Document revision date: 19 July 1999

Security is usually based on control rights that are granted or denied to the user. In a protected subsystem, however, security is based on access controls assigned to the subsystem. The subsystem acts as a gatekeeper that grants or denies users access to objects belonging to the subsystem.

Unprivileged users can build and manage protected subsystems. You must be involved at two points in the process:

• To create the necessary identifiers for the subsystem. Refer to the OpenVMS Guide to System Security for details.
• To mount the volume with the protected subsystem, which is explained in this section.

How to Enable Protected Subsystems on a Trusted Volume

The system enables protected subsystems by default only on the system disk. For other disks, you must enable subsystems every time you mount a volume. A person with the SECURITY privilege can enable subsystems on a volume by using the /SUBSYSTEM qualifier on the MOUNT command.

You can dynamically turn on and off the processing of Subsystem ACEs with the DCL command SET VOLUME/SUBSYSTEM. This command is especially useful for the system disk, which is not mounted using the MOUNT command.

Example

The command in the following example mounts the volume labeled DOC on the DUA0: device. Subsystems on the volume are accessible. The MOUNT command also assigns the logical name WORK8.

$ MOUNT/SUBSYSTEM/SYSTEM DUA0: DOC WORK8

8.5.5 Converting an Existing Volume from One ODS Format to Another

The following sections contain instructions for converting an existing volume from one ODS file format to another.

8.5.5.1 Converting from ODS-2 to ODS-5

To convert an ODS-2 volume to an ODS-5 volume:

1. Dismount the volume throughout the cluster; for example:

   $ DISMOUNT /CLUSTER DKA300:

2. Mount the volume as a private volume, for example:

   $ MOUNT DKA300: DISK1 %MOUNT-I-MOUNTED, DISK1 mounted on _STAR$DKA300:

   
   Omitting the /SYSTEM qualifier causes the system to mount the volume as a private, not a public, volume.
   You can check that the volume is ODS-2 by entering a SHOW DEVICE/FULL command and seeing a display like the following:

   $ SHOW DEVICE DKA200:/FULL Disk $10$DKA200:, device type RZ47, is online, allocated, deallocate on dismount, mounted, file-oriented device, shareable. Error count 0 Operations completed 232 . . . Volume Status: ODS-2, subject to mount verification, file high-water marking, write-back caching enabled.

   
   An alternative method for displaying the volume type is to issue a command and receive a response similar to the following:

   $ WRITE SYS$OUTPUT F$GETDVI ("DKA200:","ACPTYPE") F11V2

   
   F11V2 indicates that the volume is ODS-2.

3. Compaq strongly recommends that you back up the volume. You cannot go back to ODS-2 format once you change to ODS-5 except by restoring a backup, as described in Section 8.5.5.3. For example:

   $ BACKUP /IMAGE DKA300: SAV.BCK /SAVE_SET

4. Set the characteristics of the disk by using a command in the following format:

   SET VOLUME /STRUCTURE_LEVEL=5 device-name

   
   For example:

   $ SET VOLUME /STRUCTURE_LEVEL=5 DKA300:

   Note You cannot use the SET VOLUME command to change a volume from ODS-5 to ODS-2. To reset a volume to ODS-2, you must use BACKUP as described in Section 8.5.5.3. If a failure occurs after you enter the SET VOLUME/STRUCTURE_LEVEL command, refer to the instructions at the end of this section.

   
   When you enter the SET VOLUME command, the system verifies that the volume can be converted by testing for the following items:
   • The device must be a disk, and its on-disk structure must be ODS-2 or ODS-5.
     If the volume fails these tests, the system displays messages similar to the following:

     %SET-E-NOTMOD, DKA300: not modified -SET-E-NOTDISK, device must be a Files-ll format disk %SET-E-NOTMOD, DKA300: not modified -SET-W-INVODSLVL, Invalid on-disk structure level

   • The disk must be privately owned; the owner process-ID (PID) must be the same as the PID of the parent process that issues the SET VOLUME command.
     If the volume fails this test, the system displays a message similar to the following:

     %SET-E-NOTMOD, DKA300: not modified -SET-W-NOTPRIVATE, device must be mounted privately

   • The mount count must indicate that the device was mounted only once, which protects against anyone mounting the device over a cluster.
     If the volume fails this test, the system displays a message similar to the following:

     %SET-E-NOTMOD, DKA300: not modified -SET-W-NOTONEACCR, device must be mounted with only one accessor

   Warning After using the SET VOLUME /STRUCTURE_LEVEL=5 command, do not access the disk further until the disk is dismounted and remounted.

5. Dismount the private volume and remount the volume publicly by entering commands similar to the following:

   $ DISMOUNT DKA300: $ MOUNT /CLUSTER DKA300: DISK1 %MOUNT-I-MOUNTED, DISK1 mounted on _STAR$DKA300:

To verify that the volume has been converted to ODS-5, you can enter a SHOW DEVICE/FULL command and see a display similar to the following:

$ SHOW DEVICE DKA300:/FULL Disk $10$DKA300:, device type RX74, is online, allocated, deallocate on dismount, mounted, file-oriented device, shareable. Error count 0 Operations completed 155 . . . Volume Status: ODS-5, subject to mount verification, file high-water marking, write-back caching enabled.

An alternative method for displaying the volume type is to issue a command and receive a response similar to the following:

$ WRITE SYS$OUTPUT F$GETDVI ("DKA500:","ACPTYPE") F11V5

F11V5 indicates that the volume is ODS-5.

What to Do if a Failure Occurs

If a failure such as an I/O error or a system crash occurs while the SET VOLUME/STRUCTURE_LEVEL command is executing but before the command finishes, the volume might be only partially updated. If so, when you enter the MOUNT command, the Mount utility will display one of the following error messages:

Inconsistent file structure level on device ... Structure level on device ... is inconsistent with volume set

If either condition is true, you can enter the MOUNT command only with the /NOSHARE qualifier (or with no qualifier, because /NOSHARE is the default). When you do, the system displays the same error message but only as a warning.

To recover from the error condition, reenter the SET VOLUME/STRUCTURE_LEVEL=5 command, and then dismount and remount the disk. As a last resort, you can restore the backup you made.

8.5.5.2 Converting from ODS-1 to ODS-2

To convert from ODS-1 format to ODS-2 format:

1. Back up the entire disk or disks.
2. Initialize the disk or disks as ODS-2 file structure.
3. Restore the disk or disks.

Two types of BACKUP operations, file and image, support converting ODS-5 file names to ODS-2 file names. (File and image operations are described more completely in Chapter 10.)

In the examples in the following descriptions, notice that when you perform a conversion to or from a save set, the created as or copied as message is displayed for the converted files.

• Conversions during image operations
  • Restoring an ODS-5 image save set to an ODS-2 disk
    You can use this method if you have an image backup of an ODS-5 disk, and you want to restore it to an ODS-2 disk.
    In the command line in the following example, IMAGE.BCK is the ODS-5 save set, and DKA200: is the ODS-2 disk. When you use this conversion method, you must preinitialize the output disk to ODS-2 and then include the /NOINIT qualifier in your command line in order to preserve the ODS-2 structure level.

    $ BACKUP/LOG/IMAGE/CONVERT DKA500:[000000]IMAGE.BCK/SAVE DKA200:/NOINIT %BACKUP-I-ODS5CONV, structure level 5 files will be converted to structure level 2 on DKA200: -BACKUP-I-ODS5LOSS, conversion may result in loss of structure level 5 file attributes %BACKUP-S-CREATED, created DKA200:[000000]000000.DIR;1 %BACKUP-S-CREATED, created DKA200:[000000]BACKUP.SYS;1 %BACKUP-S-CREATED, created DKA200:[000000]CONTIN.SYS;1 %BACKUP-S-CREATED, created DKA200:[000000]CORIMG.SYS;1 %BACKUP-S-CREATED, created DKA200:[000000]SECURITY.SYS;1 %BACKUP-S-CREATED, created MDA2:[000000]TEST_FILES.DIR;1 %BACKUP-S-CREATEDAS, created DKA200:[TEST_FILES]SUB^_^{DIR^}.DIR;1 as DKA200:[TEST_FILES]SUB$$DIR$.DIR;1 %BACKUP-S-CREATEDAS, created DKA200:[TEST_FILES.SUB^_^{DIR^}]SUB^&_~_FILE_~.DAT;1 as DKA200:[TEST_FILES.SUB$$DIR$]SUB$_$_FILE_$.DAT;1 %BACKUP-S-CREATEDAS, created DKA200:[TEST_FILES]THIS^_IS^_A^_TEST^{_FILE_^}.DAT;1 as DKA200:[TEST_FILES]THIS$IS$A$TEST$_FILE_$.DAT;1 %BACKUP-S-CREATED, created DKA200:[000000]VOLSET.SYS;1

  • Saving an ODS-5 disk to an ODS-2 image save set
    You can use this method to make an ODS-2 image save set of an ODS-5 disk that can be read by a system running a version of OpenVMS prior to Version 7.2.
    In the following example, DKA500: is an ODS-5 disk, and IMAGE.BCK is an ODS-2 save set on the DKA200: disk.

    $ BACKUP/LOG/CONVERT/IMAGE DKA500: DKA200:[000000]IMAGE.BCK/SAVE %BACKUP-I-ODS5CONV, structure level 5 files will be converted to structure level 2 on DKA200: -BACKUP-I-ODS5LOSS, conversion may result in loss of structure level 5 file attributes %BACKUP-S-COPIED, copied DKA200:[000000]000000.DIR;1 %BACKUP-S-COPIED, copied DKA200:[000000]BACKUP.SYS;1 %BACKUP-S-HEADCOPIED, copied DKA200:[000000]BADBLK.SYS;1 header %BACKUP-S-HEADCOPIED, copied DKA200:[000000]BADLOG.SYS;1 header %BACKUP-S-HEADCOPIED, copied DKA200:[000000]BITMAP.SYS;1 header %BACKUP-S-COPIED, copied DKA200:[000000]CONTIN.SYS;1 %BACKUP-S-COPIED, copied DKA200:[000000]CORIMG.SYS;1 %BACKUP-S-HEADCOPIED, copied DKA200:[000000]INDEXF.SYS;1 header %BACKUP-S-COPIED, copied DKA200:[000000]SECURITY.SYS;1 %BACKUP-S-COPIED, copied DKA200:[000000]TEST_FILES.DIR;1 %BACKUP-S-COPIEDAS, copied DKA200:[TEST_FILES]Sub^_^{Dir^}.DIR;1 as DKA200:[TEST_FILES]SUB$$DIR$.DIR;1 %BACKUP-S-COPIEDAS, copied DKA200:[TEST_FILES.Sub^_^{Dir^}]Sub^&_~_File_~.Dat;1 as DKA200:[TEST_FILES.SUB$$DIR$]SUB$_$_FILE_$.DAT;1 %BACKUP-S-COPIEDAS, copied DKA200:[TEST_FILES]This^_is^_a^_Test^{_File_^}.Dat;1 as DKA200:[TEST_FILES]THIS$IS$A$TEST$_FILE_$.DAT;1 %BACKUP-S-COPIED, copied DKA200:[000000]VOLSET.SYS;1

  • Copying the contents of an ODS-5 disk to an ODS-2 disk
    You can use this method to create an ODS-2 disk from an ODS-5 disk without creating an intermediate save set.
    When you use this conversion method, you must preinitialize the output disk to ODS-2 and include the /NOINIT qualifier in your command line in order to preserve the ODS-2 structure level.
    In the following example, DKA500: is the ODS-5 disk, and DKA200: is the ODS-2 disk.

    $ BACKUP/LOG/CONVERT/IMAGE DKA500: DKA200:/NOINIT %BACKUP-I-ODS5CONV, structure level 5 files will be converted to structure level 2 on DKA200: -BACKUP-I-ODS5LOSS, conversion may result in loss of structure level 5 file attributes %BACKUP-S-CREATED, created DKA200:[000000]000000.DIR;1 %BACKUP-S-CREATED, created DKA200:[000000]BACKUP.SYS;1 %BACKUP-S-CREATED, created DKA200:[000000]CONTIN.SYS;1 %BACKUP-S-CREATED, created DKA200:[000000]CORIMG.SYS;1 %BACKUP-S-CREATED, created DKA200:[000000]SECURITY.SYS;1 %BACKUP-S-CREATED, created DKA200:[000000]TEST_FILES.DIR;1 %BACKUP-S-CREATED, created DKA200:[TEST_FILES]SUB$$DIR$.DIR;1 %BACKUP-S-CREATED, created DKA200:[TEST_FILES.SUB$$DIR$]SUB$_$_FILE_$.DAT;1 %BACKUP-S-CREATED, created DKA200:[TEST_FILES]THIS$IS$A$TEST$_FILE_$.DAT;1 %BACKUP-S-CREATED, created DKA200:[000000]VOLSET.SYS;1

• Conversions during file operations
  • Copying individual ODS-5 files to an ODS-2 disk
    This conversion method allows you to interchange files between ODS-5 and ODS-2 disks. You can, for example, select a directory tree for a disk-to-disk "copy" operation.
    In the following example, DKA500: is the ODS-5 disk, and DKA200: is the ODS-2 disk.

    $ BACKUP/LOG/CONVERT DKA500:[*...]*.*;* DKA200:[*...]*.*;* %BACKUP-I-ODS5CONV, structure level 5 files will be converted to structure level 2 on DKA200: -BACKUP-I-ODS5LOSS, conversion may result in loss of structure level 5 file attributes %BACKUP-S-CREDIR, created directory DKA200:[TEST_FILES.SUB$$DIR$] %BACKUP-S-CREATED, created DKA200:[TEST_FILES.SUB$$DIR$]SUB$_$_FILE_$.DAT;1 %BACKUP-S-CREATED, created DKA200:[TEST_FILES]THIS$IS$A$TEST$_FILE_$.DAT;1

  • Saving individual ODS-5 files in an ODS-2 save set
    You can use this method to save ODS-5 files in a save set that can be read on a system running a version of OpenVMS prior to Version 7.2.
    In the following example, DKA500: is an ODS-5 disk, and DKA200: is an ODS-2 disk; FILES.BCK is the ODS-2 save set.

    $ BACKUP/LOG/CONVERT DKA500:[*...]*.*;* DKA200:FILES.BCK/SAVE %BACKUP-I-ODS5CONV, structure level 5 files will be converted to structure level 2 on DKA200: -BACKUP-I-ODS5LOSS, conversion may result in loss of structure level 5 file attributes %BACKUP-S-COPIED, copied DKA200:[000000]000000.DIR;1 %BACKUP-S-COPIED, copied DKA200:[000000]TEST_FILES.DIR;1 %BACKUP-S-COPIEDAS, copied DKA200:[TEST_FILES]Sub^_^{Dir^}.DIR;1 as DKA200:[TEST_FILES]SUB$$DIR$.DIR;1 %BACKUP-S-COPIEDAS, copied DKA200:[TEST_FILES.Sub^_^{Dir^}]Sub^&_~_File_~.Dat;1 as DKA200:[TEST_FILES.SUB$$DIR$]SUB$_$_FILE_$.DAT;1 %BACKUP-S-COPIEDAS, copied DKA200:[TEST_FILES]This^_is^_a^_Test^{_File_^}.Dat;1 as DKA200:[TEST_FILES]THIS$IS$A$TEST$_FILE_$.DAT;1

If BACKUP cannot convert a file name within its existing directory, it converts the file name and leaves it unconnected so that ANALYZE /DISK /REPAIR can connect it to the [SYSLOST] directory, where the file has an ODS-2-compliant name. BACKUP also displays messages similar to the following:

%BACKUP-I-RECOVCNT, 5 files could not be converted into a directory on DKA100: -BACKUP-I-RECOVCMD, use the Analyze/Disk_Structure/Repair command to recover files

In this case, you need to move the file from [SYSLOST] to the appropriate directory. Refer to the created as log messages to see where the file would logically be placed and place it there manually.

8.5.6 Modifying Disk Volume Characteristics

Use the DCL command SET VOLUME to modify the characteristics of one or more mounted Files--11 disk volumes. To use this command, you must have write access to the index file on the volume. If you are not the owner of the volume, you must have either a system UIC or the user privilege SYSPRV. You must then specify the name of one or more mounted Files--11 volumes.

The following examples illustrate how you can use the SET VOLUME command.

Examples

1. $ SET VOLUME/DATA_CHECK=(READ,WRITE) DKA100:

   
   This command requests that data checks be performed following all read and write operations to the DKA100: volumes.

2. $ SET VOLUME/LABEL=LICENSES DKA100:

   
   This command encodes the label LICENSES on the DKA100: volume. Note that, if characters in labels are entered in lowercase, the /LABEL qualifier changes them to uppercase.

The DISKMOUNT.C program can help to speed up disk mounts at system startup time. The program reduces the MOUNT image activation time by directly calling the $MOUNT system service.

This program requires a VAX C compiler. Perform the following steps:

1. Copy the files DISKMOUNT.H, DISKMOUNT.C, and DISKMOUNT_CHILD.C in SYS$EXAMPLES to a directory.
2. Define a logical name "SRC$" that points to this directory.
3. Assemble the DISKMOUNT.C and DISKMOUNT_CHILD.C files.
4. Link DISKMOUNT.OBJ and DISKMOUNT_CHILD.OBJ to produce the DISKMOUNT.EXE and DISKMOUNT_CHILD.EXE executable image files.
5. Copy these executable images to a directory, preferably SYS$MANAGER on the target system.

For additional information, see the comments in the DISKMOUNT.H file.

8.6 Setting Up Disk Volume Sets

The following sections discuss concepts related to disk volume sets and explain how to perform the following actions:

Task	Section
Create a disk volume set from new volumes	Section 8.6.2
Create a shadowed disk volume set	Section 8.6.3
Create a disk volume set from an existing volume	Section 8.6.4
Add volumes to a disk volume set	Section 8.6.5

8.6.1 Understanding Disk Volume Sets

A volume set is a collection of disk volumes bound into a single entity by the DCL command MOUNT/BIND. To users, a volume set looks like a single, large volume. Volume sets have the following characteristics:

• Files are automatically located anywhere on the volume set that space is available.
• Disk quotas are enforced over the entire set.
• A single directory structure covers the whole volume set.

Use a volume set to provide a large, homogeneous public file space. You must use a volume set to create files that are larger than a single physical disk volume. (The file system attempts to balance the load on the volume sets, for example, by creating new files on the volume that is the least full at the time.)

If you want several distinct areas of file storage, with different types of users or different management policies, you must use a separate volume or volume set for each area. For example, you might want one volume for permanent user storage, with limited disk quotas and regular backups. You might want another volume for "scratch" use, which means that the volume has liberal or no quotas and is not backed up; also, its files are purged on a periodic basis. Each separate volume or volume set must contain a top-level user file directory for each user who keeps files on that volume.

An advantage of separate volumes is their modularity. If one of the drives holding a volume set is out of service, the whole volume set is unavailable because of its interconnected directory structure. When a drive holding a single volume is not functioning, only the files on that volume are not available.

A disadvantage of volume sets is the large size of an image backup of a multivolume set, which might affect your backup schedule. For example, if backing up each of five separate volumes takes 5 hours in the evening, backing up these same volumes in a volume set will take 25 hours, which cannot be done overnight, thus possibly causing a scheduling problem.

	privacy and legal statement
6017PRO_033.HTML