 |
OpenVMS System Manager's Manual
9.4.1.2 Changing Protection After Disk Volumes Are Mounted
You can change protection by using the SET SECURITY/CLASS=VOLUME
command with the /PROTECTION, /OWNER, or /ACL qualifier to change any
aspect of the volume security profile.
Changing UIC-Based Protection
To change UIC-based protection after a volume is mounted, use the SET
SECURITY/CLASS=VOLUME/PROTECTION command. For example:
$ SET SECURITY/CLASS=VOLUME/PROTECTION=(S:RWCD,O:RWCD,G:RC,W:RC) DUA0:
|
The protection set in this example allows the system and owner all
types of access. Group and world access types can only read files and
run programs. Any category not specified in the protection code
(S,O,G,W) is unchanged.
Changing ACL-Based Protection
To change ACL-based protection after a volume is mounted, use the SET
SECURITY/CLASS=VOLUME/ACL command. To change the ACL, for example:
$ SET SECURITY/CLASS=VOLUME/ACL=(IDENTIFIER=DOC,ACCESS=READ+WRITE+EXECUTE) -
_$ $1$DSA7:
|
This example gives holders of the DOC identifier read, write, and
execute access to the $1$DSA7: volume.
9.4.1.3 Displaying UIC- and ACL-Based Protection
You can use the SHOW SECURITY/CLASS=VOLUME command to display
protection. For example:
$ SHOW SECURITY/CLASS=VOLUME $1$DSA27:
|
The following example shows the resulting display:
$1$DSA27: object of class VOLUME
Owner: [1,1]
Protection: (System: RWCD, Owner: RWCD, Group: RWCD, World: RWCD)
Access Control List:
(IDENTIFIER=[ABC,SADAMS],ACCESS=READ+WRITE+CREATE+DELETE)
|
In the display are the name and profile of the VOLUME class object
$1$DSA27. The profile includes the owner UIC, the protection code, and
the access control list (ACL) of the protected object.
9.4.2 Protecting Tape Volumes
The system protects magnetic tapes only at the volume level. You
establish protection when you initialize tape volumes; after that, the
Mount utility (MOUNT) enforces the protection that you have established.
You can use two levels of protection for tape volumes:
| Level of Protection |
Description |
|
Guidelines of the ISO standard
|
The ISO standard, which is the first level of protection, is encoded in
the accessibility field of the first volume label written on the
magnetic tape. With this protection scheme, you can protect tape
volumes in environments where interchange exists between the OpenVMS
system and the operating system that is not OpenVMS.
|
|
UIC-based protection scheme supported by system software
|
This second level of protection is encoded in the second volume label
written on the magnetic tape. Only OpenVMS systems check this scheme;
it is ignored in any interchange with operating systems that are not
OpenVMS.
|
Standard-Labeled Tape Protection
The OpenVMS tape file system bases its accessibility protection
on the ISO standards. This protection allows an installation routine to
use a routine that interprets the contents of the volume- and
header-label accessibility field. Refer to the $MTACCESS system service
in the OpenVMS System Services Reference Manual for more information about installation routines.
Access Types with Default Protection
When you do not supply a protection code during initialization, all
users receive read and write access, explained in Table 9-12.
The security profile of a tape volume is stored in the ANSI VOL1 and
VOL2 labels written on the tape. The VOL2 label contains
system-specific information. To override the creation of VOL2 labels,
specify the /INTERCHANGE qualifier with the INITIALIZE command or the
INIT$_INTERCHANGE itemcode on the $INIT_VOL system service.
Foreign Volume Protection
The operating system also supports foreign tape volumes.
(Foreign volumes either lack the standard volume label
or have been mounted with the /FOREIGN qualifier.) When a tape volume
is mounted with the /FOREIGN qualifier, users in the system and owner
categories are always given full access (read, write, logical, and
physical), regardless of what is specified in the protection code.
9.4.2.1 Using the /PROTECTION Qualifier with Tape Volumes
If you use the /PROTECTION qualifier when you initialize tape volumes,
the protection code is written to a system-specific volume label.
With the /PROTECTION qualifier, the system applies only read (R) and
write (W) access restrictions. (Execute [E] and delete [D] access do
not apply.) The system and the owner always receive both read (R) and
write (W) access to magnetic tapes, regardless of the protection code
you specify.
9.4.2.2 Protecting Tape Volumes for Interchange Environments
You can protect tape volumes for interchange between OpenVMS and other
operating systems.
The following list contains guidelines for protecting specific types of
magnetic tapes:
- With tapes processed on any operating system that supports a
version of the ANSI standard later than Version 3, the system processes
accessibility information in the first volume label.
- To process magnetic tapes created on a Compaq operating system
other than the OpenVMS operating system Version 4.0 or later, a user
must have VOLPRO privilege and must explicitly override the check on
the protection as follows:
- If the tape was created with a specified accessibility, then a user
must have the appropriate privilege and must explicitly override the
check on accessibility.
- If the tape volume was not created with such a protection scheme,
then a user is granted read and write access to that tape volume.
- The tape file system allows you to specify values for the fields in
which other Compaq operating systems currently write their protection
information. Except under the conditions described in the last bulleted
item, the OpenVMS operating system does not process these fields. Thus,
you can use these fields to store the protection values for another
operating system without affecting the system protection
characteristics on that particular volume.
9.4.3 Auditing Volume Access
You can enable auditing for the volume object class; the system then
audits disk volume access, with the following exceptions:
- The system does not audit volume creation or deletion.
- The system does not audit access for tapes, ODS-1, or
foreign-mounted volumes.
9.5 Mounting Volumes
Mounting a disk or tape volume establishes a relationship between the
volume and the device on which the volume is physically loaded. After
you mount a volume, the system knows it exists, and users can access
it. (This section assumes that you are performing the mount operation
yourself.)
File-Structured and Foreign Volumes
Ordinarily, when you mount volumes, the system imposes a format on each
volume that allows you to read, write, create (or execute), and delete
files. These mounted volumes have the format of the OpenVMS operating
system.
If you specify the /FOREIGN qualifier when you mount a volume, the
system does not impose a format on the media, and you cannot access the
files on the mounted volume. Use the /FOREIGN qualifier to mount
volumes with formats of operating system that are not OpenVMS or with
private formats.
Because foreign volumes are not file-structured, you must access them
as follows:
- Disks---sequentially or by logical block number
- Tapes---sequentially
At times, the Backup utility (BACKUP) requires you to mount volumes
with the /FOREIGN qualifier, when you restore an entire disk, for
example. For details, refer to the OpenVMS System Management Utilities Reference Manual.
How to Perform This Task
When mounting volumes, follow these steps:
- Physically mount all disks and put them on line.
- Enter the MOUNT command (which invokes the Mount utility),
using the following format:
MOUNT device-name volume-label logical-name
|
where:
|
device-name
|
Specifies the physical device name or logical name of the device on
which the volume is to be mounted.
|
|
volume-label
|
Specifies the label on the volume.
|
|
logical-name
|
Defines a logical name to be associated with the device.
|
Once invoked, the Mount utility performs the following actions:
- Allocates the device
- Checks to see that the device is correctly loaded
- Reads and verifies the volume identification
Using Qualifiers with the MOUNT Command
Under special conditions, you must add qualifiers to the MOUNT command;
for example:
- To mount a public volume, use the /SYSTEM qualifier with the DCL
command MOUNT using the following format:
MOUNT/SYSTEM device-name volume-label logical-name
|
- In an OpenVMS Cluster environment, also specify the /CLUSTER
qualifier:
MOUNT/SYSTEM/CLUSTER device-name volume-label logical-name
|
Table 9-13 and Table 9-14 show, respectively, the qualifiers you
can use when you mount disks and tapes.
The following sections explain how to perform these tasks:
9.5.1 Using MOUNT Command Qualifiers When You Mount Disks
Table 9-13 lists MOUNT command qualifiers you can use to mount
disks. The OpenVMS System Management Utilities Reference Manual has more information about each qualifier.
Table 9-13 MOUNT Command Qualifiers for Mounting Disks
| Qualifier |
Description |
|
/ACCESSED=
n
|
Requires OPER privilege; specifies the approximate number of
directories that will be in use concurrently on the volume. (This
qualifier is obsolete for ODS-2.) For example, on a large 500 megabyte
(MB) disk you might select a value of 40, but on a small disk you might
specify the following value:
$ MOUNT/ACCESSED=2 DUA3:
|
|
/ASSIST
|
Directs the mount operation to allow operator or user intervention if
the mount request fails.
The /ASSIST qualifier is the default except during system startup.
Encourage users to take advantage of this feature, which repeatedly
alerts the operator of a mount request until the request is satisfied.
To disable operator-assisted mounts, enter a command similar to the
following:
$ MOUNT/SYSTEM/NOASSIST DUA1: SALES_98
|
|
/BIND=
volume-set-name
|
Creates a volume set of one or more disk volumes or adds
one or more volumes to an existing volume set. For example:
$ MOUNT/SYSTEM/BIND=CLIENTS DUA0:,DUA1: EUROPE,ASIA
See Section 9.6.1.2 for details.
|
|
/CACHE=
keyword
|
Controls whether caching limits established at system generation are
disabled or overridden. For example:
$ MOUNT/CACHE=(EXTENT=60,FILE_ID=60,QUOTA=20) -
_$ DMA0: FILES WORK
%MOUNT-I-MOUNTED, FILES mounted on _NODE$DMA0:
This command mounts a device labeled FILES and assigns the logical
name WORK. The /CACHE qualifier enables an extent cache of 60 entries,
a file identification cache of 60 entries, and a quota cache of 20
entries.
|
|
/CLUSTER
|
Requires SYSNAM privilege; specifies that after a volume is
successfully mounted on the local node, or if it is already mounted
with the /SYSTEM qualifier on the local node, it is to be mounted on
every other node in the existing OpenVMS Cluster environment (that is,
the volume is to be mounted clusterwide). For example:
$ MOUNT/SYSTEM/CLUSTER DUA1: SALES_95
|
|
/COMMENT=
"string"
|
Specifies additional information to be included with the operator
request when the mount operation requires operator assistance. For
example:
$ MOUNT/SYSTEM DYA1: SALES_95/COMMENT="Vol. in Rack 2."
|
|
/EXTENSION=
n
|
Requires OPER privilege; specifies the number of blocks by which disk
files are to be extended on the volume unless otherwise specified by an
individual command or program request.
The cluster size sets the initial disk block allocation; the /EXTENSION
qualifier determines how the file grows. For example, for a small disk
with a cluster size of 1 disk block, you might select an extension size
of 2 disk blocks:
$ MOUNT/EXTENSION=2 DUA3:
|
|
/FOREIGN
|
Indicates that the volume is not in the standard format used by the
operating system. Use this qualifier if you want to mount a disk volume
with a file structure other than Files--11 or ISO 9660; for example
(using DISK as a logical name):
$ MOUNT/FOREIGN DISK
|
|
/MEDIA_FORMAT=CDROM
|
Mounts a volume assuming the media to be ISO 9660 (or High Sierra)
formatted.
|
|
/[NO]MOUNT_VERIFICATION
|
Enables or disables the mount verification feature on disks. By
default, the mount verification feature is enabled. If a device goes
off line or becomes write-locked, mount verification notifies the
operator of the error condition, and then checks to see that the volume
identification before and after the error condition are identical.
To disable mount verification, enter a command like the following
one:
$ MOUNT/SYSTEM/NOMOUNT_VERIFICATION DUA1: ACCOUNTS_DUE
|
|
/OVERRIDE=
keyword
|
Inhibits one or more protection checks that the MOUNT command performs.
|
|
/PROTECTION=
keyword
|
Specifies the protection code to be assigned to the volume. Keywords
are in the following list:
- Protection code: specifies the protection code according to the
standard syntax rules for specifying user protection (that is,
system/owner/group/world).
- XAR: enables enforcement of the extended record attribute (XAR)
access controls (ISO 9660 only).
- DSI: enables XAR permissions owner and group for XARs containing
DIGITAL System Identifiers (DSI). (ISO 9660 only.)
See Section 9.4.1 for details.
|
|
/SHARE
|
Specifies that other users can access the volume.
(However, you must use the /SYSTEM qualifier to mount public volumes.)
Two users can access a private volume simultaneously if they both use
MOUNT/SHARE. For example:
$ MOUNT/SHARE DLA0: COST_ACCOUNT
Using the MOUNT/SHARE command on disks already mounted with the
/SYSTEM qualifier retains a lock on disk availability even if the disk
is dismounted on a systemwide basis. This practice is not usually used
for the system disk, but it can occur as a result of invoking a
general-purpose command procedure that is sometimes used on system and
nonsystem disks.
If the DISMOUNT.EXE program is opened by a user and another user
enters the MOUNT/SHARE command on the system disk, a subsequent
dismount may produce a warning message that the disk cannot be
dismounted. To prevent the message, install the DISMOUNT.EXE image.
|
|
/SUBSYSTEM
|
Enables the processing of subsystem
ACEs. (The command MOUNT/SUBSYSTEM requires the SECURITY privilege.) By
default, the disk from which you boot has /SUBSYSTEM enabled but other
disks do not. The following command uses the MOUNT command with the
/SUBSYSTEM qualifier to enable the processing of subsystem ACEs on the
DUA0: device (DOC is the volume label; WORK8 is an optional logical
name for the volume):
$ MOUNT/SUBSYSTEM/SYSTEM DUA0: DOC WORK8
|
|
/SYSTEM
|
Requires SYSNAM privilege; makes the volume public, that is, available
to all users of the system, as long as the UIC-based volume protection
allows them access.
The following command mounts the volume labeled WORK and makes it
available systemwide:
$ MOUNT/SYSTEM DUA1: WORK
|
|
/UCS_SEQUENCE=
escape_sequence
|
Supplies the escape sequence to select the coded graphic character set,
a requirement when mounting an ISO 9660 volume for one of its
Supplementary Volume Descriptors (SVDs).
|
|
/UNDEFINED_FAT
|
Establishes default file attributes to be used for records on ISO 9660
media for which no record format has been specified.
|
|
/WINDOWS=
n
|
Requires OPER privilege; specifies the number of mapping pointers to be
allocated for file windows.
The default number of windows is set with the INITIALIZE command. The
following example specifies a modest number of pointers:
$ MOUNT/WINDOWS=4 DUA3:
|
9.5.2 Using MOUNT Command Qualifiers When You Mount Tapes
Table 9-14 lists MOUNT command qualifiers you can use to mount a
tape volume. For a complete list of MOUNT command qualifiers, refer to
the OpenVMS System Management Utilities Reference Manual.
Unless otherwise noted, you must have VOLPRO privilege to use any of
these qualifiers when the volume is a standard-labeled volume
containing protection that disallows your process from accessing the
volume.
Table 9-14 MOUNT Command Qualifiers for Mounting Tapes
| Qualifier |
Description |
|
/BLOCKSIZE=
n
|
Specifies the block size for the
magnetic tape. The range of valid values for
n varies, depending on the density of the volume, whether the
data is for input or output, and whether the operation uses OpenVMS
RMS. By default, the system writes 2048-byte blocks.
|
|
/CACHE=TAPE_DATA
|
Requires OPER privilege; enables the write cache for a tape device if
the tape controller supports one. /NOCACHE is the default for mounting
tape devices.
You must specify TAPE_DATA to enable write caching. The write buffer
stays enabled even after you dismount the tape.
|
|
/FOREIGN
|
Indicates that the volume is not in the standard format used by the
operating system.
|
|
/HDR3
|
Controls whether special header labels are written on a tape volume.
This is the default.
|
|
/[NO]MOUNT_VERIFICATION
|
Enables or disables the mount verification feature on magnetic tapes.
By default, the mount verification feature is enabled. If a device goes
off line or becomes write-locked, mount verification notifies the
operator of the error condition, and then checks to see that the volume
identification before and after the error condition are identical.
To disable mount verification, enter a command similar to the
following:
$ MOUNT/SYSTEM/NOMOUNT_VERIFICATION MUA1: ACCOUNTS_DUE
|
|
/OVERRIDE=
keyword
|
Inhibits one or more of the access checks that the MOUNT command
performs. For example:
$ MOUNT/OVERRIDE=IDENTIFICATION MFA0:
This command overrides the volume identification field, thus
mounting a magnetic tape on MFA0: without a label specification.
|
|
/OWNER_UIC=
uic
|
Requests that the specified UIC be assigned ownership of the volume
while it is mounted, overriding the ownership recorded on the volume.
Or, if you are mounting a volume using the /FOREIGN qualifier, requests
an owner UIC other than your current UIC.
|
|
/PROCESSOR=
keyword
|
For magnetic tapes and Files--11 Structure Level 1 disks, requests that
the MOUNT command associate an ancillary control process (ACP) to
process the volume.
You must have the operator user privilege OPER to use the
/PROCESSOR qualifier.
Keywords are in the following list:
- UNIQUE
For magnetic tape and Files-11 ODS-1, ISO 9660, or High Sierra
formatted media being mounted, creates a new process to execute a copy
of the default ACP image for the specified device type or controller.
For Files-11 Structure Level 2 or 5 disks, allocates a separate block
cache.
- SAME:
device
For magnetic tape and Files-11 ODS-1, ISO 9660, or High Sierra
formatted media being mounted, uses the same ACP process currently
being used by the device specified. For Files-11 Structure Level 2 or 5
disks, takes the block cache allocation from the specified device.
-
filespec
Creates a new process to execute the ACP image specified by the
file specification (for example, a modified or a user-written ACP). You
cannot use wildcard characters or node and directory names in the file
specification.
To use this keyword, you must have CMKRNL and OPER privileges.
The /PROCESSOR qualifier causes MOUNT to override the default
manner in which ACPs are associated with devices. For example:
$ MOUNT/PROCESSOR=SAME:MTA1: MFA0:
This command directs MOUNT to mount a magnetic tape on MFA0: using
the same ACP process currently associated with the MTA1: device.
|
|
/PROTECTION=
code
|
Specifies the protection code to be assigned to the volume for the
duration of the mount. See Section 9.4.2 for details.
|
|
/RECORDSIZE=
n
|
Specifies the number of characters in each record of a magnetic tape
volume. Use this qualifier when you mount a volume that has a file
without a second header label (such as RT--11 volumes), or when you
mount volumes with the /FOREIGN qualifier, to provide RMS with the size
of fixed-length records or the maximum size of variable-length records.
|
|
