1
2sfcbd(1)                    General Commands Manual                   sfcbd(1)
3
4
5

NAME

7       sfcbd - Small-Footprint CIM Broker (sfcb)
8

SYNOPSIS

10       sfcbd [options]
11

DESCRIPTION

13       sfcb  is  a  lightweight  CIM  daemon  (aka CIMOM) that responds to CIM
14       client requests for system management data and/or performs system  man‐
15       agement  tasks.  sfcb  supports  most  of  the  standard  CIM  XML over
16       http/https protocol.  It is highly modular, allowing  functionality  to
17       be  easily added, removed or customized for different management appli‐
18       cations. sfcb is specifically targetted for small embedded system  that
19       do  not  have  the available CPU, memory or disk resources to support a
20       full-blown enterprise-level CIMOM.  That said, sfcb runs very well on a
21       regular  Linux/Unix  system and supports most of the functions required
22       by CIM clients to manage such the  system.   Supported  CIM  operations
23       include:
24
25              GetClass
26              EnumerateClasses
27              EnumerateClassNames
28              GetInstance
29              DeleteInstance
30              CreateInstance
31              ModifyInstance
32              EnumerateInstances
33              EnumerateInstanceNames
34              InvokeMethod (MethodCall)
35              ExecQuery
36              Associators
37              AssociatorNames
38              References
39              ReferenceNames
40
41       CIM  process  and  lifecycle  indications  (aka 'events') are also sup‐
42       ported.
43

OPTIONS

45       Supported command line options are:
46
47       -c, --config-file=FILE
48              Specify      an      alternative       configuration       file.
49              Default=/etc/sfcb/sfcb.cfg
50
51       -d, --daemon
52              Run sfcbd (and child processes) in the background.
53
54       -h, --help
55              Print help message and exit.
56
57       -k, --color-trace
58              -k, --color-trace Color the trace output of each process
59
60       -s, --collect-stats
61              Turn  on  runtime statistics collecting. If enabled then various
62              sfcbd runtime statistics will be written to ./sfcbStat.  Default
63              is no statistics are collected.
64
65       -t, --trace-components=NUM
66              Activate component-level tracing messages, where NUM is an OR-ed
67              bitmask integer defining which component to  trace.   Specifying
68              "-t ?" will list all the components and their associated integer
69              bitmask.
70
71       -v, --version
72              Prints version information and exits.
73

CONFIGURATION FILE

75       sfcbd reads the configuration  file  /etc/sfcb/sfcb.cfg  (or  the  file
76       specified  with the -c option) at start up. The configuration file con‐
77       tains option : value pairs, one  per  line.  For  a  complete  list  of
78       options,  see  the  default  configuration  file included with the sfcb
79       package.
80
81       httpPort
82              Local port that sfcbd should listen to receive HTTP (i.e.  inse‐
83              cure) requests from CIM clients. Default=5988
84
85       enableHttp
86              Whether    sfcb   should   accept   HTTP   client   connections.
87              Default=true.
88
89       httpProcs
90              Maximum number of simultaneous HTTP  client  connections  before
91              blocking new incoming HTTP requests. Default=8
92
93       httpsPort
94              Local  port  that  sfcbd  should  listen  to receive HTTPS (i.e.
95              secure) requests from CIM clients. Default=5989
96
97       enableHttps
98              Whether   sfcb   should   accept   HTTPS   client   connections.
99              Default=false.
100
101       httpsProcs
102              Maximum  number  of simultaneous HTTPS client connections before
103              blocking new incoming HTTPS requests. Default=8
104
105       enableInterOp
106              Whether sfcb should provide the interop namespace for indication
107              support.  Default=true
108
109       provProcs
110              Maximum  number  of  simultaneous provider processes. After this
111              point if a new incoming request requires loading a new provider,
112              then  one  of the existing providers will first be automatically
113              unloaded. Default=32
114
115       doBasicAuth
116              Perform basic authentication on the client userid (obtained from
117              the    HTTP/HTTPS   header)   before   allowing   the   request.
118              Default=false (i.e. no client authentication performed).
119
120       basicAuthLib
121              Name of the local library to call  to  authenticate  the  client
122              userid.  Default=sfcBasicAuthentication
123
124       useChunking
125              Tell  sfcbd to use HTTP/HTTPS 'chunking' to return large volumes
126              of response data to the client in 'chunks', rather than  buffer‐
127              ing the data and sending it back all at once. Default=true
128
129       keepaliveTimeout
130              Specify  the  maximum  time in seconds an sfcb HTTP process will
131              wait between two requests on one connection before  terminating.
132              Setting it to 0 will disable HTTP keep-alive. Default=0
133
134       keepaliveMaxRequest
135              Specify the maximum number of consecutive request on one connec‐
136              tion.  Setting it to 0 will effectively disable HTTP keep-alive.
137              Default=10
138
139       registrationDir
140              Specify  the registration directory, which contains the provider
141              registration data, the staging area and the  static  repository.
142              Default=/var/lib/sfcb/registration
143
144       providerDirs
145              A  space separated list of directories where sfcb is looking for
146              provider        libraries.        Default=/usr/lib /usr/lib/cmpi
147              /usr/lib64 /usr/lib64/cmpi
148
149       providerSampleInterval
150              The  interval in seconds at which the provider manager is check‐
151              ing for idle providers. Default: 30
152
153       providerTimeoutInterval
154              The interval in seconds before an idle provider gets unloaded by
155              the provider manager. Default: 60
156
157       providerAutoGroup
158              If  set  to  true,  all  providers  residing  in the same shared
159              library will be executed in  the  same  process  unless  another
160              group  has  been  specified  in  the provider registration file.
161              Default: true
162
163       sslCertificateFilePath
164              Specify the name of the file containing  the  server's  certifi‐
165              cate.   The  file  must  be  in  PEM  format.  This file is only
166              required   if   enableHttps   is   set   to    true.    Default=
167              /etc/sfcb/server.pem
168
169       sslKeyFilePath
170              Specify  the name of the file containing the private key for the
171              server's certificate. The file must be in PEM format and may not
172              be  passphrase-protected.  This file is only required if enable‐
173              Https is set to true. Default=/etc/sfcb/file.pem
174
175       sslClientTrustStore
176              Specify the name of the file or directory containing either  the
177              CA  certificate  issuing client certificates or self-signed cer‐
178              tificates of the clients.  This  setting  is  only  required  if
179              sslClientCertificate is set to accept or require.
180
181              If a file, it must be in PEM format.
182
183              If  a  directory,  it must be in "hash format": each file in the
184              directory should be named hash.0, where hash is  the  output  of
185              openssl x509 -hash. See the -CApath option in verify(1) from the
186              openssl package for more information about the hash format.
187
188              Default=/etc/sfcb/client.pem
189
190       sslClientCertificate
191              Specify the way sfcb handles client certificate based  authenti‐
192              cation.  If set to ignore it will not request a certificate from
193              the client. If set to accept it will request a certificate  from
194              the  client  but  not fail if the client doesn't present one. If
195              set to require it will  refuse  the  client  connection  if  the
196              client doesn't present a certificate. Default=ignore
197
198       certificateAuthLib
199              Name  of  the local library to call for client-certificate based
200              user authentication. Called only if sslClientCertificate is  not
201              set to ignore. Default=sfcCertificateAuthentication
202
203       traceLevel
204              Specify  the  trace  level for sfcb. Can be overriden by setting
205              environment variable SFCB_TRACE_LEVEL. Default:0.
206
207       traceMask
208              Specify the trace mask for sfcb. Can be overriden by the command
209              line option --trace-components. Default: 0.
210
211       traceFile
212              Specify  the  trace  file  for sfcb. Can be overriden by setting
213              environment variable SFCB_TRACE_FILE. Default: stderr.
214

ENVIRONMENT

216       SFCB_PAUSE_PROVIDER
217              Specifies the name of the provider to pause  after  first  being
218              loaded  to  facilitate  attaching  a  runtime  debugger  to  the
219              provider's process for debugging purposes.
220
221       SFCB_PAUSE_CODEC
222              Specifies the name of the sfcb codec (currently only "http")  to
223              pause  after  first being started to facilitate attaching a run‐
224              time debugger to the process.
225
226       SFCB_TRACE
227              Specifies the level of trace/debug  messages  for  sfcb.   Valid
228              values are 0 (no trace messages), or 1 (key trace messages only)
229              to 4 (all messages). A default value of 1 will  be  assumed,  if
230              this variable is not set.
231              [Note:  SFCB_TRACE level is used in conjunction with sfcb's com‐
232              ponent-level tracing to control the level  of  detail  of  trace
233              messages to display within each component]
234
235       SFCB_TRACE_FILE
236              By  default  sfcb trace messages are written to STDERR.  Setting
237              this envorinment variable causes the trace messages to be  writ‐
238              ten to a file instead.
239
240       SFCB_TRAP
241              If  set this environment variable enables trap interrupts on x86
242              platforms to be generated by sfcb in special situations.
243              [Note: not currently ever used]
244
245       SFCB_LABELPROCS
246              If set to a positive integer value, enable the process  labeling
247              feature.   This  adds a description of each process' role to the
248              process cmdline so that it appears in 'ps' output.  The  identi‐
249              fying  info will be appended to the original arv data, following
250              any passed arguments.  The number of bytes appended  is  limited
251              by the value of SFCB_LABELPROCS.  A value of about 100 should be
252              enough in most cases.  A smaller value may  truncate  the  data,
253              but  this  may be desired.  To disable, set the vaue to zero, or
254              unset the env var.
255
256       SBLIM_TRACE
257              Specifies the level of trace/debug messages for SBLIM providers.
258              Valid values are 0 (no trace messages), or 1 (key trace messages
259              only) to 4 (all messages).
260              [Note:  this  only  applies  to  SBLIM  providers  written  with
261              explicit trace messages in their source code.]
262
263       SBLIM_TRACE_FILE
264              By  default SBLIM provider trace messages are written to STDERR.
265              Setting this envorinment variable causes the trace  messages  to
266              be written to a file instead.
267

FILES

269       /etc/sfcb/sfcb.cfg
270              Default sfcb configuration file.
271
272       /etc/sfcb/server.pem
273              SSL server certificate for sfcb.
274
275       /etc/sfcb/file.pem
276              SSL private key file for sfcb.
277
278       /etc/sfcb/client.pem
279              SSL client certificate / trust store for sfcb.
280

LIBRARIES

282       /usr/lib/libsfc* /usr/lib64/libsfc*
283              Binaries for sfcb runtime libraries.
284
285       /usr/lib/cmpi/* /usr/lib64/cmpi/*
286              Binaries for providers.
287

AUTHOR

289       Adrian Schuur <schuur@de.ibm.com>
290

CONRIBUTORS

292       Dr. Gareth S. Bestor <bestor@us.ibm.com>,
293       Viktor Mihajlovski <MIHAJLOV@de.ibm.com>,
294       Chris Buccella <buccella@linux.vnet.ibm.com>
295

BUGS

297       The  SBLIM  project maintains a mailing list to which you should direct
298       all questions regarding sfcb,  sfcc,  wbemcli,  or  any  of  the  SBLIM
299       providers.  To subscribe to this mailing list visit
300
301              http://lists.sourceforge.net/lists/listinfo/sblim-devel
302
303       The SBLIM Project Bug tracking page can be found at
304
305              http://sourceforge.net/tracker/?group_id=128809&atid=712784
306
308       (C) Copyright IBM Corp. 2004, 2005, 2009
309

AVAILABILITY

311       The  Small-Footprint  CIM Broker (sfcb) is a part of the SBLIM project.
312       The most recent version is available on the web at
313
314              http://sblim.sourceforge.net/
315

SEE ALSO

317       sfcbmof(1),      sfcbstage(1),      sfcbunstage(1),       sfcbrebos(1),
318       genSslCert.sh(1), getSchema.sh(1), wbemcli(1)
319
320
321
322
323
324sfcb Version 1.4.9                 June 2009                          sfcbd(1)
Impressum