1 INSTALL Use the Install utility (INSTALL) to enhance the performance of selected executable and shareable images, to assign enhanced privileges to images, and to support user-written system services. The system stores the name and attributes of installed images on known file lists. Format INSTALL [command] 2 Parameter command Specifies an INSTALL command. This parameter is optional. If no command is specified, the utility displays its prompt and waits for command input. 2 Description To invoke INSTALL, enter the DCL command INSTALL at the DCL prompt as follows: $ INSTALL The utility responds with the following prompt: INSTALL> You can then perform INSTALL operations by entering the appropriate INSTALL commands. To exit from the Install utility, enter the EXIT command at the INSTALL> prompt or press Ctrl/Z. Either method returns control to the DCL command level. Alternatively, you can enter a single INSTALL command on the same line as the command that invokes the utility, for example: $ INSTALL LIST/FULL SYS$SYSTEM:LOGINOUT 2 ADD Installs the specified image file as a known image. The ADD command is a synonym for the CREATE command. Requires the CMKRNL privilege. Also requires the SYSGBL privilege to create system global sections and the PRMGBL privilege to create permanent global sections. Format ADD file-spec 3 Parameter file-spec Names the file specification of an image to be installed as a known image. The file specification must name an existing executable or shareable image, which must have been linked with the /NOTRACEBACK qualifier. If you omit the device and directory specification, the default SYS$SYSTEM is used. The default file type is .EXE. The highest existing version of the file is used by default. However, you can specify another version of the file as the known version of the image. Even if other versions of the file exist, the version that you specify will be the version that satisfies all known file lookups for the image. 3 Qualifiers /ACCOUNTING /ACCOUNTING /NOACCOUNTING (default) Enables image-level accounting for selected images even if image accounting is disabled on the local node (by using the DCL command SET ACCOUNTING/DISABLE=IMAGE). When image accounting is enabled on the local node, it logs all images, and the /NOACCOUNTING qualifier has no effect. /ARB_SUPPORT /ARB_SUPPORT=keyword On Alpha systems, overrides the system parameter ARB_SUPPORT for this installed image. The following table shows the keywords you can use with the /ARB_ SUPPORT qualifier: Keyword Behavior None The obsolete kernel data cells are not maintained by the system. Fields are initialized to zero or set to invalid pointers at process creation. Clear The obsolete kernel data cells are cleared or set to invalid pointers when the code would have set up values for backward compatibility. Read-only The obsolete cells are updated with corresponding security information stored in the current Persona Security Block (PSB) when a $PERSONA_ASSUME is issued. Full Data is moved from the obsolete cells to the (default) currently active PSB on any security-based operation. For more information, refer to the ARB_SUPPORT system parameter in online help. /AUTHPRIVILEGES /AUTHPRIVILEGES[=(priv-name[,...])] /NOAUTHPRIVILEGES Installs the file as a known image with the authorized privileges specified. Usage Notes o If a privileged image is not located on the system volume, the image is implicitly installed /OPEN. o The set of privileges for a privileged image can be empty. You must, however, list each privilege every time you define or redefine privileges. o The /AUTHPRIVILEGES qualifier applies only to executable images. o You cannot specify this qualifier for an executable image linked with the /TRACEBACK qualifier. You can specify one or more of the privilege names shown in an appendix of the OpenVMS Guide to System Security. /EXECUTE_ONLY /EXECUTE_ONLY /NOEXECUTE_ONLY (default) The /EXECUTE_ONLY qualifier is meaningful only to main programs. It allows the image to activate shareable images to which the user has execute access but no read access. All shareable images referenced by the program must be installed, and OpenVMS RMS uses trusted logical names (those created for use in executive or kernel mode). You cannot specify this qualifier for an executable image linked with the /TRACEBACK qualifier. /HEADER_RESIDENT /HEADER_RESIDENT /NOHEADER_RESIDENT Installs the file as a known image with a permanently resident header (native mode images only). An image installed header resident is implicitly also installed open. /LOG /LOG /NOLOG (default) Lists the newly created known file entry along with any associated global sections created by the installation. /OPEN /OPEN /NOOPEN Installs the file as a permanently open known image. /PRIVILEGED /PRIVILEGED[=(priv-name[,...])] /NOPRIVILEGED Installs the file as a known image with the active privileges specified. Usage Notes o If a privileged image is not located on the system volume, the image is implicitly installed /OPEN. o The set of privileges for a privileged image can be empty. o You must list each privilege every time you define or redefine privileges. o The /PRIVILEGED qualifier applies only to executable images. o You cannot specify this qualifier for an executable image linked with the /TRACEBACK qualifier. Installing Shareable Images Installing an image with privileges declares that the image is trusted to maintain system integrity and security properly. To maintain that trust, any routine called by the privileged image must also be trusted. For this reason, any shareable images activated for use by a privileged image must be installed. Only trusted logical names (names defined in executive and kernel mode) can be used in locating shareable images to be used by a privileged image. Interaction of /PRIVILEGED and /AUTHPRIVILEGED Qualifiers When you CREATE a new entry, the privileges you assign are also assigned for authorized privileges if you do not assign specific authorized privileges with the /AUTHPRIVILEGED qualifier. In other words, if you assign authorized privileges using /AUTHPRIVILEGED, those are the privileges that appear as authorized privileges. Table of Privilege Names You can specify one or more of the privilege names shown in an appendix of the OpenVMS Guide to System Security. /PROTECTED /PROTECTED /NOPROTECTED (default) Installs the file as a known image that is protected from user-mode and supervisor-mode write access. You can write into the image only from executive or kernel mode. The /PROTECTED qualifier together with the /SHARE qualifier are used to implement user-written services, which become privileged shareable images. /PURGE /PURGE (default) /NOPURGE Specifies that the image can be removed by a purge operation; if you specify /NOPURGE, you can remove the image only by a delete or remove operation. /RESIDENT /RESIDENT[=([NO]CODE,[NO]DATA)] On Alpha systems, causes image code sections or read-only data sections to be placed in the granularity hint regions and compresses other image sections, which remain located in process space. If you do not specify the /RESIDENT qualifier, neither code nor data is installed resident. If you specify the /RESIDENT qualifier without keyword arguments, code is installed resident, and data is not installed resident. The image must be linked using the /SECTION_BINDING=(CODE,DATA) qualifier. An image installed with resident code or data is implicitly installed header resident and shared. /SHARED /SHARED=[NO]ADDRESS_DATA /NOSHARED Installs the file as a shared known image and creates global sections for the image sections that can be shared. An image installed shared is implicitly installed open. When you use the ADDRESS_DATA keyword with the /SHARED qualifier, P1 space addresses are assigned for shareable images. With the assigned addresses, the Install utility can determine the content of an address data section when the image is installed rather than when it is activated, reducing CPU and I/O time. A global section is created to allow shared access to address data image sections. /WRITABLE /WRITABLE /NOWRITABLE Installs the file as a writable known image as long as you also specify the /SHARED qualifier. The /WRITABLE qualifier only applies to images with image sections that are shareable and writable. The /WRITABLE qualifier is automatically negated if the /NOSHARED qualifier is specified. 3 Examples 1.INSTALL> ADD/OPEN/SHARED WRKD$:[MAIN]STATSHR The command in this example installs the image file STATSHR as a permanently open, shared known image. 2.INSTALL> ADD/OPEN/PRIVILEGED=(GROUP,GRPNAM) GRPCOMM The command in this example installs the image file GRPCOMM as a permanently open, known image with the privileges GROUP and GRPNAM. Any process running GRPCOMM receives the GROUP and GRPNAM privileges for the duration of the execution of GRPCOMM. The full name of GRPCOMM is assumed to be SYS$SYSTEM:GRPCOMM.EXE. 3.INSTALL> ADD/LOG GRPCOMM The command in this example installs the image file GRPCOMM as a known image and then displays the newly added known file entry. 4.INSTALL> ADD/SHARED=ADDRESS_DATA WRKD$:[MAIN]INFOSHR The command in this example installs the INFOSHR file as a shared known image and creates shared global sections for code sections and read-only data sections. Because the command includes the ADDRESS_DATA keyword, address data is also created as a shared global section. 2 CREATE Installs the specified image file as a known image. The CREATE command is a synonym for the ADD command. Requires the CMKRNL privilege. Also requires the SYSGBL privilege to create system global sections and the PRMGBL privilege to create permanent global sections. Format CREATE file-spec 3 Parameter file-spec Names the file specification of an image to be installed as a known image. The file specification must name an existing executable or shareable image, which must have been linked with the /NOTRACEBACK qualifier. If you omit the device and directory specification, the default SYS$SYSTEM is used. The default file type is .EXE. The highest existing version of the file is used by default. However, you can specify another version of the file as the known version of the image. Even if other versions of the file exist, the version that you specify will be the version that satisfies all known file lookups for the image. 3 Qualifiers /ACCOUNTING /ACCOUNTING /NOACCOUNTING (default) Enables image-level accounting for the specified image even if image accounting is disabled (by using the DCL command SET ACCOUNTING/DISABLE=IMAGE). When image accounting is enabled on the local node, it logs all images, and the /NOACCOUNTING qualifier has no effect. /ARB_SUPPORT /ARB_SUPPORT=keyword On Alpha systems, overrides the system parameter ARB_SUPPORT for this installed image. The following table shows the keywords you can use with the /ARB_ SUPPORT qualifier: Keyword Behavior None The obsolete kernel data cells are not maintained by the system. Fields are initialized to zero or set to invalid pointers at process creation. Clear The obsolete kernel data cells are cleared or set to invalid pointers when the code would have set up values for backward compatibility. Read-only The obsolete cells are updated with corresponding security information stored in the current Persona Security Block (PSB) when a $PERSONA_ASSUME is issued. Full Data is moved from the obsolete cells to the (default) currently active PSB on any security-based operation. For more information, refer to the ARB_SUPPORT system parameter in online help. /AUTHPRIVILEGES /AUTHPRIVILEGES[=(priv-name[,...])] /NOAUTHPRIVILEGES Installs the file as a known image installed with the authorized privileges specified. Usage Notes o If a privileged image is not located on the system volume, the image is implicitly installed /OPEN. o The set of privileges for a privileged image can be empty. You must, however, list each privilege every time you define or redefine privileges. o The /AUTHPRIVILEGES qualifier applies only to executable images. o You cannot specify this qualifier for an executable image linked with the /TRACEBACK qualifier. Table of Privilege Names You can specify one or more of the privilege names shown in an appendix of the OpenVMS Guide to System Security. /EXECUTE_ONLY /EXECUTE_ONLY /NOEXECUTE_ONLY (default) The /EXECUTE_ONLY qualifier is meaningful only to main programs. It allows the image to activate shareable images to which the user has execute access but no read access. All shareable images referenced by the program must be installed, and OpenVMS RMS uses trusted logical names (those created for use in executive or kernel mode). You cannot specify this qualifier for an executable image linked with the /TRACEBACK qualifier. /HEADER_RESIDENT /HEADER_RESIDENT /NOHEADER_RESIDENT Installs the file as a known image with a permanently resident header (native mode images only). An image installed header resident is implicitly installed open. /LOG /LOG /NOLOG (default) Lists the newly created known file entry along with any associated global sections created by the installation. /OPEN /OPEN /NOOPEN Installs the file as a permanently open known image. /PRIVILEGED /PRIVILEGED[=(priv-name[,...])] /NOPRIVILEGED Installs the file as a known image with active privileges specified. If a privileged image is not located on the system volume, the image is implicitly installed /OPEN. Usage Notes o The set of privileges for a privileged image can be empty. o You must list each privilege every time you define or redefine privileges. o The /PRIVILEGED qualifier applies only to executable images. o You cannot specify this qualifier for an executable image linked with the /TRACEBACK qualifier. Installing Shareable Images Installing an image with privileges declares that the image is trusted to maintain system integrity and security properly. To maintain that trust, any routine called by the privileged image must also be trusted. For this reason, any shareable images activated for use by a privileged image must be installed. Only trusted logical names (names defined in executive and kernel mode) can be used in locating shareable images to be used by a privileged image. Interaction of /PRIVILEGED and /AUTHPRIVILEGES When you CREATE a new entry, the privileges you assign with the /PRIVILEGED qualifier are also assigned as authorized privileges (if you do not assign specific authorized privileges with the /AUTHPRIVILEGES qualifier). If you do not want this default behavior, you can specify /AUTHPRIVILEGES=NOALL, which will assign no authorized privileges to the image. You can specify one or more of the privilege names shown in the table included in the description of the /AUTHOPRIVILEGES qualifier. For examples of how to use CREATE commands with /PRIVILEGES qualifiers, see the Examples section at the end of this command. /PROTECTED /PROTECTED /NOPROTECTED (default) Installs the file as a known image that is protected from user-mode and supervisor-mode write access. You can write into the image only from executive or kernel mode. The /PROTECTED qualifier together with the /SHARE qualifier are used to implement user-written services, which become privileged shareable images. /PURGE /PURGE (default) /NOPURGE Specifies that the image can be removed by a purge operation; if you specify /NOPURGE, you can remove the image only by a remove operation. /RESIDENT /RESIDENT[=([NO]CODE,[NO]DATA)] On Alpha systems, causes image code sections or read-only data sections to be placed in the granularity hint regions and compresses other image sections, which remain located in process space. If you do not specify the /RESIDENT qualifier, neither code nor data is installed resident. If you specify the /RESIDENT qualifier without keyword arguments, code is installed resident, and data is not installed resident. The image must be linked using the /SECTION_BINDING=(CODE,DATA) qualifier. An image installed with resident code or data is implicitly installed header resident and shared. /SHARED /SHARED[=[NO]ADDRESS_DATA] /NOSHARED Installs the file as a shared known image and creates global sections for the image sections that can be shared. An image installed shared is implicitly installed open. When you use the ADDRESS_DATA keyword with the /SHARED qualifier, P1 space addresses are assigned for shareable images. With the assigned addresses, the Install utility can determine the content of an address data section when the image is installed rather than when it is activated, reducing CPU and I/O time. A global section is created to allow shared access to address data image sections. /WRITABLE /WRITABLE /NOWRITABLE Installs the file as a writable known image as long as you also specify the /SHARED qualifier. The /WRITABLE qualifier only applies to images with image sections that are shareable and writable. The /WRITABLE qualifier is automatically negated if you do not specify the /SHARED qualifier. 3 Examples 1.INSTALL> CREATE/OPEN/SHARED WRKD$:[MAIN]STATSHR The command in this example installs the image file STATSHR as a permanently open shared known image. 2.INSTALL> CREATE/OPEN/PRIVILEGED=(GROUP,GRPNAM) GRPCOMM The command in this example installs the image file GRPCOMM as a permanently open known image with the privileges GROUP and GRPNAM. Any process running GRPCOMM receives the GROUP and GRPNAM privileges for the duration of the execution of GRPCOMM. The full name of GRPCOMM is assumed to be SYS$SYSTEM:GRPCOMM.EXE. 3.INSTALL> CREATE/LOG GRPCOMM The command in this example installs the image file GRPCOMM as a known image and then displays the newly created known file entry. 4.INSTALL> CREATE/SHARED=ADDRESS_DATA WRKD$:[MAIN]INFOSHR The command in this example installs the INFOSHR file as a shared known image and creates shared global sections for code sections and read-only data sections. Because the command includes the ADDRESS_DATA keyword, address data is also created as a shared global section. 5.INSTALL> CREATE STATSHR/PRIV The command in this example creates the STATSHR image with all privileges. 6.INSTALL> CREATE STATSHR/PRIV=OPER,SYSPRV The command in this example creates the STATSHR image with the OPER and SYSPRV privileges. 7.INSTALL> CREATE STATSHR/PRIV=NOALL The command in this example creates the STATSHR image with an empty set of privileges. 8.INSTALL> CREATE STATSHR/NOPRIV The command in this example creates the STATSHR image explicitly with no privileges. 2 DELETE Deletes a known image. The DELETE command is a synonym for the REMOVE command. Format DELETE file-spec 3 Parameter file-spec Names the file specification of a known image. 3 Description The DELETE command deletes an entry from the known file list. The image's entry on the known file list and any global sections created for the image are deleted. The image file remains unaffected. Writable global sections are written back to disk upon their removal as known images. If a process is accessing global sections when the DELETE command is entered, the global sections are deleted only after the operation initiated by the process completes. However, once the command is entered, no additional processes can access the global sections because they are marked for deletion. 3 Example INSTALL> DELETE WRKD$:[MAIN]STATSHR The command in this example deletes the entry for the image STATSHR from the known file list. 2 EXIT Terminates INSTALL and returns control to the DCL command level. You can also exit from INSTALL by pressing Ctrl/Z. Format EXIT 2 HELP Displays information about how to use INSTALL. Format HELP [command] 3 Parameter command Specifies the name of a command for which help infomation is to be displayed. If you omit a command name, a list of commands is displayed and you are prompted for a command name. 3 Examples 1.INSTALL> HELP The command in this example displays a list of INSTALL topics and a Topic? prompt. Any topic from the list can be entered at the prompt. 2.INSTALL> HELP LIST LIST For display of a one-line description of the specified known image, or if no file is specified, then for all known images. Use with /FULL to obtain a multiline description. Format: LIST [file-spec] /qualifier QUALIFIER COMBINATION BEHAVIOR LIST [file-spec] List the known image for file-spec LIST List all entries Additional information available: Qualifiers /FULL /GLOBAL /STRUCTURE /SUMMARY The command in this example displays help information about the LIST command. 2 LIST Displays a description of each specified known image or, if no file is specified, all known images. Format LIST [file-spec] 3 Parameter file-spec Names the file specification of an image installed as a known image. If you omit the file specification, INSTALL displays all known images. 3 Description You can use the LIST command with the /FULL qualifier to display information that is useful in tuning the known image database. For example, a high entry-access count for an image may indicate that system performance could benefit if the image were installed /OPEN. Similarly, high entry-access counts for an image may indicate that installing the image /SHARED-that is, with global sections-could improve performance. For a description of global sections and global pages, including information about how to estimate the size of installed images, refer to the OpenVMS System Services Reference Manual. 3 Qualifiers /FULL Displays a multiline description of the specified known image, including the number of accesses, the number of concurrent accesses, and the number of global sections created. The /FULL qualifier with the /GLOBAL qualifier shows information about global sections, plus the current owner and protection codes and access control entries. /GLOBAL Lists global sections for any specified shared image, or if you omit the file specification, lists all global sections. If a global section is created by INSTALL to support a particular image, that image is also identified. /RESIDENT Displays a description of each resident image. /STRUCTURE Lists addresses of known image data structures. /SUMMARY Used with the /GLOBAL qualifier, displays the global section and global page usage on the system for local and shared memory global sections. 3 Examples 1.INSTALL> LIST The command in this example displays a single-line description of all known images. The description includes the file specification of the known image and its attributes. SYS$DISK:.EXE ANALIMDMP;1 1 Prv 2 AUTHORIZE;1 Prv CDU;1 Open Hdr Prv DCL;1 Open Hdr Shar Lnkbl FAL;1 Open Hdr Shar INSTALL;1 Prv LOGINOUT;1 Open Hdr Shar Prv MAIL;1 Open Hdr Shar MAIL_SERVER;1 Open Hdr Shar Prv REQUEST;1 Prv SET;1 Open Hdr Shar Prv SETAUDIT;1 Prv SETP0;1 Open Hdr Shar Prv SETRIGHTS;1 Prv SHOW;1 Open Hdr Shar Prv SHWCLSTR;1 Open Hdr Shar Prv SUBMIT;1 Open Hdr Shar Prv SYSMAN;1 Prv SYS$DISK:.EXE ANALIMDMPSHR;1 Prv CONVSHR;1 DCLTABLES;1 Open Hdr Shar Lnkbl . . . LIBOTS;1 Open Hdr Shar Lnkbl Resid LIBRTL;1 Open Hdr Shar Lnkbl Resid MAILSHR;1 Open Hdr Shar Lnkbl . . . 1 File specification of the known image 2 Attribute of known image, as follows: Attribute Meaning ACNT Image accounting is enabled for the image (/ACCOUNTING). CMODE Image is in compatibility mode, set by the VAX-11 RSX Linker. HDR Image header is permanently resident (/HEADER_ RESIDENT). LNKBL Image is not executable; it is a shareable (linkable) image set by the OpenVMS Linker. NOPURG Image cannot be removed by a purge operation; it can only be removed by a delete or remove operation (/NOPURGE). OPEN Image is permanently open (/OPEN). PROT Image contains protected code (/PROTECTED). PRV Image has privileges (/PRIVILEGED). RESID Image is resident (/RESIDENT). SAFE Image is a privileged image registered as being compatible with the running version of OpenVMS. For more information about registered images, refer to the OpenVMS System Manager's Manual, Volume 1: Essentials. SHAR Image is shared (/SHARED). WRT Image is writable (/WRITABLE). XONLY Only execute access to image is allowed (/EXECUTE_ONLY). 2.INSTALL> LIST/RESIDENT The command in this Alpha example displays a single-line description of all resident images. The description includes the location in memory, the size of the code sections, and the type of section. System Resident Sections SYS$DISK:.EXE CMA$TIS_SHR;1 Base VA End VA Length Type 80490000 80490A00 00000A00 Resident Code 7FC04000 7FC04A00 00000A00 Linkage 7FC14000 7FC14200 00000200 Writeable data 7FC34000 7FC34200 00000200 Writeable data DECC$SHR;1 Base VA End VA Length Type 80548000 805D1C00 00089C00 Resident Code 805D2000 805D2400 00000400 Resident Code 7FE34000 7FE4B800 00017800 Linkage 7FE54000 7FE59A00 00005A00 Writeable data 7FE64000 7FE64800 00000800 Read-only data 7FE84000 7FE84200 00000200 Writeable data 7FE94000 7FE94200 00000200 Demand-zero 7FEA4000 7FEA7000 00003000 Demand-zero 7FEB4000 7FEB5800 00001800 Writeable data DPML$SHR;1 Base VA End VA Length Type 80492000 80547600 000B5600 Resident Code 7FC44000 7FC6FA00 0002BA00 Read-only data 7FC74000 7FC88200 00014200 Linkage 7FC94000 7FC94400 00000400 Writeable data 7FCA4000 7FCCE600 0002A600 Read-only data 7FD94000 7FD95000 00001000 Writeable data LIBOTS;1 Base VA End VA Length Type 80482000 8048F600 0000D600 Resident Code 7FBC4000 7FBC6600 00002600 Read-only data 7FBD4000 7FBD5A00 00001A00 Linkage 7FBF4000 7FBF4200 00000200 Writeable data LIBRTL;1 Base VA End VA Length Type 80400000 80481A00 00081A00 Resident Code 7FB54000 7FB64800 00010800 Linkage 7FB74000 7FB75000 00001000 Writeable data 7FB84000 7FB8D600 00009600 Read-only data 7FB94000 7FB94200 00000200 Writeable data 7FBA4000 7FBA5000 00001000 Demand-zero 7FBB4000 7FBB5400 00001400 Writeable data 3.INSTALL> LIST/FULL LOGINOUT The command in this example displays a multiline description of the known image LOGINOUT. SYS$DISK:.EXE LOGINOUT;3 Open Hdr Shar Priv Entry access count = 44 1 Current / Maximum shared = 3 / 5 2 Global section count = 2 3 Privileges = CMKRNL SYSNAM TMPMBX EXQUOTA SYSPRV 4 1 Number of times known file entry has been accessed by this node since it swas installed. 2 First number indicates the current count of concurrent accesses of the known file. The second number indicates the highest count of concurrent accesses of the file since it was installed. This number appears only if the image is installed with the /OPEN qualifier. 3 Number of global sections created for the known file; appears only if the image is installed with the /SHARED qualifier. 4 Translation of the privilege mask; appears only if the image is installed with privileges. 4.INSTALL> LIST/GLOBAL The command in this example displays all global sections for shared images. Global sections created by INSTALL (prefix INS$) for a specific image are listed following the name of that image. 1 Display of global sections in memory. 2 Name of the image for which the following global sections were created by INSTALL. 3 Name of global section. The prefix identifies the creator of the section; for example, INS means the global section was created by INSTALL. The number includes the address of the section. 4 Version number (in hexadecimal) of global section; for shareable images only, the high-order byte (01 in CRFSHR_ 003) contains major identification, and low-order bytes (0003E8 in CRFSHR_003) contain minor identification determined by the programmer at link time. For executable images, the number is a known unique value determined by the system. 5 Attributes of the global section: DZRO Global section is demand-zero. GRP Along with a group number indicates a groupwide section, which would be created by a program other than INSTALL. PRM Global section is permanent. SYS Global section is systemwide. TMP Indicates a temporary global section, which would be created by a program other than INSTALL. WRT Global section is writable. 6 Number of pages (VAX) or pagelets (Alpha) in the section and number of page table entries currently mapped to this global section. For a more detailed discussion of mapping global sections, refer to the OpenVMS Programming Concepts Manual. 7 Number of global sections created, number of global pages used, and number of global pages unused in local memory. Note that, because of arithmetic rounding, the number of global sections created will sometimes be greater than the SYSGEN parameter GBLSECTIONS. When the size of the system header is being computed, the values of the GBLSECTIONS and SYSMWCNT parameters are combined with the size of the fixed part of the process header. The result is rounded up to the next page boundary. This rounding process sometimes adds space to the global section table, depending on the values of the two SYSGEN parameters and the amount of system paging that preceded the running of INSTALL to create all of the global sections. 5.INSTALL> LIST/GLOBAL/FULL The command in this example displays a complete listing of global sections for shared images. The /FULL qualifier adds owner and protection codes to the display. System Global Sections NM_MAILSHR_003 (741A6919) PRM SYS Pagcnt/Refcnt=10/0 NM_MAILSHR_002 (741A6919) PRM SYS Pagcnt/Refcnt=1/0 NM_MAILSHR_001 (741A6919) PRM SYS Pagcnt/Refcnt=11/0 Owner: [1,4] 1 Protection: S:RWED,O:RWED,G:RWED,W:RE 2 . . . 1 UIC of the owner of the global section 2 Type of access allowed for the image 2 PURGE Deletes all known file entries for images installed without the /NOPURGE qualifier. Requires the CMKRNL privilege. Also requires the SYSGBL privilege to create system global sections and the PRMGBL privilege to create permanent global sections. Format PURGE 3 Parameters None. 3 Description The PURGE command deletes all known file entries for images installed without the /NOPURGE qualifier. If a process is accessing global sections when the PURGE command is entered, the global sections are deleted only after the operation initiated by the process completes. However, once the command is entered, no additional processes can access the global sections because they are marked for deletion. 3 Example INSTALL> PURGE The command in this example deletes all images except those installed with the /NOPURGE qualifier. The image files remain unaffected. Writable global sections are written back to disk upon their removal as known images. 2 REMOVE Deletes a known image. The REMOVE command is identical to the DELETE command. Requires the CMKRNL privilege. Also requires the SYSGBL privilege to create system global sections and the PRMGBL privilege to create permanent global sections. Format REMOVE file-spec 3 Parameter file-spec Names the file specification of a known image. 3 Description The REMOVE command deletes an entry from the known file list. The image's entry on the known file list and any global sections created for the image are deleted. The image file remains unaffected. Writable global sections are written back to disk upon their removal as known images. If a process is accessing global sections when the REMOVE command is entered, the global sections are deleted only after the operation initiated by the process completes. However, once the command is entered, no additional processes can access the global sections because they are marked for deletion. 3 Example INSTALL> REMOVE GRPCOMM The command in this example deletes the entry for the known image GRPCOMM from the known image file list. 2 REPLACE Replaces a known image entry with another version of the image, or with modified attributes. The REPLACE command is a synonym for the DELETE command. Requires the CMKRNL privilege. Also requires the SYSGBL privilege to create system global sections and the PRMGBL privilege to create permanent global sections. Format REPLACE file-spec 3 Parameter file-spec Names the file specification of an image installed as a known image. 3 Qualifiers /ACCOUNTING /ACCOUNTING /NOACCOUNTING (default) Enables image-level accounting for selected images even if image accounting is disabled on the local node (by using the DCL command SET ACCOUNTING/DISABLE=IMAGE). When image accounting is enabled on the local node, it logs all images, and the /NOACCOUNTING qualifier has no effect. /ARB_SUPPORT /ARB_SUPPORT=keyword On Alpha systems, overrides the system parameter ARB_SUPPORT for this installed image. The following table shows the keywords you can use with the /ARB_ SUPPORT qualifier: Keyword Behavior None The obsolete kernel data cells are not maintained by the system. Fields are initialized to zero (or set to invalid pointers) at process creation. Clear The obsolete kernel data cells are cleared (or set to invalid pointers) when the code would have set up values for backward compatibility. Read-only The obsolete cells are updated with corresponding security information stored in the current Persona Security Block (PSB) when a $PERSONA_ASSUME is issued. Full Data is moved from the obsolete cells to the (default) currently active PSB on any security-based operation. /AUTHPRIVILEGES /AUTHPRIVILEGES[=(priv-name[,...])] /NOAUTHPRIVILEGES Installs the file as a known image installed with the authorized privileges specified. Usage Notes o If a privileged image is not located on the system volume, the image is implicitly installed /OPEN. o The set of privileges for a privileged image can be empty. You must, however, list each privilege every time you define or redefine privileges. o The /AUTHPRIVILEGES qualifier applies only to executable images. o You cannot specify this qualifier for an executable image linked with the /TRACEBACK qualifier. Interaction of /PRIVILEGED and /AUTHPRIVILEGES Qualifiers When you REPLACE an image, any privileges assigned with the /PRIVILEGED qualifier are not repeated as authorized privileges. Also, if you use the REPLACE command with the /NOAUTHPRIVILEGES qualifier, the authorized privileges listed are the same as the Default Privileges (set using the /PRIVILEGED qualifier). If you do not want this default behavior, you can specify /AUTHPRIVILEGES=NOALL, which will assign no authorized privileges to the image. Valid qualifiers are described in detail in an appendix of the OpenVMS Guide to System Security. /EXECUTE_ONLY /EXECUTE_ONLY /NOEXECUTE_ONLY (default) The /EXECUTE_ONLY qualifier is meaningful only to main programs. It allows the image to activate shareable images to which the user has execute access but no read access. All shareable images referenced by the program must be installed, and OpenVMS RMS uses trusted logical names, those created for use in executive or kernel mode. You cannot specify this qualifier for an executable image linked with the /TRACEBACK qualifier. /HEADER_RESIDENT /HEADER_RESIDENT /NOHEADER_RESIDENT Installs the file as a known image with a permanently resident header (native mode images only). An image installed header resident is implicitly installed open. /LOG /LOG /NOLOG (default) Lists the newly created known file entry along with any associated global sections created by the installation. /OPEN /OPEN /NOOPEN Installs the file as a permanently open known image. /PRIVILEGED /PRIVILEGED[=(priv-name[,...])] /NOPRIVILEGED Installs the file as a known image installed with the working privileges specified. Usage Notes o If a privileged image is not located on the system volume, the image is implicitly installed /OPEN. o The set of privileges for a privileged image can be empty. You must, however, list each privilege every time you define or redefine privileges. o The /PRIVILEGED qualifier applies only to executable images. o You cannot specify this qualifier for an executable image linked with the /TRACEBACK qualifier. Valid qualifiers are described in detail in an appendix of the OpenVMS Guide to System Security. /PROTECTED /PROTECTED /NOPROTECTED (default) Installs the file as a known image that is protected from user-mode and supervisor-mode write access. You can write into the image only from executive or kernel mode. The /PROTECTED qualifier together with the /SHARE qualifier are used to implement user-written services, which become privileged shareable images. /PURGE /PURGE (default) /NOPURGE Specifies that the image can be removed by a purge operation; if you specify /NOPURGE, you can remove the image only by a delete or remove operation. /RESIDENT /RESIDENT[=([NO]CODE,[NO]DATA)] On Alpha systems, causes image code sections or read-only data sections to be placed in the granularity hint regions and compresses other image sections, which remain located in process space. If you do not specify the /RESIDENT qualifier, neither code nor data is installed resident. If you specify the /RESIDENT qualifier without keyword arguments, code is installed resident, and data is not installed resident. The image must be linked using the /SECTION_BINDING=(CODE,DATA) qualifier. An image installed with resident code or data is implicitly installed /HEADER_RESIDENT and /SHARED. /SHARED /SHARED[=[NO]ADDRESS_DATA] /NOSHARED Installs the file as a shared known image and creates global sections for the image sections that can be shared. An image installed shared is implicitly installed open. When you use the ADDRESS_DATA keyword with the /SHARED qualifier, P1 space addresses are assigned for shareable images. With the assigned addresses, the Install utility can determine the content of an address data section when the image is installed rather than when it is activated, reducing CPU and I/O time. A global section is created to allow shared access to address data image sections. /WRITABLE /WRITABLE /NOWRITABLE Installs the file as a writable known image as long as you also specify the /SHARED qualifier. The /WRITABLE qualifier only applies to images with image sections that are shareable and writable. The /WRITABLE qualifier is automatically negated if the /NOSHARED qualifier is specified. 3 Example INSTALL> REPLACE GRPCOMM /ACCOUNTING/NOOPEN The command in this example replaces the known image GRPCOMM with the latest version of the image, while enabling image accounting and removing the OPEN attribute from this version. The full name of the file specification is assumed to be SYS$SYSTEM:GRPCOMM.EXE.