 |
HP OpenVMS System Services Reference Manual
$SHOW_INTRUSION
Searches for and returns information about records in the intrusion
database matching the caller's specifications.
Format
SYS$SHOW_INTRUSION user_criteria ,intruder ,intruder_len ,breakin_block
,[flags] ,[context]
C Prototype
int sys$show_intrusion (void *user_criteria, void *intruder, unsigned
short int *intruder_len, void *breakin_block, unsigned int flags,
unsigned int *context);
Arguments
user_criteria
| OpenVMS usage: |
char_string or item_list_3 |
| type: |
character-coded text string or longword
(unsigned) |
| access: |
read only |
| mechanism: |
by descriptor--fixed-length string descriptor or by
reference |
If the CIA$M_ITEMLIST flag is FALSE:
The user_criteria argument is the description of
intruder or suspect. The user_criteria argument is the
address of a character-string descriptor pointing to a buffer
containing the user criteria to match an intrusion record's user
specification in the intrusion database.
The user_criteria argument is a character string of
between 1 and 1058 bytes containing characters to match the user
specification on records in the intrusion database.
A user specification is any combination of the suspect's or intruder's
source node name, source user name, source DECnet for OpenVMS address,
local failed user name, local terminal, or the string UNKNOWN. The user
specification for an intrusion record is based on the input to the
$SCAN_INTRUSION service and the settings of the LGI system parameter.
For more information, see the HP OpenVMS Guide to System Security.
Wildcards are allowed for the user_criteria argument.
For more information about using wildcards to scan the intrusion
database, see the Description section.
If the CIA$M_ITEMLIST flag is TRUE:
The user_criteria argument is now the address of an
32-bit item list. If the item list is used, one item, the
CIA$_USER_CRITERIAL item, must be present in the item list.
The following table lists the valid item descriptions for the
user_criteria argument:
| Item |
Description |
|
CIA$_OUTPUT_LIST
|
Address of an 8192-byte buffer into which the service writes the
associated node information for the returned intrusion record.
|
|
CIA$_SCSNODE_LIST
|
Address of a list of 8-character null-padded SCS nodenames for which
the caller wants to see intrusion information about.
|
|
CIA$_USER_CRITERIAL
|
Address of a buffer, 1-1058 bytes long, containing the intruder or
suspect.
|
If a CIA$_SCSNODE_LIST item is provided, an intrusion record will only
be returned if it originated on one of the nodes specified. If a
CIA$_SCSNODE_LIST item is not provided, records from all nodes will be
candidates for display. Multiple CIA$_SCSNODE_LIST items are permitted
in the item list.
If a CIA$_OUTPUT_LIST item is provided, the item is filled with
node-count records on return. The returned intrusion record will have a
breakin block with a valid attempt-count field. The node-count records
will have the name and attempt-count for each node represented.
intruder
| OpenVMS usage: |
char_string |
| type: |
character-coded text string |
| access: |
write only |
| mechanism: |
by descriptor--fixed-length string descriptor |
User specification of the matched intruder or suspect record in the
intrusion database. The intruder argument is the
address of a character-string descriptor pointing to a buffer to
receive the user specification of the matched record in the intrusion
database.
The intruder argument is a 1058-byte string that will
receive the user specification of a record in the intrusion database
that matches the specifications in the user_criteria
and flags arguments.
intruder_len
| OpenVMS usage: |
string length |
| type: |
longword (unsigned) |
| access: |
write only |
| mechanism: |
by reference |
Length of returned string in the intrusion buffer. The
intruder_len argument is the address of a longword to
receive the length of the returned intrusion buffer.
The possible range of the intruder_len argument is 0
to 1058 bytes. If the longword specified by the argument contains a 0
after the call to the service, either the service did not find a record
that matched the user criteria in the intrusion database, or there are
no more matching items in the intrusion database.
breakin_block
| OpenVMS usage: |
record |
| type: |
block of 2 longwords (unsigned) and 1 quadword
(unsigned) |
| access: |
write only |
| mechanism: |
by reference |
Block to receive various information in the intrusion database about a
record matching the user criteria. The breakin_block
argument is the address of a structure with the following format:
The following table defines the break-in block fields:
| Field |
Description |
|
Type
|
Unsigned longword containing two pieces of information: the types of
the matched record and the status of the suspect---SUSPECT or INTRUDER.
The possible values for the record type are TERM_USER, TERMINAL,
USERNAME, and NETWORK. The possible values for the status are SUSPECT
or INTRUDER. These constants are defined in $CIADEF in STARLET.
The implication is that each type will have two bits set: one bit
represents the status, and the other bit represents the record type.
|
|
Count
|
Unsigned longword containing the number of login failures or break-in
attempts made by the specified intruder or suspect.
|
|
Time
|
Quadword time format indicating the time when the record will expire.
|
flags
| OpenVMS usage: |
mask_longword |
| type: |
longword (unsigned) |
| access: |
read only |
| mechanism: |
by value |
Type of records in the intrusion database about which information is to
be returned. The flags argument is a longword bit mask
wherein each bit corresponds to an option.
Each option has a symbolic name. The $CIADEF macro defines the
following valid names:
| Symbolic Name |
Description |
|
CIA$M_ALL
|
All records will be shown. If the
flags argument is omitted, this value is assumed.
|
|
CIA$M_INTRUDERS
|
Only intruder records matching the criteria specified by the
user_criteria argument will be returned. The value of
the flag field in the break-in block will always be 1.
|
|
CIA$M_ITEMLIST
|
If FALSE, the
user_criteria argument is a character string. If TRUE,
this argument is a 32-bit item list.
|
|
CIA$M_SUSPECTS
|
Only suspect records matching the criteria specified by the
user_criteria argument will be returned. The value of
the flag field in the break-in block will always be 0.
|
Each of these options is mutually exclusive.
context
| OpenVMS usage: |
context |
| type: |
longword (unsigned) |
| access: |
write only |
| mechanism: |
by reference |
Context information to keep between related calls to the
$SHOW_INTRUSION service. The context argument is the
address of a longword that receives a context from the service.
The initial value contained in the unsigned longword pointed to by the
context argument must be 0. The contents of the
unsigned longword must not be changed after the service has set its
value. If the contents of the context argument are
changed between calls to the service, SS$_BADCONTEXT will be returned.
Contexts become invalid after one-half hour of non-use. This means that
if you call the $SHOW_INTRUSION service with a wildcard in the
user_criteria argument and do not call the service to
get the next matching record within one-half hour, the context becomes
invalid. If the context has become invalid, you must restart your
search of the intrusion database from the beginning by resetting the
context to 0.
Description
The Show Intrusion service returns information about records in the
intrusion database that match the criteria you specify.
You can retrieve information about multiple records in the intrusion
database by specifying wildcards for the user_criteria
argument. For example, specifying an asterisk (*) for the
user_criteria argument and CIA$M_ALL_RECORDS for the
flags argument will return information about all
records in the database. Specifying TTA4* for the
user_criteria argument and CIA$M_SUSPECTS_ONLY for the
flags argument will return information about all
suspects who have had failures on terminal TTA4.
If you specify a wildcard string for the user_criteria
argument, you must also include a context argument.
Because the service can only return information about one intrusion
record at a time, you must call the service repeatedly to retrieve
information about more than one record. The service will return
SS$_NOMOREITEMS when information about all of the matching records has
been returned. No intrusion information is returned from the call that
returns SS$_NOMOREITEMS.
Required Access or Privileges
SECURITY privilege is required.
Required Quota
None
Related Services
$DELETE_INTRUSION, $SCAN_INTRUSION
Condition Values Returned
|
SS$_NORMAL
|
The service completed successfully.
|
|
SS$_ACCVIO
|
The
user_criteria or
context argument cannot be read, or the
intruder,
intruder_len,
breakin_block, or
context argument cannot be written.
|
|
SS$_BADBUFLEN
|
The length of one of the specified arguments is out of range.
|
|
SS$_BADCONTEXT
|
The
context argument did not contain a 0 on the first call
to the service. The
context argument's value changed between consecutive
calls to the service.
|
|
SS$_BADPARAM
|
An invalid value was specified in the
flags argument, or mutually exclusive options were
specified in the
flags argument.
|
|
SS$_NOMOREITEMS
|
All items matching the specified criteria have been returned.
|
|
SS$_NOSECURITY
|
The caller does not have SECURITY privilege.
|
|
|
|
|
This service can also return any of the following messages passed from
the security server:
|
|
SECSRV$_NOSUCHINTRUDER
|
No records matching the specified criteria were found in the intrusion
database.
|
|
SECSRV$_SERVERNOTACTIVE
|
The security server is not currently active. Try the request again
later.
|
$SIGNAL_ARRAY_64
Returns the address of a 64-bit signal array. A 32-bit signal array and
a mechanism array are passed to a condition handler when it is called.
$SIGNAL_ARRAY_64 provides the address of the 64-bit signal array, which
might be required for programs that use 64-bit address space.
This service accepts 64-bit addresses.
Format
SYS$SIGNAL_ARRAY_64 mcharg, sigarg_64
C Prototype
int sys$signal_array_64 (unsigned __int64 mcharg, unsigned __int64
sigarg_64);
Arguments
mcharg
| OpenVMS usage: |
mechanism array |
| type: |
vector quadword (unsigned) |
| access: |
read only |
| mechanism: |
by 32- or 64-bit reference, array reference |
The mechanism array. The mcharg argument is the 32- or
64-bit address of this array, which was passed to the condition
handler. $SIGNAL_ARRAY_64 uses this structure to determine the 64-bit
signal array address.
sigarg_64
| OpenVMS usage: |
64-bit signal array |
| type: |
vector quadword (unsigned) |
| access: |
write only |
| mechanism: |
by 32- or 64-bit reference, array reference |
The 32- or 64-bit address of the 64-bit signal array is returned in
this argument.
Description
$SIGNAL_ARRAY_64 provides the address of the 64-bit version of the
signal array for condition handlers that need it. It is normally needed
only by applications that use 64-bit address space and want to handle
errors involving addresses in that region.
For example, if an access violation occurs on a 64-bit address, the
32-bit signal array passed to the handler will contain only the low 32
bits of the effective address, because each entry is a longword. The
64-bit signal array, which can be obtained using this service, contains
quadword entries, so the 64-bit address can be fully expressed.
Required Access or Privileges
None
Required Quota
None
Related Services
$PUTMSG, which accepts either a 32-bit or 64-bit signal array as an
argument.
Condition Values Returned
|
SS$_NORMAL
|
The service completed successfully.
|
|
SS$_ACCVIO
|
The
sigarg_64 argument cannot be written.
|
|
SS$_BADPARAM
|
The
mcharg argument is not a mechanism array in the
expected format.
|
$SNDERR
Writes a user-specified message to the system error log file, preceding
it with the date and time.
Format
SYS$SNDERR msgbuf
C Prototype
int sys$snderr (void *msgbuf);
Argument
msgbuf
| OpenVMS usage: |
char_string |
| type: |
character-coded text string |
| access: |
read only |
| mechanism: |
by descriptor--fixed-length string descriptor |
Message to be written to the error log file. The
msgbuf argument is the address of a character string
descriptor pointing to the message text.
Description
The Send Message to Error Logger service writes a user-specified
message to the system error log file, preceding it with the date and
time. The $SNDERR service requires system dynamic memory.
Required Access or Privileges
To send a message to the error log file, the calling process must have
BUGCHK privilege.
Required Quota
None
Related Services
$ALLOC, $ASSIGN, $BRKTHRU, $BRKTHRUW, $CANCEL, $CREMBX, $DALLOC,
$DASSGN, $DELMBX, $DEVICE_SCAN, $DISMOU, $GETDVI, $GETDVIW, $GETMSG,
$GETQUI, $GETQUIW, $INIT_VOL, $MOUNT, $PUTMSG, $QIO, $QIOW, $SNDJBC,
$SNDJBCW, $SNDOPR
Condition Values Returned
|
SS$_NORMAL
|
The service completed successfully.
|
|
SS$_ACCVIO
|
The message buffer or buffer descriptor cannot be read by the caller.
|
|
SS$_INSFMEM
|
The system dynamic memory is insufficient for completing the service.
|
|
SS$_NOPRIV
|
The process does not have the required BUGCHK privilege.
|
$SNDJBC
Creates, stops, and manages queues and the batch and print jobs in
those queues. The $SNDJBC service completes asynchronously; to
synchronize the completion of most operations, use the Send to Job
Controller and Wait ($SNDJBCW) service.
Format
SYS$SNDJBC [efn] ,func [,nullarg] [,itmlst] [,iosb] [,astadr] [,astprm]
C Prototype
int sys$sndjbc (unsigned int efn, unsigned short int func, unsigned int
nullarg, void *itmlst, struct _iosb *iosb, void
(*astadr)(__unknown_params), int astprm);
Arguments
efn
| OpenVMS usage: |
ef_number |
| type: |
longword (unsigned) |
| access: |
read only |
| mechanism: |
by value |
Number of the event flag to be set when $SNDJBC completes. The
efn argument is a longword containing this number;
however, $SNDJBC uses only the low-order byte.
When you queue the request, $SNDJBC clears the specified event flag (or
event flag 0 if efn was not specified). Then, when the
operation completes, $SNDJBC sets the specified event flag (or event
flag 0).
func
| OpenVMS usage: |
function_code |
| type: |
word (unsigned) |
| access: |
read only |
| mechanism: |
by value |
Function code specifying the function that $SNDJBC is to perform. The
func argument is a word containing this function code.
The $SJCDEF macro defines the names of each function code.
You can specify only one function code in a single call to $SNDJBC.
Most function codes require or allow for additional information to be
passed in the call. You pass this information by using the
itmlst argument, which specifies a list of one or more
item descriptors. Each item descriptor in turn specifies an item code,
which modifies, restricts, or otherwise affects the action designated
by the function code.
nullarg
| OpenVMS usage: |
null_arg |
| type: |
longword (unsigned) |
| access: |
read only |
| mechanism: |
by value |
Placeholding argument reserved to HP.
itmlst
| OpenVMS usage: |
item_list_3 |
| type: |
longword (unsigned) |
| access: |
read only |
| mechanism: |
by reference |
Item list supplying information to be used in performing the function
specified by the func argument. The
itmlst argument is the address of the item list. The
item list consists of one or more item descriptors, each of which
specifies an item code. The item list is terminated by an item code of
0 or by a longword of 0. The following diagram depicts the structure of
a single item descriptor:
The following table defines the item descriptor fields:
| Descriptor Field |
Definition |
|
Buffer length
|
A word specifying the length of the buffer; the buffer either supplies
information to be used by $SNDJBC or receives information from $SNDJBC.
The required length of the buffer varies, depending on the item code
specified, and is given in the description of each item code.
|
|
Item code
|
A word containing an item code, which identifies the nature of the
information supplied for use by $SNDJBC or received from $SNDJBC. Each
item code has a symbolic name. The $SJCDEF macro defines these symbol
names.
|
|
Buffer address
|
A longword containing the address of the buffer that specifies or
receives the information.
|
|
Return length address
|
A longword containing the address of a word to receive the length (in
bytes) of information returned by $SNDJBC. If you specify this address
as 0, no length is returned.
|
The item codes' symbolic names have the following format:
There are three types of item code:
- Boolean item code. Boolean item codes specify a true or false
value: the form SJC$_code specifies a true value; SJC$_NO_code
specifies a false value. The default value for the Boolean item codes
is false. For all Boolean item codes, the buffer length, buffer
address, and return length fields of the item descriptor must be 0.
- Input value item code. Input value item codes specify an input
value to be used by $SNDJBC. The buffer length and buffer address
fields of the item descriptor must be nonzero; the return length field
must be 0. Specific buffer length requirements are given in the
description of each item code.
- Output value item code. Output value item codes specify a buffer
for information returned by $SNDJBC. The buffer length and buffer
address fields of the item descriptor must be nonzero; the return
length field can be 0 or nonzero. Specific buffer length requirements
are given in the description of each item code.
Several item codes specify a queue name, form name, or characteristic
name. For these item codes, the buffer must specify a string containing
from 1 to 31 characters, exclusive of spaces, tabs, and null
characters, which are ignored. Allowable characters in the string are
uppercase alphabetic characters, lowercase alphabetic characters (which
are converted to uppercase), numeric characters, the dollar sign ($),
and the underscore (_).
iosb
| OpenVMS usage: |
io_status_block |
| type: |
quadword (unsigned) |
| access: |
write only |
| mechanism: |
by reference |
I/O status block into which $SNDJBC writes the completion status after
the requested operation has completed. The iosb
argument is the address of the I/O status block.
At request initiation, $SNDJBC sets the value of the quadword I/O
status block to 0. When the requested operation completes, $SNDJBC
writes a condition value in the first longword of the I/O status block.
It writes the value 0 into the second longword; this longword is unused
and reserved for future use.
The condition values returned by $SNDJBC in the I/O status block are
usually condition values from the JBC facility. These condition values
are defined by the $JBCMSGDEF macro. In some cases, the condition value
returned by $SNDJBC can be an error return from a system service or an
OpenVMS RMS service that is used in executing the request. For the
SJC$_SYNCHRONIZE_JOB request, the condition value returned is the
completion status of the requested job.
The condition values returned from the JBC facility are listed in the
Condition Values Returned in the I/O Status Block section.
Though this argument is optional, HP strongly recommends that you
specify it, for the following reasons:
- If you are using an event flag to signal the completion of the
service, you can test the I/O status block for a condition value to be
sure that the event flag was not set by an event other than service
completion.
- If you are using the $SYNCH service to synchronize completion of
the service, the I/O status block is a required argument for $SYNCH.
- The condition value returned in R0 and the condition value returned
in the I/O status block provide information about different aspects of
the call to the $SNDJBC service. The condition value returned in R0
gives you information about the success or failure of the service call
itself; the condition value returned in the I/O status block gives you
information about the success or failure of the service operation.
Therefore, to accurately assess the success or failure of the call to
$SNDJBC, you must check the condition values returned in both R0 and
the I/O status block.
astadr
| OpenVMS usage: |
ast_procedure |
| type: |
procedure value |
| access: |
call without stack unwinding |
| mechanism: |
by reference |
AST service routine to be executed when $SNDJBC completes. The
astadr argument is the address of this routine.
|
