Manualshelf

Technical data

ManualsBrandsCompaq ManualsPrinterLA36
311312313314315316317318319320
Managing Storage Media
9.5 Mounting Volumes
Unprivileged users can build and manage protected subsystems. You must be
involved at two points in the process:
To create the necessary identifiers for the subsystem. Refer to the OpenVMS
Guide to System Security for details.
To mount the volume with the protected subsystem, which is explained in this
section.
Caution
Anyone who mounts a subsystem is responsible for knowing what is
on the volume being mounted. Compaq strongly recommends that you
find out what is on a volume before you mount a subsystem. Without
this knowledge, you might inadvertently subvert system security and
jeopardize the privacy of users’ data.
For example, a user with malicious intent who has privileges on one
OpenVMS Cluster node might place an application with a subsystem
identifier on a volume and then request an unsuspecting operator or
system manager to mount the volume on another node. Because the
application has a subsystem identifier, the application appears to belong
to a subsystem for which it is unauthorized.
How to Enable Protected Subsystems on a Trusted Volume
The system enables protected subsystems by default only on the system disk.
For other disks, you must enable subsystems every time you mount a volume.
A person with the SECURITY privilege can enable subsystems on a volume by
using the /SUBSYSTEM qualifier on the MOUNT command.
You can dynamically turn on and off the processing of Subsystem ACEs with the
DCL command SET VOLUME/SUBSYSTEM. This command is especially useful
for the system disk, which is not mounted using the MOUNT command.
Example
The command in the following example mounts the volume labeled DOC on the
DUA0: device. Subsystems on the volume are accessible. The MOUNT command
also assigns the logical name WORK8.
$ MOUNT/SUBSYSTEM/SYSTEM DUA0: DOC WORK8
9.5.5 Converting an Existing Volume from One ODS Format to Another
The following sections contain instructions for converting an existing volume from
one ODS file format to another.
9.5.5.1 Converting from ODS-2 to ODS-5
To convert an ODS-2 volume to an ODS-5 volume:
1. Dismount the volume throughout the cluster; for example:
$ DISMOUNT /CLUSTER DKA300:
2. Mount the volume as a private volume, for example:
$ MOUNT DKA300: DISK1
%MOUNT-I-MOUNTED, DISK1 mounted on _STAR$DKA300:
Omitting the /SYSTEM qualifier causes the system to mount the volume as a
private, not a public, volume.
936 Managing Storage Media