Once a tape volume directory has been created and tape volume security is active, any tape volume can be categorized as either complying or noncomplying.

Determining Compliance

For a tape to be complying, the following criteria must be met:

If any of these criteria is not met, the tape is noncomplying. A tape is also noncomplying if the tape is unlabeled, has label errors, or has a serial number that does not appear in the volume directory. A noncomplying tape can be assigned to a user or program only by direct intervention with the OU (Output Unit) or IL (Ignore Label) system command.

Complying tapes have the following properties:

Tapes with Duplicate Serial Numbers

Because tape volume serial numbers identify tape volumes to the volume directory, it is strongly recommended that each tape volume be assigned a unique serial number. However, there might be times when it is necessary for more than one tape to share the same serial number. In this case, assign the value TRUE to MATCHONLYSERIALNO when you enter the volume in the volume directory with the VOLUME ADD statement.

When the value of MATCHONLYSERIALNO is TRUE for a volume, the tape security subsystem does not distinguish between that tape and other tapes with the same serial number. While this practice might be necessary at times, it makes management of tapes more difficult. Therefore, it is recommended that you avoid it whenever possible.

Tape Ownership

Tape ownership is determined by the value of the FAMILYOWNER tape file attribute. This value can be from 1 to 17 characters, or it can be an asterisk (*), and it is the “name” of the owner of the tape.

A Boolean tape file attribute, PERMANENTLYOWNED, determines which files can be placed on an owned tape volume.

At any one time, all the files on the tape have the same FAMILYOWNER value.

The FAMILYOWNER and PERMANENTLYOWNED attributes can be assigned values with a VOLUME ADD statement. Only privileged users and jobs started at an ODT have access to the VOLUME ADD statement.

A complying tape is said to be unowned if it is a scratch tape and it is not permanently owned; otherwise, the tape is considered owned. Any user can create a file on an unowned tape, so any user can create temporary ownership of a tape. For a nonprivileged user, the value of the FAMILYOWNER attribute must match the usercode of the process creating the file that establishes ownership.

In a tape volume family consisting of more than a single volume, all tapes must have the same value for the FAMILYOWNER attribute; that is, one of the following statements must be true:

Within a single tape volume family, some tape volumes can be owned permanently and others owned temporarily.

Accessing Owned Tapes

Once a tape is owned, either permanently or temporarily, access to the tape is governed by rules similar to those governing access to disk files and the rules of any granulated authorization granted a user trying to access the tape.

For example, if the SECURITYTYPE attribute is PRIVATE, only the owner or a privileged user can read from or write to the tape. However, a user with the READ or WRITE granulated authorization will have access to the tape regardless the value of the file attribute.

Assigning and Changing Tape Attributes

The attributes that are associated with tape volumes and the default values of those attributes are as follows.

The following rules govern how these attributes are assigned or altered:

The following tables each repeat these rules, from different perspectives:

Maintaining the Volume Directory

Once the volume directory is in place, use the following facilities to maintain it:

Displaying Volume Directory Information

Two tools can determine the contents of the tape volume directory: the TV (Type Volume) system command and the LISTVOLUME utility.

If you use either the TV command or the LISTVOLUME utility to report on the contents of tapes, and a tape volume meets both the following conditions, then for that serial number the report displays information for the tape with matching serial number that was most recently accessed by the system:

TV (Type Volume) System Command

This command interrogates the volume directory and displays the name of the volume owner and the other attribute values associated with a volume or volume family specified by serial number. The command has the form

TV MT <serial number>

For example, suppose serial number E23 identifies a tape volume in a volume family comprising four tape volumes. The report for the command TV MT E23 might appear as follows:

----VOLUME DIRECTORY ENTRY FOR (MT) [E23 ]-----
FAMILY NAME: TEST
    FAMILY OWNER: *
    TASK THAT WROTE TAPE STARTED ON: WEDNESDAY MAY 27 (2015147) AT 12:23:33
    SECURITY: PUBLIC -- USAGE: READ/WRITE
    FAMILY CREATION DATE: 5/27/2015
    FAMILY EXPIRATION DATE: 8/27/2016
    FAMILY CREATION SITE: 281
    LABELKIND: A SERIES LIBRARY MAINTENANCE
    UPDATE TIMESTAMP: WEDNESDAY JUNE 01, 2016 (2016153) AT 11:19:38
    GUARDFILE: NONE
    FAMILY STRUCTURE #1 THRU 0004
     (PEMT) [001551] 6250 #0001, DESTROYED, ONSITE
     (PEMT) [001002] 6250 #0002, TEMPORARY, RESTRICTED, ONSITE
     (PEMT) [MT0923] 6250 #0003, PERMANENT, NON-RESTRICTED, ONSITE
     (PEMT) [MT11C4] 6250 #0004, PERMANENT, RESTRICTED, DESTROYED, ONSITE

LISTVOLUME Utility

SYSTEM/LISTVOLUME is a program that reports on the status of volumes in the tape volume directory, the volume library, or both. Only privileged users are permitted to run this utility. Depending on the size of the volume library or volume directory, the program might require sizable disk space.

The utility reads and sorts records in the library or directory to produce its reports and sends the output to the printer. Enter a parameter to specify the report or reports you want generated. If you do not enter a parameter, the utility reports on the volume library if it exists, and on the volume directory if it exists.

The syntax for running the utility and entering parameters is as follows:

── RUN $SYSTEM/LISTVOLUME ── (" ─┬─────────────────────────────┬─ ") ──┤
                                 │         ┌◄─────── , ──────┐ │
                                 └─ PRINT ─┴─┬─────────────┬─┴─┘
                                             ├─ VOLUMELIB ─┤
                                             └─ VOLUMEDIR ─┘

If you specify VOLUMELIB in the PRINT parameter, the utility generates a report on the volume directory. If you specify only PRINT or no parameter at all, the utility generates a report on the volume databases that exist.

For example, the following command causes SYSTEM/LISTVOLUME to produce a report on the tape volume directory:

RUN $SYSTEM/LISTVOLUME ("PRINT VOLUMEDIR")

Each of the following commands causes the utility to produce a report on both the volume library and the volume directory, if they exist:

RUN $SYSTEM/LISTVOLUME ("")
RUN $SYSTEM/LISTVOLUME ("PRINT")
RUN $SYSTEM/LISTVOLUME ("PRINT VOLUMELIB, VOLUMEDIR")

When you request a report for a volume structure that does not exist, the utility returns a message to that effect.

LISTVOLUME Report for the Volume Directory outlines the sections of the report generated by LISTVOLUME for the volume directory.

The MATCHONLYSERIALNO report section lists the following information for each volume:

Volume Name       FAMILY OWNER: <usercode>
                  CREATION DATE: <creation date>
                  EXPIRATION DATE: <expiration date>
                  CREATION SITE: <creation site>
                  LABEL KIND: <label kind>
                  UPDATE TIMESTAMP: <update timestamp>
                  SECURITY: <security> - USAGE: <usage>
                  [<volume serial number>] <reel number>

The EXPIRED VOLUMES report section includes security information. The following example illustrates the format of this information:

TAPE3             FAMILY OWNER: <usercode>
(family name)     CREATION DATE: Thur, July 14, 2016
                  EXPIRATION DATE: Sat, Aug 13, 2016
                  CREATION SITE: 8
                  LABEL KIND: FIXED BLOCK LIBRARY MAINTENANCE TAPE.
                  UPDATE TIMESTAMP: Thur, Jul 14, 2016 AT 09:40:51
                  SECURITY: PRIVATE - USAGE: I/O
                  (PETAPE) [ADM ] 1250 #0001 TEMPORARY, NOT-RESTRICTED

The summary information listed in the VOLUME DIRECTORY STATISTICS report section appears in the following format, with nnnn indicating an integer:

nnnn 	Volume entries (count of all serial numbers)
nnnn 	Scratch entries (count of all scratch volumes)
nnnn 	MATCHONLYSERIALNO entries (count of volumes marked
      MATCHONLYSERIALNO)
nnnn 	SECURITYLABELS entries (count of volumes marked
      SECURITYLABELS)
nnnn 	Missing entries (count of deleted serial numbers)
nnnn 	Base entries (count of all volume families)

The report generated by LISTVOLUME for the volume library is similar to the report outlined in LISTVOLUME Report for the Volume Directory.

Protecting the Volume Directory from Loss

Because the volume directory stores the information that maintains tape volume security, it is important that you protect this information from loss. The volume directory is stored as part of the access structure, which is a special file used by the system to determine the location of files stored on the disk subsystem.

If the system is running without the system OP command CATALOGING option designated, the access structure is stored in a disk file named SYSTEM/ACCESS/<family index>, where in place of <family index> appears a family index number. This number indicates the member of the catalog family that contains the access structure.

If the system is running with CATALOGING enabled, the access structure is stored in a file named SYSTEM/CATALOG/<family index>.

To protect the tape security information effectively, you must make frequent copies of the data in the volume directory. The frequency with which you make copies depends on the volatility of the information in the volume directory. The more often information changes in the volume directory, the more quickly a backup copy becomes outdated.

Backing Up the Volume Directory

The AD (Access Duplicate) system command can create an online duplicate of the access structure, including the tape volume directory. This duplicate is updated every time the original is updated, and so the duplicate always contains current information. To duplicate an access structure, use the following form of the command:

AD (<family index>)

In place of <family index>, enter the family index number indicating the member of the catalog family that is to contain the new duplicate of the access structure. This index number must be different from the index number in the file name of the active access structure.

The new duplicate of the access structure is titled

For example, on a noncataloging system, the following command creates a duplicate access structure with the name SYSTEM/ACCESS/005:

AD (5)

Although duplicating the access structure with the AD command provides a dynamically updated backup, this backup file resides on the same family as the access structure. The backup file is, therefore, vulnerable to some of the same failures that might make the access structure unavailable.

One method for creating a backup file protected from a wider range of failures is to use the COPYCAT (Copy Catalog) system command followed by the Work Flow Language (WFL) COPY statement. Copy either the file SYSTEM/ACCESS/<family index> or the file SYSTEM/CATALOG/<family index> to a different family than the one with the access structure, or copy it to tape. The drawback to this method is that the backup copy is not updated dynamically: the backup copy is accurate only at the time it is made.

If you make a backup copy every two hours and a disk failure destroys the access structure an hour and a half after the last copy was made, the backup copy is 90 minutes out of date.

When an out-of-date copy is used to restore the access structure, tape volumes that had attributes changed after the last backup will become noncomplying. This noncompliance is revealed when some action is taken on the volume. To bring a noncomplying volume into compliance, a privileged user must execute a VOLUME DELETE statement followed by a VOLUME ADD statement on the volume to enter it correctly in the tape volume directory.

Restoring the Volume Directory

If the access structure is lost or corrupted, take the following steps to create the backup copy the new access structure:

On cataloging systems, this procedure restores both the cataloging information in the volume library and the tape security information in the volume directory.

Backing Up with SYSTEM/LISTVOLUME

If your installation has only a few tapes, you can back up the information in the volume directory by using the utility SYSTEM/LISTVOLUME to print daily listings of the volume directory contents. If any parts of the volume directory are corrupted or missing, you can reenter those portions into the directory.

Take the following steps to reenter a volume:

Creating a Utility to Save and Restore the Directory

If a large volume of tapes is handled at your site, you might choose to implement a utility that can automatically back up and restore records in the tape volume directory. You can do so with a program written in DCALGOL that uses GETSTATUS and SETSTATUS calls to save and replace the records. The utility would have two parts: one to create backups periodically of the volume directory, and the other to restore the volume directory.

You can write the utility to make use of data in the volume directory. For example, it might restore only those records with a specific value for the FAMILYOWNER attribute. For detailed information about the structure of data records in the tape volume directory, see the GETSTATUS/SETSTATUS Programming Reference Manual.

The utility can make use of four GETSTATUS/SETSTATUS calls:

The backup utility might perform the following tasks:

The restoring utility might perform the following tasks:

Tape Security Policy

The following practices are advisable for maintaining tape security: