Document revision date: 19 July 1999 | |
Previous | Contents | Index |
The Install utility (INSTALL) stores information about images in memory. Use INSTALL for the following reasons:
Reason | For More Information |
---|---|
To conserve memory use for images that are used concurrently | Section 16.9.7 |
To improve system performance | Section 16.9.5 |
++On Alpha systems, to improve performance by using images with shared address data | Section 16.9.6 |
To make executable images that require enhanced privileges available for general use | Section 16.9.8.1 |
To allow a nonprivileged image to call the privileged functions of a shareable image | Section 16.9.8.2 |
To mark a sharable image as trusted so it can be invoked by privileged executable images | Section 16.9.9 |
The site-independent startup command procedure, STARTUP.COM, uses INSTALL to install certain system images when the system boots. You use INSTALL to install other selected images, according to the needs of your site.
Installed images must be reinstalled each time the system reboots. To do so, include INSTALL commands in the site-specific startup command procedure SYSTARTUP_VMS.COM, as explained in Section 5.2.7.
The Install utility (INSTALL) only installs images that are linked with the /NOTRACEBACK qualifier.
Note that INSTALL commands perform a different function than System Generation utility (SYSGEN) INSTALL commands.
The following sections explain installed images and how to use the
Install utility.
16.9.1 Understanding Images and Known Images
An image is a collection of procedures and data bound together by the Linker utility. Executable images can be executed (or run) in a process, either by a command line interpreter (CLI) or the $CREPRC system service. Usually, executable programs have the file type .EXE.
There are three types of images:
Image Type | Description |
---|---|
Executable | An image linked with the /EXECUTABLE qualifier (or without the /SHAREABLE qualifier) of the Linker utility. For more information, refer to the OpenVMS Linker Utility Manual. |
Shareable | An image linked with the /SHAREABLE qualifier of the Linker utility. Shareable images are sometimes referred to as linkable images because they can be specified---implicitly or explicitly---as input files to the link of another file. A shareable image is not copied into the executable images that link with it. Thus, only one copy of the shareable image needs to be on disk, no matter how many executable images have linked with it. For more information, refer to the OpenVMS Linker Utility Manual. |
System | An image that does not run under the control of the operating system. It is intended for standalone operation only. The content and format of a system image differs from that of shareable images and executable images. For more information, refer to the OpenVMS Linker Utility Manual. |
When you install an image with INSTALL, the image is assigned attributes and becomes known to the system. For this reason, an installed image is also called a known image.
The image activator processes search lists in two passes, in order to
favor known images. On its first pass through the search list, the
image activator looks up images as known files. If needed, on a second
pass through the search list, the image activator looks up images on
disk.
16.9.2 Understanding Known File Entries
The system defines known images in internal data structures called known file entries. Each entry identifies the file name of the installed image and the attributes with which it was installed (for information about attributes of installed images, see Section 16.9.3).
Known file entries last only while the system is operating. If the
system is shut down or fails for any reason, you must reinstall all
known images after the system is rebooted.
16.9.3 Understanding Attributes You Can Assign to Known Images
By specifying appropriate qualifiers to INSTALL commands, you can assign attributes to known images. Table 16-1 describes these attributes and the qualifiers that are used to assign them to known images.
Attribute | Description | Qualifier |
---|---|---|
Header resident | The header of the image file (native images only) remains permanently resident, saving one disk I/O operation per file access. For images with single-block file headers, the cost is less than 512 bytes of paged dynamic memory per file; for images with multiblock headers, the cost varies according to the header block count. Images installed header resident are implicitly installed permanently open. | /[NO]HEADER_RESIDENT |
Permanently open | The image file remains open, so access to the image does not require a call to the file system. | /OPEN |
Privileged | Amplified privileges are temporarily assigned to any process running the image, permitting the process to exceed its user authorization file (UAF) privilege restrictions during execution of the image. In this way, users with normal privileges can run programs that require higher-than-normal privileges. This attribute (and the /PRIVILEGED qualifier that creates it) applies only to executable images. | /PRIVILEGED[=(priv-name[,...])] |
Protected | When the image is activated, the address space for the image is protected against modification by user-mode code. This is critical for shareable code that runs in kernel or executive mode. | /PROTECTED |
++ Resident | On Alpha systems, code or read-only data for an image is made permanently resident in a system region of memory. This improves performance by using a special page mapping to reduce translation buffer (TB) miss rates. The resident attribute applies to shareable or executable images that have been linked with the qualifier | /SECTION_BINDING=(CODE,DATA). |
Shared | More than one user can access the read-only and non-copy-on-reference read/write sections of the image concurrently, so that only one copy of those sections needs to be in physical memory. (Copy-on-reference sections always require a separate copy for each process.) The image is implicitly declared permanently open. | /SHARED |
Writable | When a shareable non-copy-on-reference writable section is removed from physical memory (for paging reasons or because no processes are referencing it), it is written back to the image file. Any updates made by processes mapped to the section, therefore, are preserved (while the initial values are lost). The image must also be declared shareable. | /WRITABLE |
You can install images for the following reasons:
Because an installed file requires system resources, such as paged
dynamic memory, install those files that most improve system
performance and site requirements. The INSTALL command LIST provides
information about installed images to help you evaluate the merits of
installing images. For example, the LIST command calculates the number
of times each image is accessed, and shows the number of concurrent
accesses, so you can determine if the installation of the images is
worth the overhead.
16.9.5 Installing Images to Improve Image Activation Performance
You can improve image activation performance by installing images that run frequently. Image activation performance improves when programs are installed because the operating system opens installed files by file ID rather than by file name, thus eliminating costly directory operations.
Installing images as header resident further enhances activation performance because the system avoids the overhead of I/O operations to read the image header into memory.
To install an image as header resident, specify the /HEADER_RESIDENT qualifier when you install the image. This makes the header of the image file remain permanently resident, saving disk I/O. Specifying the /HEADER_RESIDENT qualifier implicitly makes the images permanently open.
Image headers are stored in paged dynamic memory. The size of the image headers varies.
Frequently accessed images, critical to a site's operations, can be
installed as open images. To install an image as permanently open,
specify the /OPEN qualifier when you install the image. The image file
remains open, so access to the image does not require a call to the
file system. The cost of keeping an image file permanently open is
approximately 512 bytes of nonpaged dynamic memory per file.
16.9.6 Installing Images with Shared Address Data
Using shared address data on OpenVMS Alpha systems improves performance at the following times:
For details, refer to the INSTALL section of the OpenVMS System Management Utilities Reference Manual.
Explanations of terms related to shared address data follow.
$ INSTALL ADD image-name /SHARED |
Many images that are part of the OpenVMS software product are installed
as shared known images with shared address data. This provides the
performance benefit without requiring the system manager to take any
explicit action.
16.9.6.2 Application Images
As system manager, you might choose to install additional images with
shared address data. In considering this option, you need to
investigate application dependencies on sharable images.
16.9.7 Installing Images to Conserve Physical Memory
You can conserve physical memory by installing images that usually run concurrently from several processes. When an image is not installed, or is installed without the shared attribute, each process running the image requires private sections in memory. Shared images conserve physical memory because only one copy of the code needs to be in memory at any time, and many users can access the code concurrently. Use the /SHARED qualifier to install images as shared images.
When you install an image with the shared attribute, permanent system global sections are created. Execution of non-copy-on-reference global sections requires only one copy per section to be in physical memory, no matter how many processes are running the image to which the sections belong.
The number of images you can install with the shared attribute is
restricted by the GBLPAGES and GBLSECTIONS system parameters. For more
information about these system parameters, refer to the OpenVMS System Management Utilities Reference Manual.
16.9.8 Installing Images to Enhance Privileges of Images
There are two ways to allow an image to execute in an enhanced privilege environment:
Installing an image with enhanced privilege can compromise system security. Make sure the image does not enable a user to regain control with extra privileges enabled. |
A nonprivileged process can perform the privileged functions of an executable image when the image is installed with privileges. Install executable images with enhanced privileges by using the /PRIVILEGED qualifier; amplified privileges are temporarily assigned to any process running the image (executable images only), permitting the process to exceed its user authorization file (UAF) privilege restrictions during execution of the image. In this way, users with normal privileges can run programs that require higher-than-normal privileges.
For an image installed with privileges to activate another image, such as a shareable image, either by having it linked to the privileged image or by using LIB$FIND_IMAGE_SYMBOL, the following conditions hold:
A privileged shareable image is a shareable image with defined entry points that execute in inner (executive or kernel) mode. Inner-mode entry points in shareable images are referred to as user-written system services.
To create a privileged shareable image, you must:
You cannot grant privileges to a shareable image using the /PRIVILEGED qualifier for the INSTALL commands ADD or CREATE. This qualifier works only for executable images. |
For more information about creating privileged shareable images, refer
to the OpenVMS Programming Concepts Manual.
16.9.9 Activating Images in a Privileged Context
When a process performs one of the following actions, the image activator enters a restricted mode of operation similar to that entered when a privileged program is run:
In this mode of operation:
The executable image that calls an execute-only shareable image must be installed with the /EXECUTE_ONLY qualifier, which enables the executable image to activate shareable images to which the process has execute but not read access. The /EXECUTE_ONLY qualifier has meaning only for executable images. This restriction assures that shareable images running in a privileged context can be trusted to behave as expected. |
When you use INSTALL commands, your file specifications must name existing executable or shareable images. OpenVMS RMS resolves each file specification using the following defaults:
You can specify a specific version of the file as the known version of
the image with the CREATE or REPLACE command. Even if other versions of
the file exist, the version that you specify will be the version that
satisfies all known file lookups for the image.
16.9.11 Installing Images with INSTALL
Before performing this task, you should understand the following points:
$ SET PROCESS/PRIVILEGES=CMKRNL |
$ INSTALL |
CREATE file-spec [/qualifier...] |
Specify one or more of the following qualifiers, depending on which
attributes you want to assign to the image:
Installing the Install utility itself requires that a number of shareable images have been previously installed. If any of those required shareable images (such as SMG$SHR, LIBOTS, and so on) is unavailable, the execution of the Install utility fails. Since INSTALL will not work in this situation, you cannot simply install the missing images. To work around this problem, redefine the INSTALL command as follows:
When you now enter the INSTALL command, the image activator does not check the known files list for INSTALL.EXE, and the INSTALL command will complete, allowing you to install the required shareable images. |
Previous | Next | Contents | Index |
privacy and legal statement | ||
6017PRO_074.HTML |