The use of a logical name containing the list of "exceptions" and a check in SYS$SYLOGIN has been proposed, and that will work. I will make an alternative proposal.
The use of identifiers (RIGHTS) can be used here. Specifically, the combination of process and system rights.
First create an identifier that you will grant to users that you want to allow to log onto the system when the others are disallowed. For this example, I will use DB_ACC. This same identifier can be used to grant access to files, or even charge disk quota against if it has the resource attribute.
Now grant this identifier to all the users that you want to be able to log in at all times.
Now the non-obvious part. VMS allows you to grant an identifier to the current node (system). These rights show up in the System rights: list at the bottom of the output from
$ show process/rights
On most systems, the only identifier that will show up here is the node specific identifier, SYS$NODE_nodename. For example, if your nodename is AMIT, you will see SYS$NODE_AMIT.
Let's assume that you normally allow all users to login, but prohibit logins when some special system maintenance is in process.
In your SYS$COMMON:[SYSMGR]SYSTARTUP_VMS.COM issue the command:
$ set rights/enable/system DB_ACC
Once that is active, all processes on that node will "hold" the DB_ACC identifier; i.e. it will show up in the list returned by f$getjpi("","RIGHTSLIST")
After it has been added to the systems rightslist, put a check in your SYS$SYLOGIN to check whether this identifier is in the list of rights.
For example
$ myrights_c = "," + f$getjpi("","RIGHTSLIST") + ","
$ if f$locate(",DB_ACC,",myrights_c) .lt. f$length(myrights_c)
$ then
$ ! allow login
$ else
$ ! disallow login
$ endif
Your command file to disable logins would then have the command:
$ set rights/disable/system DB_ACC
and to re-enable:
$ set rights/enable/system DB_ACC
Note that all UICs that have been explicitly granted the identifier will have DB_ACC in their process rightslist, and therefore taking it out of the system rightslist will not affect them.
You also want to kill all the currently logged in processes that do not hold the DB_ACC identifier, so you will need to have the command procedure scan through all the processes as suggested by Ian Miller, but check if DB_ACC is in their process list, and kill them if it is not. This is similar to the case with logical names.
The advantage of using a logical name with a list of "excluded" users would be that it is much easier to change "on the fly". If you have a cluster, you can even put the logical name in a clusterwide logical name table. If you have a cluster, and you don't need to control access to files based on whether the identifier is held, then this is a lot simpler than using system rights, which must be enabled on each system in the cluster.
The advantage of identifiers is that they can be used to protect access to various objects, like files and queues.
We use the identifier method, and sysman to enable/disable the system rights clusterwide.
it depends
