 |
HP OpenVMS System Services Reference Manual
$RPCC_64 (Alpha and Integrity servers)
On Alpha and Integrity server systems, returns a 64-bit, process-based,
high-resolution time counter.
Format
SYS$RPCC_64
C Prototype
uint64 sys$rpcc_64 ();
Description
On Alpha and Integrity server systems, returns a 64-bit long version of
the current process cycle counter.
On Alpha systems, this service must be called at least once within each
wrap period of the least significant 32 bits of the counter.
For more information, see the RPCC() C-language built-in documentation
and the RPCC instruction in the Alpha Architecture Handbook.
Required Access or Privileges
None
Required Quota
None
$SCAN_INTRUSION
Scans the intrusion database for suspects or intruders during a login
attempt, audits login failures and updates records, or adds new records
to the intrusion database.
Format
SYS$SCAN_INTRUSION logfail_status ,failed_user ,job_type
,[source_terminal] ,[source_node] ,[source_user] ,[source_address]
,[failed_password] ,[parent_user] ,[parent_id] ,[flags]
C Prototype
int sys$scan_intrusion (unsigned int logfail_status, void *failed_user,
unsigned int job_type, void *source_terminal, void *source_node, void
*source_user, void *source_address, void *failed_password, void
*parent_user, unsigned int parent_id, unsigned int flags);
Arguments
logfail_status
| OpenVMS usage: |
status code |
| type: |
longword (unsigned) |
| access: |
read only |
| mechanism: |
by value |
Reason why the user's login attempt failed. The
logfail_status argument is a longword containing the
login failure status code.
The logfail_status argument can contain any valid
message code. For example, the value of the
logfail_status argument is SS$_NOSUCHUSER if the user
name the user entered does not exist on the system.
If the logfail_status argument contains a failure
status, the service performs a suspect scan. Here, the service searches
the intrusion database for intruder suspects as well as intruders. If
the value of the logfail_status argument is a
successful message, such as SS$_NORMAL, the service scans the database
only for intruders. For more information about how the database works,
see the HP OpenVMS Guide to System Security.
failed_user
| OpenVMS usage: |
char_string or item_list_3 |
| type: |
character-coded text string or longword
(unsigned) |
| access: |
read only |
| mechanism: |
by descriptor--fixed-length string descriptor or by
reference |
If the CIA$M_ITEMLIST flag is FALSE:
This argument is the user name associated with the unsuccessful login
attempt. The failed_user argument is the address of a
character-string descriptor pointing to the failed user name.
A failed user name consists of 1 to 32 alphanumeric characters.
If the CIA$M_ITEMLIST flag is TRUE:
The failed_user argument is the address of a 32-bit
item list. If the item list is used, one item, the CIA$_FAILED_USERNAME
item, must be present in the item list.
The following table lists the valid item descriptions for the
failed_user argument:
| Item |
Description |
|
CIA$_FAILED_USERNAME
|
Address of a buffer containing the failed user name.
|
|
CIA$_SCSNODE
|
Address of the 8-character null-padded SCS node name on which the
intrusion happened.
|
|
CIA$_USER_DATA
|
Address of a 256-byte buffer, available for passing third party
specified data.
|
job_type
| OpenVMS usage: |
job type |
| type: |
longword (unsigned) |
| access: |
read only |
| mechanism: |
by value |
Type of job that failed. The job_type argument is a
longword indicating the type of job that failed.
The $JPIDEF macro defines the following values for the
job_type argument:
- JPI$K_BATCH
- JPI$K_DETACHED
- JPI$K_DIALUP
- JPI$K_LOCAL
- JPI$K_NETWORK
- JPI$K_REMOTE
source_terminal
| OpenVMS usage: |
char_string |
| type: |
character-coded text string |
| access: |
read only |
| mechanism: |
by descriptor--fixed-length string descriptor |
Source terminal where the login attempt is occurring. The
source_terminal argument is the address of a
character-string descriptor pointing to the device name of the terminal
from which the login attempt originates.
A source terminal device name consists of 1 to 64 alphanumeric
characters, including underscores (_) and colons (:).
source_node
| OpenVMS usage: |
char_string |
| type: |
character-coded text string |
| access: |
read only |
| mechanism: |
by descriptor--fixed-length string descriptor |
Name of the node from which the user's login attempt originates. The
source_node argument is the address of a
character-string descriptor pointing to the source node name string.
A source node name consists of 1 to 1024 characters. No specific
characters, format, or case is required for a source node name string.
source_user
| OpenVMS usage: |
char_string |
| type: |
character-coded text string |
| access: |
read only |
| mechanism: |
by descriptor--fixed-length string descriptor |
User name associated with the login attempt. The
source_user argument is the address of a
character-string descriptor pointing to the source user name string.
A source user name consists of 1 to 32 alphanumeric characters,
including dollar signs ($) and underscores (_).
source_addr
| OpenVMS usage: |
node address |
| type: |
descriptor |
| access: |
read only |
| mechanism: |
by reference |
Source DECnet for OpenVMS address from which the login attempt
originates. The source_addr argument is the address of
a descriptor containing the source node address.
failed_password
| OpenVMS usage: |
char_string |
| type: |
character-coded text string |
| access: |
read only |
| mechanism: |
by descriptor--fixed-length string descriptor |
Password the user entered for the login attempt. The
failed_password argument is the address of a
character-string descriptor pointing to the plaintext password the user
entered to log in.
A failed password is a password of 0 to 32 characters that did not
allow the user to log in to the system. This argument is not stored in
the intrusion database and is only used for auditing during break-in
attempts.
parent_user
| OpenVMS usage: |
char_string |
| type: |
character-coded text string |
| access: |
read only |
| mechanism: |
by descriptor--fixed-length string descriptor |
Parent process name of the failed login. The
parent_user argument is the address of a
character-string descriptor pointing to the parent process name of the
failed login process.
A parent process name consists of 1 to 15 characters. This argument
should be specified only for failed spawn commands.
parent_id
| OpenVMS usage: |
process_id |
| type: |
longword (unsigned) |
| access: |
read only |
| mechanism: |
by value |
Process identification of the parent process from which the login was
attempted. The parent_id argument is a longword
containing the parent process identification.
flags
| OpenVMS usage: |
mask_longword |
| type: |
longword (unsigned) |
| access: |
read only |
| mechanism: |
by value |
Operational instructions for the service. The flags
argument is a longword bit mask wherein each bit corresponds to an
option.
Each flag option has a symbolic name. The $CIADEF macro defines the
following valid names for the $SCAN_INTRUSION service:
| Symbolic Name |
Description |
|
CIA$M_NOAUDIT
|
If set, this flag indicates that the service should instruct the
security server to not audit the login failure or the break-in attempt.
If the flag is set, you are expected to do your own auditing.
|
|
CIA$M_IGNORE_RETURN
|
Specifies that the service should not wait for the return status from
the security server. No return status from the server's function will
be returned to the caller.
|
|
CIA$M_ITEMLIST
|
If FALSE, the
failed_user argument is a character string. If TRUE,
this argument is a 32-bit item list.
|
|
CIA$M_REAL_USERNAME
|
If set, indicates that the user name passed as the failed user name is
read and known to the system.
|
|
CIA$M_SECONDARY_PASSWORD
|
Indicates that the failed password passed to the service was the
secondary password. If the flag is clear, the password is assumed to be
the primary password.
|
Description
The Scan Intrusion Database service performs the following functions:
- Scans the intrusion database for intruders so that successful
logins are evaded if the system is taking evasive action
- Adds login failures to the intrusion database
- Changes records in the intrusion database from suspects to
intruders when the number of login failures by the specified user or
from the specified source reaches the value of the LGI_BREAK_LIM system
parameter
- Disables user accounts if the LGI_BRK_DISUSER flag is set and the
number of login attempts on a real user has reached LGI_BRK_LIM
- Audits login failures or break-in attempts on behalf of the caller
The information that $SCAN_INTRUSION stores in the intrusion database
is based on the setting of the LGI_BRK_TERM system parameter and the
information passed by the caller. For more information about how the
intrusion database functions and the use of the LGI system parameters,
see the HP OpenVMS Guide to System Security.
Required Access or Privileges
$SCAN_INTRUSION requires the SECURITY privilege.
Required Quota
None
Related Services
$DELETE_INTRUSION, $SHOW_INTRUSION
Condition Values Returned
|
SS$_NORMAL
|
The service completed successfully.
|
|
SS$_ACCVIO
|
One or more of the arguments were not readable.
|
|
SS$_BADBUFLEN
|
The length of one or more of the specified arguments is out of range.
|
|
SS$_BADPARAM
|
An invalid flag was specified in the
flags argument.
|
|
SS$_NOSECURITY
|
The caller does not have SECURITY privilege.
|
|
|
|
|
This service can also return any of the following messages passed from
the security server:
|
|
SECSRV$_INSUFINFO
|
Not enough information is supplied to form an intrusion record.
|
|
SECSRV$_INTRUDER
|
An intruder matching the information passed to the service exists in
the intrusion database.
|
|
SECSRV$_NOMATCH
|
No intruders or suspects exist that match the information passed to the
service.
|
|
SECSRV$_SERVERNOTACTIVE
|
The security server is not currently active. Try the request again
later.
|
|
SECSRV$_SUSPECT
|
A suspect matching the information passed to the service exists in the
intrusion database.
|
$SCHDWK
Schedules the awakening (restarting) of a process that has placed
itself in a state of hibernation with the Hibernate ($HIBER) service.
Format
SYS$SCHDWK [pidadr] ,[prcnam] ,daytim ,[reptim]
C Prototype
int sys$schdwk (unsigned int *pidadr, void *prcnam, struct _generic_64
*daytim, struct _generic_64 *reptim);
Arguments
pidadr
| OpenVMS usage: |
process_id |
| type: |
longword (unsigned) |
| access: |
modify |
| mechanism: |
by reference |
Process identification (PID) of the process to be awakened. The
pidadr argument is the address of a longword
containing the PID. The pidadr argument can refer to a
process running on the local node or a process running on another node
in the OpenVMS Cluster system.
You must specify the pidadr argument to awaken
processes in other UIC groups.
prcnam
| OpenVMS usage: |
process_name |
| type: |
character-coded text string |
| access: |
read only |
| mechanism: |
by descriptor--fixed-length string descriptor |
Name of the process to be awakened. The prcnam is the
address of a character string descriptor pointing to the process name.
A process running on the local node can be identified with a string of
from 1 to 15 characters.
To identify a process on a particular node on a cluster, specify the
full process name, which includes the node name as well as the process
name. The full process name can contain up to 23 characters.
You can use the prcnam argument to awaken only
processes in the same UIC group as the calling process because process
names are unique to UIC groups, and the operating system uses the UIC
group number of the calling process to interpret the process name
specified by the prcnam argument. You must use the
pidadr argument to awaken processes in other UIC
groups.
daytim
| OpenVMS usage: |
date_time |
| type: |
quadword |
| access: |
read only |
| mechanism: |
by reference |
Time at which the process is to be awakened. The
daytim argument is the address of a quadword
containing this time in the system 64-bit time format. A positive time
value specifies an absolute time at which the specified process is to
be awakened. A negative time value specifies an offset (delta time)
from the current time.
reptim
| OpenVMS usage: |
date_time |
| type: |
quadword (unsigned) |
| access: |
read only |
| mechanism: |
by reference |
Time interval at which the wakeup request is to be repeated. The
reptim argument is the address of a quadword
containing this time interval. The time interval must be expressed in
delta time format.
The time interval specified cannot be less than 10 milliseconds; if it
is, $SCHDWK automatically increases it to 10 milliseconds.
If you do not specify reptim, a default value of 0 is
used, which specifies that the wakeup request is not to be repeated.
Description
The Schedule Wakeup service schedules the awakening of a process that
has placed itself in a state of hibernation with the Hibernate ($HIBER)
service. A wakeup can be scheduled for a specified absolute time or for
a delta time and can be repeated at fixed intervals.
If you specify neither the pidadr nor the
prcnam argument, the wakeup request is issued on
behalf of the calling process. If the longword value at address
pidadr is 0, the PID of the target process is returned.
$SCHDWK uses the system dynamic memory to allocate a timer queue entry.
If you issue one or more scheduled wakeup requests for a process that
is not hibernating, a subsequent hibernate request by the target
process completes immediately; that is, the process does not hibernate.
No count of outstanding wakeup requests is maintained.
You can cancel scheduled wakeup requests that have not yet been
processed by using the Cancel Wakeup ($CANWAK) service.
If a specified absolute time value has already passed and no repeat
time is specified, the timer expires at the next clock cycle (within 10
milliseconds).
Required Access or Privileges
Depending on the operation, the calling process might need one of the
following privileges to use $SCHDWK:
- GROUP privilege to schedule wakeup requests for a process in the
same group unless it has the same UIC
- WORLD privilege to schedule wakeup requests for any other process
in the system
Required Quota
This service uses the process's timer queue entries (TQELM) quota. If
you specify an AST routine, the service uses the AST limit (ASTLM)
quota of the calling process to schedule a wakeup request.
Related Services
$ASCTIM, $BINTIM, $CANTIM, $CANWAK, $GETTIM, $NUMTIM, $SETIME, $SETIMR
Condition Values Returned
|
SS$_NORMAL
|
The service completed successfully.
|
|
SS$_ACCVIO
|
The expiration time, repeat time, process name string, or string
descriptor cannot be read by the caller, or the process identification
cannot be written by the caller.
|
|
SS$_EXQUOTA
|
The process has exceeded its AST limit quota.
|
|
SS$_INCOMPAT
|
The remote node is running an incompatible version of the operating
system.
|
|
SS$_INSFMEM
|
The system dynamic memory is insufficient for allocating a timer queue
entry.
|
|
SS$_IVLOGNAM
|
The process name string has a length of 0 or has more than 15
characters.
|
|
SS$_IVTIME
|
The specified delta repeat time is a positive value, or an absolute
time plus delta repeat time is less than the current time.
|
|
SS$_NONEXPR
|
The specified process does not exist, or an invalid process
identification was specified.
|
|
SS$_NOPRIV
|
The process does not have the privilege to schedule a wakeup request
for the specified process.
|
|
SS$_NOSUCHNODE
|
The process name refers to a node that is not currently recognized as
part of the OpenVMS Cluster system.
|
|
SS$_REMRSRC
|
The remote node has insufficient resources to respond to the request.
(Bring this error to the attention of your system manager.)
|
|
SS$_UNREACHABLE
|
The remote node is a member of the cluster but is not accepting
requests. (This is normal for a brief period early in the system boot
process.)
|
$SCHED
Affects process scheduling. This service is intended for use by a class
scheduler process.
Format
SYS$SCHED func ,p1 ,p2 ,p3
C Prototype
int sys$sched (unsigned int func, unsigned int *p1, unsigned int *p2,
unsigned int *p3);
Arguments
func
| OpenVMS usage: |
function_code |
| type: |
longword (unsigned) |
| access: |
write only |
| mechanism: |
by value |
Function code specifying the action $SCHED is to perform. The
func argument is a longword containing this code.
See the Function Codes section for a list of valid function codes for
$SCHED.
p1, p2, p3
| OpenVMS usage: |
longword |
| type: |
longword (unsigned) |
| access: |
varies |
| mechanism: |
varies |
The meaning of the p1, p2, and
p3 arguments depends on the function code specified in
the func argument, and is defined in the Function
Codes section.
Function Codes This section defines each of the $SCHED function codes
and describes the values of the p1 argument,
p2 argument, and p3 argument for each
function.
CSH$_READ_ALL
Returns a buffer containing information, including an index, EPID, and
priority, for all processes.
The format of the buffer is defined in the $CSHDEF macro and consists
of a series of CSHP fields.
The following table shows the p1 argument,
p2 argument, and p3 argument values
for the CSH$_READ_ALL function code:
| Argument |
Access |
Description |
|
p1
|
Read
|
Address of the buffer.
|
|
p2
|
Write
|
Address of the longword size of the buffer.
|
|
p3
|
Write
|
Address of the longword size of the per-process entry.
|
CSH$_READ_NEW
Returns a buffer containing information, including an index, EPID, and
priority, for all processes for which a class assignment has not been
made.
The format of the buffer is defined in the $CSHDEF macro and consists
of a series of CSHP fields.
The following table shows the p1 argument,
p2 argument, and p3 argument values
for the CSH$_READ_NEW function code:
| Argument |
Access |
Description |
|
p1
|
Read
|
Address of the buffer.
|
|
p2
|
Write
|
Address of the longword size of the buffer.
|
|
p3
|
Write
|
Address of the longword size of the per-process entry.
|
The following table describes the information returned in the buffer
fields for both CSH$_READ_ALL and CSH$_READ_NEW:
| Buffer Field |
Definition |
|
CSHP$T_ACCOUNT
|
Account string from the user authorization file (first eight
characters).
|
|
CSHP$L_CPUTIM
|
Process CPU time used, in 10-millisecond ticks.
|
|
CSHP$L_EPID
|
Process ID (PID). If CSHP information is insufficient to determine the
right class for a process, the PID can be used with the $GETJPI(W)
system service to obtain additional detail.
|
|
CSHP$W_PIX
|
A unique integer assigned to the process for its duration. Applications
might want to use this value to index arrays.
|
|
CSHP$B_PRI
|
Current process priority.
|
|
CSHP$B_PRIB
|
Base process priority.
|
|
CSHP$L_STATUS
|
Undefined; reserved to HP.
|
CSH$_READ_QUANT
Returns a buffer containing information about how many ticks are left
for each class. Data is returned in a series of longwords, one longword
per class, starting with class number 0.
|
