Safeguard Reference Manual (G06.29+, H06.08+, J06.03+)
Table Of Contents
- Safeguard Reference Manual
- Legal Notices
- Contents
- What is New in this Manual
- Manual Information
- New and Changed Information
- Changes to the 520618-030 manual
- Changes to the 520618-029 manual
- Changes to the 520618-028 manual
- Changes to the 520618-027 manual
- Changes to the 520618-026 manual
- Changes to the 520618-025 manual
- Changes to the H06.22/J06.11 manual
- Changes to the H06.21/J06.10 Manual
- Changes to the H06.20/J06.09 Manual
- Changes to the 520618-020 Manual
- Changes to the H06.19/J06.08 Manual
- About This Manual
- 1 Introduction
- 2 Common SAFECOM Language Elements
- 3 The Command to Run SAFECOM
- 4 SAFECOM Session-Control Commands
- 5 User Security Commands
- 6 User Alias Security Commands
- 7 Group Commands
- 8 Disk-File Security Commands
- Disk-File Ownership
- Disk-File Access Authorities
- Disk-File Access Authorization
- Disk-File Security Command Summary
- Syntax of Disk-File Security Commands
- ADD DISKFILE Command
- ADD DISKFILE-PATTERN Command
- ALTER DISKFILE Command
- ALTER DISKFILE-PATTERN Command
- DELETE DISKFILE Command
- DELETE DISKFILE-PATTERN Command
- FREEZE DISKFILE Command
- FREEZE DISKFILE-PATTERN Command
- INFO DISKFILE Command
- INFO DISKFILE-PATTERN Command
- RESET DISKFILE Command
- RESET DISKFILE-PATTERN Command
- SET DISKFILE Command
- SET DISKFILE-PATTERN Command
- SHOW DISKFILE Command
- SHOW DISKFILE-PATTERN Command
- THAW DISKFILE Command
- THAW DISKFILE-PATTERN Command
- SAFECOM Saved Diskfile Pattern Commands
- ADD SAVED-DISKFILE-PATTERN Command
- ALTER SAVED-DISKFILE-PATTERN Command
- DELETE SAVED-DISKFILE-PATTERN Command
- FREEZE SAVED-DISKFILE-PATTERN Command
- INFO SAVED-DISKFILE-PATTERN Command
- RESET SAVED-DISKFILE-PATTERN Command
- SET SAVED-DISKFILE-PATTERN Command
- SHOW SAVED-DISKFILE-PATTERN Command
- THAW SAVED-DISKFILE-PATTERN Command
- 9 Disk Volume and Subvolume Security Commands
- Volume Authorization Record Ownership
- Subvolume Authorization Record Ownership
- Volume and Subvolume Access Authorities
- Volume and Subvolume Access Authorization
- Volume and Subvolume Security Command Summary
- Syntax of Disk Volume and Subvolume Security Commands
- ADD VOLUME and SUBVOLUME Commands
- ALTER VOLUME and SUBVOLUME Commands
- DELETE VOLUME and SUBVOLUME Commands
- FREEZE VOLUME and SUBVOLUME Commands
- INFO VOLUME and SUBVOLUME Commands
- RESET VOLUME and SUBVOLUME Commands
- SET VOLUME and SUBVOLUME Commands
- SHOW VOLUME and SUBVOLUME Commands
- THAW VOLUME and SUBVOLUME Commands
- 10 Device and Subdevice Security Commands
- Device and Subdevice Authorization Record Ownership
- Device and Subdevice Access Authorities
- Device and Subdevice Access Authorization
- Device and Subdevice Security Command Summary
- Syntax of Device and Subdevice Security Commands
- ADD DEVICE and SUBDEVICE Commands
- ALTER DEVICE and SUBDEVICE Commands
- DELETE DEVICE and SUBDEVICE Commands
- FREEZE DEVICE and SUBDEVICE Commands
- INFO DEVICE and SUBDEVICE Commands
- RESET DEVICE and SUBDEVICE Commands
- SET DEVICE and SUBDEVICE Commands
- SHOW DEVICE and SUBDEVICE Commands
- THAW DEVICE and SUBDEVICE Commands
- 11 Process and Subprocess Security Commands
- Process and Subprocess Security
- Process and Subprocess Access Authorities
- Special NAMED and UNNAMED Process Protection Records
- Process and Subprocess Security Command Summary
- Syntax of the Process and Subprocess Security Commands
- ADD PROCESS and SUBPROCESS Commands
- ALTER PROCESS and SUBPROCESS Commands
- DELETE PROCESS and SUBPROCESS Commands
- FREEZE PROCESS and SUBPROCESS Commands
- INFO PROCESS and SUBPROCESS Commands
- RESET PROCESS and SUBPROCESS Commands
- SET PROCESS and SUBPROCESS Commands
- SHOW PROCESS and SUBPROCESS Commands
- THAW PROCESS and SUBPROCESS Commands
- 12 OBJECTTYPE Security Commands
- 13 Security Group Commands
- 14 Terminal Security Commands
- 15 Event-Exit-Process Commands
- 16 Safeguard Subsystem Commands
- 17 Running Other Programs From SAFECOM
- A SAFECOM Error and Warning Messages
- B Disk-File Access Rules
- Index
Event-Exit-Process Commands
Safeguard Reference Manual — 520618-030
15 - 34
Event-Exit Design, Management, and Operation
•
The event-exit process can be a process pair to ensure its continuous availability to
handle authorization requests. If it is not a process pair, the event-exit process is
unavailable to handle requests during its initialization interval after a restart.
•
Any user file maintained by the event-exit process must support 32-byte user alias
names and their passwords.
•
To avoid the possibility of deadlocks, the event-exit process must not perform
waited operations after initialization.
The Safeguard $ZSMP starts and manages the event-exit process. Each time $ZSMP
starts the event-exit process, it first attempts to kill any process with the same process
name not started by the $ZSMP. An EMS message notes this action. If the $ZSMP
finds that the event-exit process was not started by the $ZSMP, it does not send
messages to the event-exit process until it successfully kills the process and restarts it.
Be careful to avoid name collisions.
When the ENABLED flag is set to ON, $ZSMP attempts to start the event-exit process.
Safeguard tries maximum of three attempts to start this process. For every attempt that
fails, an EMS event is logged. If all attempts fail, Safeguard stops the process creation
attempt and turns the ENABLED flag to OFF. An event is also logged if Safeguard
encounters an error while resetting the ENABLED flag to OFF. If the event-exit process
creation request fails, you must verify the ENABLED flag for the process. If the
ENABLED flag has not been turned OFF by Safeguard, you must turn the flag OFF
manually.
If the event-exit process stops abruptly, $ZSMP attempts to restart the process until it
is successfully restarted or disabled. An EMS message is sent to the console informing
the operator each time Safeguard attempts a restart. Safeguard tries maximum of
three attempts to restart the process. To avoid a negative impact to the performance of
the $ZSMP, Safeguard attempts each restart after a specified interval. If the process
creation fails at the end of three attempts, the ENABLED flag is reset to OFF. Requests
are not sent to the event-exit process until the restart is successful.
If the processor in which the event-exit process is running becomes unavailable, the
backup CPU is used as the primary CPU. If neither the primary or backup CPU is
available, the event-exit process is rest
arted in the same CPU as the $ZSMP.
$ZSMP opens the event-exit process with the name $name.#Z
SEEP, where name is
the name assigned in the event-exit configuration record. Because the event-exit
process can be opened by processes other than Safeguard security processes, the
subdevice name #ZSEEP allows the event-exit process to determine the intention of
the opener. It also allows the event-exit process to determine which message protocol
is being used.
To avoid deadlocks, the event-exit process is a security process. Messages received
from the event-exit process are not be sent to the event-exit process. Child processes
Note. HP recommends that when $ZSMP is attempting to start the event-exit process,
Safecom must not be used to issue any other commands, until the result of the process
creation is displayed at the Safecom prompt.