[comp.os.vms] How to do 'logical disks' ?

CRAA055%UK.AC.KCL.CC.VAXB@AC.UK.UUCP (06/20/87)

Does anyone know a way to logically partition a disk volume within VMS so that
a user sees only those directories below a particular root and so that his
disk quota only applies to that 'logical disk' - ie he cant create files
anywhere else on the same physical volume?


For example:-

  Suppose I define a /SYSTEM wide logical name to be a root thus:-

    ASSIGN/SYSTEM/tran=(concealed,terminal)  dua0:[PHYSICS.] KCL$PHYSICS


  and my users UAF entry consist of

    /DEVICE=KCL$PHYSICS    /DIR=[SMITH]


  Then the user would see a default directory at login of:

    KCL$PHYSICS:[SMITH]

  which would really be:

    DUA0:[PHYSICS.][SMITH]


All is good so far, the user has a logical disk set up which can be physically
moved to another disk, totally transparently to the user, simply by copying
the files and reassigning the logical name.


HOWEVER there are two problems, one minor and one major:

Minor: The users disk quota has to be duplicated on the new physical disk if
the files are moved. An inconvenience which a bit of DCL could probably solve.


Major: Because the users disk quota applies to the physical volume and not to
the 'logical disk' then, assuming he has access, it is possible to create
files outside of the 'logical disk' elsewhere on the physical disk volume. I
would like to stop my users creating files or looking at files outside of
their own 'logical disk'. How can this be stopped, if at all, other than by
denying access thru the normal file protection mechanism? bearing in mind the
possible need for moving the directory root to another physical volume, I dont
want to have to fiddle around with ACLs or file protections too much.


Im interested in doing this simply because I want to be able to segregate
different groups of users and be able to move those users around my disks
depending on the requirements of the group for disk space. Light users can
share a physical volume with others or be moved to their own disk as
requirements grow.

Of course if anyone has a better suggestion Ill be glad to hear it.


Regards,

Andy Harper,
Kings College UK

A.Harper @ VAXB.CC.KCL.AC.UK        [ EARN/BITNET/NETNORTH ]
A.Harper%KCL.CC.VAXB @ AC.UK
A.Harper%KCL.CC.VAXB @ ucl-cs.arpa    [ ARPA ]

DHASKIN@CLARKU.BITNET (Denis W. Haskin, Manager, Technical Services) (06/22/87)

> Does anyone know a way to logically partition a disk volume within VMS so
> that a user sees only those directories below a particular root and so that
> his disk quota only applies to that 'logical disk' - ie he cant create
> files anywhere else on the same physical volume?
> For example:-
>   Suppose I define a /SYSTEM wide logical name to be a root thus:-
>     ASSIGN/SYSTEM/tran=(concealed,terminal)  dua0:[PHYSICS.] KCL$PHYSICS
>   and my users UAF entry consist of
>     /DEVICE=KCL$PHYSICS    /DIR=[SMITH]
>   Then the user would see a default directory at login of:
>     KCL$PHYSICS:[SMITH]
>   which would really be:
>     DUA0:[PHYSICS.][SMITH]
> All is good so far, the user has a logical disk set up which can be
> physically moved to another disk, totally transparently to the user, simply
> by copying the files and reassigning the logical name.

This is exactly what we do, and for the same reasons.

>
> HOWEVER there are two problems, one minor and one major:
>
> Minor: The users disk quota has to be duplicated on the new physical disk
> if the files are moved. An inconvenience which a bit of DCL could probably
> solve.
>

I don't think there's any way around this, because of the fact that the
QUOTA.SYS file applies to the whole physical disk (maybe we should SPR a
request that a future version will support QUOTA.SYS's at rooted directories?
That would be neat...).  You could certainly write something up (or maybe
someone already has and would make it available) to recreate the correct
entries in the other QUOTA.SYS without too much pain.

Since you can't really move the root *completely* transparently, I do it during
off-hours and 'lock' users on that root out by inserting a check in
SYSLOGIN.COM (uncomment the appropriate lines):

$ !+ The following segment may be used to keep people off certain roots
$ !+ DWH 15-Jan-1987
$ root=f$parse(f$trnlnm("SYS$LOGIN"),,,"DEVICE")
$ if (root.nes."COPACE$ROOT:") then goto active_root
$ type sys$input
COPACE$ROOT is temporarily unavailable; it is being moved to different disks.
We apologize for any inconvenience; it should be available within an hour.
$ logoutnow
$
$active_root:
        [... rest of syslogin.com ...]

I usually then live with the incorrect quotas for a few hours and batch
a DISKQUOTA REBUILD for that disk for about 3 or 4 in the morning.

> Major: Because the users disk quota applies to the physical volume and not
> to the 'logical disk' then, assuming he has access, it is possible to
> create files outside of the 'logical disk' elsewhere on the physical disk
> volume. I would like to stop my users creating files or looking at files
> outside of their own 'logical disk'. How can this be stopped, if at all,
> other than by denying access thru the normal file protection mechanism?
> bearing in mind the possible need for moving the directory root to another
> physical volume, I dont want to have to fiddle around with ACLs or file
> protections too much.

With the current design of directories I don't think you'll find a way to
do it *without* having to use file protection (ACLs aren't necessary unless
your groups aren't set up well).  We control this by using file protection,
mostly based on the UIC group number, and occasionally with ACLs as well.
By default, no-one has any access to any files owned by a different
UIC.  We have had no problem to date.  Users cannot create files outside
of their designated root (in fact, their directory itself) unless we or
another user explicitly changes protections to allow it.

Moving the root to another physical device is no problem if you use
BACKUP, which will retain the correct protection masks.  Once they're
set up they should propagate correctly.

> Im interested in doing this simply because I want to be able to segregate
> different groups of users and be able to move those users around my disks
> depending on the requirements of the group for disk space. Light users can
> share a physical volume with others or be moved to their own disk as
> requirements grow.

That's exactly why we do it.  We also simulate volume sets by defining
something like:

   "CMD$ROOT" = "LOLA$DUA0:[CMD0.]" (LNM$SYSTEM_TABLE)
                "LOLA$DUA5:[CMD0.]" (LNM$SYSTEM_TABLE)
                "LOLA$DUA3:[CMD0.]" (LNM$SYSTEM_TABLE)
                "LOLA$DUA4:[CMD0.]" (LNM$SYSTEM_TABLE)

Which allows the physical location of a file in CMD$ROOT to be somewhat
transparent.  The one caveat is that if you create a file on CMD$ROOT, it
will be created on the first physical device in the logical name search
list.  If you're careful, though, this is quite useful for distributing
files of an application across multiple spindles (either because of size or
high file activity) without having to commit two or more of your drives
into a volume set.

>
> Of course if anyone has a better suggestion Ill be glad to hear it.

So would I!


% Denis W. Haskin                             Manager, Technical Services %
% ----------------------------------------------------------------------- %
% DHASKIN@CLARKU.BITNET   Office of Information Systems     (617)793-7193 %
% Clark University               950 Main Street      Worcester MA  01610 %