Document revision date: 15 July 2002

To help determine the expected behavior of OpenVMS utilities and commands for ODS-5, the following levels of support have been established. Each level outlines the acceptable behavior of a utility or command when it encounters an extended (ODS-5 compliant) file specification.

The levels of support for ODS-5, from full support to no support, are defined in Sections 10.3.1.1 through 10.3.1.4.

10.3.1.1 Full Support

OpenVMS utilities and commands that offer full support for ODS-5 have been specifically modified to take advantage of all the features of extended file naming. These utilities and commands should accept and handle extended file specifications without error while maintaining the case as created.⁴

In addition, OpenVMS commands and utilities that fully support Extended File Specifications can accept and produce long file specifications that exceed the traditional 255-byte limit in their original form⁵-without requiring them to be abbreviated in Directory ID (DID) or File ID (FID) format.

The following DCL commands and OpenVMS utilities provide full support for extended file names:

ANALYZE /AUDIT
ANALYZE /DISK
ANALYZE /RMS
BACKUP
CONVERT
CONVERT /RECLAIM
COPY
CREATE /DIRECTORY
DELETE
DIRECTORY
DUMP
EDIT /ACL
EXCHANGE /NETWORK
FDL
PURGE
RECOVER/RMS
RENAME
SEARCH
SET SECURITY
SYSMAN
TYPE

OpenVMS utilities and commands with default support have had little or no modification to take advantage of Extended File Specifications. These utilities and commands are expected to handle most of the attributes of extended file specifications (such as new characters and deep directory structures) correctly. However, file names may be created or displayed with the wrong case.

In contrast with utilities that have full support, utilities with default support rely on DID and FID abbreviation offered by RMS to handle long file specifications. As a result, these utilities are subject to the following restrictions related to DID and FID abbreviation:

• Matching operations in an environment where FID abbreviation is used may not always work as expected. For example, wildcard matching operations may not capture all target file names because the long file names may be represented in their numeric FID-abbreviated form. This restriction specifically applies to matching operations that are performed outside of RMS.
• Wildcards and sticky defaults cannot be used with a FID abbreviation. For example, the following commands are illegal:

  $ DIRECTORY a[1,2,3]*.txt $ COPY a[1,2,3].txt *.txt2

  
  Because a FID abbreviation is a unique numeric representation of one file, it cannot be used to represent or match any other file.

• Creating a file using a FID abbreviation is illegal.

For more information about DID abbreviations and FID abbreviations, see OpenVMS User's Manual.

10.3.1.3 No Support for Extended File Naming

OpenVMS utilities and commands that do not support extended file names can function on ODS-5 volumes; however, they are restricted to operating with traditional file specifications only. These utilities and commands should be used carefully on ODS-5 volumes because Compaq cannot ensure that they will function successfully when they encounter extended file specifications.

Table 10-1 lists the OpenVMS utilities and commands that do not support Extended File Specifications because of limitations with either handling extended file names or the ODS-5 volume structure.

10.3.1.4 No Support for ODS-5

OpenVMS utilities and commands that do not support the ODS-5 volume structure cannot handle extended file names. These utilities and commands should be used carefully on ODS-5 volumes because Compaq cannot ensure that they will function successfully even when they only encounter traditional file specifications.

Table 10-1 lists the OpenVMS utilities and commands that do not support Extended File Specifications because of limitations with either handling extended file names or the ODS-5 volume structure.

Table 10-1 Non-Supported OpenVMS Components

Component	Notes
No ODS-5 Support
Disk defragmenters	Unsupported unless a specific defragmentation tool documents that it has been updated to support an ODS-5 volume. 6
System disk	Do not set to or initialize as an ODS-5 volume.
No Extended File Naming Support
Code compilers	Cannot use extended file names for object files. However, code compilers can create applications that support extended names.
INSTALL Known images	Do not install an image with an extended file name as a known image.
LINK	Cannot output an image with an extended file name.
MONITOR	Cannot reliably process extended file names.
Network files (NET*.DAT)	Do not rename to an extended file name.
Object modules (.OBJ)	Do not rename to an extended file name.
Page and swap files	Do not use an extended file name.
SYSGEN	Do not write a parameter file with an extended file name.
System startup files	Do not rename to an extended file name.

10.4 Controlling Access to ODS-5 Volumes

System managers might choose to enforce one or both of the following restrictions:

• Prevent users on a VAX from accessing files on an ODS-5 volume.
• Prevent untested applications from accessing files on an ODS-5 disk. (You can allow certain users to override this access control on an ODS-5 volume.)

The system manager can impose either of these restrictions by using normal OpenVMS discretionary controls. Refer to the OpenVMS Guide to System Security for more information.

The following sections contain examples of restrictions you can impose.

10.4.1 Preventing VAX Users from Accessing an ODS-5 Volume

Follow these steps to prevent a user from accessing an ODS-5 volume from a VAX node:

1. Define an identifier (for example, VAX_NODE) to identify users running on an OpenVMS VAX nod, for example:

   $ RUN SYS$SYSTEM:AUTHORIZE UAF> ADD /IDENTIFIER VAX_NODE %UAF-I-RDBADDMSG, identifier VAX_NODE value %X80010037 added to rights database

2. On each VAX node, add VAX_NODE to the system rights list; for example:

   $ SET RIGHTS_LIST /ENABLE /SYSTEM VAX_NODE

   
   The /ENABLE qualifier in the command adds VAX_NODE to the system rights list.
   Also add this command to the SYSTARTUP_VMS.COM command procedure.

3. To prevent anyone on a VAX node from gaining access to an ODS-5 volume, place an Access Control Entry (ACE) on the volume that denies access to holders of the VAX_NODE identifier, for example:

   $ SET SECURITY /CLASS=VOLUME ODS5_DISK /ACL=(ID=VAX_NODE,ACCESS=NONE)

Follow these steps to prevent an untested application from accessing an ODS-5 volume:

1. Define an identifier (for example, ODS5_UNSAFE) to identify applications that you do not want to access an ODS-5 volume, for example:

   UAF> ADD /IDENTIFIER ODS5_UNSAFE /ATTR=SUBSYSTEM %UAF-I-RDBADDMSG, identifier ODS5_UNSAFE value %X80010039 added to rights database

2. Attach a protected subsystem ACE to the application with the ODS5_UNSAFE identifier, for example:

   $ SET SECURITY /CLASS=FILE SYS$SYSTEM:APPLICATION.EXE - _$ /ACL=(SUBSYSTEM,ID=ODS5_UNSAFE)

3. To each ODS-5 volume, attach an ACE denying access to the ODS-5 volume to holders of the ODS5_UNSAFE identifier, for example:

   $ SET SECURITY /CLASS=VOLUME ODS5_DISK/ ACL=(ID=ODS5_UNSAFE,ACCESS=NONE)

Optionally, you can override the restriction in the last step to allow trained users to access untested applications by following the remaining lettered steps:

1. Create another identifier (for example, ODS5_UNTRAINED):

   UAF> ADD /IDENTIFIER ODS5_UNTRAINED %UAF-I-RDBADDMSG, identifier ODS5_UNTRAINED value %X80010038 added to rights database

2. Assign this identifier to all users, for example:

   UAF> GRANT/IDENTIFIER ODS5_UNTRAINED * %UAF-I-GRANTMSG, identifier ODS5_UNTRAINED granted to *

3. Instead of Step 3, place an Access Control Entry (ACE) on the volume that denies access to holders of the ODS5_UNTRAINED identifier; for example:

   $ SET SECURITY /CLASS=VOLUME ODS5_DISK/ - _$ ACL=(ID=ODS5_UNSAFE+ODS5_UNTRAINED,ACCESS=NONE)

   
   This command prevents ODS5_UNTRAINED users from accessing the volume with ODS5_UNSAFE applications.

4. Remove the identifier from individual users when you are willing to let them use any application on an ODS-5 volume, for example:

   UAF> REVOKE/IDENTIFIER ODS5_UNTRAINED SHEILA_USER %UAF-I-REVOKEMSG, identifier ODS5_UNTRAINED revoked from SHEILA_USER

After you complete these steps:

• An untrained user can use an untested application only to access ODS-2 volumes.
• A trained user can access ODS-5 volumes with any application.

You use the DIGITAL Command Language (DCL) to perform a number of operations on files, as shown in the following table.

Operation	DCL Command
Retrieve disk and magnetic tape file information, such as device and protection characteristics, and display this information on your terminal screen	SHOW commands listed in Table 10-2
Modify disk file characteristics, such as protection or UIC information	SET commands listed in Table 10-4
Display the contents of a directory	DIRECTORY
Display the contents of a file	TYPE
Copy files to and from disk and magnetic tape volumes	COPY

Most DCL commands require file-structured devices. (The OpenVMS DCL Dictionary lists commands that do not require file-structured devices.)

In addition to manipulating files through DCL, you can write programs to assist you in routine file-manipulation tasks. You can write these programs in any of the languages supported by the operating system.

To manipulate individual records within files (that is, to access files at the record level), write programs that include OpenVMS Record Management Services (RMS) facilities. Refer to the OpenVMS Record Management Services Reference Manual for examples of RMS facilities used to manipulate files at the record level.

10.6 Getting File Information

Use the DCL command DIRECTORY to retrieve information about disk and magnetic tape files in a directory, using the following format:

DIRECTORY [filespec[,...]]

When you include certain command qualifiers with the DIRECTORY command, you can retrieve information in addition to a list of the names of the files in the directory. Refer to the OpenVMS DCL Dictionary for a list of qualifiers that you can use with the DIRECTORY command.

The following examples illustrate three cases of retrieving information from the [MALCOLM] directory, which resides on a disk with the logical name DISK$DOCUMENT.

Examples

1. $ DIRECTORY AVERAGE.* Directory DISK$DOCUMENT:[MALCOLM] AVERAGE.EXE;6 AVERAGE.FOR;6 AVERAGE.LIS;4 AVERAGE.OBJ;12 Total of 4 files.

   
   The DIRECTORY command in this example lists all file types of the AVERAGE file and the version number of each file. The command would also list all versions of these files; however, only one version of each file exists.

2. $ DIRECTORY/SIZE/DATE/VERSIONS=1/PROTECTION AVERAGE Directory DISK$DOCUMENT:[MALCOLM] AVERAGE.EXE;6 6 10-APR-2000 15:43 (RWED,RWED,RWED,RE) AVERAGE.FOR;6 2 2-APR-2000 10:29 (RWED,RWED,RWED,RE) AVERAGE.LIS;4 5 9-APR-2000 16:27 (RWED,RWED,RWED,RE) AVERAGE.OBJ;6 2 9-APR-2000 16:27 (RWED,RWED,RWED,RE) Total of 4 files, 15 blocks.

   
   The DIRECTORY command in this example displays all the file types of the AVERAGE file and the version number of each file. The /SIZE qualifier displays the size of each file in blocks used. The /DATE qualifier displays the creation date of the version of the file that is listed. The VERSIONS=1 qualifier limits the number of versions of the file displayed to one (the most recent) version. The /PROTECTION qualifier displays the file protection for each file.

3. $ DIRECTORY/FULL/VERSIONS=1 [MALCOLM...]AVERAGE.EXE Directory DISK$DOCUMENT:[MALCOLM] AVERAGE.EXE;6 File ID: (4098,149,0) Size: 36/36 Owner: [DOCUMENTATION,MALCOLM] Created: 27-MAY-2000 12:22:26.30 Revised: 27-MAY-2000 12:22:51.35 (2) Expires: <None specified> Backup: 3-JUN-2000 22:03.09 Effective: <None specified> Recording: <None specified> File organization: Sequential Shelved state: Online File attributes: Allocation: 36, Extend: 36, Global buffer count: 0 No version limit Record format: Variable length, maximum 255 bytes Record attributes: Carriage return carriage control Journaling enabled: None File protection: System:RWED, Owner:RWED, Group:RE, World: Access Cntrl List: None Total of 1 file, 36/36 blocks. Directory DISK$DOCUMENT:[MALCOLM.TEST] AVERAGE.EXE;1 File ID: (7714,29,0) Size: 36/36 Owner: [DOCUMENTATION,MALCOLM] Created: 15-APR-2000 10:12 Revised: 15-APR-2000 10:12 (1) Expires: <None specified> Backup: 15-APR-2000 22:41 Effective: <None specified> Recording: <None specified> File organization: Sequential Shelved state: Shelved File attributes: Allocation: 36, Extend: 36, Global buffer count: 0 No version limit Record format: Variable length, maximum 255 bytes Record attributes: Carriage return carriage control Journaling Enabled : None File protection: System:RWED, Owner:RWED, Group:RE, World: Access Cntrl List: None Total of 1 file, 36/36 blocks. Grand total of 2 directories, 2 files, 72/72 blocks.

   
   The DIRECTORY command in this example displays a full directory listing of one version of the AVERAGE.EXE file in the top-level directory [MALCOLM] and subdirectories under it.

To support POSIX-compliant file timestamps on ODS-5 disks, OpenVMS Alpha Version 7.3-1 includes three new file attributes:

• ATR$C_ACCDATE --- corresponds to POSIX st_atime --- reflects the last time a file was accessed.
• ATR$C_ATTDATE --- corresponds to POSIX st_ctime --- reflects the last time a file attribute was modified.
• ATR$C_MODDATE --- corresponds to POSIX st_mtime --- reflects the last time data was modified.

Modifications to the file header are recorded as ATTDATE, unless the file is actually accessed. The REVDATE ACP-QIO attribute is the most recent of the MODDATE and ATTDATE timestamps. A new ACP-QIO attribute returns the stored REVDATE.

When a file is closed, if "norecord" is set, ACCDATE and REVDATE are not altered. Otherwise, if data has been read from the file, closing a file updates the file's access date. If data has been written to the file, closing a file updates the file's modification date.

Because access dates must be written out to disk, there is a performance impact when these new file attributes are used. The system manager can use the following command to enable or disable access date support and the frequency for changing access dates:

$ SET VOLUME/VOLUME_CHARACTERISTICS=([[NO]]HARDLINKS,][[NO[ACCESS_DATES[=$deltatime]])

To limit the performance impact if a file is accessed frequently, update of the access time may be suppressed if the change is small. A delta time is used to determine when a new access time is significant.

See Section 10.6.1.1 for an example of how to set access dates using the SET VOLUME/VOLUME_CHARACTERISTICS command.

10.6.1.1 DCL Access Dates

Use the SET VOLUME/VOLUME_CHARACTERISTICS command to enable automatic update of access dates.

$ SET VOLUME/VOLUME_CHARACTERISTICS=ACCESS_DATES=[deltatime] NODE$COE1

The default value for deltatime is 1 second, chosen to comply with the "seconds since EPOCH" time interface required by POSIX st_atime . A site may choose a larger delta time to reduce overhead if 1 second granularity is not required.

You can also use the INITIALIZE/VOLUME_CHARACTERISTICS=ACCESS_DATES command to enable automatic update of access dates. Issue the following commands:

$ INITIALIZE/VOLUME_CHARACTERISTICS=ACCESS_DATES NODE$COE1 $ MOUNT NODE$COE1

Use the SET VOLUME/VOLUME_CHARACTERISTICS=NOACCESS_DATES command to disable access date support on a volume. The SET VOLUME/VOLUME_CHARACTERISTICS=NOACESS_DATES command effects only the node where the command is issued. Other nodes are not effected by the change until the next time the volume is mounted.

10.6.1.2 Viewing Dates

The DCL commands DIRECTORY and DUMP/HEADER support the new timestamps. Use the DIRECTORY/DATE command to see the new timestamps:

$ DIRECTORY/DATE=ACCESSED

The /DATE=ACCESSED qualifier specifies the last access data --- the last time data was read from the file. Two other qualifiers also provide information on the new timestamps. Use the /DATE=ATTRIBUTES qualifier to specify the last attribute modification date. Use the /DATE=DATA_MODIFIED qualifier to specify the last data modification date.

10.7 Protecting Files

The following sections discuss file protection concepts and explain how to perform these tasks:

Task	Section
Display file ownership and protection	Section 10.7.2
Protect disk files	Section 10.7.3
Protect disk directories	Section 10.7.4
Protect magnetic tape files	Section 10.7.5

	privacy and legal statement
6017PRO_041.HTML