HP OpenVMS Systems Documentation

Examples

1. The following line in MODPARAMS.DAT specifies that all page file space should total 100,000 blocks:

   PAGEFILE = 100000

   
   If you had only a primary page file, the resulting size of that file would be 100,000 blocks. If you had multiple page files, the difference between the total current size and the total new size would be spread across secondary files. For example, if you specified PAGEFILE = 100000, the changed page file sizes would be as follows:

   File	Original Size (in Blocks)	Resulting Size (in Blocks)
   Primary page file	10,000	10,000
   Secondary page file 1	30,000	45,000
   Secondary page file 2	30,000	45,000

2. To direct AUTOGEN to set the primary page file size to 10,000 blocks, use the symbol definition:

   PAGEFILE1_SIZE = 10000

3. To direct AUTOGEN to create a new secondary swap file named PAGED$:[PAGESWAP]SWAPFILE.SYS that holds 30,000 blocks, use the symbol definitions:

   SWAPFILE2_NAME = "PAGED$:[PAGESWAP]SWAPFILE.SYS" MIN_SWAPFILE2_SIZE = 30000

Compaq recommends that you use AUTOGEN to change sizes of system page, swap, and dump files. However, you can use the command procedure SYS$UPDATE:SWAPFILES.COM to change the size of primary system page, swap, and dump files. SWAPFILES.COM shows you the current size of the system page, swap, and dump files before you change the sizes.

If you change the sizes of system page, swap, or dump files, you must edit MODPARAMS.DAT to specify the new sizes, as explained in Section 16.16.1.2. If you do not specify the new sizes in MODPARAMS.DAT, AUTOGEN resizes the files next time it runs.

The procedure displays the sizes of the current system page, swap, and dump files in SYS$SYSTEM, and the amount of space remaining on the system disk. It then allows you to enter new sizes, or keep the existing sizes for these files. If you specify a size that is larger than that of an existing file, the procedure automatically extends the size of a page or dump file. If you specify a smaller size for a system page, swap, or dump file, a new version of the file is created.

How to Perform This Task

1. Enter the following command to invoke the command procedure:

   $ @SYS$UPDATE:SWAPFILES.COM

   
   The system displays the current files found in SYS$SYSTEM and their sizes. For example:

   Current file sizes are: Directory SYS$SYSROOT:[SYSEXE] PAGEFILE.SYS;1 16384 SYSDUMP.DMP;1 4128 SWAPFILE.SYS;1 3072 Total of 3 files, 23584 blocks. There are 128741 available blocks on SYS$SYSDEVICE.

2. In response to the following prompt, type the desired size, in blocks, for the page file. To keep the same size, press Return:

   Enter new size for page file:

3. In response to the following prompt, type the desired size, in blocks, for the dump file. To keep the same size, press Return:

   Enter new size for system dump file:

4. In response to the following prompt, type the desired size, in blocks, for the swap file. To keep the same size, press Return:

   Enter new size for swap file:

5. Shut down and reboot the system to use the new files.
6. After the system reboots, purge obsolete copies of the files. Do not delete the old files until the system reboots.
7. Edit MODPARAMS.DAT to include the new file sizes, as explained in Section 16.16.1.2. If you do not specify the new sizes in MODPARAMS.DAT, AUTOGEN will automatically resize the files the next time it runs.

Example

$ @SYS$UPDATE:SWAPFILES.COM
To leave a file size at its current value type a
carriage return in response to its size prompt.
Current file sizes are:

Directory SYS$SYSROOT:[SYSEXE]

PAGEFILE.SYS;1    100000
SYSDUMP.DMP;1      28000
SWAPFILE.SYS;1     33000

Total of 3 files, 161000 blocks.

There are 128741 available blocks on SYS$SYSDEVICE.

Enter new size for page file: [Return]
Enter new size for system dump file: 30000
%SYSGEN-I-EXTENDED, SYS$SYSROOT:[SYSEXE]SYSDUMP.DMP;1 extended
Enter new size for swap file: [Return]


***********************************************************************
*  Please reboot in order for the new files to be used by the system. *
*  After rebooting, purge obsolete copies of the files.               *
*  DO NOT delete the old files until after the reboot.                *
***********************************************************************

Compaq recommends that you use AUTOGEN to create and change page, swap, and dump files. AUTOGEN invokes the System Generation utility (SYSGEN) to create or change the files. However, in an emergency, you can use SYSGEN to directly change the size of page, swap and dump files. For example, if you see that page file space is becoming dangerously low, you might use SYSGEN to quickly add page file space to prevent the system from hanging.

How to Perform This Task

1. Determine the location and appropriate size of the files. For information, see Section 16.4.
2. Invoke SYSGEN and enter the CREATE command in the following format:

   CREATE file-spec/SIZE=block-count

   
   where:
   file-spec specifies the full file specification.
   block-count specifies the size of the file in blocks.
   If the file you specify already exists and the size you specify is larger than the existing file, the command extends the existing file. If the file you specify already exists and the size you specify is smaller than the existing file, the command creates a new file of the specified size.
   For example, the following command extends the existing, smaller primary page file PAGEFILE.SYS:

   SYSGEN> CREATE PAGEFILE.SYS/SIZE=100000

   
   For more information about the SYSGEN command CREATE, refer to the SYSGEN section in the OpenVMS System Management Utilities Reference Manual.

   Note Frequent file creation and deletion can cause the free space on a disk to become severely fragmented. SYSGEN issues a HEADERFULL warning message if it determines that the creation or extension of a system file would cause that file to become fragmented enough to render the system unbootable. If this occurs, Compaq recommends that you back up and restore your system disk to consolidate the free space on the volume into one contiguous area. For more information, see Section 11.17. After you restore the disk, retry the SYSGEN operation. When SYSGEN issues a warning message, the file might be somewhat larger, but not as large as the value specified in the CREATE command.

3. Use the following table to determine if you should reboot to use the new or modified file:

   Type	Change	Reboot Required?
   Primary page, swap, system dump, or error log dump file 1	New file	Yes
   	Extended file	Yes
   Secondary page or swap file	New file	No 2
   	Extended file	Yes
   Alternate (DOSD) dump file (Alpha)	New file	No
   	Extended file	No
   Alternate (DOSD) dump file (VAX)	New file	Yes
   	Extended file	Yes

   ---

   ¹Primary page, swap, and dump files are SYS$SPECIFIC:[SYSEXE] PAGEFILE.SYS, SWAPFILE.SYS, SYSDUMP.DMP; and SYS$ERRLOG.DMP.
   ²Although rebooting the system is unnecessary, you must install secondary files before the system can use them. For more information, see Section 16.14.
   

   ---

4. If you create a new version of the file, purge the old version after the system reboots.
5. Add commands to the site-specific startup command procedure SYPAGSWPFILES.COM to make sure the files are installed each time the system boots. For instructions, see Section 16.14.
6. If you do not want AUTOGEN to resize the files according to its calculations, edit MODPARAMS.DAT to specify the sizes of these files. Follow the instructions in Section 16.16.1.2.

Example

The commands in the following example extend the existing files PAGEFILE.SYS, SWAPFILE.SYS, and SYSDUMP.DMP to the specified sizes:

$ RUN SYS$SYSTEM:SYSGEN
SYSGEN> CREATE PAGEFILE.SYS/SIZE=100000
%SYSGEN-I-EXTENDED, SYS$SYSROOT:[SYSEXE]PAGEFILE.SYS;1 extended
SYSGEN> CREATE SWAPFILE.SYS/SIZE=30000
%SYSGEN-I-EXTENDED, SYS$SYSROOT:[SYSEXE]SWAPFILE.SYS;1 extended
SYSGEN> CREATE SYSDUMP.DMP/SIZE=33000
%SYSGEN-I-EXTENDED, SYS$SYSROOT:[SYSEXE]SYSDUMP.DMP;1 extended
SYSGEN> EXIT

When a single process fails but the operating system is still running, the system can create a process dump that contains information about the process to assist in determining what caused the process to fail.

By default, process dumps are written to the current default directory of the user. You can override this by defining the logical name SYS$PROCDMP to identify an alternate directory path. Note that the name of the process dump file is always the same as the name of the main image active at the time the process dump is written, with the file extension .DMP.

On Alpha systems, a process dump is either complete or partial. A complete process dump contains all of process space and all process-pertinent data from system space. A partial process dump contains only user-readable data from process space and only those data structures from system space that are not deemed sensitive. Privileged or protected data, such as an encryption key in third-party software, might be considered sensitive.

On Alpha systems, you can force a dump to be written for another process with the DCL command SET PROCESS/DUMP=NOW process-spec. This command causes the contents of the address space occupied by process-spec to be written immediately to the file named image-name.DMP in the current directory of process-spec.

For more information about the DCL command SET PROCESS/DUMP, refer to the OpenVMS DCL Dictionary: N--Z.

16.17.1 Understanding Privileged Users and Access to Process Dumps (Alpha Only)

For this discussion, a privileged user is one who satisfies one of the following conditions:

• Has one or more of the privileges CMKRNL, CMEXEC, SYSPRV, READALL, or BYPASS
• Is a member of a system UIC group (by default [10,n] or lower). Such users are treated as though they hold SYSPRV privilege.

Holders of CMKRNL or CMEXEC can write complete process dumps. Holders of any of the other privileges mentioned above can read a process dump wherever it has been written.

In general, nonprivileged users should not be able to read complete process dumps, and by default they cannot do so. However, certain situations require that a nonprivileged user be able to read a complete process dump. Other situations require that a nonprivileged user be able to create a complete process dump but be able to read only a partial process dump.

Rights identifier IMGDMP$READALL enables a nonprivileged user to read a complete process dump. Rights identifier IMGDMP$PROTECT protects a complete process dump from being read by the nonprivileged user that created the process dump. These rights identifiers are created during the installation of OpenVMS by the image SYS$SYSTEM:IMGDMP_RIGHTS.EXE, which is also run automatically during system startup to ensure that these rights identifiers exist with the correct values and attributes.

If these rights identifiers have been deleted, you can run SYS$SYSTEM:IMGDMP_RIGHTS.EXE to recreate them. For example:

    $ RUN SYS$SYSTEM:IMGDMP_RIGHTS
    %PROCDUMP-I-CREATED, rights identifier IMGDMP$READALL successfully created
    %PROCDUMP-I-CREATED, rights identifier IMGDMP$PROTECT successfully created

Note that IMGDMP$READALL has no attributes, but IMGDMP$PROTECT is created with the RESOURCE attribute.

16.17.2 Granting Access to Process Dumps (Alpha Only)

To allow a nonprivileged user to write and read complete process dumps, grant the rights identifier IMGDMP$READALL to the user. If the IMGDMP$READALL rights identifier does not exist, run the image SYS$SYSTEM:IMGDMP_RIGHTS.EXE to create it (see Section 16.17.1). Then use AUTHORIZE to grant the rights identifier to the user. For example:

    $ DEFINE /USER SYSUAF SYS$SYSTEM:SYSUAF.DAT  !if necessary
    $ RUN SYS$SYSTEM:AUTHORIZE
    UAF> GRANT /IDENTIFIER IMGDMP$READALL <user>
    UAF> EXIT

Note that the user must log out and log in again to be able to exercise the rights identifier. A nonprivileged user with rights identifier IMGDMP$READALL can read and write complete process dumps without restriction.

16.17.3 Restricting Access to Process Dumps (Alpha Only)

You can allow a nonprivileged user to write a complete process dump and at the same time prevent the user from reading that process dump. To do so, perform the following steps:

1. If the IMGDMP$PROTECT rights identifier does not exist, run the image SYS$SYSTEM:IMGDMP_RIGHTS.EXE to create it (see Section 16.17.1).
2. Create a protected directory with rights identifier IMGDMP$PROTECT. For example:

   $ CREATE /DIRECTORY DKA300:[PROCDUMPS] - /PROTECTION=(S:RWE,O:RWE,G,W) /OWNER_UIC=IMGDMP$PROTECT $ SET SECURITY DKA300:[000000]PROCDUMPS.DIR - /ACL=((DEFAULT_PROTECTION,SYSTEM:RWED,OWNER:RWED,GROUP:,WORLD:), - (IDENTIFIER=IMGDMP$PROTECT,ACCESS=READ+WRITE), - (IDENTIFIER=IMGDMP$PROTECT,OPTIONS=DEFAULT, - ACCESS=READ+WRITE+EXECUTE+DELETE+CONTROL), - (CREATOR,ACCESS=NONE))

3. Define the executive-mode logical name SYS$PROTECTED_PROCDMP to point to the protected directory. For example:

   $ DEFINE /SYSTEM /EXECUTIVE_MODE SYS$PROTECTED_PROCDMP DKA300:[PROCDUMPS]

4. If DISKQUOTA is to be used on the disk containing the protected directory, specify the maximum disk space to be used for process dumps. For example:

   $ RUN SYS$SYSTEM:SYSMAN SYSMAN> DISKQUOTA CREATE /DEVICE=DKA300 ! if necessary SYSMAN> DISKQUOTA ENABLE /DEVICE=DKA300 ! if necessary SYSMAN> DISKQUOTA ADD IMGDMP$PROTECT /DEVICE=DKA300 /PERMQUOTA=10000 SYSMAN> DISKQUOTA REBUILD /DEVICE=DKA300 ! if necessary SYSMAN> EXIT

You can choose to set up additional ACLs on the protected directory to further control which users are allowed to read and write process dumps there.

Note that to take a process dump when the image is installed with elevated privileges or belongs to a protected subsystem, the user must hold CMKRNL privilege, and is by definition a privileged user (see Section 16.17.1).