1 INSTALL Use the Install utility (INSTALL) to enhance the performance of selected executable and shareable images, to assign enhanced privileges to images, and to support user-written system services. The system stores the name and attributes of installed images on known file lists. Format INSTALL [command] 2 Parameter command Specifies an INSTALL command. This parameter is optional. If no command is specified, the utility displays its prompt and waits for command input. 2 Description To invoke INSTALL, enter the DCL command INSTALL at the DCL prompt as follows: $ INSTALL The utility responds with the following prompt: INSTALL> You can then perform INSTALL operations by entering the appropriate INSTALL commands. To exit from the Install utility, enter the EXIT command at the INSTALL> prompt or press Ctrl/Z. Either method returns control to the DCL command level. Alternatively, you can enter a single INSTALL command on the same line as the command that invokes the utility, for example: $ INSTALL LIST/FULL SYS$SYSTEM:LOGINOUT ! File: INSTALHLP.HLP 2 /TRANSLATE The /TRANSLATE qualifier forces INSTALL to attempt a logical name translation of a file that you specify. NOTE Before you use the /TRANSLATE qualifier, you must invoke INSTALL as a foreign command: $ INSTALL = "$INSTALL" Format /TRANSLATE 3 Description Within OpenVMS, when you specify a file name without a device, directory, or file type, OpenVMS usually attempts a logical name translation of the file name before it applies device, directory, or file type defaults. However, if you specify a device, directory, or file type, OpenVMS does not attempt a logical name translation. Using the /TRANSLATE qualifier forces INSTALL to attempt a logical name translation even if a device, directory, or file type are specified. 3 Examples 1.DEFINE FILE1 FILE1_EV6 $ INSTALL = "$INSTALL" $ INSTALL INSTALL> ADD SYS$SHARE:FILE1.EXE ! SYS$SHARE:FILE1 is added as a known image The first command in this example defines FILE1 as a logical name with an equivalence name of FILE1_EV6. However, because a device (SYS$SHARE:) file type (.EXE) are supplied, INSTALL treats FILE1 as part of a file specification rather than as a logical name. 2.DEFINE FILE1 FILE1_EV6 $ INSTALL = "$INSTALL" $ INSTALL/TRANSLATE INSTALL> ADD SYS$SHARE:FILE1.EXE ! SYS$SHARE:FILE1_EV6 is added as a known image The first command in this example defines FILE1 as a logical name with an equivalence name of FILE1_EV6. Because /TRANSLATE is specified, INSTALL treats FILE1 as a logical name even though a device (SYS$SHARE:) file type (.EXE) are supplied. 2 ADD Installs the specified image file as a known image. The ADD command is a synonym for the CREATE command. Requires the CMKRNL privilege. Also requires the SYSGBL privilege to create system global sections and the PRMGBL privilege to create permanent global sections. Format ADD file-spec 3 Parameter file-spec Names the file specification of an image to be installed as a known image. The file specification must name an existing executable or shareable image. If you omit the device and directory specification, the default SYS$SYSTEM is used. The default file type is .EXE. The highest existing version of the file is used by default. However, you can specify another version of the file as the known version of the image. Even if other versions of the file exist, the version that you specify will be the version that satisfies all known file lookups for the image. 3 Qualifiers /ACCOUNTING /ACCOUNTING /NOACCOUNTING (default) Enables image-level accounting for selected images even if image accounting is disabled on the local node (by using the DCL command SET ACCOUNTING/DISABLE=IMAGE). When image accounting is enabled on the local node, it logs all images, and the /NOACCOUNTING qualifier has no effect. /ARB_SUPPORT /ARB_SUPPORT=keyword Overrides the system parameter ARB_SUPPORT for this installed image. The following table shows the keywords you can use with the /ARB_ SUPPORT qualifier: Keyword Behavior None The obsolete kernel data cells are not maintained by the system. Fields are initialized to zero or set to invalid pointers at process creation. Clear The obsolete kernel data cells are cleared or set to invalid pointers when the code would have set up values for backward compatibility. Read-only The obsolete cells are updated with corresponding security information stored in the current Persona Security Block (PSB) when a $PERSONA_ASSUME is issued. Full Data is moved from the obsolete cells to the (default) currently active PSB on any security-based operation. For more information about obsolete kernel cells, refer to the ARB_SUPPORT system parameter in online help. /AUTHPRIVILEGES /AUTHPRIVILEGES[=(priv-name[,...])] /NOAUTHPRIVILEGES Installs the file as a known image with the authorized privileges specified. Usage Notes o If a privileged image is not located on the system volume, the image is implicitly installed /OPEN. o The set of privileges for a privileged image can be empty. You must, however, list each privilege every time you define or redefine privileges. o The /AUTHPRIVILEGES qualifier applies only to executable images. o You cannot specify this qualifier for an executable image linked with the /TRACEBACK qualifier. o You cannot assign privilege names with the /NOAUTHPRIVILEGES qualifier. You can specify one or more of the privilege names described in detail in an appendix to the OpenVMS Guide to System Security. (ALL is the default.) /EXECUTE_ONLY /EXECUTE_ONLY /NOEXECUTE_ONLY (default) The /EXECUTE_ONLY qualifier is meaningful only to main programs. It allows the image to activate shareable images to which the user has execute access but no read access. All shareable images referenced by the program must be installed, and OpenVMS RMS uses trusted logical names (those created for use in executive or kernel mode). You cannot specify this qualifier for an executable image linked with the /TRACEBACK qualifier. /HEADER_RESIDENT /HEADER_RESIDENT /NOHEADER_RESIDENT Installs the file as a known image with a permanently resident header (native mode images only). An image installed header resident is implicitly also installed open. /LOG /LOG /NOLOG (default) Lists the newly created known file entry along with any associated global sections created by the installation. /OPEN /OPEN /NOOPEN Installs the file as a permanently open known image. /PRIVILEGED /PRIVILEGED[=(priv-name[,...])] /NOPRIVILEGED Installs the file as a known image with the active privileges specified. Usage Notes o If a privileged image is not located on the system volume, the image is implicitly installed /OPEN. o The set of privileges for a privileged image can be empty. o You must list each privilege every time you define or redefine privileges. o The /PRIVILEGED qualifier applies only to executable images. o You cannot specify this qualifier for an executable image linked with the /TRACEBACK qualifier. o You cannot assign privilege names with the /NOPRIVILEGED qualifier. Installing Shareable Images Installing an image with privileges declares that the image is trusted to maintain system integrity and security properly. To maintain that trust, any routine called by the privileged image must also be trusted. For this reason, any shareable images activated for use by a privileged image must be installed. Only trusted logical names (names defined in executive and kernel mode) can be used in locating shareable images to be used by a privileged image. Interaction of /PRIVILEGED and /AUTHPRIVILEGES Qualifiers When you create a new entry, the privileges you assign are also assigned for Authorized Privileges if you do not assign specific authorized privileges with the /AUTHPRIVILEGES qualifier. When you replace an image, any privileges assigned with the /PRIVILEGED qualifier are not repeated as Authorized Privileges. Also, if you use the REPLACE command with the /NOAUTHPRIVILEGES qualifier, the Authorized Privileges become the same as the Default Privileges (set using the /PRIVILEGED qualifier). You can specify one or more of the privilege names described in detail in an appendix to the OpenVMS Guide to System Security. (ALL is the default.) For examples of how to use ADD commands with /PRIVILEGES qualifiers, see the Examples section at the end of this command. /PROTECTED /PROTECTED /NOPROTECTED (default) Installs the file as a known image that is protected from user-mode and supervisor-mode write access. You can write into the image only from executive or kernel mode. The /PROTECTED qualifier together with the /SHARE qualifier are used to implement user-written services, which become privileged shareable images. /PURGE /PURGE (default) /NOPURGE Specifies that the image can be removed by a purge operation; if you specify /NOPURGE, you can remove the image only by a delete or remove operation. /RESIDENT /RESIDENT[=([NO]CODE,[NO]DATA)] Causes image code segments/sections or read-only data segments/sections to be placed in the granularity hint regions and compresses other image segments/sections, which remain located in process space. If you do not specify the /RESIDENT qualifier, neither code nor data is installed resident. If you specify the /RESIDENT qualifier without keyword arguments, code is installed resident, and data is not installed resident. On x86-64, the image must be installed with /SHARED=ADDRESS_DATA. On Alpha, the image must be linked using the /SECTION_BINDING= (CODE,DATA) qualifier. An image installed with resident code or data is implicitly installed header resident and shared. /SHARED /SHARED=[NO]ADDRESS_DATA /NOSHARED Installs the file as a shared known image and creates global sections for the image segments/sections that can be shared. An image installed shared is implicitly installed open. When you use the ADDRESS_DATA keyword with the /SHARED qualifier, P1 space addresses are assigned for shareable images. With the assigned addresses, the Install utility can determine the content of address data when the image is installed rather than when it is activated, reducing CPU and I/O time. A global section is created to allow shared access to address data image segments/sections. /WRITABLE /WRITABLE=[GALAXY[=IDENT]] /NOWRITABLE Installs the file as a writable known image when you also specify the /SHARED qualifier. The /WRITABLE qualifier applies only to images with image segments/sections that are shareable and writable. The /WRITABLE qualifier is automatically negated if the /NOSHARED qualifier is specified. On Alpha, you can use the GALAXY keyword with the /WRITABLE qualifier to place write shared image segments in Galaxy global sections. You can also use the IDENT keyword with GALAXY to include the image ident in the name of the Galaxy global section, so that multiple versions of an image can be used simultaneously in a Galaxy system. 3 Examples 1.INSTALL> ADD/OPEN/SHARED WRKD$:[MAIN]STATSHR The command in this example installs the image file STATSHR as a permanently open, shared known image. 2.INSTALL> ADD/OPEN/PRIVILEGED=(GROUP,GRPNAM) GRPCOMM The command in this example installs the image file GRPCOMM as a permanently open, known image with the privileges GROUP and GRPNAM. Any process running GRPCOMM receives the GROUP and GRPNAM privileges for the duration of the execution of GRPCOMM. The full name of GRPCOMM is assumed to be SYS$SYSTEM:GRPCOMM.EXE. 3.INSTALL> ADD/LOG GRPCOMM The command in this example installs the image file GRPCOMM as a known image and then displays the newly added known file entry. 4.INSTALL> ADD/SHARED=ADDRESS_DATA WRKD$:[MAIN]INFOSHR The command in this example installs the INFOSHR file as a shared known image and creates shared global sections for code segements/sections and read-only data segments/sections. Because the command includes the ADDRESS_DATA keyword, address data is also created as a shared global section. 2 CREATE Installs the specified image file as a known image. The CREATE command is a synonym for the ADD command. Requires the CMKRNL privilege. Also requires the SYSGBL privilege to create system global sections and the PRMGBL privilege to create permanent global sections. Format CREATE file-spec 3 Parameter file-spec Names the file specification of an image to be installed as a known image. The file specification must name an existing executable or shareable image. If you omit the device and directory specification, the default SYS$SYSTEM is used. The default file type is .EXE. The highest existing version of the file is used by default. However, you can specify another version of the file as the known version of the image. Even if other versions of the file exist, the version that you specify will be the version that satisfies all known file lookups for the image. 3 Qualifiers /ACCOUNTING /ACCOUNTING /NOACCOUNTING (default) Enables image-level accounting for the specified image even if image accounting is disabled (by using the DCL command SET ACCOUNTING/DISABLE=IMAGE). When image accounting is enabled on the local node, it logs all images, and the /NOACCOUNTING qualifier has no effect. /ARB_SUPPORT /ARB_SUPPORT=keyword Overrides the system parameter ARB_SUPPORT for this installed image. The following table shows the keywords you can use with the /ARB_ SUPPORT qualifier: Keyword Behavior None The obsolete kernel data cells are not maintained by the system. Fields are initialized to zero or set to invalid pointers at process creation. Clear The obsolete kernel data cells are cleared or set to invalid pointers when the code would have set up values for backward compatibility. Read-only The obsolete cells are updated with corresponding security information stored in the current Persona Security Block (PSB) when a $PERSONA_ASSUME is issued. Full Data is moved from the obsolete cells to the (default) currently active PSB on any security-based operation. For more information about obsolete kernel cells, refer to the ARB_SUPPORT system parameter in online help. /AUTHPRIVILEGES /AUTHPRIVILEGES[=(priv-name[,...])] /NOAUTHPRIVILEGES Installs the file as a known image installed with the authorized privileges specified. Usage Notes o If a privileged image is not located on the system volume, the image is implicitly installed /OPEN. o The set of privileges for a privileged image can be empty. You must, however, list each privilege every time you define or redefine privileges. o The /AUTHPRIVILEGES qualifier applies only to executable images. o You cannot specify this qualifier for an executable image linked with the /TRACEBACK qualifier. o You cannot assign privilege names with the /NOAUTHPRIVILEGES qualifier. You can specify one or more of the privilege names described in detail in an appendix to the OpenVMS Guide to System Security. (ALL is the default.) /EXECUTE_ONLY /EXECUTE_ONLY /NOEXECUTE_ONLY (default) The /EXECUTE_ONLY qualifier is meaningful only to main programs. It allows the image to activate shareable images to which the user has execute access but no read access. All shareable images referenced by the program must be installed, and OpenVMS RMS uses trusted logical names (those created for use in executive or kernel mode). You cannot specify this qualifier for an executable image linked with the /TRACEBACK qualifier. /HEADER_RESIDENT /HEADER_RESIDENT /NOHEADER_RESIDENT Installs the file as a known image with a permanently resident header (native mode images only). An image installed header resident is implicitly installed open. /LOG /LOG /NOLOG (default) Lists the newly created known file entry along with any associated global sections created by the installation. /OPEN /OPEN /NOOPEN Installs the file as a permanently open known image. /PRIVILEGED /PRIVILEGED[=(priv-name[,...])] /NOPRIVILEGED Installs the file as a known image with active privileges specified. If a privileged image is not located on the system volume, the image is implicitly installed /OPEN. Usage Notes o The set of privileges for a privileged image can be empty. o You must list each privilege every time you define or redefine privileges. o The /PRIVILEGED qualifier applies only to executable images. o You cannot specify this qualifier for an executable image linked with the /TRACEBACK qualifier. o You cannot assign privilege names with the /NOPRIVILEGED qualifier. Installing Shareable Images Installing an image with privileges declares that the image is trusted to maintain system integrity and security properly. To maintain that trust, any routine called by the privileged image must also be trusted. For this reason, any shareable images activated for use by a privileged image must be installed. Only trusted logical names (names defined in executive and kernel mode) can be used in locating shareable images to be used by a privileged image. Interaction of /PRIVILEGED and /AUTHPRIVILEGES Qualifiers When you create a new entry, the privileges you assign are also assigned for Authorized Privileges if you do not assign specific authorized privileges with the /AUTHPRIVILEGED qualifier. When you replace an image, any privileges assigned with the /PRIVILEGED qualifier are not repeated as Authorized Privileges. Also, if you use the REPLACE command with the /NOAUTHPRIVILEGES qualifier, the Authorized Privileges become the same as the Default Privileges (set using the /PRIVILEGED qualifier). You can specify one or more of the privilege names described in detail in an appendix to the OpenVMS Guide to System Security. (ALL is the default.) For examples of how to use CREATE commands with /PRIVILEGES qualifiers, see the Examples section at the end of this command. /PROTECTED /PROTECTED /NOPROTECTED (default) Installs the file as a known image that is protected from user-mode and supervisor-mode write access. You can write into the image only from executive or kernel mode. The /PROTECTED qualifier together with the /SHARE qualifier are used to implement user-written services, which become privileged shareable images. /PURGE /PURGE (default) /NOPURGE Specifies that the image can be removed by a purge operation; if you specify /NOPURGE, you can remove the image only by a remove operation. /RESIDENT /RESIDENT[=([NO]CODE,[NO]DATA)] Causes image code segments/sections or read-only data segments/sections to be placed in the granularity hint regions and compresses other image segments/sections, which remain located in process space. If you do not specify the /RESIDENT qualifier, neither code nor data is installed resident. If you specify the /RESIDENT qualifier without keyword arguments, code is installed resident, and data is not installed resident. On x86-64, the image must be installed with /SHARED=ADDRESS_DATA. On Alpha, the image must be linked using the /SECTION_BINDING= (CODE,DATA) qualifier. An image installed with resident code or data is implicitly installed header resident and shared. /SHARED /SHARED[=[NO]ADDRESS_DATA] /NOSHARED Installs the file as a shared known image and creates global sections for the image segments/sections that can be shared. An image installed shared is implicitly installed open. When you use the ADDRESS_DATA keyword with the /SHARED qualifier, P1 space addresses are assigned for shareable images. With the assigned addresses, the Install utility can determine the content of address data when the image is installed rather than when it is activated, reducing CPU and I/O time. A global section is created to allow shared access to address data image segments/sections. /WRITABLE /WRITABLE=[GALAXY[=IDENT]] /NOWRITABLE Installs the file as a writable known image when you also specify the /SHARED qualifier. The /WRITABLE qualifier applies only to images with image segments/sections that are shareable and writable. The /WRITABLE qualifier is automatically negated if the /NOSHARED qualifier is specified. On Alpha, you can use the GALAXY keyword with the /WRITABLE qualifier to place write shared image segments in Galaxy global sections. You can also use the IDENT keyword with GALAXY to include the image ident in the name of the Galaxy global section, so that multiple versions of an image can be used simultaneously in a Galaxy system. 3 Examples 1.INSTALL> CREATE/OPEN/SHARED WRKD$:[MAIN]STATSHR The command in this example installs the image file STATSHR as a permanently open shared known image. 2.INSTALL> CREATE/OPEN/PRIVILEGED=(GROUP,GRPNAM) GRPCOMM The command in this example installs the image file GRPCOMM as a permanently open known image with the privileges GROUP and GRPNAM. Any process running GRPCOMM receives the GROUP and GRPNAM privileges for the duration of the execution of GRPCOMM. The full name of GRPCOMM is assumed to be SYS$SYSTEM:GRPCOMM.EXE. 3.INSTALL> CREATE/LOG GRPCOMM The command in this example installs the image file GRPCOMM as a known image and then displays the newly created known file entry. 4.INSTALL> CREATE/SHARED=ADDRESS_DATA WRKD$:[MAIN]INFOSHR The command in this example installs the INFOSHR file as a shared known image and creates shared global sections for code segments/sections and read-only data segments/sections. Because the command includes the ADDRESS_DATA keyword, address data is also created as a shared global section. 5.INSTALL> CREATE STATSHR/PRIV The command in this example creates the STATSHR image with all privileges. 6.INSTALL> CREATE STATSHR/PRIV=(OPER,SYSPRV) The command in this example creates the STATSHR image with the OPER and SYSPRV privileges. 7.INSTALL> CREATE STATSHR/PRIV=NOALL The command in this example creates the STATSHR image with an empty set of privileges. 8.INSTALL> CREATE STATSHR/NOPRIV The command in this example creates the STATSHR image explicitly with no privileges. 2 DELETE Deletes a known image. The DELETE command is a synonym for the REMOVE command. Format DELETE file-spec 3 Parameter file-spec Names the file specification of a known image. 3 Description The DELETE command deletes an entry from the known file list. The image's entry on the known file list and any global sections created for the image are deleted. The image file remains unaffected. Writable global sections are written back to disk upon their removal as known images. If a process is accessing global sections when the DELETE command is entered, the global sections are deleted only after the operation initiated by the process completes. However, once the command is entered, no additional processes can access the global sections because they are marked for deletion. 3 Example INSTALL> DELETE WRKD$:[MAIN]STATSHR The command in this example deletes the entry for the image STATSHR from the known file list. 2 EXIT Terminates INSTALL and returns control to the DCL command level. You can also exit from INSTALL by pressing Ctrl/Z. Format EXIT 2 HELP Displays information about how to use INSTALL. Format HELP [command] 3 Parameter command Specifies the name of a command for which help infomation is to be displayed. If you omit a command name, a list of commands is displayed and you are prompted for a command name. 3 Examples 1.INSTALL> HELP The command in this example displays a list of INSTALL topics and a Topic? prompt. Any topic from the list can be entered at the prompt. 2.INSTALL> HELP LIST LIST For display of a one-line description of the specified known image, or if no file is specified, then for all known images. Use with /FULL to obtain a multiline description. Format: LIST [file-spec] /qualifier QUALIFIER COMBINATION BEHAVIOR LIST [file-spec] List the known image for file-spec LIST List all entries Additional information available: Qualifiers /FULL /GLOBAL /STRUCTURE /SUMMARY The command in this example displays help information about the LIST command. 2 LIST Displays a description of each specified known image or, if no file is specified, all known images. Format LIST [file-spec] 3 Parameter file-spec Names the file specification of an image installed as a known image. If you omit the file specification, INSTALL displays all known images. 3 Description You can use the LIST command with the /FULL qualifier to display information that is useful in tuning the known image database. For example, a high entry-access count for an image may indicate that system performance could benefit if the image were installed /OPEN. Similarly, high entry-access counts for an image may indicate that installing the image /SHARED - that is, with global sections - could improve performance. For a description of global sections and global pages, including information about how to estimate the size of installed images, refer to the OpenVMS System Services Reference Manual. 3 Qualifiers /FULL Displays a multiline description of the specified known image, including the number of accesses, the number of concurrent accesses, and the number of global sections created. The /FULL qualifier with the /GLOBAL qualifier shows information about global sections, plus the current owner and protection codes and access control entries. /GLOBAL Lists global sections for any specified shared image, or if you omit the file specification, lists all global sections. If a global section is created by INSTALL to support a particular image, that image is also identified. /RESIDENT Displays a description of each resident image. /STRUCTURE Lists addresses of known image data structures. /SUMMARY Used with the /GLOBAL qualifier, displays the global section and global page usage on the system for local and shared memory global sections. 3 Examples 1.INSTALL> LIST The command in this example displays a single-line description of all known images. The description includes the file specification of the known image and its attributes. SYS$DISK:.EXE AUTHORIZE;1 (1) Open Prv (2) CDU;1 Open Hdr Prv DCL;1 Open Hdr Shared FAL;1 Open Hdr SharAddr INSTALL;1 Prv LOGINOUT;1 Open Hdr SharAddr Prv MAIL;1 Open Hdr SharAddr MAIL_SERVER;1 Open Hdr SharAddr Prv REQUEST;1 Prv SET;1 Open Hdr SharAddr Prv SETAUDIT;1 Prv SETP0;1 Open Hdr SharAddr Prv SETRIGHTS;1 Open Prv SHOW;1 Open Hdr SharAddr Prv SHWCLSTR;1 Open Hdr SharAddr Prv SUBMIT;1 Open Hdr SharAddr Prv SYSMAN;1 Open Prv SYS$DISK:.EXE CONVSHR;1 DCLTABLES;1 Open Hdr Shared Lnkbl . . . LIBOTS;1 Open Hdr SharAddr Lnkbl Resid LIBRTL;1 Open Hdr SharAddr Lnkbl Resid MAILSHR;1 Open Hdr SharAddr Lnkbl . . . (1) File specification of the known image (2) Attribute of known image, as follows: Attribute Meaning Acnt Image accounting is enabled for the image (/ACCOUNTING). ArbSupp Image is installed with Access Rights Block (ARB) support options (/ARB_SUPPORT). Authprv Image has authorized privileges (/AUTHPRIVILEGES). Hdr Image header is permanently resident (/HEADER_ RESIDENT). GlxIdent Image is writable with shared data in a Galaxy global section identified by the image ident (/WRITABLE=GALAXY=IDENT). GlxWrite Image is writable with shared data in a Galaxy global section (/WRITABLE=GALAXY=IDENT). Lnkbl Image is not executable; it is a shareable (linkable) image set by the OpenVMS Linker. Nopurg Image cannot be removed by a purge operation; it can only be removed by a delete or remove operation (/NOPURGE). Open Image is permanently open (/OPEN). Prot Image contains protected code (/PROTECTED). Prv Image has privileges (/PRIVILEGED). Resid Image is resident (/RESIDENT). Safe Image is a privileged image registered as being compatible with the running version of OpenVMS. For more information about registered images, refer to the OpenVMS System Manager's Manual, Volume 1: Essentials. Shared Image is shared (/SHARED). SharAddr Image has shared address data (/SHARED=ADDRESS_DATA). Wrt Image is writable (/WRITABLE). Xonly Only execute access to image is allowed (/EXECUTE_ONLY). 2.INSTALL> LIST/RESIDENT The command in this example displays a single-line description of all resident images. The description includes the location in memory, the size of the code segments/sections, and the type of segment/section. System Resident Sections SYS$DISK:.EXE . . . DECC$SHR;1 Base VA End VA Length Type FFFF8300.088E6000 FFFF8300.08D14137 00000000.0042E138 Resident Code FFFF8300.08D78000 FFFF8300.08DAAB17 00000000.00032B18 Unwind Data FFFF8300.08DAC000 FFFF8300.08DB4A17 00000000.00008A18 Resident Code FFFFFFFF.85A16000 FFFFFFFF.85A2C5BF 00000000.000165C0 Resident Code 00000000.7BB76000 00000000.7BB81EBB 00000000.0000BEBC Writeable data 00000000.7BB82000 00000000.7BB8A0FF 00000000.00008100 Demand-zero 00000000.7BB8C000 00000000.7BB8C028 00000000.00000029 Writeable data 00000000.7BB8E000 00000000.7BB93BCB 00000000.00005BCC Read-only data 00000000.7BB94000 00000000.7BB9B59B 00000000.0000759C Read-only data . . . LIBOTS;1 Base VA End VA Length Type FFFF8300.08610000 FFFF8300.08610012 00000000.00000013 Resident Code FFFF8300.08612000 FFFF8300.0861DFAF 00000000.0000BFB0 Resident Code FFFF8300.0861E000 FFFF8300.0861F247 00000000.00001248 Unwind Data FFFF8300.08620000 FFFF8300.08620017 00000000.00000018 Resident Code FFFFFFFF.85A04400 FFFFFFFF.85A0590F 00000000.00001510 Resident Code 00000000.7B2E8000 00000000.7B2E800F 00000000.00000010 Read-only data . . . LIBRTL;1 Base VA End VA Length Type FFFF8300.08443000 FFFF8300.08443597 00000000.00000598 Resident Code FFFF8300.08445000 FFFF8300.085E8BDF 00000000.001A3BE0 Resident Code FFFF8300.085FD000 FFFF8300.0860C6B7 00000000.0000F6B8 Unwind Data FFFF8300.0860D000 FFFF8300.0860FFDF 00000000.00002FE0 Resident Code FFFFFFFF.85A00400 FFFFFFFF.85A0434F 00000000.00003F50 Resident Code 00000000.7B2BE000 00000000.7B2C190F 00000000.00003910 Writeable data 00000000.7B2C2000 00000000.7B2D8607 00000000.00016608 Demand-zero 00000000.7B2DA000 00000000.7B2DA029 00000000.0000002A Writeable data 00000000.7B2DC000 00000000.7B2DDADD 00000000.00001ADE Read-only data 00000000.7B2DE000 00000000.7B2E689F 00000000.000088A0 Read-only data 3.INSTALL> LIST/FULL LOGINOUT The command in this example displays a multiline description of the known image LOGINOUT. SYS$DISK:.EXE LOGINOUT;1 Open Hdr SharAddr Prv Entry access count = 44 (1) Current / Maximum shared = 3 / 5 (2) Global section count = 15 (3) Privileges = CMKRNL SYSNAM IMPERSONATE LOG_IO ALTPRI TMPMBX SYSPRV SYSLCK AUDIT SECURITY (4) Authorized = CMKRNL SYSNAM IMPERSONATE LOG_IO ALTPRI TMPMBX SYSPRV SYSLCK AUDIT SECURITY Resident section count = 0000 ARB Support = READ_ONLY (1) Number of times known file entry has been accessed by this node since it swas installed. (2) First number indicates the current count of concurrent accesses of the known file. The second number indicates the highest count of concurrent accesses of the file since it was installed. This number appears only if the image is installed with the /OPEN qualifier. (3) Number of global sections created for the known file; appears only if the image is installed with the /SHARED qualifier. (4) Translation of the privilege mask; appears only if the image is installed with privileges. 4.INSTALL> LIST/GLOBAL The command in this example displays all global sections for shared images. Global sections created by INSTALL (prefix INS$) for a specific image are listed following the name of that image. System Global Sections (1) . . . SYS$DISK:DEC$BASRTL.EXE (2) INS$812E2AE0_009(040003EA) (3) PRM SYS (4) Pgltcnt/Refcnt=115/0 (5) INS$812E2AE0_008(040003EA) DZRO PRM SYS Pgltcnt/Refcnt=32/0 INS$812E2AE0_007(040003EA) DZRO PRM SYS Pgltcnt/Refcnt=16/0 INS$812E2AE0_006(040003EA) DZRO PRM SYS Pgltcnt/Refcnt=64/0 INS$812E2AE0_005(040003EA) PRM SYS Pgltcnt/Refcnt=1195/0 INS$812E2AE0_004(040003EA) PRM SYS Pgltcnt/Refcnt=5/0 INS$812E2AE0_003(040003EA) PRM SYS Pgltcnt/Refcnt=6/0 . . . 570 Global Sections Used, 16340/85840 Global Pagelets Used/Unused (6) (1) Display of global sections in memory. (2) Name of the image for which the following global sections were created by INSTALL. (3) Name of global section. The prefix identifies the creator of the section; for example, INS means the global section was created by INSTALL. The number includes the address of the section. Version number (in hexadecimal) of global section; for shareable images only, the high-order byte (04 in INS$812E2AE0_nnn) contains major identification, and low-order bytes (0003E8 in INS$812E2AE0_nnn) contain minor identification determined by the programmer at link time. For executable images, the number is a known unique value determined by the system. (4) Attributes of the global section: DZRO Global section is demand-zero. GRP Along with a group number indicates a groupwide section, which would be created by a program other than INSTALL. PRM Global section is permanent. SYS Global section is systemwide. TMP Indicates a temporary global section, which would be created by a program other than INSTALL. WRT Global section is writable. (5) Number of pagelets in the section and number of page table entries currently mapped to this global section. For a more detailed discussion of mapping global sections, refer to the OpenVMS Programming Concepts Manual. (6) Number of global sections created, number of global pagelets used, and number of global pagelets unused in local memory. Note that, because of arithmetic rounding, the number of global sections created will sometimes be greater than the SYSGEN parameter GBLSECTIONS. When the size of the system header is being computed, the values of the GBLSECTIONS and SYSMWCNT parameters are combined with the size of the fixed part of the process header. The result is rounded up to the next page boundary. This rounding process sometimes adds space to the global section table, depending on the values of the two SYSGEN parameters and the amount of system paging that preceded the running of INSTALL to create all of the global sections. 5.INSTALL> LIST/GLOBAL/FULL The command in this example displays a complete listing of global sections for shared images. The /FULL qualifier adds owner and protection codes to the display. System Global Sections . . . X86VMS$DKA0:EDTSHR.EXE INS$81297980_009(00000000) PRM SYS Pgltcnt/Refcnt=48/0 INS$81297980_005(00000000) PRM SYS Pgltcnt/Refcnt=444/0 INS$81297980_004(00000000) PRM SYS Pgltcnt/Refcnt=17/0 INS$81297980_003(00000000) PRM SYS Pgltcnt/Refcnt=1/0 Owner: [SYSTEM] (1) Protection: S:RWED,O:RWED,G:RE,W:RE (2) . . . (1) UIC of the owner of the global section (2) Type of access allowed for the image 2 PURGE Deletes all known file entries for images installed without the /NOPURGE qualifier. Requires the CMKRNL privilege. Also requires the SYSGBL privilege to create system global sections and the PRMGBL privilege to create permanent global sections. Format PURGE 3 Parameters None. 3 Description The PURGE command deletes all known file entries for images installed without the /NOPURGE qualifier. If a process is accessing global sections when the PURGE command is entered, the global sections are deleted only after the operation initiated by the process completes. However, once the command is entered, no additional processes can access the global sections because they are marked for deletion. 3 Example INSTALL> PURGE The command in this example deletes all images except those installed with the /NOPURGE qualifier. The image files remain unaffected. Writable global sections are written back to disk upon their removal as known images. 2 REMOVE Deletes a known image. The REMOVE command is identical to the DELETE command. Requires the CMKRNL privilege. Also requires the SYSGBL privilege to create system global sections and the PRMGBL privilege to create permanent global sections. Format REMOVE file-spec 3 Parameter file-spec Names the file specification of a known image. 3 Description The REMOVE command deletes an entry from the known file list. The image's entry on the known file list and any global sections created for the image are deleted. The image file remains unaffected. Writable global sections are written back to disk upon their removal as known images. If a process is accessing global sections when the REMOVE command is entered, the global sections are deleted only after the operation initiated by the process completes. However, once the command is entered, no additional processes can access the global sections because they are marked for deletion. 3 Example INSTALL> REMOVE GRPCOMM The command in this example deletes the entry for the known image GRPCOMM from the known image file list. 2 REPLACE Replaces a known image entry with another version of the image, or with modified attributes. Requires the CMKRNL privilege. Also requires the SYSGBL privilege to create system global sections and the PRMGBL privilege to create permanent global sections. Format REPLACE file-spec 3 Parameter file-spec Names the file specification of an image to be installed as a known image. The file specification must name an existing executable or shareable image. If you omit the device and directory specification, the default SYS$SYSTEM is used. The default file type is .EXE. The highest existing version of the file is used by default. However, you can specify another version of the file as the known version of the image. Even if other versions of the file exist, the version that you specify will be the version that satisfies all known file lookups for the image. 3 Qualifiers /ACCOUNTING /ACCOUNTING /NOACCOUNTING (default) Enables image-level accounting for selected images even if image accounting is disabled on the local node (by using the DCL command SET ACCOUNTING/DISABLE=IMAGE). When image accounting is enabled on the local node, it logs all images, and the /NOACCOUNTING qualifier has no effect. /ARB_SUPPORT /ARB_SUPPORT=keyword Overrides the system parameter ARB_SUPPORT for this installed image. The following table shows the keywords you can use with the /ARB_ SUPPORT qualifier: Keyword Behavior None The obsolete kernel data cells are not maintained by the system. Fields are initialized to zero (or set to invalid pointers) at process creation. Clear The obsolete kernel data cells are cleared (or set to invalid pointers) when the code would have set up values for backward compatibility. Read-only The obsolete cells are updated with corresponding security information stored in the current Persona Security Block (PSB) when a $PERSONA_ASSUME is issued. Full Data is moved from the obsolete cells to the (default) currently active PSB on any security-based operation. For more information about obsolete kernel cells, refer to the ARB_SUPPORT system parameter in online help. /AUTHPRIVILEGES /AUTHPRIVILEGES[=(priv-name[,...])] /NOAUTHPRIVILEGES Installs the file as a known image installed with the authorized privileges specified. Usage Notes o If a privileged image is not located on the system volume, the image is implicitly installed /OPEN. o The set of privileges for a privileged image can be empty. You must, however, list each privilege every time you define or redefine privileges. o The /AUTHPRIVILEGES qualifier applies only to executable images. o You cannot specify this qualifier for an executable image linked with the /TRACEBACK qualifier. o You cannot assign privilege names with the /NOAUTHPRIVILEGES qualifier. You can specify one or more of the privilege names described in detail in an appendix to the OpenVMS Guide to System Security. (ALL is the default.) /EXECUTE_ONLY /EXECUTE_ONLY /NOEXECUTE_ONLY (default) The /EXECUTE_ONLY qualifier is meaningful only to main programs. It allows the image to activate shareable images to which the user has execute access but no read access. All shareable images referenced by the program must be installed, and OpenVMS RMS uses trusted logical names, those created for use in executive or kernel mode. You cannot specify this qualifier for an executable image linked with the /TRACEBACK qualifier. /HEADER_RESIDENT /HEADER_RESIDENT /NOHEADER_RESIDENT Installs the file as a known image with a permanently resident header (native mode images only). An image installed header resident is implicitly installed open. /LOG /LOG /NOLOG (default) Lists the newly created known file entry along with any associated global sections created by the installation. /OPEN /OPEN /NOOPEN Installs the file as a permanently open known image. /PRIVILEGED /PRIVILEGED[=(priv-name[,...])] /NOPRIVILEGED Installs the file as a known image with the active privileges specified. Usage Notes o If a privileged image is not located on the system volume, the image is implicitly installed /OPEN. o The set of privileges for a privileged image can be empty. o You must list each privilege every time you define or redefine privileges. o The /PRIVILEGED qualifier applies only to executable images. o You cannot specify this qualifier for an executable image linked with the /TRACEBACK qualifier. o You cannot assign privilege names with the /NOPRIVILEGED qualifier. Installing Shareable Images Installing an image with privileges declares that the image is trusted to maintain system integrity and security properly. To maintain that trust, any routine called by the privileged image must also be trusted. For this reason, any shareable images activated for use by a privileged image must be installed. Only trusted logical names (names defined in executive and kernel mode) can be used in locating shareable images to be used by a privileged image. Interaction of /PRIVILEGED and /AUTHPRIVILEGES Qualifiers When you create a new entry, the privileges you assign are also assigned for Authorized Privileges if you do not assign specific authorized privileges with the /AUTHPRIVILEGES qualifier. When you replace an image, any privileges assigned with the /PRIVILEGED qualifier are not repeated as Authorized Privileges. Also, if you use the REPLACE command with the /NOAUTHPRIVILEGES qualifier, the Authorized Privileges become the same as the Default Privileges (set using the /PRIVILEGED qualifier). You can specify one or more of the privilege names described in detail in an appendix to the OpenVMS Guide to System Security. (ALL is the default.) /PROTECTED /PROTECTED /NOPROTECTED (default) Installs the file as a known image that is protected from user-mode and supervisor-mode write access. You can write into the image only from executive or kernel mode. The /PROTECTED qualifier together with the /SHARE qualifier are used to implement user-written services, which become privileged shareable images. /PURGE /PURGE (default) /NOPURGE Specifies that the image can be removed by a purge operation; if you specify /NOPURGE, you can remove the image only by a delete or remove operation. /RESIDENT /RESIDENT[=([NO]CODE,[NO]DATA)] Causes image code segments/sections or read-only data segments/sections to be placed in the granularity hint regions and compresses other image segments/sections, which remain located in process space. If you do not specify the /RESIDENT qualifier, neither code nor data is installed resident. If you specify the /RESIDENT qualifier without keyword arguments, code is installed resident, and data is not installed resident. On x86-64, the image must be installed with /SHARED=ADDRESS_DATA. On Alpha, the image must be linked using the /SECTION_BINDING= (CODE,DATA) qualifier. An image installed with resident code or data is implicitly installed header resident and shared. /SHARED /SHARED[=[NO]ADDRESS_DATA] /NOSHARED Installs the file as a shared known image and creates global sections for the image segements/sections that can be shared. An image installed shared is implicitly installed open. When you use the ADDRESS_DATA keyword with the /SHARED qualifier, P1 space addresses are assigned for shareable images. With the assigned addresses, the Install utility can determine the content of address data when the image is installed rather than when it is activated, reducing CPU and I/O time. A global section is created to allow shared access to address data image segments/sections. /WRITABLE /WRITABLE=[GALAXY[=IDENT]] /NOWRITABLE Installs the file as a writable known image when you also specify the /SHARED qualifier. The /WRITABLE qualifier applies only to images with image segments/sections that are shareable and writable. The /WRITABLE qualifier is automatically negated if the /NOSHARED qualifier is specified. On Alpha, you can use the GALAXY keyword with the /WRITABLE qualifier to place write shared image segments in Galaxy global sections. You can also use the IDENT keyword with GALAXY to include the image ident in the name of the Galaxy global section, so that multiple versions of an image can be used simultaneously in a Galaxy system. 3 Example INSTALL> REPLACE GRPCOMM /ACCOUNTING/NOOPEN The command in this example replaces the known image GRPCOMM with the latest version of the image, while enabling image accounting and removing the OPEN attribute from this version. The full name of the file specification is assumed to be SYS$SYSTEM:GRPCOMM.EXE.