = addtl_value
  • Provides an addition to the default value for the parameter.
    • ADD_GBLPAGES = 81920
  • AUTOGEN can use feedback to calculate a new value, then adds the specified value to the calculated value.
autogen phases
AUTOGEN - Phases
  • SAVPARAMS - Collects Feedback
  • GETDATA - Collects all other data
  • GENPARAMS - Generates new parameters
  • TESTFILES - Calculates new sys file sizes
  • GENFILES - Generates new system files
  • SETPARAMS - Creates new boot param.’s
  • SHUTDOWN - Shutdown the system
  • REBOOT - Reboot the system
  • HELP - Displays AUTOGEN info
autogen phases166
AUTOGEN - Phases
  • SAVPARAMS
  • Saves dynamic feedback from the running system.
  • Same as SAVE_FEEBACK option of SHUTDOWN.
autogen phases167
AUTOGEN - Phases
  • GETDATA
  • Collects all data to be used in AUTOGEN calculations.
  • Includes existing feedback data if it is not over 30 days old.
  • Includes MODPARAMS info.
autogen phases168
AUTOGEN - Phases
  • GENPARAMS
  • Performs calculations and generates the new system parameters (but does not yet set them into the “Current” parameters).
  • Creates the new list of installed images based on the state of the currently running system.
autogen phases169
AUTOGEN - Phases
  • TESTFILES
  • Calculates new page and swap file sizes, but does not apply any changes.
autogen phases170
AUTOGEN - Phases
  • GENFILES
  • Generates new swap and page files based on AUTOGEN calculations.
  • Use entries in MODPARAMS to override:
  • DUMPFILE=0
  • SWAPFILE=0
  • PAGEFILE=0
autogen phases171
AUTOGEN - Phases
  • SETPARAMS
  • Creates the new boot-time (“current”) parameters.
  • Changes take effect on the next boot.
autogen phases172
AUTOGEN - Phases
  • SHUTDOWN
  • Shutdown the system and leave it ready for a manual boot or other console-level operations.
autogen phases173
AUTOGEN - Phases
  • REBOOT
  • Reboot the system using the newly generated parameters and/or system files.
autogen phases174
AUTOGEN - Phases
  • HELP
  • Display HELP information for how to use AUTOGEN.
  • Useful to output this to a file:
  • $ @SYS$UPDATE:AUTOGEN-
  • /OUTPUT=AGEN_HELP.LIS HELP
autogen phases175
AUTOGEN - Phases
  • Typical uses:
    • See if current MODPARAMS settings are suitable:
    • $ @SYS$UPDATE:AUTOGEN -
    • SAVPARAMS TESTFILES
    • Generate new system parameters for next boot:
    • $ @SYS$UPDATE:AUTOGEN -
    • SAVPARAMS SETPARAMS
    • AUTOGEN using previously saved feedback:
    • $ @SYS$UPDATE:AUTOGEN -
    • GENPARAMS SETPARAMS
autogen phases176
AUTOGEN - Phases
  • Typical uses:
    • AUTOGEN ignoring feedback:
    • $ @SYS$UPDATE:AUTOGEN -
    • GENPARAMS SETPARAMS NOFEEDBACK
    • AUTOGEN using previously saved feedback, if it is
    • valid:
    • $ @SYS$UPDATE:AUTOGEN -
    • GENPARAMS SETPARAMS - CHECK_FEEDBACK
autogen report
AUTOGEN - Report
  • SYS$SYSTEM:AGEN$PARAMS.REPORT
  • Generated on each run of AUTOGEN during the GENPARAMS phase.
  • Indicates any MODPARAMS errors detected by AUTOGEN.
  • Indicates the results of AUTOGEN calculations and resulting changes to system parameters.
autogen logging
AUTOGEN - Logging
  • AUTOGEN issues useful information on SYS$OUTPUT, also.
  • Some SysAdmins find this useful:
    • $ @SYS$UPDATE:AUTOGEN/OUT=AGEN.LOG -
    • start_phase end_phase
seminar 1024179
Seminar 1024
  • Useful Tips
  • and Tricks
useful tips and tricks
Useful Tips and Tricks
  • An “uptime” command:
  • $ SHOW SYSTEM/NOPROCESS
  • $ UPT*TIME :== SHOW SYSTEM/NOPROCESS
useful tips and tricks181
Useful Tips and Tricks
  • An simple command to show usage:
  • $ SHL :== -
  • PIPE SHOW USERS/FULL | -
  • (READ SYS$PIPE P9 ; -
  • WRITE SYS$OUTPUT P9 ; -
  • READ SYS$PIPE P9 ; -
  • WRITE SYS$OUTPUT P9 ; -
  • SET LOGINS)
seminar 1024182
Seminar 1024
  • OpenVMS System
  • Management Tools
system management tools
System Management Tools
  • Supplied as no-charge additional software, licensed with OpenVMS.
  • StorageWorks Command Console(SWCC)
  • OpenVMS Management Station(“TNT” or “Argus”)
  • Accessibility Manager for Distributed Systems (AMDS), Availability Manager
seminar 1024184
Seminar 1024
  • StorageWorks
  • Command Console
storageworks cmd console
StorageWorks Cmd Console
  • Provides MS/Win GUI for management of StorageWorks storage array controllers.
    • HSJ (CI)
    • HSZ (SCSI)
    • HSG (FC-SF)
  • Uses TCP/IP to communicate with server agent on OpenVMS.
  • Behaves like other “Explorer” software.
storageworks cmd console186
StorageWorks Cmd Console
  • Limitations:
  • PC’s IP address must back-translate
    • DHCP is o.k. so long as DNS is updated when address lease is obtained / renewed.
  • Does not work over WAN unless PC’s DNS name is “visible” outside of firewall and firewall allows the TCP ports.
  • OpenVMS server agent will only run on one node of a cluster.
storageworks cmd console187
StorageWorks Cmd Console
  • Limitations, cont’d:
  • Unit names and storage-set names are assigned randomly and arbitrarily.
    • Some names can be changed manually using the CLI.
  • Can hold onto the virtual console so that other access means are denied:
    • SET HOST/DUP, SET HOST/SCSI
storageworks cmd console188
StorageWorks Cmd Console
  • Limitations, cont’d:
  • Disks falling into the Failed Set are detected and reported as warnings; however, CLI messages are not passed through to the GUI - you must still connect to the CLI to get them.
    • “Other controller restarted”
    • Cache battery alerts
storageworks cmd console189
StorageWorks Cmd Console
  • Limitations, cont’d:
  • No provisions for running HSx utilities and diagnostics.
  • No performance data available via the GUI - use the CLI to run VTDPY.
storageworks cmd console190
StorageWorks Cmd Console
  • Management Considerations
  • PCs must be authorized to access OpenVMS server agent. Use the SWCC configuration utility supplied with the OpenVMS-side software.
  • Controllers and/or controller pairs must be set up using the SWCC configuration utility supplied with the OpenVMS-side software.
storageworks cmd console191
StorageWorks Cmd Console
  • Management Considerations
  • HSZ and HSG controller pairs present only a single virtual device for remote access - cannot connect to an individual controller by name using the CLI window.
  • You will still need to access the physical console terminal port from time to time, as when a controller fails out of the pair.
seminar 1024211
Seminar 1024
  • OpenVMS
  • Management
  • Station
openvms mgt station
OpenVMS Mgt Station
  • Provides an MS/Win GUI for management of some areas of OpenVMS:
  • User records and identifiers
  • OpenVMS storage
  • Printer (but not batch) queues.
  • Uses TCP/IP to communicate between Windows client and OpenVMS Server.
openvms mgt station213
OpenVMS Mgt Station
  • Considerations:
  • No interfaces for application-specific user setups.
  • Provides only for “traditional” OpenVMS printer queues - no provisions for TCP/IP considerations.
  • V3.0 is still available for Alpha/NT. Later versions are Intel only.
openvms mgt station214
OpenVMS Mgt Station
  • Considerations:
  • Runs on W/NT and W2K, W/98, and W/95, but needs Internet Explorer V3.02 or later to provide some support.
  • V3.2 Server needs OpenVMS V6.2 or later.
openvms mgt station217
OpenVMS Mgt Station
  • Set up Wizard
openvms mgt station218
OpenVMS Mgt Station
  • Set up Wizard
openvms mgt station219
OpenVMS Mgt Station
  • Set up Wizard
openvms mgt station220
OpenVMS Mgt Station
  • Set up Wizard
openvms mgt station221
OpenVMS Mgt Station
  • Set up Wizard
openvms mgt station223
OpenVMS Mgt Station
  • Logon to a managed system
openvms mgt station224
OpenVMS Mgt Station
  • Accounts Window
openvms mgt station225
OpenVMS Mgt Station
  • Account
  • Detail
openvms mgt station226
OpenVMS Mgt Station
  • Printers and other Symbiont Queues
openvms mgt station227
OpenVMS Mgt Station
  • Detail of Printers / Symbiont Queues
openvms mgt station228
OpenVMS Mgt Station
  • OpenVMS Storage
openvms mgt station229
OpenVMS Mgt Station
  • OpenVMS Storage Detail
openvms mgt station230
OpenVMS Mgt Station
  • OpenVMS Server reads OMS configuration when it starts.
  • Storage configured in OMS and not yet MOUNTed gets MOUNTed (if enabled).
  • Symbiont queues configured in OMS and not yet STARTed get STARTed.
openvms mgt station231
OpenVMS Mgt Station
  • OpenVMS Server builds a DCL procedure that can be used to MOUNT your storage, even if the server cannot be started for whatever reason:TNT$EMERGENCY_MOUNT.COM
openvms mgt station232
OpenVMS Mgt Station
  • Can be useful to ease certain system management tasks that would otherwise require the use of command-line utilities, but is not a replacement for those utilities.
openvms mgt station233
OpenVMS Mgt Station
  • Download URL:
  • http://www.openvms.compaq.com/openvms/products/argus/download.html
seminar 1024234
Seminar 1024
  • Accessibility Manager for
  • Distributed Systems
  • (AMDS) and
  • Availability Manager
slide235
AMDS
  • Provides DECwindows interface for
  • system or cluster management, some
  • performance monitoring.
  • Warnings can be issued when performance metrics go out of spec. - you determine the thresholds for your environment.
  • Can (maybe) be used to “un-hang” a cluster (force quorum adjustment).
slide236
AMDS
  • Considerations:
  • Uses a proprietary, non-routable network protocol.
  • For optimum availability management, needs to run on a separate OpenVMS workstation (not a cluster member).
  • AMDS workstation must be on same LAN segment as cluster nodes or protocol must be bridged bt segments.
slide237
AMDS
  • Considerations:
  • AMDS workstation can be accessed remotely (X on Linux, Solaris or *BSD; Reflection/X or Exceed, etc. on MS Win; DECwindows on OpenVMS).
slide238
AMDS
  • Licensing:
  • AMDS license is now included in the OpenVMS base license (as of AMDS V7.1).
  • Software Kit:
  • On the OpenVMS binary CD.
  • On the OpenVMS website.
slide239
AMDS
  • Startup Procedure:
  • $ @SYS$STARTUP:AMDS$STARTUP
    • Specify START as the first parameter.
slide240
AMDS
  • Logical Names:
    • Defined in AMDS$SYSTEM:AMDS$LOGICALS.COM
      • AMDS$GROUP_NAME is the node information display group, default is DECAMDS
        • Define a group name for each cluster
      • AMDS$DEVICE defines the network device to use if multiple LAN connections are present.
availability mgr
Availability Mgr
  • Availability Manager
  • An MS Windows tool (W/NT, W2K)
  • Does not require an X-server on the PC.
  • Uses the same non-routable protocol as AMDS - similar restrictions.
  • Could be accessed remotely using PCAnywhere, or maybe Citrix.
slide242
AMDS
  • AMDS Screen shots follow.
  • Many display objects can be selected to “drill down” for more information.
seminar 1024250
Seminar 1024
  • OpenVMS
  • Security Elements
openvms security elements
OpenVMS Security Elements
  • An OpenVMS system is only as secure as the SysAdmin makes it.
  • Understanding and using the elements of OpenVMS Security is the best way to help ensure the security and integrity of an OpenVMS system.
openvms security elements252
OpenVMS Security Elements
  • Points to remember:
  • TELNET and FTP sessions are not encrypted, passwords are sent as clear text. Use Secure Shell and Secure FTP for best security.
  • LAT and DECnet are not encrypted, passwords are sent as clear text.
openvms security elements253
OpenVMS Security Elements
  • User Identification Codes
  • [group,user]
  • Similar to UN*X UIDs, except digits are always octal.
  • Users belong to only one UIC group. Use Rights Identifiers to grant additional access.
openvms security elements254
OpenVMS Security Elements
  • Protection Masks
  • Based on the UIC.
  • Four classes of permission:
    • System
    • Owner
    • Group
    • World
      • UN*X only has Owner, Group, World
openvms security elements255
OpenVMS Security Elements
  • Levels of Permission in each class:
  • Files
  • Read - Open read only
  • Write - Open write only
  • Execute - Run (if it’s a program/proc.)
  • Delete - Delete the file
    • (Requires write access to parent directory.)
openvms security elements256
OpenVMS Security Elements
  • Levels of Permission in each class:
  • Directories
  • Read - List files
  • Write - Create/delete files
  • Execute - Traverse the directory (Look up files)
  • Delete - Delete the directory (Requires Write access to parent).
openvms security elements257
OpenVMS Security Elements
  • Levels of Permission in each class:
  • Devices
  • READ
  • WRITE
  • LOGICAL I/O
  • PHYSICAL I/O
openvms security elements258
OpenVMS Security Elements
  • Levels of Permission in each class:
  • Queues
  • READ - Display queue, jobs
  • MODIFY - Modify queue, jobs
  • SUBMIT - SUBMIT/PRINT jobs
  • DELETE - Delete jobs or the queue
openvms security elements259
OpenVMS Security Elements
  • Access Control Lists
  • Specify access control beyond the UIC based protections.
  • Consist of access control entries.
openvms security elements260
OpenVMS Security Elements
  • Access Control Entries
  • Associate access control with UICs or Rights Identifiers
  • Levels of access:
  • READ DELETE
  • WRITE CONTROL
  • EXECUTE
  • Object owner always has CONTROL
openvms security elements261
OpenVMS Security Elements
  • Rights Identifiers
  • Created using AUTHORIZE.
  • Can be associated with a resource (disk file - to control disk quotas).
  • GRANTed to or REVOKEd from users using AUTHORIZE.
  • Can be dynamic – non-privileged users can acquire and release using SET RIGHTS_LIST in DCL.
openvms security elements262
OpenVMS Security Elements
  • Propagating ACEs, Default Protections
  • Set an ACE on a directory with the DEFAULT attribute.
  • Default Protection ACE is set on a directory.
  • Will be applied to new files, or use SET SECURITY/DEFAULT to propagate to existing files.
openvms security elements263
OpenVMS Security Elements
  • Set ACEs in the proper sequence
  • First matching ACE determines access.
  • Enter ACEs from least restrictive to most restrictive. EDIT/ACL can be helpful.
  • ACL takes priority over UIC based protection mask.
seminar 1024264
Seminar 1024
  • Closing Comments,
  • Q & A
freeware sources
Freeware Sources
  • The OpenVMS Freeware CDs are online at the OpenVMS website.
  • The DFWCUG DECUS CD-ROM Archive:ftp://ftp.montagar.com/decus/
  • DFWCUG OVMS Freeware V3 Archive:ftp://ftp.montagar.com/freeware-v3/
  • DJE Systems OpenVMS Freeware archive:http://www.djesys.com/freeware/vms/
  • OpenVMS FAQhttp://www.openvms.compaq.com/wizard/faq/vmsfaq.html
seminar 1024266
Seminar 1024
  • Thanks for coming!
  • Disclaimer: All information is correct to the best of the author’s knowledge.
  • Please fill out the evaluation forms, if available.