Document revision date: 30 March 2001 | |
Previous | Contents | Index |
Examples
PAGEFILE = 100000 |
File | Original Size (in Blocks) | Resulting Size (in Blocks) |
---|---|---|
Primary page file | 10,000 | 10,000 |
Secondary page file 1 | 30,000 | 45,000 |
Secondary page file 2 | 30,000 | 45,000 |
PAGEFILE1_SIZE = 10000 |
SWAPFILE2_NAME = "PAGED$:[PAGESWAP]SWAPFILE.SYS" MIN_SWAPFILE2_SIZE = 30000 |
Compaq recommends that you use AUTOGEN to change sizes of system page, swap, and dump files. However, you can use the command procedure SYS$UPDATE:SWAPFILES.COM to change the size of primary system page, swap, and dump files. SWAPFILES.COM shows you the current size of the system page, swap, and dump files before you change the sizes.
If you change the sizes of system page, swap, or dump files, you must edit MODPARAMS.DAT to specify the new sizes, as explained in Section 16.16.1.2. If you do not specify the new sizes in MODPARAMS.DAT, AUTOGEN resizes the files next time it runs.
The procedure displays the sizes of the current system page, swap, and dump files in SYS$SYSTEM, and the amount of space remaining on the system disk. It then allows you to enter new sizes, or keep the existing sizes for these files. If you specify a size that is larger than that of an existing file, the procedure automatically extends the size of a page or dump file. If you specify a smaller size for a system page, swap, or dump file, a new version of the file is created.
$ @SYS$UPDATE:SWAPFILES.COM |
Current file sizes are: Directory SYS$SYSROOT:[SYSEXE] PAGEFILE.SYS;1 16384 SYSDUMP.DMP;1 4128 SWAPFILE.SYS;1 3072 Total of 3 files, 23584 blocks. There are 128741 available blocks on SYS$SYSDEVICE. |
Enter new size for page file: |
Enter new size for system dump file: |
Enter new size for swap file: |
$ @SYS$UPDATE:SWAPFILES.COM To leave a file size at its current value type a carriage return in response to its size prompt. Current file sizes are: Directory SYS$SYSROOT:[SYSEXE] PAGEFILE.SYS;1 100000 SYSDUMP.DMP;1 28000 SWAPFILE.SYS;1 33000 Total of 3 files, 161000 blocks. There are 128741 available blocks on SYS$SYSDEVICE. Enter new size for page file: [Return] Enter new size for system dump file: 30000 %SYSGEN-I-EXTENDED, SYS$SYSROOT:[SYSEXE]SYSDUMP.DMP;1 extended Enter new size for swap file: [Return] *********************************************************************** * Please reboot in order for the new files to be used by the system. * * After rebooting, purge obsolete copies of the files. * * DO NOT delete the old files until after the reboot. * *********************************************************************** |
Compaq recommends that you use AUTOGEN to create and change page, swap, and dump files. AUTOGEN invokes the System Generation utility (SYSGEN) to create or change the files. However, in an emergency, you can use SYSGEN to directly change the size of page, swap and dump files. For example, if you see that page file space is becoming dangerously low, you might use SYSGEN to quickly add page file space to prevent the system from hanging.
VAX: System parameters SWPFILCNT and PAGFILCNT limit the number of swap and page files that the system installs. Refer to the OpenVMS System Management Utilities Reference Manual for more information. Alpha: OpenVMS Alpha supports a maximum of 254 page and or swap files on a system. System parameters SWPFILCNT and PAGFILCNT are not used on Alpha systems. |
CREATE file-spec/SIZE=block-count |
where:
file-spec specifies the full file
specification.
block-count specifies the size of the file
in blocks.
If the file you specify already exists and the size you
specify is larger than the existing file, the command extends the
existing file. If the file you specify already exists and the size you
specify is smaller than the existing file, the command creates a new
file of the specified size.
For example, the following command
extends the existing, smaller primary page file PAGEFILE.SYS:
SYSGEN> CREATE PAGEFILE.SYS/SIZE=100000 |
Frequent file creation and deletion can cause the free space on a disk to become severely fragmented. SYSGEN issues a HEADERFULL warning message if it determines that the creation or extension of a system file would cause that file to become fragmented enough to render the system unbootable. If this occurs, Compaq recommends that you back up and restore your system disk to consolidate the free space on the volume into one contiguous area. For more information, see Section 11.17. After you restore the disk, retry the SYSGEN operation. When SYSGEN issues a warning message, the file might be somewhat larger, but not as large as the value specified in the CREATE command. |
Type | Change | Reboot Required? |
---|---|---|
Primary page, swap, system dump, or error log dump file 1 | New file | Yes |
Extended file | Yes | |
Secondary page or swap file | New file | No 2 |
Extended file | Yes | |
Alternate (DOSD) dump file (Alpha) | New file | No |
Extended file | No | |
Alternate (DOSD) dump file (VAX) | New file | Yes |
Extended file | Yes |
The commands in the following example extend the existing files PAGEFILE.SYS, SWAPFILE.SYS, and SYSDUMP.DMP to the specified sizes:
$ RUN SYS$SYSTEM:SYSGEN SYSGEN> CREATE PAGEFILE.SYS/SIZE=100000 %SYSGEN-I-EXTENDED, SYS$SYSROOT:[SYSEXE]PAGEFILE.SYS;1 extended SYSGEN> CREATE SWAPFILE.SYS/SIZE=30000 %SYSGEN-I-EXTENDED, SYS$SYSROOT:[SYSEXE]SWAPFILE.SYS;1 extended SYSGEN> CREATE SYSDUMP.DMP/SIZE=33000 %SYSGEN-I-EXTENDED, SYS$SYSROOT:[SYSEXE]SYSDUMP.DMP;1 extended SYSGEN> EXIT |
When a single process fails but the operating system is still running, the system can create a process dump that contains information about the process to assist in determining what caused the process to fail.
By default, process dumps are written to the current default directory of the user. You can override this by defining the logical name SYS$PROCDMP to identify an alternate directory path. Note that the name of the process dump file is always the same as the name of the main image active at the time the process dump is written, with the file extension .DMP.
On Alpha systems, a process dump is either complete or partial. A complete process dump contains all of process space and all process-pertinent data from system space. A partial process dump contains only user-readable data from process space and only those data structures from system space that are not deemed sensitive. Privileged or protected data, such as an encryption key in third-party software, might be considered sensitive.
On Alpha systems, you can force a dump to be written for another process with the DCL command SET PROCESS/DUMP=NOW process-spec. This command causes the contents of the address space occupied by process-spec to be written immediately to the file named image-name.DMP in the current directory of process-spec.
For more information about the DCL command SET PROCESS/DUMP, refer to
the OpenVMS DCL Dictionary: N--Z.
16.17.1 Understanding Privileged Users and Access to Process Dumps (Alpha Only)
For this discussion, a privileged user is one who satisfies one of the following conditions:
Holders of CMKRNL or CMEXEC can write complete process dumps. Holders of any of the other privileges mentioned above can read a process dump wherever it has been written.
In general, nonprivileged users should not be able to read complete process dumps, and by default they cannot do so. However, certain situations require that a nonprivileged user be able to read a complete process dump. Other situations require that a nonprivileged user be able to create a complete process dump but be able to read only a partial process dump.
Rights identifier IMGDMP$READALL enables a nonprivileged user to read a complete process dump. Rights identifier IMGDMP$PROTECT protects a complete process dump from being read by the nonprivileged user that created the process dump. These rights identifiers are created during the installation of OpenVMS by the image SYS$SYSTEM:IMGDMP_RIGHTS.EXE, which is also run automatically during system startup to ensure that these rights identifiers exist with the correct values and attributes.
If these rights identifiers have been deleted, you can run SYS$SYSTEM:IMGDMP_RIGHTS.EXE to recreate them. For example:
$ RUN SYS$SYSTEM:IMGDMP_RIGHTS %PROCDUMP-I-CREATED, rights identifier IMGDMP$READALL successfully created %PROCDUMP-I-CREATED, rights identifier IMGDMP$PROTECT successfully created |
Note that IMGDMP$READALL has no attributes, but IMGDMP$PROTECT is
created with the RESOURCE attribute.
16.17.2 Granting Access to Process Dumps (Alpha Only)
To allow a nonprivileged user to write and read complete process dumps, grant the rights identifier IMGDMP$READALL to the user. If the IMGDMP$READALL rights identifier does not exist, run the image SYS$SYSTEM:IMGDMP_RIGHTS.EXE to create it (see Section 16.17.1). Then use AUTHORIZE to grant the rights identifier to the user. For example:
$ DEFINE /USER SYSUAF SYS$SYSTEM:SYSUAF.DAT !if necessary $ RUN SYS$SYSTEM:AUTHORIZE UAF> GRANT /IDENTIFIER IMGDMP$READALL <user> UAF> EXIT |
Note that the user must log out and log in again to be able to exercise
the rights identifier. A nonprivileged user with rights identifier
IMGDMP$READALL can read and write complete process dumps without
restriction.
16.17.3 Restricting Access to Process Dumps (Alpha Only)
You can allow a nonprivileged user to write a complete process dump and at the same time prevent the user from reading that process dump. To do so, perform the following steps:
$ CREATE /DIRECTORY DKA300:[PROCDUMPS] - /PROTECTION=(S:RWE,O:RWE,G,W) /OWNER_UIC=IMGDMP$PROTECT $ SET SECURITY DKA300:[000000]PROCDUMPS.DIR - /ACL=((DEFAULT_PROTECTION,SYSTEM:RWED,OWNER:RWED,GROUP:,WORLD:), - (IDENTIFIER=IMGDMP$PROTECT,ACCESS=READ+WRITE), - (IDENTIFIER=IMGDMP$PROTECT,OPTIONS=DEFAULT, - ACCESS=READ+WRITE+EXECUTE+DELETE+CONTROL), - (CREATOR,ACCESS=NONE)) |
$ DEFINE /SYSTEM /EXECUTIVE_MODE SYS$PROTECTED_PROCDMP DKA300:[PROCDUMPS] |
$ RUN SYS$SYSTEM:SYSMAN SYSMAN> DISKQUOTA CREATE /DEVICE=DKA300 ! if necessary SYSMAN> DISKQUOTA ENABLE /DEVICE=DKA300 ! if necessary SYSMAN> DISKQUOTA ADD IMGDMP$PROTECT /DEVICE=DKA300 /PERMQUOTA=10000 SYSMAN> DISKQUOTA REBUILD /DEVICE=DKA300 ! if necessary SYSMAN> EXIT |
Do not grant IMGDMP$PROTECT to any user. It is granted and revoked as needed by SYS$SHARE:IMGDMP.EXE from executive mode while writing a process dump. If you grant it permanently to a user, then that user has access to all process dumps written to the protected directory. |
You can choose to set up additional ACLs on the protected directory to further control which users are allowed to read and write process dumps there.
Note that to take a process dump when the image is installed with elevated privileges or belongs to a protected subsystem, the user must hold CMKRNL privilege, and is by definition a privileged user (see Section 16.17.1).
Previous | Next | Contents | Index |
privacy and legal statement | ||
6017PRO_074.HTML |