![[Compaq]](../../images/compaq.gif)
![[Go to the documentation home page]](../../images/buttons/bn_site_home.gif)
![[How to order documentation]](../../images/buttons/bn_order_docs.gif)
![[Help on this site]](../../images/buttons/bn_site_help.gif)
![[How to contact us]](../../images/buttons/bn_comments.gif)
![[OpenVMS documentation]](../../images/ovmsdoc_sec_head.gif)
| Document revision date: 19 July 1999 | |
|
|
|
|
|
|
| Previous | Contents | Index |
Perhaps the widest range of operator messages occurs with volume mounts and dismounts; for example:
%%%%%%%%%%% OPCOM, 19-APR-1998 22:41:07.54 %%%%%%%%%%% message from user SYSTEM Volume "KLATU " dismounted, on physical device MTA0: 15-APR-1998 22:42:14.81, request 2 completed by operator OPA0 |
Users with the appropriate privileges can change the following sets of values for system parameters:
| Values | Description |
|---|---|
| Current | Values stored in the default parameter file on disk and used to boot the system |
| Active | Values stored in memory and used while the system is running |
When the system boots, it reads the current values into memory, creating active values. An active value remains equal to the current value until you change either value.
Users can make the following changes to active and current system parameters:
Compaq recommends that you use AUTOGEN or SYSMAN, not SYSGEN, to change system parameters, as explained in Section 14.2. |
OPCOM logs all changes made to active and current system parameters with messages in the following format:
%%%%%%%%%%% %OPCOM <dd-mmm-yyyy hh:mm:ss.cc> %%%%%%%%%%% Message from user <user-name> %SYSGEN-I-WRITExxx, <system-mode> system parameters modified by process ID <process-id> into file <file-spec> |
%%%%%%%%%%% %OPCOM 3-JUN-1998 08:11:59.55 %%%%%%%%%%% Message from user D_PLUTO on ANASAT %SYSGEN-I-WRITECUR, CURRENT system parameters modified by process ID 0000020B into file SYS$UPDATE:[SYSTEM]UPDATESYS.PAR;2 |
This message indicates that current system parameters have been changed.
If you have changed the format of system messages with the DCL command SET MESSAGE, these messages might not appear in the log file. |
Alarm messages are sent to the security operator terminal when selected events occur. See Section 18.7.6 for instructions about how to enable a terminal to receive security alarm messages.
The following example shows a security alarm OPCOM message after a change to JTQUOTA:
%%%%%%%%%%% OPCOM 6-JAN-1998 10:41:21.10 %%%%%%%%%%%
Message from user AUDIT$SERVER on BISCO
Security alarm (SECURITY) and security audit (SECURITY) on BISCO, system id:
20353
Auditable event: System UAF record modification
Event time: 6-JAN-1998 10:41:20.69
PID: 00600123
Process name: SYSTEM
Username: SYSTEM
Process owner: [SYSTEM]
Terminal name: RTA1:
Image name: BISCO$DUA0:[SYS0.SYSCOMMON.][SYSEXE]AUTHORIZE.EXE
Object class name: FILE
Object name: SYS$SYSTEM:SYSUAF.DAT;4
User record: NEWPORT
JTQUOTA: New: 2048
Original: 1024
|
Example 18-6 illustrates some typical messages found in an operator log file.
| Example 18-6 Sample Operator Log File (SYS$MANAGER:OPERATOR.LOG) | |||
|---|---|---|---|
%%%%%%%%%%% OPCOM, 19-APR-1998 22:26:07.90 %%%%%%%%%%% Device DMA0: is offline. (1) Mount verification in progress. %%%%%%%%%%% OPCOM, 19-APR-1998 22:26:20.22 %%%%%%%%%%% Mount verification completed for device DMA0: %%%%%%%%%%% OPCOM, 19-APR-1998 22:33:54.07 %%%%%%%%%%% Operator '_ZEUS$VT333:' has been disabled, user JONES (2) %%%%%%%%%%% OPCOM, 19-APR-1998 22:34:15.47 %%%%%%%%%%% Operator '_ZEUS$VT333:' has been enabled, user SMITH %%%%%%%%%%% OPCOM, 19-APR-1998 22:34:15.57 %%%%%%%%%%% operator status for '_ZEUS$VT333:' PRINTER, TAPES, DISKS, DEVICES %%%%%%%%%%% OPCOM, 19-APR-1998 22:38:53.21 %%%%%%%%%%% request 1, from user PUBLIC (3) Please mount volume KLATU in device MTA0: The tape is in cabinet A %%%%%%%%%%% OPCOM, 19-APR-1998 22:39:54.37 %%%%%%%%%%% request 1 was satisfied. %%%%%%%%%%% OPCOM, 19-APR-1998 22:40:23.54 %%%%%%%%%%% message from user SYSTEM (4) Volume "KLATU " mounted, on physical device MTA0: %%%%%%%%%%% OPCOM, 19-APR-1998 22:40:38.02 %%%%%%%%%%% request 2, from user PUBLIC MOUNT new relative volume 2 () on MTA0: %%%%%%%%%%% OPCOM, 19-APR-1998 22:41:07.54 %%%%%%%%%%% message from user SYSTEM Volume "KLATU " dismounted, on physical device MTA0: 15-APR-1998 22:42:14.81, request 2 completed by operator OPA0 %%%%%%%%%%% OPCOM, 19-APR-1998 22:46:47.96 %%%%%%%%%%% request 4, from user PUBLIC _TTB5:, This is a sample user request with reply expected. %%%%%%%%%%% OPCOM, 19-APR-1998 22:47:38.50 %%%%%%%%%%% request 4 was canceled %%%%%%%%%%% OPCOM, 19-APR-1998 22:48:21.15 %%%%%%%%%%% message from user PUBLIC _TTB5:, This is a sample user request without a reply expected. %%%%%%%%%%% OPCOM, 19-APR-1998 22:49:37.64 %%%%%%%%%%% Device DMA0: has been write locked. Mount verification in progress. %%%%%%%%%%% OPCOM, 19-APR-1998 23:33:54.07 %%%%%%%%%%% message from user NETACP DECnet shutting down |
The following messages appear in the example:
The operator log file normally resides on the system disk in the [SYSMGR] directory. You can, however, maintain the log file in a different location by defining the logical name OPC$LOGFILE_NAME.
The size of and access to the OPERATOR.LOG file (or to the file pointed to by the logical OPC$LOGFILE_NAME) is limited by the size and access of the disk device on which it resides. If the disk device does not have enough room to write to the log file or if access to the device is restricted in any other way, records might be missing from the log file.
Because this file is in ASCII format, you can print it. Print copies regularly and retain these copies for reference. Section 18.6.5 describes how to print copies of the operator log file.
The system creates a new version of OPERATOR.LOG each time the system
is rebooted (except on workstations in an OpenVMS Cluster environment,
where the log file is not opened by default). Note that one operator
log file exists for each node; it is not a shared file.
18.6.3.1 Creating a New Version of the Operator Log File
You can use the DCL command REPLY/LOG to create a new version of the file at any time. The highest version is always the one in use and is inaccessible to other users. By default, messages of all operator classes are in the log file.
The following list contains guidelines for using the REPLY/LOG command:
If a log file is already open, the list of classes is preserved and enabled on the newly created log file. If a log file is not open, the value of the logical OPC$ENABLE_LOGFILE_CLASSES is used. If that logical does not exist, all classes are enabled on the new log file.
For more information, refer to the REPLY/LOG, REPLY/ENABLE, and REPLY/DISABLE commands in the OpenVMS DCL Dictionary.
The following command opens a log file to include messages about mounting and dismounting disks and tapes:
$ REPLY/LOG/ENABLE=(DISKS,TAPES) |
You can specify the default state of the operator log files by defining logical names in the command procedure SYS$MANAGER:SYLOGICALS.COM. The following table lists these logical names and their functions. For more information about SYLOGICALS.COM, see Section 5.2.5.
Setting the OPC$ALLOW_INBOUND and OPC$ALLOW_OUTBOUND logical names to FALSE severs all OPCOM traffic in the specified direction. All OPCOM messages, as well as any returned status messages that might be expected, will not be delivered. |
| Logical Name | Function |
|---|---|
| OPC$ALLOW_INBOUND | Allows OPCOM traffic that is inbound to the node to be turned on or off. By default, this logical name is set to TRUE. If this logical name is set to FALSE, the node will not receive any OPCOM messages from other nodes in the cluster. |
| OPC$ALLOW_OUTBOUND | Allows OPCOM traffic that is outbound from the node to be turned on or off. By default, this logical name is set to TRUE. If this logical name is set to FALSE, the node will not send any OPCOM messages to other nodes in the cluster. |
| OPC$LOGFILE_ENABLE | Specifies whether an operator log file is opened. If defined to be true, an operator log file is opened. If defined to be false, no operator log file is opened. By default, a log file is opened on all systems except workstations in an OpenVMS Cluster environment. |
| OPC$LOGFILE_CLASSES | Specifies the operator classes that are enabled for the log file. By default, a log file is opened for all classes. The logical name can be a search list of the allowed classes, a comma-separated list, or a combination of the two. Note that you can define OPC$LOGFILE_CLASSES even if you do not define OPC$LOGFILE_ENABLE. In that case, the classes are used for any log files that are opened, but the default is used to determine whether to open the log file. |
| OPC$LOGFILE_NAME | Specifies the name of the log file. By default, the log file is named SYS$MANAGER:OPERATOR.LOG. If you specify a disk other than the system disk, include commands to mount that disk in the command procedure SYLOGICALS.COM. |
| OPC$OPA0_ENABLE | Overrides values of symbols for workstations in a cluster. If you define the logical as TRUE, it sets the OPA0 device to BROADCAST (overrides the NOBROADCAST default setting). For systems that are not workstations in a cluster, if you define the logical as FALSE, it sets the OPA0 device to NOBROADCAST. |
The only logical that is used for more than the initial startup of OPCOM is OPC$LOGFILE_NAME. All other OPCOM logicals are ignored. For example, a REPLY/LOG command opens a new operator log file even if the logical OPC$LOGFILE_ENABLE is defined to be false. To reset OPCOM states and classes after startup, use REPLY/ENABLE or REPLY/DISABLE commands. |
Devise a plan for regular maintenance of operator log files. One way is to start a new log file and rename the second-highest version daily. (See the example in the next section.) You might want to purge outdated versions of the operator log file on a regular basis. However, do not delete versions that you have not backed up. For more information, see Section 5.2.7.9.
If OPCOM is inadvertently deleted, follow these steps to start it manually:
$ @SYS$SYSTEM:STARTUP OPCOM |
Perform the following operation to produce a printed copy of the most recent version of the operator log file. (You must have OPER privilege.)
$ REPLY/ENABLE |
$ REPLY/LOG |
$ SET DEFAULT SYS$MANAGER $ DIRECTORY OPERATOR.LOG |
$ RENAME OPERATOR.LOG;-1 OPERATOR.OLD |
$ PRINT OPERATOR.OLD |
$ REPLY/ENABLE (1) $ REPLY/LOG (2) %%%%%%%%%%% OPCOM, 19-APR-1998 12:28:20.11 %%%%%%%%%%% Logfile was closed by operator _MARS$VTA2: (3) Logfile was HOMER::SYS$MANAGER:[SYSMGT]OPERATOR.LOG;27 %%%%%%%%%%% OPCOM, 19-APR-1998 12:29:24.52 %%%%%%%%%%% Logfile has been initialized by operator _MARS$VTA2: Logfile is HOMER::SYS$MANAGER:[SYSMGT]OPERATOR.LOG;28 $ SET DEFAULT SYS$MANAGER (4) $ DIRECTORY OPERATOR.LOG (5) Directory SYS$MANAGER:[SYSMGT] OPERATOR.LOG;28 OPERATOR.LOG;27 Total of 2 files. $ RENAME OPERATOR.LOG;-1 OPERATOR.OLD (6) $ PRINT OPERATOR.OLD (7) |
The following list provides explanations of the numbered commands and responses in the example:
This section discusses how security auditing works; it also explains
how to enable security auditing and how to create a new version of the
security audit log file. For more information about the security audit
log file, refer to the OpenVMS Guide to System Security.
18.7.1 Understanding Security Auditing
Security auditing is the act of recording security-relevant events as they occur on the system. Security-relevant events are divided into a number of categories called event classes.
By default, the system enables security auditing when you install or upgrade your system for the events shown in Table 18-6.
| Class | Description |
|---|---|
| ACL | Access to any object holding a security Auditing ACE. |
| AUDIT | All uses of the SET AUDIT command. You cannot disable this category. |
| AUTHORIZATION |
All changes to the authorization database:
|
| BREAKIN | All break-in attempts: batch, detached, dialup, local, network, remote. |
| LOGFAILURE | All login failures: batch, dialup, local, remote, network, subprocess, detached. |
If the security requirements at your site justify additional auditing,
you can enable security auditing for other event classes by using the
DCL command SET AUDIT, as explained in Section 18.7.4.
18.7.1.1 Security Audit Log File
The audit server process, which is created at system startup, records the events that are shown in Table 18-6 in the security audit log file, SYS$MANAGER:SECURITY.AUDIT$JOURNAL.
The usefulness of the security audit log file depends upon the procedures you adopt to review the file on a regular basis. For example, you might implement the following procedure as part of your site audit review policy:
The Audit Analysis utility (ANALYZE/AUDIT) running on earlier-version systems is unable to process the current version of audit log files. You must use the current version of ANALYZE/AUDIT to process the current version of the audit log files. The recommended procedure is to maintain separate audit log files on mixed-version clusters.
If redirecting the audit log files, issue the following command on both the earlier-version node and on the node running the current version:
AUDIT/JOURNAL/DESTINATION=filespec |
The destination filespec is stored in the audit server database file. By default, the files are stored in SYS$COMMON:[SYSMGR] and are called SECURITY_AUDIT.AUDIT$JOURNAL and SECURITY.AUDIT$JOURNAL, respectively.
The operating system allows workstations and other users with limited management resources to duplicate their audit log files on another node. The secondary log, a security archive file, is then available to a security administrator on a remote node who has the skills to analyze the file.
Each node in a cluster must have its own archive file. An archive file cannot be shared by multiple nodes in a cluster.
Refer to the OpenVMS Guide to System Security for more information.
18.7.2 Displaying Security Auditing Information
To see which event classes your site currently audits, you can enter the DCL command SHOW AUDIT.
The follow example contains security information:
$ SHOW AUDIT |
System security alarms currently enabled for:
ACL
Breakin: dialup,local,remote,network,detached
Privilege use:
SECURITY
Privilege failure:
SECURITY
System security audits currently enabled for:
ACL
Authorization
Breakin: dialup,local,remote,network,detached
Login: dialup,local,remote,network,detached
Logfailure: batch,dialup,local,remote,network,subprocess,detached
Logout: dialup,local,remote,network,detached
Privilege use:
SECURITY
Privilege failure:
ACNT ALLSPOOL ALTPRI AUDIT BUGCHK BYPASS CMEXEC CMKRNL
DETACH DIAGNOSE EXQUOTA GROUP GRPNAM GRPPRV LOG_IO MOUNT
NETMBX OPER PFNMAP PHY_IO PRMCEB PRMGBL PRMMBX PSWAPM
READALL SECURITY SETPRV SHARE SHMEM SYSGBL SYSLCK SYSNAM
SYSPRV TMPMBX VOLPRO WORLD
DEVICE access:
Failure: read,write,physical,logical,control
FILE access:
Failure: read,write,execute,delete,control
VOLUME access:
Failure: read,write,create,delete,control
|
| Previous | Next | Contents | Index |
|
|
| privacy and legal statement | ||
| 6017PRO_082.HTML | ||