HP 3000 Manuals HP 3000 Manuals
Managing Accounts
The native mode spooler's directory structure consists of the following:
Reserved Account: HPSPOOL
Reserved Groups: OUT
IN
All device name groups
Reserved User: MGR
Controlling spool file disk allocation
The HPSPOOL account and all its reserved groups reside on the system
volume set. The NMS creates them there. You should not relocate them to
a private volume set.
You can, however, control on which of the system volumes spool files may
be allocated disk space. When it determines where to allocate spool file
disk space, the system looks for members of the system volume set that
have been configured as volume class SPOOL. If at least one volume exists
with volume class SPOOL, spool files are allocated disk space only on the
one or more volumes configured as volume class SPOOL.
If none of the system volumes are in volume class SPOOL, spool files may
be allocated disk space on any of the system volumes configured as DISC.
File space limits
Since spool files are normal MPE/iX disk files in an ordinary account
structure, the configuration for NUMBER OF SECTORS PER SPOOL FILE EXTENT
and MAX NUMBER OF SPOOL FILE KILOSECTORS does not apply and has been
deleted from the SYSGEN utility. You may control the amount of disk
space allocated to spool files by varying the HPSPOOL account file space
limit. You may limit input and output spool file disk space usage
independently by adjusting the IN and OUT group file space limit;
otherwise, you may set unlimited file space limits on each group. The
default file space limits set for the HPSPOOL account and its groups is
unlimited file space.
File security
File security for the HPSPOOL account and its groups are as follows:
HPSPOOL account: (R,A,W,L,X:ANY)
Groups in HPSPOOL: IN and OUT
(R,A,W,L,X,S:ANY)
Device name groups: (R,A,W,L,X,S:GU)
where R is read, A is append, W is write, L is lock, X is execute, S is
save, ANY is any user, and GU is group user.
When the HPSPOOL account is created during system startup, a user called
MGR for the HPSPOOL account is created. The existence of user MGR is
required by the account creation process. MGR.HPSPOOL has only limited
authority over spool files.
Access to users' spool files, including the ability to purge those spool
files, is granted only to the creator of a spool file and to the manager
of an account (AM) whose user creates the spool file in that account.
The user MGR and the HPSPOOL account should have passwords to prevent
unauthorized access.
CAUTION
* Never alter the account and group security provisions.
They ensure the proper operation of the NMS commands and
the other MPE/iX commands.
* Never use PURGEACCT or PURGEGROUP to remove spool files
from the HPSPOOL account or from the OUT and IN groups.
You might disable the entire spooling subsystem. Spool
File directory (SPFDIR) routines are used by high-level
file access commands. Purging a spool file, for example,
also deletes its spool file directory (SPFDIR) entry.
The PURGEGROUP and PURGEACCT commands access spool files
at a lower level and do not use SPFDIR routines. These
commands purge the spool files but leave orphaned SPFDIR
entries. You may list these orphaned entries by using
the LISTSPF command, but you cannot delete them with
SPOOLF...;DELETE. The startup of the system deletes these
orphaned entries as part of its recovery procedure.
* If you must purge spool files, use SPOOLF O@;DELETE to
clean out the appropriate group.
Access control definitions (ACD)
Access control definitions (ACDs) are used to control access to files and
devices. If an ACD is associated with a file or device, the ACD takes
precedence over other (traditional) access controls. Before a file or
device can be opened, the ACD is consulted. The ACD contains a list of
users paired with the type of access that the users are allowed.
An ACD is associated with a file or a device by pairing access modes with
users. A user is any username.accountname specification.
The modes of access are:
R Read
W Write
A Append
L Lock
X Execute
NONE none
RACD read and copy the ACD permission file
You could represent an ACD as follows:
ACD = (R,W:MGR.ACCTING, DENNIS.LEE; R:@.PAYROLL; A:@.@)
This example does not create or assign an ACD. It serves only to
illustrate the function of an ACD. This illustration represents the
assignment of access restrictions to some file. It grants Read and Write
access to users MGR.ACCTING and DENNIS.LEE, Read (only) access to all
users in the PAYROLL account, and Append access to all users on the
system.
Only those who own a file or a device may associate an ACD with it.
Files.
The owner of a file is any one of these three users:
* the creator of the file with which an ACD is associated
* a user who has AM capability in the account in which the file
resides
* a user who has SM capability on the system in which the file
resides
Devices.
The system manager (SM) is the owner of all of the devices on a system.
Creating (assigning) an ACD.
ACDs may be assigned interactively or programmatically. Interactive
assignment is accomplished with the ALTSEC command, as in this example:
ALTSEC #O1893765.OUT.HPSPOOL;NEWACD=(R:SAM.DOE;W:JOE.DOE)
This grants Read access to the output spool file to user SAM.DOE and
Write access to user JOE.DOE.
Displaying ACD information.
Three commands display information about ACDs. They are
* SHOWDEV
* LISTFILE
* LISTF
If a device belongs to more than one device class, the ACD associated
with that device is the last ACD created either for the device number or
for any of the device classes that it belongs to. Any previously created
ACDs for the device are lost when a new ACD is created for the device
number or any of the device classes that it belongs to.
Refer to Accessing Files, Programmers' Guide (32650-90017) and to the
MPE/iX Commands Reference Manual (32650-90003) for more information about
ACDs.
ACD-related errors.
The following commands return interactively the errors listed below as a
result of the changes to check for device ACDs:
* SPOOLF nn;PRINT
* SPOOLF nn;DEV=
* SPOOLF nn;UNDEFER
* ALTSPOOLFILE xx;DEV=
where nn is the spool file identification number or the file set and xx
is the output device file identification of a spool file or the logical
device number of the device where a spool file currently resides.
Interactive errors include
4626 SECURITY VIOLATION - USER DOES NOT HAVE ACCESS TO
ldev or device class. (CIERR 4626)
4669 SECURITY VIOLATION - CREATOR OF SPOOLFILE spoolid
DOES NOT HAVE ACCESS TO THE TARGET DEVICE. (CIWARN
4669)
4701 DEVICE SECURITY VIOLATION ON FILE filename.
(CIWARN 4701)
4702 USE OF PRINT OPTION REQUIRES NONSHAREABLE DEVICE
(ND) CAPABILITY TO ACCESS TARGET DEVICE OF FILE
filename. (CIWARN 4702)
More detailed information on ACDs is available in Accessing Files,
Programmers' Guide (32650-90017).
The OUT.HPSPOOL group
The NMS automatically creates the OUT.HPSPOOL group at system startup if
the group does not exist already. OUT.HPSPOOL contains only linked
output spool files. Other spool files may exist in other accounts but
they are not linked because they do not reside in the HPSPOOL account nor
do they have an entry in the spool file directory.
The IN.HPSPOOL group
The IN.HPSPOOL group contains all input spool files. Input spool files
are always linked to the spooling subsystem; therefore, IN.HPSPOOL is the
only place where you find them. The NMS automatically creates the group
IN.HPSPOOL at system startup if the group does not already exist.
The device name groups
The device name groups contain all the checkpoint files for linked output
spool files. Every output spooler creates its own device name group
according to the following rules:
* If the device name begins with a letter, the group name is the
same as the device name. For example, PP1 begins with a letter
and, therefore, the group name is PP1.
* If the device name was not explicitly configured using SYSGEN,
then the default device name consists of eight digits. Replace
the first digit with a "D" and append the remaining seven digits.
This, then, is the group name. For example, the default device
name for logical device 6 is 00000006. The device name group is
D0000006.
Each spooler creates its device only if the group does not already exist.
You must explicitly purge the group if you have sufficient capabilities
and if the group is no longer useful (as when the spooling device has
been removed from the system configuration).
The spooler process that owns the group creates and manages its
checkpoint files. Each spooler process creates one checkpoint file for a
specific output spool file no matter how many copies that process prints;
therefore, if three different devices print copies of a spool file, then
three checkpoint files exist, one in each device name group. If only one
device prints three copies of a spool file, then only one checkpoint file
exists.
When a spool file does not print completely for any reason (such as a
device power failure, file deferment, device reassignment, spooler
process suspension, or stopping), the next spooler process that prints
the spool file on the same device uses the checkpoint file for rapid
recovery. For devices supporting such recovery, output starts at the
page after the last complete page printed before the interruption.
Printing may start at another point if you enter the OFFSET option
together with the SPOOLER command.
Each spooler uses NMS file management to open and close its spool files.
When the file management routines close the spool file following its
final copy (whether the spool file is deleted or saved), all associated
checkpoint files are deleted.
If you have sufficient capability, you may purge the checkpoint files
with the PURGE command. If you should do this while the associated spool
file is still linked to the spool file directory (SPFDIR), a spooler
process printing the next copy of the spool file creates a new checkpoint
file. This means that the spooler cannot use the file for rapid
recovery, as it could have if you had not purged the first checkpoint
file.