Trailing-Edge
-
PDP-10 Archives
-
cuspbinsrc_1of2_bb-x128c-sb
-
10,7/fildae/fildae.rno
There is 1 other file named fildae.rno in the archive. Click here to see a list.
.blank 10
.ps 67,70
.title SYSTEM PROGRAMMING PROCEDURES#
.subtitle FILDAE.RNO
.center
FILDAE
.skip 1
.center
File Daemon
.skip 15
.literal
Date: November 1979
File: FILDAE.RNO
Version: 1
.end literal
.skip 15
The information in this document is subject to change without
notice and should not be construed as a commitment by Digital
Equipment Corporation. Digital Equipment Corporation assumes
no responsibility for any errors that may appear in this
document.
.skip 1
The software described in this document is furnished under
a lisence and may be used and copied only in accordance
with the terms of such lisence.
.skip 1
Digital Equipment Corporation assumes no responsibility for
the use and reliability of its software on
equipment that is not supplied by Digital.
.skip 4
Copyright (C) 1977 Digita1 Equipment Corp., Maynard, Mass.
.page
.center
^&CONTENTS\&
.page
.hl 1 introduction
The File Daemon provides extended file protection.
The File Daemon described in this document is a prototype
that you may use to help you in understanding the monitor
support for this feature. The File Daemon is supplied only to serve
as a prototype for the File Daemon you may desire at
your installation.
.b1
Installations will have varying types of
accounting and file security measures at these
installations. Therefore, each installation's File
Daemon may be written to account for these differences and
varying requirements. The DIGITAL-supplied prototype File
Daemon supports access lists and access logging that is performed
on a user's or a system administrator's request.
.hl 1 user interface
The File Daemon allows any user to specify who can
and who cannot access his files. Each user
may create a file called ACCESS.USR
(which is described in section 1.3). This file optionally
lists the names of some or all of that user's files and specifies,
on an individual file basis, the users who can and cannot access
those files. Under specific conditions, the File Daemon
examines the user's ACCESS.USR file and may record information,
in a separate file called ACCESS.LOG,
regarding specific access requests to the listed files.
Note that ACCESS.USR can be created only by the owner
of the particular directory or by a job running under
[1,2].
.hl 1 The File Daemon
The monitor calls the File Daemon (only if the monitor feature
test switch FTFDAE = -1) each time that someone tries to access
a file that has a 4, 5, 6, or 7 protection code in the owner's
protection code field and the access fails due to a protection
error or due to any protection error because of the directory
protection code.
.b1
For example, if you protect a file against a
specific user and that user attempts to access your file
(e.g., LOOKUP, ENTER, RENAME), the monitor suspends the
execution of the user's program and it sends a
message to the File Daemon.
This message includes the type of access the user is attempting
and that user's project-programmer number. The File Daemon
is given control, and it looks for your file called
ACCESS.USR. ACCESS.USR must be on the same file structure
and in
the same directory
area as the file being accessed.
.b1
After examining ACCESS.USR, the File Daemon
returns to the monitor the highest type of access you have specified
that this user can have to your file. Then, it logs the access
request in ACCESS.LOG (if you set the /LOG switch
in your ACCESS.USR file; refer to Table 1).
.b1
All of this occurs, even when you attempt to access
your own files, if those files have a 4, 5, 6, or
7 protection code
in the owner's protection code field.
However, as the file's owner, you can read your file and change
the file's protection code without having the File Daemon
called. Depending on the information you specified in your
ACCESS.USR file, the File Daemon either grants or denies
access to the accessing user.
.skip 1
If the monitor attempts to pass control to the File Daemon, but
it is not running, the accessing user is denied access to the
file unless the program has full file access rights ([1,2] or JACCT). The
same result occurs when one of the following conditions occurs:
.list
.le
The File Daemon cannot find ACCESS.USR in the same path as
the file being accessed.
.le
The File Daemon cannot find ACCESS.USR
in a higher-level directory, when a scan up the
directory structure is made.
.end list
If the File Daemon finds ACCESS.USR but cannot find the
accessed file name in ACCESS.USR, the File Daemon denies that
user access to your file. The File Daemon also
denies access to that user if
the File Daemon finds the specified file name in
ACCESS.USR; but, the
project-programmer number does not match any of the project-
programmer numbers you have specified that may have access
to your file.
.skip 1
All files listed in your ACCESS.USR are assumed to be in
the
same User File Directory (UFD) as the file called ACCESS.USR. However,
if your ACCESS.USR is in your UFD and describes the type of
accesses to be allowed to files contained in the SFDs, the full
path to the file in the SFD must be specified before the
File Daemon will consider the file specification to match.
.b1
The File Daemon treats all file accessors the same. All accesses
to a file having a 4, 5, 6, or 7 protection code in the owners's
protection code field cause the File Daemon to be called when
a protection failure (error) results.
The File Daemon is always called when a protection error occurs
as a result of the directory protection code. Because of this
equal treatment, you should not do the following:
.list
.le
If a [1,2] job attempts to access a file that is protected
such that the File Daemon is called, that job may
be denied access to the file. This is a possible problem, for
example, if the [1,2] job is FAILSA or BACKUP and you have
denied (either implicitly or explicitly) these programs
access to your files. When you do this, your file will not be
FAILSAfed. Therefore, you must accept the responsibility of
FAILSAfing your own files.
.le
In general, full file access programs will not be allowed to read
your files. Therefore, under most circumstances, QUEUE
would not be allowed to queue a file that
was protected such that the
File Daemon was called.
.le
If the file's owner protection code field is such that the
File Daemon is called and the owner has neglected to include his
own project-programmer number in ACCESS.USR for this file, the
File Daemon grants the owner the same type of access as if a 7
were in the owner's protection code field (i.e., the owner
can only read the file or change the file's protection code.)
.le
ACCESS.USR files may be restored at arbitrary times. Therefore,
a full restore of the disk using BACKUP or FAILSA should not be
done when the File Daemon is running. If such a full restore is
done, the action may not allow BACKUP/FAILSA to restore files
that ACCESS.USR allows them to BACKUP.
.le
The CHKACC monitor call tells a program what a user's file
access privileges are. Therefore, by using CHKACC, a program
can tell if the File Daemon will be called, but the access
privileges returned by the File Daemon are not known.
.end list
.HL 1 ACCESS.USR
Every user can create his own ACCESS.USR file. Note that
ACCESS.USR files can be created only by the owner of the
specific directory or a [1,2] job. ACCESS.USR
is made up of one or more 'command lines'. Each 'command line'
must be written in the following format:
.literal
file-spec/switches=[PPN]/switches,...,[ppn]/switches
.end literal
The file-spec is a full file specification (i.e., device:
filename.extension [path]). The File Daemon scans each
line in ACCESS.USR until it matches a file specification on the
left of the equals sign and a PPN on the right. All access
rights will then be determined by that line (there will be no
continued scan). The user should minimally specify one of the
switches synonymous with protection codes (i.e.,
READ, EXECUTE, ALL,...) for that file specification; refer to Table 1. If no switch is
specified, a default of /NONE is provided. The possible switches
are listed in Table 1.
.b2
.center
TABLE 1
.skip 1
.center
^&ACCESS.USR Switches\&
.skip 2
.literal
!---------------!----------------------------------------------!
! ! !
! SWITCH ! MEANING !
! ! !
!---------------!----------------------------------------------!
! ! !
! /LOG ! This switch causes the File Daemon to log !
! /NOLOG ! any access attempt in the file ACCESS.LOG. !
! ! If this switch is specified, a LOG entry !
! ! is appended to the end of ACCESS.LOG, which !
! ! is found in the same directory as your !
! ! ACCESS.USR. The log entry includes the !
! ! following: !
! ! !
! ! the date of the access !
! ! the time of the access !
! ! the job number of the accessing job !
! ! the PPN and name associated with the !
! ! accessing job !
! ! the name of the accessing program !
! ! the type of access attempted !
! ! the full file specification of the !
! ! access file !
! ! the access permitted, detailing !
! ! whether access was permitted !
! ! to the file !
! ! !
!---------------!----------------------------------------------!
.end literal
.page
.center
Table 1 (Continued)
.b1
.center
^&ACCESS.USR Switches\&
.b2
.literal
!---------------!----------------------------------------------!
! ! !
! SWITCH ! MEANING !
! ! !
!---------------!----------------------------------------------!
! ! !
! ! If the /EXIT or /CLOSE switch is also spec- !
! ! ified, the following information is also !
! ! included in the LOG entry (both the initial !
! ! entry and when the file is closed) !
! ! !
! ! the accessing job's run time !
! ! kilo-core-seconds !
! ! disk reads !
! ! disk writes !
! ! !
! ! If the File Daemon cannot find ACCESS.LOG !
! ! in your area, it creates one, giving it the !
! ! same protection code as your ACCESS.USR. !
! ! Note that the File Daemon can always access !
! ! ACCESS.USR and ACCESS.LOG. !
! ! !
! /LOG:n ! The /LOG switch allows logging based on the !
! ! switch value. The following are the legal !
! ! switch values: !
! ! !
! ! ALL - Log all access attempted (same !
! ! as /LOG.) !
! ! !
! ! NONE - Do not log accesses (same as !
! ! /NOLOG.) !
! ! !
! ! SUCCESSES - Log only those accesses !
! ! that were permitted to succeed. !
! ! !
! ! FAILURES - Log only those accesses !
! ! that were not permitted.
! ! !
! /CLOSE ! If the /LOG switch and the /CLOSE switch !
! /NOCLOSE ! are specified, the File Daemon makes the !
! ! log entry when the file is closed. !
! ! !
! /EXIT ! If a program is executing and the /LOG and !
! /NOEXIT ! /EXIT switches have been specified, the !
! ! File Daemon makes the log entry when the !
! ! program has finished execution. !
! ! !
! /CREATE ! The /CREATE switch allows a user who would !
! /NOCREATE ! ordinarily not be allowed to create files !
! ! in your directory to do so. This switch is !
! ! used in conjunction with one of the ACCESS. !
! ! USR switches that are synonmous with pro- !
! ! tection codes (e.g., /RENAME). This switch !
! ! can appear on either side of the equal sign !
! ! An example of a command line with the !
! ! /CREATE switch is as follows !
! ! !
!---------------!----------------------------------------------!
.end literal
.page
.center
Table 1 (Continued)
.b1
.center
^&ACCESS.USR Switches\&
.b2
.literal
!---------------!----------------------------------------------!
! ! !
! SWITCH ! MEANING !
! ! !
!---------------!----------------------------------------------!
! ! !
! ! WONDER.TST=[10,3333]/CREATE/NONE=[*,*] !
! ! !
! ! which allows any user to create WONDER.TST !
! ! in your directory, but none of those users !
! ! may have any other access to that file. !
! ! !
! ! Another example is !
! ! !
! ! WOND.TST=[10,10]/CREATE/READ[*,*]/NONE !
! ! !
! ! which prevents all users from accessing the !
! ! file WOND.TST, but allows user [10, 10] to !
! ! create the file WOND.TST. !
! ! !
! /PROT:nnn ! This switch specifies the protection code !
! ! with which a file will be created. This !
! ! switch is allowed only on the left side of !
! ! The equal sign. The value nnn must be an !
! ! octal number in the range 0-777. The file !
! ! is created with the specified protection !
! ! code if the following conditions occur: !
! ! !
! ! l. The /PROTECTION switch is specified. !
! ! !
! ! 2. The File Daemon is called because a !
! ! user attempts to create a file in !
! ! directory protected against that !
! ! user. !
! ! !
! ! 3. The File Daemon allows the user to !
! ! create the file (determined by the !
! ! contents of ACCESS.USR). !
! ! !
! /PROG:file ! This switch allows the specified program to !
! ! have the desired type of access to the file !
! ! This switch can appear only on the right !
! ! side of the equal sign in the command line. !
! ! For example: !
! ! !
! ! ONE.TST/READ=[10,10],[10,65]/WRITE,[1,2] !
! ! !
! ! /PROGRAM:SYS:BACKUP !
! ! !
! ! where [10,10] jobs can read ONE.TST, and !
! ! [10,65] jobs can read and write ONE.TST, !
! ! a job logged in under [1,2] running BACKUP !
! ! can read the file. No one else can access !
! ! ONE.TST. !
! ! !
! ! You may omit the device specification or !
! ! !
!---------------!----------------------------------------------!
.end literal
.page
.center
Table 1 (Continued)
.b1
.center
^&ACCESS.USR Switches\&
.b2
.literal
!---------------!----------------------------------------------!
! ! !
! SWITCH ! MEANING !
! ! !
!---------------!----------------------------------------------!
! ! !
! ! you may specify DSK: or ALL: in the file- !
! ! spec argument to the /PROGRAM switch. How- !
! ! ever, this is not a recommended procedure !
! ! because there may be potential security !
! ! violations. The File Daemon has no know- !
! ! ledge of your search list; therefore, DSK: !
! ! is treated identically to ALL:. It is !
! ! recommended that the device name be either !
! ! a file structure name or an ersatz device !
! ! (LIB: is not allowed, however). !
! ! !
! /XONLY ! The /XONLY switch, when it appears in con- !
! ! junction with the PROGRAM switch, considers !
! ! the specified program to match the program !
! ! doing the accessing, only if this accessing !
! ! program is Execute-only. !
! ! !
! /ALL ! ALL access is allowed when this switch is !
! ! specified. Specified accessors of this !
! ! file can change the protection of the file, !
! ! rename, write, execute, update, and append !
! ! to the file. (This is equal to protection !
! ! code 0.) !
! ! !
! /RENAME ! RENAME access is allowed. Specified ac- !
! ! cessors of this file can rename, execute, !
! ! write, read, update, and append to the !
! ! file. (This is equal to protection code 1.) !
! ! !
! /WRITE ! Write access is allowed. Desired accessors !
! ! of this file can write, read, execute, up- !
! ! date, and append to the file. (This is !
! ! the same as protection code 2.)
! ! !
! /UPDATE ! Update access is permitted. Specified !
! ! accessors of the file can update, append, !
! ! read, and execute the file. (This is equal !
! ! to protection code 3.) !
! ! !
! /APPEND ! Append access is allowed. Specified acces- !
! ! sors of this file can append, read, or !
! ! execute the file. (This is the same as !
! ! protection code 4.) !
! ! !
! /READ ! Read access is allowed. Specified acces- !
! ! sors of this file can read or execute the !
! ! file. (This is the same as protection code !
! ! 5.) !
! ! !
!---------------!----------------------------------------------!
.end literal
.page
.center
Table 1 (Continued)
.b1
.center
^&ACCESS.USR Switches\&
.b2
.literal
!---------------!----------------------------------------------!
! ! !
! SWITCH ! MEANING !
! ! !
!---------------!----------------------------------------------!
! ! !
! /EXECUTE ! Execute access is permitted. Specified !
! ! accessors of this file can only execute the !
! ! file. (This is the same as protection code !
! ! 6.)
! ! !
! /NONE ! No access is allowed to the file. (This is !
! ! the same as protection code 7.) !
! ! !
! /NAME:uname ! This switch allows a user with the !
! ! specified user name to have the desired !
! ! type of access to the file. For example: !
! ! !
! ! ONE.TXT=[*,*]/NAME:"USER 1"/READ, !
! ! [*,*]/NONE !
! ! !
! ! where any user with user name "USER 1" can !
! ! read ONE.TXT and all others have no access !
! ! privileges. !
! ! !
! /ACCOUNT:acst ! This switch is similar to the /NAME switch !
! ! but file access is restricted to those !
! ! users which have the specified account !
! ! string. !
! ! !
!---------------!----------------------------------------------!
.end literal
You create an ACCESS.USR to specify for each file which
project-programmer numbers can access it and what
type of access those accessors can have.
The switches indicate the type of access allowed.
.b1
Switches appearing on the left side of the equals sign affect
all project-programmer numbers appearing on the
right side of the equals sign. However, with the
exception of the /PROTECTION
switch, the switch on the left side can be overridden for one or more
project-programmer numbers specified on the right side of
the equal sign.
You can override the switches by explicitly specifying another switch.
For example, if the following line appeared in your
ACCESS.USR file:
.literal
TST.TST/ALL=[10,*],[11,*],[27,*],[17,*]/NONE
.end literal
The File Daemon will allow all members of projects
10, 11, and 27 to have complete access to the file TST.TST.
However, members of project 17 will be denied accces
to TST.TST. For project-programmer numbers other
than 10, 11, 27, 17, the File Daemon
will search for a later TST.TST that contains the accessing
job's project-programmer number. If no match is found, the accessing user's request is denied.
.b1
Full wild card specifications are allowed both on
the left and right sides of the equal sign.
Comments and continuation lines are allowed in ACCESS.USR.
A comment on a line or a comment line must begin with
a semicolon or an explanantion point. A continuation
line is indicated by inserting a hyphen (minus sign) immediately
proceeding the carriage return that terminates
the current line. If there is a syntax error in a line in
ACCESS.USR, that line is ignored. You should ensure the
accuracy of your own ACCESS.USR files by
proofing carefully. If the following line were in your
ACCESS.USR file:
.literal
FOO.BAR+[*,*]
.end literal
The line will be ignored because a + sign appears where an =
sign should appear. All users will be denied
access to FOO.BAR, since the File Daemon
denies access to all files not
appearing in ACCESS.USR. Since the File Daemon ignores the
line, it does not know that FOO.BAR is listed in the file.
.hl 2 Example of an ACCESS.USR File
The following is an example of an ACCESS.USR file that uses
most of the features of the File Daemon.
.B1
.LITERAL
Directory user = [13,675]
Directory protection = <700>
File Protection
ACCESS.USR <777>
ACCESS.LOG <777>
F1.TST <077> - File Daemon will not be called.
F2.TST <457> - Project may READ, otherwise call
File Daemon.
F3.TST <477> - Only owner may access without File
Daemon.
F4.TST <777> - Call File Daemon on all accesses.
ACCESS.USR
ACCESS.*/NONE=[*,*] ;No one can touch the ACCESS.USR and
ACCESS.LOG including [1,2] and JACCT
users. Note that these files cannot
be backed up if the File Daemon is
running.
ALL:*.*/READ/LOG=[1,2]/PROGRAM:SYS:BACKUP/XONLY
;Allow BACKUP (from SYS, execute
only, and running under [1,2]) to
read file and make LOG entry.
F?.TST/LOG=[10,11]/NONE,[10,*]/EXECUTE/EXIT/CLOSE
;Log Project 10 attempts to use
F1,F2,F3, catch [10,11] and permit no
access. Other project users may
EXECUTE only with additional log
entries to record statistics.
*.*/CREATE/PROTECTION:055=[12,21]/ALL,[12,17]
;[12,21] has privileges for all files
(except ACCESS.*) and may create
files which have a protection of 055.
[12,17] has no access to any file
(/NONE is a default) but may create
files. No log entries will be made.
*.*/CREATE/PROTECTION:777/LOG=[123,456]/NONE
;[123,456] may create files at will
but may not access them (e.g., a
student turning in homework).
*.*[13,675,A]/ALL/PROTECTION:057/CREATE=[1,2]/LOG
;[1,2] has all privileges in this SFD
and may create files with a
protection of 057.
[13,675].UFD/LOG/READ=[*,*] ;Anyone may read this directory as a
file.
F3.TST/LOG=[12,3]/EXECUTE
*.*/LOG=[12,3]/NONE ;[12,3] may execute F3.TST and
nothing else.
*.*=[*,*]/NONE ;No other access is granted and no
LOG entry is made.
.end literal
Note that entries are scanned from left to right and top to bottom.
The scan stops on the first match of a file name of the
left side of the equal sign
and a project-programmer number on the right
side of the equal sign. When you create
your ACCESS.USR file, you should take care to see that a wild card specification
will not match in a line earlier than a
specific specification in a later line.
As a general rule, place specific statements first in the
ACCESS.USR file, followed by more general
"catch alls". If you want to log entries, you must use the /LOG
switch (and any of the other switches) on every line
for which that switch applies.
.hl 1 Monitor Interface to a File Daemon
A File Daemon is a privileged program that can
be used for the following purposes:
.list
.le
overseeing file accesses
.le
aiding in proprietary billing
.le
tracking program usage
.end list
The interface between the monitor and a File
Daemon that is described in this section is
supplied and supported by Digital.
.b1
There is a privileged program called the File
Daemon. Digital supplies one unsupported version of a File
Daemon, which is described in the above sections of this
document. But, each installation should write
their own File Daemon, because each installation
will vary on its requirements
for such a program.
.b1
When a File Daemon is running, the monitor calls it
every time someone tries to access a file
or a directory that has a 4, 5, 6, or 7 code in the
owner's protection code field and the access fails due to the
protection error. In order that the monitor knows there is a File Daemon, the
following must occur:
.list
.le
The feature test switch F%FDAE must be set to -1, to enable the condition.
.le
The program that will be the File Daemon
must be privileged (i.e., it must be running
under [1,2] or running with the JACCT bit set.)
.le
This program must send an IPCF request to [SYSTEM]
IPCC (code 6, .IPCSC) requesting
a special PID (refer to Chapter 11 of the Monitor Calls
Manual).
.le
This program must then send a request to [SYSTEM]IPCC
specifying code 24 (.IPCWP). This code requests that the
File Daemon's PID be entered in the Special PID
table.
.end list
After each request to [SYSTEM]IPCC, the File Daemon receives
verification that the function occurred. After the verification resulting from the File
Daemon specifying code 24, the monitor sends an IPCF packet to the File
Daemon each time that a protection failure occurs on a
file or a directory.
.b1
The message portion of the IPCF packet that the monitor sends to the File
Daemon when a protection failure occurs has the following format:
.literal
!-----------------!-----------------!
! type of access ! code !
!-----------------!-----------------!
! file structure name !
!-----------------------------------!
! file name !
!-----------------------------------!
! file name extension !
!-----------------!-----------------!
! project number ! programmer num. !
!-----------------!-----------------!
! sub-file directory 1 or 0 !
!-----------------------------------!
! sub-file directory 2 or 0 !
!-----------------------------------!
! sub-file directory 3 or 0 !
!-----------------------------------!
! sub-file directory 4 or 0 !
!-----------------------------------!
! sub-file directory 5 or 0 !
!-----------------------------------!
.end literal
.lm8
.indent -8
Where: type of access is the type of access being attempted
to the file. The Access Type Codes are Listed in Table 2.
.b1
code is a File Daemon code, all of which are listed in
Table 3.
.lm0
.b1
The remaining words in the IPCF packet message are the
full file specification for the file being accessed.
.b2
.center
Table 2
.b1
.center
Access Codes
.b2
.literal
!------!------------!-------------------------!
! code ! mnemonic ! meaning !
!------!------------!-------------------------!
! ! ! !
! 0 ! FNCNAA ! No access is allowed. !
! 1 ! FNCEXE ! Execute. !
! 2 ! FNCRED ! Read. !
! 3 ! FNCALL ! Allocate. !
! 4 ! FNCDLL ! Deallocate. !
! 5 ! FNCAPP ! Append. !
! 6 ! FNCUPD ! Update. !
! ! ! !
!------!------------!-------------------------!
.end literal
.page
.center
Table 2 (Continued)
.b1
.center
Access Codes
.literal
!------!------------!-------------------------!
! code ! mnemonic ! meaning !
!------!------------!-------------------------!
! 7 ! FNCCRE ! Create. !
! 10 ! FNCSUP ! Supersede. !
! 11 ! FNCTRN ! Truncate. !
! 12 ! FNCCAT ! Change attributes. !
! 13 ! FNCDEL ! Delete. !
! 14 ! FNCCNM ! Change name. !
! 15 ! FNCCPR ! Change protection. !
! ! ! !
!------!------------!-------------------------!
.end literal
.b2
.center
Table 3
.b1
.center
File Daemon Codes
.b1
.literal
!------!------------!------------------------------------------!
! ! ! !
! code ! mnemonic ! meaning !
! ! ! !
!------!------------!------------------------------------------!
! ! ! !
! 1 ! .FLDCA ! The accessing program has performed a !
! ! ! LOOKUP, ENTER, or RENAME and a protec- !
! ! ! tion failure occured. !
! ! ! !
! 2 ! .FLDIC ! As a result of a previous call to the !
! ! ! File Daemon, it requested that it be !
! ! ! called when the program issues a CLOSE. !
! ! ! This code is set as the result of the !
! ! ! program issuing an input CLOSE. Refer !
! ! ! to Table 5, flag bit 1. !
! ! ! !
! 3 ! .FLDOC ! As a result of a previous call to the !
! ! ! File Daemon, it requested that it be !
! ! ! called when the program issues a CLOSE. !
! ! ! This code is set as the result of the !
! ! ! program issuing an output CLOSE. Refer !
! ! ! to Table 5, flag bit 1. !
! ! ! !
! 4 ! .FLDXT ! This code is set as a result of a !
! ! ! previous call to the File Daemon, which !
! ! ! occurred because a job tried to issue !
! ! ! a R, RUN, or GET command or a RUN !
! ! ! monitor call and a protection error re- !
! ! ! sulted. The File Daemon requested that !
! ! ! the monitor call it when the accessing !
! ! ! program has terminated execution. The !
! ! ! termination of a program's execution is !
! ! ! defined by the terminal user or by the !
! ! ! batch .CTL file, either of which may !
! ! ! type something that logically super- !
! ! ! sedes the core image. The program may !
! ! ! also terminate its own execution by !
! ! ! performing a RUN monitor call. Refer to !
! ! ! Table 5, flag bit 2. !
! ! ! !
!------!------------!------------------------------------------!
.end literal
.page
.center
Table 3 (Continued)
.b1
.center
File Daemon Codes
.b1
.literal
!------!------------!------------------------------------------!
! ! ! !
! code ! mnemonic ! meaning !
! ! ! !
!------!------------!------------------------------------------!
! ! ! !
! 5 ! .FLDPG ! The File Daemon is called because a job !
! ! ! tried to execute a protected program by !
! ! ! issuing a R, RUN, or GET command or a !
! ! ! a RUN monitor call. !
! ! ! !
! 6 ! .FLDDA ! The File Daemon is called because a !
! ! ! directory protection failure occurred. !
! ! ! !
!------!------------!------------------------------------------!
.end literal
.b1
The File Daemon responds to the monitor by sending the monitor
an IPCF packet. The packet's message is in the
following format:
.literal
!-----------------!---------!---------!
! ! ! job !
! reserved ! reserved! number !
! ! ! !
!-----------------!---------!---------!
! ! ! ! !
!flags! 0 !create ! access !
! ! ! ! !
!-----!---!-------!-------------------!
0 3 4 8 9 17 18 27 28 35
.end literal
.b1
.lm8
.indent -8
Where: job number is the number of the job
attempting to access a file.
.b1
flags are bits 0 through 3 which are described in
Table 4.
.b1
create is the protection code at which the file
will be created if job number is
creating a file.
.b1
access is the highest access this job is allowed
to this file. Refer to Table 3.
.lm0
.b1
The monitor grants or denies the job's access to the file
based on the access value and the type of access specified by the
accessing job. If the access value in the
packet from the File Daemon to the monitor is greater than or
equal to the type of access the accessing job desired, the
monitor grants the job access to the file.
.page
.b2
.center
Table 4
.center
File Daemon Flags
.b2
.literal
!------!------------!------------------------------------------!
! ! ! !
! code ! mnemonic ! meaning !
! ! ! !
!------!------------!------------------------------------------!
! ! ! !
! 0 ! FL.DAA ! The monitor is to call the File Daemon !
! ! ! every time this file is accessed. For !
! ! ! example, if this bit is not set and the !
! ! ! program did a RENAME before a LOOKUP, !
! ! ! the File Daemon would get called only !
! ! ! on the LOOKUP. !
! ! ! !
! 1 ! FL.DCL ! The File Daemon is called when the file !
! ! ! is CLOSED. !
! ! ! !
! 3 ! FL.DXT ! The File Daemon is called when this !
! ! ! program's execution is terminated. !
! ! ! !
! 3 ! FL.DSP ! If the program is attempting to create !
! ! ! a file and this bit is set, the monitor !
! ! ! assumes that the protection code for !
! ! ! the file is in bits 9 through 17 of !
! ! ! this word. !
! ! ! !
!------!------------!------------------------------------------!
.end literal