Previous | Contents | Index |
On Alpha and Integrity server systems, returns a 64-bit, process-based, high-resolution time counter.
SYS$RPCC_64
uint64 sys$rpcc_64 ();
On Alpha and Integrity server systems, returns a 64-bit long version of the current process cycle counter.On Alpha systems, this service must be called at least once within each wrap period of the least significant 32 bits of the counter.
For more information, see the RPCC() C-language built-in documentation and the RPCC instruction in the Alpha Architecture Handbook.
None
None
Scans the intrusion database for suspects or intruders during a login attempt, audits login failures and updates records, or adds new records to the intrusion database.
SYS$SCAN_INTRUSION logfail_status ,failed_user ,job_type ,[source_terminal] ,[source_node] ,[source_user] ,[source_address] ,[failed_password] ,[parent_user] ,[parent_id] ,[flags]
int sys$scan_intrusion (unsigned int logfail_status, void *failed_user, unsigned int job_type, void *source_terminal, void *source_node, void *source_user, void *source_address, void *failed_password, void *parent_user, unsigned int parent_id, unsigned int flags);
logfail_status
OpenVMS usage: status code type: longword (unsigned) access: read only mechanism: by value
Reason why the user's login attempt failed. The logfail_status argument is a longword containing the login failure status code.The logfail_status argument can contain any valid message code. For example, the value of the logfail_status argument is SS$_NOSUCHUSER if the user name the user entered does not exist on the system.
If the logfail_status argument contains a failure status, the service performs a suspect scan. Here, the service searches the intrusion database for intruder suspects as well as intruders. If the value of the logfail_status argument is a successful message, such as SS$_NORMAL, the service scans the database only for intruders. For more information about how the database works, see the HP OpenVMS Guide to System Security.
failed_user
OpenVMS usage: char_string or item_list_3 type: character-coded text string or longword (unsigned) access: read only mechanism: by descriptor--fixed-length string descriptor or by reference
If the CIA$M_ITEMLIST flag is FALSE:This argument is the user name associated with the unsuccessful login attempt. The failed_user argument is the address of a character-string descriptor pointing to the failed user name.
A failed user name consists of 1 to 32 alphanumeric characters.
If the CIA$M_ITEMLIST flag is TRUE:
The failed_user argument is the address of a 32-bit item list. If the item list is used, one item, the CIA$_FAILED_USERNAME item, must be present in the item list.
The following table lists the valid item descriptions for the failed_user argument:
Item Description CIA$_FAILED_USERNAME Address of a buffer containing the failed user name. CIA$_SCSNODE Address of the 8-character null-padded SCS node name on which the intrusion happened. CIA$_USER_DATA Address of a 256-byte buffer, available for passing third party specified data. job_type
OpenVMS usage: job type type: longword (unsigned) access: read only mechanism: by value
Type of job that failed. The job_type argument is a longword indicating the type of job that failed.The $JPIDEF macro defines the following values for the job_type argument:
- JPI$K_BATCH
- JPI$K_DETACHED
- JPI$K_DIALUP
- JPI$K_LOCAL
- JPI$K_NETWORK
- JPI$K_REMOTE
source_terminal
OpenVMS usage: char_string type: character-coded text string access: read only mechanism: by descriptor--fixed-length string descriptor
Source terminal where the login attempt is occurring. The source_terminal argument is the address of a character-string descriptor pointing to the device name of the terminal from which the login attempt originates.A source terminal device name consists of 1 to 64 alphanumeric characters, including underscores (_) and colons (:).
source_node
OpenVMS usage: char_string type: character-coded text string access: read only mechanism: by descriptor--fixed-length string descriptor
Name of the node from which the user's login attempt originates. The source_node argument is the address of a character-string descriptor pointing to the source node name string.A source node name consists of 1 to 1024 characters. No specific characters, format, or case is required for a source node name string.
source_user
OpenVMS usage: char_string type: character-coded text string access: read only mechanism: by descriptor--fixed-length string descriptor
User name associated with the login attempt. The source_user argument is the address of a character-string descriptor pointing to the source user name string.A source user name consists of 1 to 32 alphanumeric characters, including dollar signs ($) and underscores (_).
source_addr
OpenVMS usage: node address type: descriptor access: read only mechanism: by reference
Source DECnet for OpenVMS address from which the login attempt originates. The source_addr argument is the address of a descriptor containing the source node address.failed_password
OpenVMS usage: char_string type: character-coded text string access: read only mechanism: by descriptor--fixed-length string descriptor
Password the user entered for the login attempt. The failed_password argument is the address of a character-string descriptor pointing to the plaintext password the user entered to log in.A failed password is a password of 0 to 32 characters that did not allow the user to log in to the system. This argument is not stored in the intrusion database and is only used for auditing during break-in attempts.
parent_user
OpenVMS usage: char_string type: character-coded text string access: read only mechanism: by descriptor--fixed-length string descriptor
Parent process name of the failed login. The parent_user argument is the address of a character-string descriptor pointing to the parent process name of the failed login process.A parent process name consists of 1 to 15 characters. This argument should be specified only for failed spawn commands.
parent_id
OpenVMS usage: process_id type: longword (unsigned) access: read only mechanism: by value
Process identification of the parent process from which the login was attempted. The parent_id argument is a longword containing the parent process identification.flags
OpenVMS usage: mask_longword type: longword (unsigned) access: read only mechanism: by value
Operational instructions for the service. The flags argument is a longword bit mask wherein each bit corresponds to an option.Each flag option has a symbolic name. The $CIADEF macro defines the following valid names for the $SCAN_INTRUSION service:
Symbolic Name Description CIA$M_NOAUDIT If set, this flag indicates that the service should instruct the security server to not audit the login failure or the break-in attempt. If the flag is set, you are expected to do your own auditing. CIA$M_IGNORE_RETURN Specifies that the service should not wait for the return status from the security server. No return status from the server's function will be returned to the caller. CIA$M_ITEMLIST If FALSE, the failed_user argument is a character string. If TRUE, this argument is a 32-bit item list. CIA$M_REAL_USERNAME If set, indicates that the user name passed as the failed user name is read and known to the system. CIA$M_SECONDARY_PASSWORD Indicates that the failed password passed to the service was the secondary password. If the flag is clear, the password is assumed to be the primary password.
The Scan Intrusion Database service performs the following functions:
- Scans the intrusion database for intruders so that successful logins are evaded if the system is taking evasive action
- Adds login failures to the intrusion database
- Changes records in the intrusion database from suspects to intruders when the number of login failures by the specified user or from the specified source reaches the value of the LGI_BREAK_LIM system parameter
- Disables user accounts if the LGI_BRK_DISUSER flag is set and the number of login attempts on a real user has reached LGI_BRK_LIM
- Audits login failures or break-in attempts on behalf of the caller
The information that $SCAN_INTRUSION stores in the intrusion database is based on the setting of the LGI_BRK_TERM system parameter and the information passed by the caller. For more information about how the intrusion database functions and the use of the LGI system parameters, see the HP OpenVMS Guide to System Security.
$SCAN_INTRUSION requires the SECURITY privilege.
None
$DELETE_INTRUSION, $SHOW_INTRUSION
SS$_NORMAL The service completed successfully. SS$_ACCVIO One or more of the arguments were not readable. SS$_BADBUFLEN The length of one or more of the specified arguments is out of range. SS$_BADPARAM An invalid flag was specified in the flags argument. SS$_NOSECURITY The caller does not have SECURITY privilege. This service can also return any of the following messages passed from the security server: SECSRV$_INSUFINFO Not enough information is supplied to form an intrusion record. SECSRV$_INTRUDER An intruder matching the information passed to the service exists in the intrusion database. SECSRV$_NOMATCH No intruders or suspects exist that match the information passed to the service. SECSRV$_SERVERNOTACTIVE The security server is not currently active. Try the request again later. SECSRV$_SUSPECT A suspect matching the information passed to the service exists in the intrusion database.
Schedules the awakening (restarting) of a process that has placed itself in a state of hibernation with the Hibernate ($HIBER) service.
SYS$SCHDWK [pidadr] ,[prcnam] ,daytim ,[reptim]
int sys$schdwk (unsigned int *pidadr, void *prcnam, struct _generic_64 *daytim, struct _generic_64 *reptim);
pidadr
OpenVMS usage: process_id type: longword (unsigned) access: modify mechanism: by reference
Process identification (PID) of the process to be awakened. The pidadr argument is the address of a longword containing the PID. The pidadr argument can refer to a process running on the local node or a process running on another node in the OpenVMS Cluster system.You must specify the pidadr argument to awaken processes in other UIC groups.
prcnam
OpenVMS usage: process_name type: character-coded text string access: read only mechanism: by descriptor--fixed-length string descriptor
Name of the process to be awakened. The prcnam is the address of a character string descriptor pointing to the process name. A process running on the local node can be identified with a string of from 1 to 15 characters.To identify a process on a particular node on a cluster, specify the full process name, which includes the node name as well as the process name. The full process name can contain up to 23 characters.
You can use the prcnam argument to awaken only processes in the same UIC group as the calling process because process names are unique to UIC groups, and the operating system uses the UIC group number of the calling process to interpret the process name specified by the prcnam argument. You must use the pidadr argument to awaken processes in other UIC groups.
daytim
OpenVMS usage: date_time type: quadword access: read only mechanism: by reference
Time at which the process is to be awakened. The daytim argument is the address of a quadword containing this time in the system 64-bit time format. A positive time value specifies an absolute time at which the specified process is to be awakened. A negative time value specifies an offset (delta time) from the current time.reptim
OpenVMS usage: date_time type: quadword (unsigned) access: read only mechanism: by reference
Time interval at which the wakeup request is to be repeated. The reptim argument is the address of a quadword containing this time interval. The time interval must be expressed in delta time format.The time interval specified cannot be less than 10 milliseconds; if it is, $SCHDWK automatically increases it to 10 milliseconds.
If you do not specify reptim, a default value of 0 is used, which specifies that the wakeup request is not to be repeated.
The Schedule Wakeup service schedules the awakening of a process that has placed itself in a state of hibernation with the Hibernate ($HIBER) service. A wakeup can be scheduled for a specified absolute time or for a delta time and can be repeated at fixed intervals.If you specify neither the pidadr nor the prcnam argument, the wakeup request is issued on behalf of the calling process. If the longword value at address pidadr is 0, the PID of the target process is returned.
$SCHDWK uses the system dynamic memory to allocate a timer queue entry.
If you issue one or more scheduled wakeup requests for a process that is not hibernating, a subsequent hibernate request by the target process completes immediately; that is, the process does not hibernate. No count of outstanding wakeup requests is maintained.
You can cancel scheduled wakeup requests that have not yet been processed by using the Cancel Wakeup ($CANWAK) service.
If a specified absolute time value has already passed and no repeat time is specified, the timer expires at the next clock cycle (within 10 milliseconds).
Depending on the operation, the calling process might need one of the following privileges to use $SCHDWK:
- GROUP privilege to schedule wakeup requests for a process in the same group unless it has the same UIC
- WORLD privilege to schedule wakeup requests for any other process in the system
This service uses the process's timer queue entries (TQELM) quota. If you specify an AST routine, the service uses the AST limit (ASTLM) quota of the calling process to schedule a wakeup request.
$ASCTIM, $BINTIM, $CANTIM, $CANWAK, $GETTIM, $NUMTIM, $SETIME, $SETIMR
SS$_NORMAL The service completed successfully. SS$_ACCVIO The expiration time, repeat time, process name string, or string descriptor cannot be read by the caller, or the process identification cannot be written by the caller. SS$_EXQUOTA The process has exceeded its AST limit quota. SS$_INCOMPAT The remote node is running an incompatible version of the operating system. SS$_INSFMEM The system dynamic memory is insufficient for allocating a timer queue entry. SS$_IVLOGNAM The process name string has a length of 0 or has more than 15 characters. SS$_IVTIME The specified delta repeat time is a positive value, or an absolute time plus delta repeat time is less than the current time. SS$_NONEXPR The specified process does not exist, or an invalid process identification was specified. SS$_NOPRIV The process does not have the privilege to schedule a wakeup request for the specified process. SS$_NOSUCHNODE The process name refers to a node that is not currently recognized as part of the OpenVMS Cluster system. SS$_REMRSRC The remote node has insufficient resources to respond to the request. (Bring this error to the attention of your system manager.) SS$_UNREACHABLE The remote node is a member of the cluster but is not accepting requests. (This is normal for a brief period early in the system boot process.)
Affects process scheduling. This service is intended for use by a class scheduler process.
SYS$SCHED func ,p1 ,p2 ,p3
int sys$sched (unsigned int func, unsigned int *p1, unsigned int *p2, unsigned int *p3);
Function Codes This section defines each of the $SCHED function codes and describes the values of the p1 argument, p2 argument, and p3 argument for each function.func
OpenVMS usage: function_code type: longword (unsigned) access: write only mechanism: by value
Function code specifying the action $SCHED is to perform. The func argument is a longword containing this code.See the Function Codes section for a list of valid function codes for $SCHED.
p1, p2, p3
OpenVMS usage: longword type: longword (unsigned) access: varies mechanism: varies
The meaning of the p1, p2, and p3 arguments depends on the function code specified in the func argument, and is defined in the Function Codes section.
CSH$_READ_ALL
Returns a buffer containing information, including an index, EPID, and priority, for all processes.The format of the buffer is defined in the $CSHDEF macro and consists of a series of CSHP fields.
The following table shows the p1 argument, p2 argument, and p3 argument values for the CSH$_READ_ALL function code:
Argument Access Description p1 Read Address of the buffer. p2 Write Address of the longword size of the buffer. p3 Write Address of the longword size of the per-process entry. CSH$_READ_NEW
Returns a buffer containing information, including an index, EPID, and priority, for all processes for which a class assignment has not been made.The format of the buffer is defined in the $CSHDEF macro and consists of a series of CSHP fields.
The following table shows the p1 argument, p2 argument, and p3 argument values for the CSH$_READ_NEW function code:
Argument Access Description p1 Read Address of the buffer. p2 Write Address of the longword size of the buffer. p3 Write Address of the longword size of the per-process entry. The following table describes the information returned in the buffer fields for both CSH$_READ_ALL and CSH$_READ_NEW:
Buffer Field Definition CSHP$T_ACCOUNT Account string from the user authorization file (first eight characters). CSHP$L_CPUTIM Process CPU time used, in 10-millisecond ticks. CSHP$L_EPID Process ID (PID). If CSHP information is insufficient to determine the right class for a process, the PID can be used with the $GETJPI(W) system service to obtain additional detail. CSHP$W_PIX A unique integer assigned to the process for its duration. Applications might want to use this value to index arrays. CSHP$B_PRI Current process priority. CSHP$B_PRIB Base process priority. CSHP$L_STATUS Undefined; reserved to HP. CSH$_READ_QUANT
Returns a buffer containing information about how many ticks are left for each class. Data is returned in a series of longwords, one longword per class, starting with class number 0.
Previous Next Contents Index