V73 Features, Programming Features, New Process Dump Tools (Alpha)
*Conan The Librarian (sorry for the slow response - running on an old VAX)
|
VMS Help V73 Features, Programming Features, New Process Dump Tools (Alpha) *Conan The Librarian (sorry for the slow response - running on an old VAX) |
|
OpenVMS Version 7.3 contains new tools for processing dump files.
Note that these new-style process dump and process dump analysis
tools are not compatible with the old-style process dumps. That
is, if you have a problem you want to analyze with the new tools,
you must generate a new process dump using the new process dump
image.
The following sections describe the new tools.
| 1 - DCL ANALYZE PROCESS DUMP (Alpha) |
The DCL ANALYZE/PROCESS_DUMP command invokes the OpenVMS debugger
to analyze a process dump, giving you access to debugger commands
for your analysis. In OpenVMS Version 7.3, most of the old DCL
ANALYZE/PROCESS_DUMP qualifiers have no effect. Only the /FULL
and /IMAGE qualifiers are still valid. Both these qualifiers are
still optional.
/FULL now causes the debugger to execute the debugger SHOW IMAGE,
SHOW CALL, and SHOW THREAD/ALL commands after a process dump file
has been opened.
/IMAGE has been renamed to /IMAGE_PATH, and is now a directory
specification, rather than a file specification. /IMPAGE_PATH
specifies a directory in which to look for the debug symbol
information files (.DSF or .EXE files, in that order) that belong
to the process dump file. The name of the symbol file must be
the same as the image name in the process dump file. For example,
for MYIMAGE.DMP, the debugger searches for file MYIMAGE.DSF or
MYIMAGE.EXE.
Version 7.3 and later debuggers check for dumpfile image
specification and DST file link date-time mismatches and issue
a warning if one is discovered.
For more information about the DCL ANALYZE/PROCESS_DUMP command,
refer to the OpenVMS DCL Dictionary: A-M.
| 2 - Debugger ANALYZE PROCESS DUMP Command |
The debugger has a new command:
ANALYZE/PROCESS_DUMP/IMAGE_PATH[=directory-spec] dumpfile.
This command is available only in the kept debugger. The kept
debugger is the image you invoke with the command DEBUG/KEEP,
which allows you to run and rerun programs from the same
debugging session.
The qualifier /PROCESS_DUMP is required.
For more information, refer to the OpenVMS Debugger Manual.
| 3 - Debugger SDA Command |
The new debugger SDA command invokes the System Dump Analyzer
(SDA) to allow you to look at a process dump from within the
OpenVMS debugger. For example:
DBG> SDA
OpenVMS (TM) Alpha process dump analyzer
SDA> ..
.
.
SDA> EXIT
DBG>
This allows you to use SDA to analyze a process dump without
terminating a debugger session.
For more information, refer to the OpenVMS Debugger Manual.
| 4 - Analyzing Process Dumps on Different Systems |
You can analyze a process dump file on a system different from
the one on which it was generated. However, if there is a base
image link date/time mismatch between the generating system
and analyzing system, you must copy SYS$BASE_IMAGE.EXE from the
generating system and point to it with the SDA$READ_DIR logical
name.
For threaded process dump analysis on a system different from the
one on which it was generated, it may also be necessary to copy
and logically point to the generating system's PTHREAD$RTL and
PTHREAD$DBGSHR (POSIX Threads Library debug assistant).
| 5 - Forcing a Process Dump |
You can force a process dump with the DCL command
SET PROCESS/DUMP=NOW process-spec. This command causes the
contents of the address space occupied by process-spec to be
written immediately to the file named image-name.DMP in the
current directory (image-name is the same as the file name).
For more information about the DCL SET PROCESS/DUMP command,
refer to the OpenVMS DCL Dictionary: N-Z.
| 6 - Security and Diskquotas |
A process dump is either complete or partial. A complete process
dump contains all of process space and all process-pertinent data
from system space. A partial process dump contains only user-
readable data from process space and only those data structures
from system space that are not deemed sensitive. Privileged
or protected data, such as an encryption key in third-party
software, might be considered sensitive.
In general, nonprivileged users should not be able to read
complete process dumps, and by default they cannot do so.
However, certain situations require nonprivileged users to be
able to read complete process dumps. Other situations require
enabling a user to create a complete process dump while at
the same time preventing that user from being able to read the
complete process dump.
By default, process dumps are written to the current default
directory of the user. The user can override this by defining
the logical name SYS$PROCDMP to identify an alternate directory
path. Note that the name of the process dump file is always the
same as the name of the main image at the time the process dump
is written, with the file extension .DMP.
6.1 - Special Rights Identifiers
You can use the new rights identifier IMGDMP$READALL to allow
a nonprivileged user to read a complete process dump. You
can use the new rights identifier IMGDMP$PROTECT to protect
a complete process dump from being read by the user that
created the process dump. These rights identifiers are created
during the installation of OpenVMS Version 7.3 by the image
SYS$SYSTEM:IMGDMP_RIGHTS.EXE, which is also run automatically
during system startup to ensure that these rights identifiers
exist with the correct values and attributes.
If these rights identifiers have been deleted, you can run
SYS$SYSTEM:IMGDMP_RIGHTS.EXE to recreate them.
Note that IMGDMP$READALL has no attributes, but IMGDMP$PROTECT is
created with the RESOURCE attribute.
6.2 - Privileged Users
For this discussion, a privileged user is one who satisfies one
of the following conditions:
o Has one or more of the privileges CMKRNL, CMEXEC, SYSPRV,
READALL, or BYPASS
o Is a member of a system UIC group (by default [10,n] or
lower). Such users are treated as though they hold SYSPRV
privilege.
Holders of CMKRNL or CMEXEC can write complete process dumps.
Holders of any of the other privileges can read a process dump
wherever it has been written.
6.3 - Nonprivileged Users
To allow a nonprivileged user to write and read complete process
dumps, grant the rights identifier IMGDMP$READALL to the user.
If the IMGDMP$READALL rights identifier does not exist, run the
image SYS$SYSTEM:IMGDMP_RIGHTS.EXE to create it (see Special
Rights Identifiers). Then use AUTHORIZE to grant the rights
identifier to the user. For example:
$ DEFINE /USER SYSUAF SYS$SYSTEM:SYSUAF.DAT !if necessary
$ RUN SYS$SYSTEM:AUTHORIZE
UAF> GRANT /IDENTIFIER IMGDMP$READALL <user>
UAF> EXIT
Note that the user must log out and log in again to be able to
receive the rights identifier. A nonprivileged user with rights
identifier IMGDMP$READALL can read and write complete process
dumps without restriction.
6.4 - Protecting Process Dumps
You can allow a nonprivileged user to write a complete process
dump and at the same time prevent the user from reading the
process dump just written. To do so, perform the following
procedure:
1. If the IMGDMP$PROTECT rights identifier does not exist, run
the image SYS$SYSTEM:IMGDMP_RIGHTS.EXE to create it (see
Special Rights Identifiers).
2. Create a protected directory with rights identifier
IMGDMP$PROTECT.
3. Define protected logical name SYS$PROTECTED_PROCDMP to point
to the protected directory.
If DISKQUOTA is to be used on the disk containing the
protected directory, specify the maximum disk space to be
used for process dumps.
CAUTION
Do not grant IMGDMP$PROTECT to any user. It is granted and
revoked as needed by SYS$SHARE:IMGDMP.EXE from executive
mode while writing a process dump. If you grant it
permanently to a user, that user has access to all process
dumps written to the protected directory.
You can choose to set up additional ACLs on the protected
directory to further control which users are allowed to read
and write process dumps there.
Note that to take a process dump when the image is installed with
elevated privileges or belongs to a protected subsystem, the user
must hold CMKRNL privilege, and is by definition a privileged
user (see Privileged Users).
|
|
