- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - OpenVMS
- >
- Re: user priviledges
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-31-2005 08:33 AM
тАО08-31-2005 08:33 AM
These applications are run by users who have minimal dollar-sign ($) priviledges. The applications are given
world execute protection so the users can run them. One of the applications that is run by minimal priviledged users
has system call sys$sndjbcw which completes with a good status. This system call runs a command file, with logging, which
runs an application. In the log created by this system call I get the following error:
Error opening primary input file SYS$INPUT
Insufficient privilege or file protection violation
and the command file quits.
I modified the priviledges for this minimalized user to have READALL as a default priviledge. Now, the command file runs
the application just fine and I get the following error at the beginning of the log file:
%DCL-W-UNDFIL, file has not been opened by DCL - check logical name
Can you tell me where this error is coming from and how to get rid of it?
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-31-2005 08:42 AM
тАО08-31-2005 08:42 AM
Solution"Error opening primary input file SYS$INPUT
Insufficient privilege or file protection violation"
Be shure that this user can read the command procedure you submit with the sys$sndjbcw system service. Change the file protection not the user privileges.
Bojan
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-31-2005 08:57 AM
тАО08-31-2005 08:57 AM
Re: user priviledges
I didnt ansawer to yours second question.
Try to put a $ SET VERIFY at the beginning of the command procedure and see which command generates the error.
And now I see that you are new to this forum so:
Welcome to the VMS forum!
Bojan
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-31-2005 09:13 AM
тАО08-31-2005 09:13 AM
Re: user priviledges
OpenVMS Developer & System Manager
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-31-2005 09:28 AM
тАО08-31-2005 09:28 AM
Re: user priviledges
Thanks! I decreased the user priviledge and changed the command file protection and it worked great; however, the second error:
%DCL-W-UNDFIL, file has not been opened by DCL - check logical name,
appears before the "set verify" command in the command file, like so:
%DCL-W-UNDFIL, file has not been opened by DCL - check logical name
$SET VERIFY
....
Eric
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-31-2005 10:25 AM
тАО08-31-2005 10:25 AM
Re: user priviledges
In the following command snippet you posted do I use the name of my command procedure in the
$ OPEN/ERROR=No_infile IN
$! do your stuff
$! at end of process:
$ goto endjob
$!
$ No_Infile:
$! Just ean example!
$ S = $STATUS
$ write sys$output "Error opening file"
$!
$endjob:
$ IF F$TRNLNM("IN") .NES. "" then close IN
$ EXIT 'S'
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-31-2005 10:54 AM
тАО08-31-2005 10:54 AM
Re: user priviledges
Phil
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-31-2005 06:27 PM
тАО08-31-2005 06:27 PM
Re: user priviledges
Use the same technique with the sys$sylogin and the login procedure. Put set verify at the begining of this files. To avoid displaying on interactive terminals which can confuse normal users you can do a set verify only for batch jobs:
$ IF F$MODE().EQS."BATCH" THEN SET VERIFY
Bojan
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО08-31-2005 09:07 PM
тАО08-31-2005 09:07 PM
Re: user priviledges
nice to meet you.
If you have V7.3 you can simply define
$ DEFINE/SYS SYLOGIN_VERIFY TRUE
After of this all login procedure have set verify enable. When you deass SYLOGIN_VERIFY, verify turn off. In this way you have no to modify command procedures.
Antonio Vigliotti
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО09-01-2005 05:24 AM
тАО09-01-2005 05:24 AM
Re: user priviledges
Thank you for welcoming me to this site. It is a site I've desired for a very long time. Your help was much appreciated and your comments led me to the solution of my problem.
The problem was in my login.com file. There I had the following command:
Write sys$output: f$time()
I change it to:
Write sys$output f$time()
removing the colon after sys$output, and everything worked perfectly!
There was one thing I didn't understand. That login.com and sylogin.com were called when I run a batch job. Does this mean that when I run a batch job as a user that I am logging into the system again in "batch mode" to process the command file?