HPE Community
Operating System - OpenVMS
1752810 Members
5955 Online
108789 Solutions
New Discussion юеВ

Re: HELP! Whether the following script is runnable?

 
stepstepvms
Occasional Contributor

тАО11-09-2009 04:25 AM

тАО11-09-2009 04:25 AM

HELP! Whether the following script is runnable?

Hi all, I am a newbie in OpenVMS and with no license/software on hand. Recently I have an urgent task related to extract the openVMS configuration setting. With the help of deathrow.vistech.net I can test some of the commands. However, some commands such as "run authorize" still cannot be run due to the lack of privilege. Would you mind helping me to run, or even just by commenting, whether the script is runnable or not?

Many thanks !
0 Kudos
Reply
5 REPLIES 5
Robert Gezelter
Honored Contributor

тАО11-09-2009 05:13 AM

тАО11-09-2009 05:13 AM

Re: HELP! Whether the following script is runnable?

stepstepvms,

Welcome to the ITRC OpenVMS Forum!

With all due respect, some modest suggestions:

- When attaching COM files from OpenVMS, please change the file type to ".txt". Many people will have difficulties since many browsers interpret .COM as indicating a binary executable.

- The file appears to be a lengthy (123KB) command file that does a variety of things. It is many pages long.

I suggest that you isolate the part of the script that you have a question about and post the small segment.

Alternatively, get access to a copy of OpenVMS and experiment on it (rather than a production system where incorrect actions from a privileged account can damage production operations.

- Bob Gezelter, http://www.rlgsc.com
0 Kudos
Reply
Hoff
Honored Contributor

тАО11-09-2009 05:46 AM

тАО11-09-2009 05:46 AM

Re: HELP! Whether the following script is runnable?

This was also just posted to the OpenVMSHobbyist.org forums, and I've posted a reply over there.

http://www.openvmshobbyist.org/forum/viewthread.php?forum_id=40&thread_id=801

This could be (or is?) a version of a US DISA command procedure that's part of OPENVMS-SRR-V2R2 security review, and I've posted a link to the US DISA download site over at the Hobbyist site for anybody that would like to see the DISA version of the download. (Without running a DIFFERENCES against the DISA script, I don't know if this version is unmodified from the DISA version and thus somewhat trustworthy, or if it's been modified, and I'm not inclined to run fully-privileged security-focused DCL procedures received from unknown parties on my servers. That probably also complies with DISA recommendations, too.)

And RUN AUTHORIZE is a valid command, BTW, and that command requires full OpenVMS system privileges.

As for your core question, I would not expect DISA to be posting buggy stuff. And I would not expect the folks at DECUServe or Deathrow or elsewhere would run this stuff for you without a review of the DCL commands within that hundred-plus kilobyte command procedure.

Please address your concerns here to whomever is asking you to urgently run this DCL procedure as a start, and either spend some time to gain some OpenVMS skills or spend some money to bring in somebody that has those skills, or both.
0 Kudos
Reply
Hein van den Heuvel
Honored Contributor

тАО11-09-2009 08:16 AM

тАО11-09-2009 08:16 AM

Re: HELP! Whether the following script is runnable?

The presented scripts looks reasonable for a security audit of sorts. It may or might not generate what you actually need.

As per Hoff, you should go back the the person or organization you r are asked to do this job for and:
a) check what they really want
- Hardware attributes like Memory, CPU disks?
- Software attributes like installed and licenced product and revision levels?
- Usage attributes like last-login, disk quota used
- Security attributes like priviliges, password requirement, usage patterns, ownership

b) Tell them that for most of the above you will need a privileged account and have them prepare one.

There may be a language problem here where concepts in OpenVMS are named and behave differently from Windows or Unix.

If you get the needs expressed in Unix terms, then some folks here may be able and willing to help translate terms to the closest OpenVMS items.

Cheers,
Hein.
0 Kudos
Reply
Bill Pedersen
Regular Advisor

тАО11-10-2009 11:55 AM

тАО11-10-2009 11:55 AM

Re: HELP! Whether the following script is runnable?

A quick review of the command procedure presented and the command procedure from DISA shows that this is "basically" the SSR for OpenVMS. It has been stripped of comments and there are some modifications to use different sub-directory naming. There is also some fixes to a problems with the file naming for test VMS1310.

So, on the belief that DISA would make available a command procedure with minimal issues this looks like it should run. As discussed by everyone else, you need to arrange to have the proper privileges on a test system - so you do not break a live system is there are bugs here.

Good luck,

Bill.
Bill Pedersen
CCSS - Computer Consulting System Services, LLC
0 Kudos
Reply
stepstepvms
Occasional Contributor

тАО11-10-2009 06:14 PM

тАО11-10-2009 06:14 PM

Re: HELP! Whether the following script is runnable?

Thanks for advices !
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.