cimconfig(8) cimconfig(8)

NAME cimconfig - get, set, unset, or list CIM Server configuration proper- ties

SYNOPSIS cimconfig -g name [ -c ] [ -d ] [ -p ]

cimconfig -s name=value [ -c ] [ -p ]

cimconfig -u name [ -c ] [ -p ]

cimconfig -l [ -c | -p ]

cimconfig -h

cimconfig --help

cimconfig --H name

cimconfig --version

DESCRIPTION The cimconfig command manages CIM Server configuration properties. The operations are executed on the local host by submitting requests to the CIM Server. An operation on a current configuration property takes effect immediately, and an operation on a planned configuration prop- erty takes effect the next time the CIM Server is started with cim- server (8) . Modifications to a configuration property via cimconfig remain in effect until changed via another cimconfig command. Configu- ration properties may also be modified temporarily via the cimserver (8) command, in which case, the modification of the configuration prop- erty remains in effect for that execution of the cimserver (8) command only. A default value is associated with each configuration property. Each configuration property is initially assigned its default value, until modified by a cimconfig command or cimserver (8) command. Dynamic configuration properties are those whose current values may be set while the CIM server is running.

The following configuration properties are available:

authorizedUserGroups

Description: If set, the value is interpreted as a list of comma-separated user groups whose members may issue CIM requests. A user who is not a member of any of these groups is restricted from issuing CIM requests, with the exception of privileged users (superuser). If unset, any user may issue CIM requests. Note: This configuration property operates in conjunc- tion with other CIM request authorization conditions rather than overriding them. Default Value: (None) Dynamic: No

enableAssociationTraversal

Description: If True, the CIM Server will support the four asso- ciation traversal operators: Associators, AssociatorNames, Ref- erences, and ReferenceNames. Default Value: True Dynamic: No

enableAuditLog

Description: If True, audit log entries for certain types of CIM Server activities will be written to the system log. Examples of audited activities include a CIM Server configuration change, a Provider registration change, an authentication attempt and a modification to the CIM Schema or a CIM Instance. An audit log entry describes the who, what, and when associated with an audited activity. Default Value: False Dynamic: Yes

enableIndicationService

Description: If True, the CIM Server will support CIM Indica- tions. Default Value: True Dynamic: No

enableHttpConnection

Description: If True, allows connections to the CIM Server using the HTTP protocol Default Value: False Dynamic: No

enableHttpsConnection

Description: If True, allows connections to the CIM Server using the HTTPS protocol (HTTP using Secure Socket Layer encryption) Default Value: True Dynamic: No

enableNamespaceAuthorization

Description: If True, the CIM Server restricts access to names- paces based on configured user authorizations [user authoriza- tions may be configured using cimauth (8) ] Default Value: False Dynamic: No

enableRemotePrivilegedUserAccess

Description: If True, the CIM Server allows access by a privi- leged user from a remote system Default Value: True Dynamic: No

enableSubscriptionsForNonprivilegedUsers

Description: If True, nonprivileged user of the system will be allowed to create Indication Subscription, otherwise privileged access is required. Default Value: False Dynamic: No

forceProviderProcesses

Description: If true, the CIM Server runs Providers in separate processes rather than loading and calling Provider libraries directly within the CIM Server process. Default Value: True Dynamic: No

hostname

Description: Can be used to override the local system supplied hostname without domain the CIM Server is using to build objects. Ifnotset,queryingthisconfigurationoptionwillreport- thesystem supplied hostname and behavior is not changed. Set- tingthisvaluetoavalidhostnameonCIMServerstartuporas planned value will force the server to assume the configured name as the local hosts name. Setting this allows the administrator to set the name that operations such as associator, reference etc. return with object paths. Incommonsetupsitisnotrecommendedtoex- plicitlysetthisvalue. Default Value: (blank) Dynamic: No

fullyQualifiedHostName

Description: Can be used to override the local system supplied fully qualified hostname (with domain) the CIM Server is using to build objects. Ifnotset,queryingthisconfigurationoptionwill- reportthesystem supplied fully qualified hostname and behavior is not changed. SettingthisvaluetoavalidhostnameonCIMServer- startuporasplanned value will force the server to assume the configured name as the local hosts name with domain. Setting this allows the administrator to set the name that indication operations and the CIM_ObjectManager assume for SystemName returned as instance and key properties. Incommonsetupsitis- notrecommendedtoexplicitlysetthisvalue. Default Value: (blank) Dynamic: No

idleConnectionTimeout

Description: If set to a positive integer, this value specifies a minimum timeout value for idle client connections. If set to zero, idle client connections do not time out. A client con- nection is considered idle when it is not in the process of sending a request and the CIM Server is not processing a request from that connection. An idle connection timeout allows recla- mation of the system resources allocated for idle CIM Server connections. Note that the CIM Server may allow an idle connec- tion to persist longer than the configured timeout value based on server activity. Someclientapplicationsmaynotbehavecorrect- lyifaconnectiontimeout is introduced. Client compatibility should be considered when configuring an idle connection timeout value. Theidleconnectiontimeiscomputedusingthesystemclock.Thus, resetting the system clock may cause unexpected timeout behav- ior. Default Value: 0 Dynamic: No

listenAddress

Description: Network interfaces, if specified, cimserver(8) should listen to for connection requests. It accepts a coma seperated list(without space) of network interfaces. Both ipv4 and ipv6 addresses is accepted. Default value of "All" make cim- server to listen to all the available network interfaces. For instance listenAddress=All or listenAddress=121.12.33.112 or listenAddress=121.33.21.26,127.0.0.1,fe80::fe62:9346%eth0 Default Value: All Dynamic: No

maxFailedProviderModuleRestarts

Description: If set to a positive integer, this value specifies the number of times the failed provider module with indications enabled are restarted automatically before being moved to Degraded state. If set to zero, failed provider module is not restarted with indications enabled automatically and will be moved to Degraded state immediately. This option controls the automatic re-enabling of the failed provider module with indica- tions enabled. If the provider module with indications enabled fails very frequently, it affects the CIMServer normal opera- tions because CIMServer would be busy with reloading the provider module every time it fails. This option would be help- ful if the long running indication provider crashes and the man- agement application want to receive the indications from the provider while provider fix is being delivered. In case of provider module grouping, if one of the indication provider crashes, it affects all indication providers in the provider modules of the group. Note that this is the facility provided by the CIMServer for temporary recovery of the provider and the ultimate goal SHALL be fixing the faulty provider. Default Value: 3 Dynamic: Yes

maxIndicationDeliveryRetryAttempts

Description:If set to a positive integer, this value defines the number of times that the indication service will try to deliver an indication to a particular listener destination. This does not effect the original delivery attempt, thus if set to 0, cim- server will only try to deliver the indication once. This value is used to set the CIM_IndicationService.DeliveryRetryAttempts property. See CIM_IndicationService.DeliveryRetryAttempts prop- erty for more details. Default Value: 3 Dynamic: No

minIndicationDeliveryRetryInterval

Description:If set to a positive integer, this value defines the minimal time interval in seconds for the indication service to wait before retrying to deliver an indication to a listener des- tination that previously failed. Cimserver may take longer due to QoS or other processing. This value is used to initialize the property CIM_IndicationService.DeliveryRetryInterval. See CIM_IndicationService.DeliveryRetryInterval property for more details. Default Value: 30 Dynamic: No

shutdownTimeout

Description: When a cimserver -s shutdown command is issued, specifies the maximum time in seconds for the CIM Server to com- plete outstanding CIM operation requests before shutting down; if the specified timeout period expires, the CIM Server will shut down, even if there are still CIM operations in progress. Minimum value is 2 seconds. Default Value: 30 Dynamic: Yes

socketWriteTimeout

Description: Specifies the number of seconds the CIM Server will wait for a client connection to be ready to receive data. If the CIM Server is unable to write to a connection in this time, the connection is closed. Aclientconnectioncanbecomeunabletore- ceivedataiftheclientfails to read the data that has already been sent. This timeout allows the CIM Server to reclaim resources that are allocated to a malfunctioning client. OnemightconsiderincreasingthistimeoutvalueiftheCIMServer prema- turely closes connections with well-behaved clients. Default Value: 20 Dynamic: Yes

sslClientVerificationMode

Description: Defines the desired level of support for certifi- cate-based authentication. It can be set to required, optional or disabled. If set to required, the CIM Server will require all clients connecting over HTTPS to authenticate using a cer- tificate. If the client certificate is not sent or not trusted the connection will be rejected. If set to optional, the CIM Server will allow, but not require, HTTPS clients to authenti- cate using a certificate. If the client does not send a certifi- cate, the CIM Server will attempt to authenticate the client using HTTP basic authentication. If set to disabled, the CIM Server will not allow HTTPS clients to authenticate using a cer- tificate. Basic authentication will be used to authenticate all HTTPS clients. This property is only used if enableHttpsConnec- tion is true. Default Value: disabled Dynamic: No

sslCipherSuite

Description: String containing OpenSSL cipher specifications to configure the cipher suite the client is permitted to negotiate with the server during the SSL handshake phase. The value should be mentioned between single quotes since it can contain special characters like .+, !, -. Default Value: DEFAULT (The default cipher list of OpenSSL) Dynamic: No

sslBackwardCompatibility

Description:This setting specifies whether the ssl supports SSLv3. Ideally for security Compilance purposes it is by default set to false. Default Value: false Dynamic: No

If both the enableHttpsConnection and enableHttpConnection properties are set to False , neither HTTP nor HTTPS connections will be allowed. On some platforms, the OpenPegasus CIM Server has been enhanced to include support for a local (single system), non-standard protocol. This allows the OpenPegasus CIM Server to continue to receive and pro- cess requests from local OpenPegasus CIM Clients even if both HTTP ports are disabled. If a local protocol is not supported, the CIM Server will be shut down and disabled from automatically being re-started.

The current and planned values of the configuration properties are stored in the files /var/opt/tog-pegasus/cimserver_current.conf and /var/opt/tog-pegasus/cimserver_planned.conf , respectively. The con- figuration properties may only be modified via the cimconfig and cim- server (8) commands; the files must not be edited directly.

Options The cimconfig command recognizes the following options:

-g configuration_property Gets the specified value (current, planned and/or default) of the specified configuration property. By default, gets the current value.

-s configuration_property = value Sets the specified value (current and/or planned) of the specified configuration property to R value . By default, sets the current value.

-u configuration_property Unsets the specified value (current and/or planned) of the specified configuration property, and resets it to its default value. By default, unsets the current value and resets it to its default value.

-l Lists all the specified (current or planned) con- figuration property name and value pairs in the CIM Server. By default, lists only the names of all the current configuration properties.

-c Specifies that the operation (get, set, unset, or list) be performed on the current configuration properties. For set or unset operations, returns an error when the CIM Server is not running or the specified property is not a dynamic property.

-p Specifies that the operation (get, set, unset, or list) be performed on the planned configuration properties. For set and unset operations, oper- ates on the value of the specified property in the planned configuration file if the CIM Server is not running.

-d Specifies that the get operation be performed on the default configuration properties. Returns an error when the CIM Server is not running.

-h, --help Display the command usage message.

-H name Display detailed help information on the configu- raton property defined by the name parameter.

EXIT STATUS When an error occurs, an error message is written to stderr and an error value of 1 is returned. The following return values are returned:

0 Successful completion 1 Error

EXAMPLES Get the current value for the configuration property shutdownTimeout .

cimconfig -g shutdownTimeout -c

Get the planned value for the configuration property shutdownTimeout .

cimconfig -g shutdownTimeout -p

Get the default value for the configuration property shutdownTimeout .

cimconfig -g shutdownTimeout -d

Set the current value of the property shutdownTimeout to the new value 15.

cimconfig -s shutdownTimeout=15 -c

Set the planned value of the property shutdownTimeout , to the new value 5.

cimconfig -s shutdownTimeout=5 -p

Reset the current value of the property shutdownTimeout to its default value.

cimconfig -u shutdownTimeout -c

Reset the planned value of the property shutdownTimeout to its default value.

cimconfig -u shutdownTimeout -p

List all the current configuration property names.

cimconfig -l

List all the current configuration property names and their values.

cimconfig -l -c

List all the planned configuration property names and their values.

cimconfig -l -p

FILES /var/opt/tog-pegasus/cimserver_current.conf Current configuration /var/opt/tog-pegasus/cimserver_planned.conf Planned configuration

SEE ALSO cimserver (8), cimauth (8).

cimconfig(8)