re: Jan,
>Those are just STOP/ID'ed.
Please try to avoid STOP/ID or $DELPRC. They can cause trouble (yes, I know, "you've been doing it for years", but that doesn't make it right! nor does it mean it won't cause you trouble in the future).
A better way of killing a process is to first issue a $FORCEX. If the process is still there after some time (say, 5 minutes), then $DELPRC.
From DCL V7.3-2 and above, issue STOP/IMAGE/ID, as Hein suggested, for $FORCEX or STOP/NOEXIT/ID if that fails.
[it took me almost a decade of lobbying to get that put into DCL, so please use it! Thanks to Elinor Woods for working through all the non-obvious complexities and finally making it happen]
That said, I thought the noaccess times worked exactly as described above. A $FORCEX issued at the transition from the access window to the no access window, then a $DELPRC a few minutes later. I'm therefore a bit surprised by your observation. Does the application have any special exit handing?
I agree with Hein that allowing a process to hold locks for an extended period is asking for trouble. I'd strongly recommend implementing timeout mechanisms in the application that
1) relinquish a lock if held too long and
2) exits the application or process if left idle for too long.
Such timeouts can be very easy to implement. For the exit timeout, choose a reasonably long time, say 4 hours. In your command loop immediately after accepting a command issue a $CANTIM to cancel the previous timer, then a $SETIMR to reset it. In the timer AST call $EXIT with SS$_TIMEOUT. Just a few lines of code in any language.
Timing out a record lock can be a bit trickier, it depends on the logic of the application, but it may not be necessary if you can depend on the application timeout.
Final comment. The heart of this issue is user training. The trouble with automating logouts is it teaches users to not logout. So what starts as an emergency fixup develops into standard practice, increasing your exposure to the rare events where summarily killing a process can result in file corruption.
By all means implement an automatic logout, but try to make it the exception, rather than SOP.
You should be able to identify the users responsible. Send messages informing them they've breached security guidelines by leaving their session logged in. If it's serious enough, set a limit to the number of times they're allowed to be caught without incuring some disciplinary action.
A crucible of informative mistakes
