1
2sfcbd(1)                    General Commands Manual                   sfcbd(1)
3
4
5

NAME

7       sfcbd - Small-Footprint CIM Broker (sfcb)
8

SYNOPSIS

10       sfcbd [options]
11

DESCRIPTION

13       sfcb  is  a  lightweight  CIM  daemon  (aka CIMOM) that responds to CIM
14       client requests for system management data and/or performs system  man‐
15       agement  tasks.  sfcb  supports  most  of  the  standard  CIM  XML over
16       http/https protocol.  It is highly modular, allowing  functionality  to
17       be  easily added, removed or customized for different management appli‐
18       cations. sfcb is specifically targetted for small embedded system  that
19       do  not  have  the available CPU, memory or disk resources to support a
20       full-blown enterprise-level CIMOM.  That said, sfcb runs very well on a
21       regular  Linux/Unix  system and supports most of the functions required
22       by CIM clients to manage such the  system.   Supported  CIM  operations
23       include:
24
25              GetClass
26              EnumerateClasses
27              EnumerateClassNames
28              GetInstance
29              DeleteInstance
30              CreateInstance
31              ModifyInstance
32              EnumerateInstances
33              EnumerateInstanceNames
34              InvokeMethod (MethodCall)
35              ExecQuery
36              Associators
37              AssociatorNames
38              References
39              ReferenceNames
40
41       CIM  process  and  lifecycle  indications  (aka 'events') are also sup‐
42       ported.
43

OPTIONS

45       Supported command line options are:
46
47       -c, --config-file=FILE
48              Specify      an      alternative       configuration       file.
49              Default=/etc/sfcb/sfcb.cfg
50
51       -d, --daemon
52              Run sfcbd (and child processes) in the background.
53
54       -h, --help
55              Print help message and exit.
56
57       -k, --color-trace
58              -k, --color-trace Color the trace output of each process
59
60       -s, --collect-stats
61              Turn  on  runtime statistics collecting. If enabled then various
62              sfcbd runtime statistics will be written to ./sfcbStat.  Default
63              is no statistics are collected.
64
65       -t, --trace-components=NUM
66              Activate component-level tracing messages, where NUM is an OR-ed
67              bitmask integer defining which component to  trace.   Specifying
68              "-t ?" will list all the components and their associated integer
69              bitmask.
70
71       -v, --version
72              Prints version information and exits.
73

CONFIGURATION FILE

75       sfcbd reads the configuration  file  /etc/sfcb/sfcb.cfg  (or  the  file
76       specified  with the -c option) at start up. The configuration file con‐
77       tains option : value pairs, one  per  line.  For  a  complete  list  of
78       options,  see  the  default  configuration  file included with the sfcb
79       package.
80
81       httpPort
82              Local port that sfcbd should listen to receive HTTP (i.e.  inse‐
83              cure) requests from CIM clients. Default=5988
84
85       enableHttp
86              Whether    sfcb   should   accept   HTTP   client   connections.
87              Default=true.
88
89       httpProcs
90              Maximum number of simultaneous HTTP  client  connections  before
91              blocking new incoming HTTP requests. Default=8
92
93       httpsPort
94              Local  port  that  sfcbd  should  listen  to receive HTTPS (i.e.
95              secure) requests from CIM clients. Default=5989
96
97       enableHttps
98              Whether   sfcb   should   accept   HTTPS   client   connections.
99              Default=false.
100
101       httpsProcs
102              Maximum  number  of simultaneous HTTPS client connections before
103              blocking new incoming HTTPS requests. Default=8
104
105       enableInterOp
106              Whether sfcb should provide the interop namespace for indication
107              support.  Default=true
108
109       provProcs
110              Maximum  number  of  simultaneous provider processes. After this
111              point if a new incoming request requires loading a new provider,
112              then  one  of the existing providers will first be automatically
113              unloaded. Default=32
114
115       doBasicAuth
116              Perform basic authentication on the client userid (obtained from
117              the    HTTP/HTTPS   header)   before   allowing   the   request.
118              Default=false (i.e. no client authentication performed).
119
120       basicAuthLib
121              Name of the local library to call  to  authenticate  the  client
122              userid.  Default=sfcBasicAuthentication
123
124       useChunking
125              Tell  sfcbd to use HTTP/HTTPS 'chunking' to return large volumes
126              of response data to the client in 'chunks', rather than  buffer‐
127              ing the data and sending it back all at once. Default=true
128
129       keepaliveTimeout
130              Specify  the  maximum  time in seconds an sfcb HTTP process will
131              wait between two requests on one connection before  terminating.
132              Setting it to 0 will disable HTTP keep-alive. Default=0
133
134       keepaliveMaxRequest
135              Specify the maximum number of consecutive request on one connec‐
136              tion.  Setting it to 0 will effectively disable HTTP keep-alive.
137              Default=10
138
139       registrationDir
140              Specify  the registration directory, which contains the provider
141              registration data, the staging area and the  static  repository.
142              Default=/var/lib/sfcb/registration
143
144       providerDirs
145              A  space separated list of directories where sfcb is looking for
146              provider libraries. Default=/usr/lib64 /usr/lib64/cmpi
147
148       providerSampleInterval
149              The interval in seconds at which the provider manager is  check‐
150              ing for idle providers. Default: 30
151
152       providerTimeoutInterval
153              The interval in seconds before an idle provider gets unloaded by
154              the provider manager. Default: 60
155
156       providerAutoGroup
157              If set to true,  all  providers  residing  in  the  same  shared
158              library  will  be  executed  in  the same process unless another
159              group has been specified  in  the  provider  registration  file.
160              Default: true
161
162       sslCertificateFilePath
163              Specify  the  name  of the file containing the server's certifi‐
164              cate.  The file must  be  in  PEM  format.  This  file  is  only
165              required    if    enableHttps   is   set   to   true.   Default=
166              /etc/sfcb/server.pem
167
168       sslKeyFilePath
169              Specify the name of the file containing the private key for  the
170              server's certificate. The file must be in PEM format and may not
171              be passphrase-protected. This file is only required  if  enable‐
172              Https is set to true. Default=/etc/sfcb/file.pem
173
174       sslClientTrustStore
175              Specify  the name of the file or directory containing either the
176              CA certificate issuing client certificates or  self-signed  cer‐
177              tificates  of  the  clients.   This  setting is only required if
178              sslClientCertificate is set to accept or require.
179
180              If a file, it must be in PEM format.
181
182              If a directory, it must be in "hash format": each  file  in  the
183              directory  should  be  named hash.0, where hash is the output of
184              openssl x509 -hash. See the -CApath option in verify(1) from the
185              openssl package for more information about the hash format.
186
187              Default=/etc/sfcb/client.pem
188
189       sslClientCertificate
190              Specify  the way sfcb handles client certificate based authenti‐
191              cation. If set to ignore it will not request a certificate  from
192              the  client. If set to accept it will request a certificate from
193              the client but not fail if the client doesn't  present  one.  If
194              set  to  require  it  will  refuse  the client connection if the
195              client doesn't present a certificate. Default=ignore
196
197       certificateAuthLib
198              Name of the local library to call for  client-certificate  based
199              user  authentication. Called only if sslClientCertificate is not
200              set to ignore. Default=sfcCertificateAuthentication
201
202       traceLevel
203              Specify the trace level for sfcb. Can be  overriden  by  setting
204              environment variable SFCB_TRACE_LEVEL. Default:0.
205
206       traceMask
207              Specify the trace mask for sfcb. Can be overriden by the command
208              line option --trace-components. Default: 0.
209
210       traceFile
211              Specify the trace file for sfcb. Can  be  overriden  by  setting
212              environment variable SFCB_TRACE_FILE. Default: stderr.
213

ENVIRONMENT

215       SFCB_PAUSE_PROVIDER
216              Specifies  the  name  of the provider to pause after first being
217              loaded  to  facilitate  attaching  a  runtime  debugger  to  the
218              provider's process for debugging purposes.
219
220       SFCB_PAUSE_CODEC
221              Specifies  the name of the sfcb codec (currently only "http") to
222              pause after first being started to facilitate attaching  a  run‐
223              time debugger to the process.
224
225       SFCB_TRACE
226              Specifies  the  level  of  trace/debug messages for sfcb.  Valid
227              values are 0 (no trace messages), or 1 (key trace messages only)
228              to  4  (all  messages). A default value of 1 will be assumed, if
229              this variable is not set.
230              [Note: SFCB_TRACE level is used in conjunction with sfcb's  com‐
231              ponent-level  tracing  to  control  the level of detail of trace
232              messages to display within each component]
233
234       SFCB_TRACE_FILE
235              By default sfcb trace messages are written to  STDERR.   Setting
236              this  envorinment variable causes the trace messages to be writ‐
237              ten to a file instead.
238
239       SFCB_TRAP
240              If set this environment variable enables trap interrupts on  x86
241              platforms to be generated by sfcb in special situations.
242              [Note: not currently ever used]
243
244       SBLIM_TRACE
245              Specifies the level of trace/debug messages for SBLIM providers.
246              Valid values are 0 (no trace messages), or 1 (key trace messages
247              only) to 4 (all messages).
248              [Note:  this  only  applies  to  SBLIM  providers  written  with
249              explicit trace messages in their source code.]
250
251       SBLIM_TRACE_FILE
252              By default SBLIM provider trace messages are written to  STDERR.
253              Setting  this  envorinment variable causes the trace messages to
254              be written to a file instead.
255

FILES

257       /etc/sfcb/sfcb.cfg
258              Default sfcb configuration file.
259
260       /etc/sfcb/server.pem
261              SSL server certificate for sfcb.
262
263       /etc/sfcb/file.pem
264              SSL private key file for sfcb.
265
266       /etc/sfcb/client.pem
267              SSL client certificate / trust store for sfcb.
268

LIBRARIES

270       /usr/lib64/libsfc*
271              Binaries for sfcb runtime libraries.
272
273       /usr/lib64/cmpi/*
274              Binaries for providers
275

AUTHOR

277       Adrian Schuur <schuur@de.ibm.com>
278

CONRIBUTORS

280       Dr. Gareth S. Bestor <bestor@us.ibm.com>,
281       Viktor Mihajlovski <MIHAJLOV@de.ibm.com>,
282       Chris Buccella <buccella@linux.vnet.ibm.com>
283

BUGS

285       The SBLIM project maintains a mailing list to which you  should  direct
286       all  questions  regarding  sfcb,  sfcc,  wbemcli,  or  any of the SBLIM
287       providers.  To subscribe to this mailing list visit
288
289              http://lists.sourceforge.net/lists/listinfo/sblim-devel
290
291       The SBLIM Project Bug tracking page can be found at
292
293              http://sourceforge.net/tracker/?group_id=128809&atid=712784
294
296       (C) Copyright IBM Corp. 2004, 2005, 2009
297

AVAILABILITY

299       The Small-Footprint CIM Broker (sfcb) is a part of the  SBLIM  project.
300       The most recent version is available on the web at
301
302              http://sblim.sourceforge.net/
303

SEE ALSO

305       sfcbmof(1),       sfcbstage(1),      sfcbunstage(1),      sfcbrebos(1),
306       genSslCert.sh(1), getSchema.sh(1), wbemcli(1)
307
308
309
310
311
312sfcb Version 1.3.11                June 2009                          sfcbd(1)
Impressum