Volume

From VSI OpenVMS Wiki
Jump to: navigation, search

A volume is a mass storage medium, such as a disk or tape, that is in ODS-2 or ODS-5 format. Volumes contain files and may be mounted on devices. A volume is identified by the volume label (as opposed to a device identified by a device name).

Volume Characteristics

Volume characteristics are set with the INITIALIZE and SET VOLUME commands:

  • XFC caching
  • data check (checks can be performed following all read operations or all write operations)
  • erase on delete
  • default extension size
  • default file protection (only used by RSX-11M systems; OpenVMS uses default process protection)
  • high-water marking
  • volume label
  • volume expansion limit
  • mount verification
  • retention time
  • size
  • structure level: ODS-2 or ODS-2
  • protected subsystems enabled
  • enabled for unloading at dismount
  • hardlinks
  • access dates
  • windows (the number of mapping pointers to be allocated for file windows)

Protection of Volumes

Users may have access to files and directories on a volume, but they cannot access them if they do not also have access to the volume itself.

Volumes have four access types: Read, Write, Create, Delete. The volume's owner and users with VOLPRO privilege have control access to the volume. By default, the following protection is set for volumes:

  • Volumes initialized /SYSTEM are owned by [1,1]; all users have W:RWCD to the volume, but only system processes can create first-level directories
  • Volumes initialized /GROUP have no access for World but all access for System, Owner, and Group.
  • Volumes initialized /NOSHARE have RWD access for System and Owner and no access for World or Group (unless /GROUP is specified).

The volume's security profile is saved in the master file directory of the volume as SECURITY.SYS.

A different protection setting can be specified with the INITIALIZE command. Volume protection settings can be changed with SET VOLUME and SET SECURITY /CLASS=VOLUME; ACLs can be added with SET SECURITY.

Security auditing can be enabled for volumes with SET AUDIT/ENABLE=ACCESS=access type /CLASS=volume /AUDIT (See SET AUDIT Events for details). However, some limitations apply:

  • The system does not audit volume creation or deletion.
  • The system does not audit access for tapes, ODS-1, or foreign-mounted volumes.

Security auditing can also be enabled for mount and dismount operations with SET AUDIT /ENABLE=MOUNT

See also