[Info-vax] prevent user login during and after startup

[VAXman- at SendSpamHere.ORG]

In article <lvaasq$c8n$1 at dont-email.me>, Stephen Hoffman <seaohveh at hoffmanlabs.invalid> writes:
>On 2014-09-16 20:56:06 +0000,   VAXman-  @SendSpamHere.ORG said:
>
>> How about an alternate SYSUAF.DAT with ***ONLY*** those accounts you 
>> would allow to access the system prior to your "ssytem" work?  Then, 
>> once you have things established as you'd like, $ DEFINE SYSUAF 
>> SYS$SYSTEM:FULL_SYSUAF.DAT or whatever you'd call/rename your current 
>> full SYSUAF.DAT.
>
>If you're gonna go that route, why not use the SYSUAFALT.DAT file and 
>the UAFALTERNATE parameter?

That works too.  I'm not going either route; it's up to the OP. ;)


>The downside being (with this or with what VAXMAN suggests) you'll want 
>to coordinate the usernames and UICs assigned across the various UAF 
>files, and you'll need to re-boot to re-open access, as some of the 
>early-starting software will attach to the ALT file.
>
>Probably generally easer to strip off OPER, or to move it to the 
>authorized and not the default privilege mask, and use the 
>system-defined mechanisms.

Easier still, he should fix the system startup such that manual intervention
is no longer needed and then, possibly, startup TCPIP later on in the system
startup.  Consider use of SYSMAN STARTUP if what's needed can not be realized
in SYSTARTUP_VMS.COM  (END phase?).
 
-- 
VAXman- A Bored Certified VMS Kernel Mode Hacker    VAXman(at)TMESIS(dot)ORG

I speak to machines with the voice of humanity.