From: SMTP%"CLAYTON@radium.xrt.upenn.edu" 1-NOV-1994 11:48:41.23 To: EVERHART CC: Subj: WARNING - Errors within SYS$Manager:SySecurity.Com CAN = disaster.. From: "Clayton, Paul D." X-Newsgroups: comp.os.vms Subject: WARNING - Errors within SYS$Manager:SySecurity.Com CAN = disaster.. Message-Id: <941031231520.22c00529@radium.xrt.upenn.edu> Date: Mon, 31 Oct 1994 23:15:20 -0500 (EST) Organization: Info-Vax<==>Comp.Os.Vms Gateway X-Gateway-Source-Info: Mailing List Lines: 45 To: Info-VAX@Mvb.Saic.Com Hello all.. Just wanted to alert you to a potential disaster for sites/systems that have 'real workinging code' in their SYS$MANAGER:SYSECURITY.COM procedure. This procedure is called PRIOR to starting the Audit_Server process in the boot sequence. Within this procedure, the typical stuff might be to truncate the audit journal file(s) to reclaim space, save them off, rename them, or some such work. UNLESS the Audit_Server process is started within this procedure, there can be NO SET AUDIT commands within the procedure as the mailbox needed to deal with the server is not created as yet and things get real sticky. Go search the ITS databases if you do not believe. Anyway, what has not been found to date, and which exists in VMS through 6.1, QARd under 6.2, is that IF the LAST executed statement of this procedure returns anything OTHER then success, the audit Audit_Server process will NOT be started on the node! This could have serious repercussions to the stability of the node in terms of its long term use and survival. The current recommendation, from me, is to put some silly statement like: $set_success = %x1 !let DCL insure $STATUS is SUCCESS as the LAST line executed prior to the end of SYSECURITY.COM. Since the procedure that calls this one is in SYS$STARTUP:, it should not be modified to put the more correct, $SET NOON, command within it as it is liable to be editted or replaced by Digital. Beware... pdc Paul D. Clayton Address - CLAYTON@RADIUM.XRT.UPENN.EDU (USA) Disclaimer: All thoughts and statements here are my own and NOT those of my employer, and are also not based on, or contain, restricted information.