1cimconfig(8) cimconfig(8)
2
3
4
6 cimconfig - get, set, unset, or list CIM Server configuration proper‐
7 ties
8
10 cimconfig -g name [ -c ] [ -d ] [ -p ]
11
12 cimconfig -s name=value [ -c ] [ -p ]
13
14 cimconfig -u name [ -c ] [ -p ]
15
16 cimconfig -l [ -c | -p ]
17
18 cimconfig -h
19
20 cimconfig --help
21
22 cimconfig --H name | "All"
23
24 cimconfig --version
25
26
28 The cimconfig command manages CIM Server configuration properties. The
29 operations are executed on the local host by submitting requests to the
30 CIM Server. An operation on a current configuration property takes
31 effect immediately, and an operation on a planned configuration prop‐
32 erty takes effect the next time the CIM Server is started with cim‐
33 server (8) . Modifications to a configuration property via cimconfig
34 remain in effect until changed via another cimconfig command. Configu‐
35 ration properties may also be modified temporarily via the cimserver
36 [1m(8) command, in which case, the modification of the configuration prop‐
37 erty remains in effect for that execution of the cimserver (8) command
38 only. A default value is associated with each configuration property.
39 Each configuration property is initially assigned its default value,
40 until modified by a cimconfig command or cimserver (8) command.
41 Dynamic configuration properties are those whose current values may be
42 set while the CIM server is running.
43
44 The following configuration properties are available:
45
46 authorizedUserGroups
47
48 Description: If set, the value is interpreted as a list of
49 comma-separated user groups whose members may issue CIM
50 requests. A user who is not a member of any of these groups is
51 restricted from issuing CIM requests, with the exception of
52 privileged users (superuser). If unset, any user may issue CIM
53 requests. Note: This configuration property operates in conjunc‐
54 tion with other CIM request authorization conditions rather than
55 overriding them.
56 Default Value: (None)
57 Dynamic: No
58
59 enableAssociationTraversal
60
61 Description: If True, the CIM Server will support the four asso‐
62 ciation traversal operators: Associators, AssociatorNames, Ref‐
63 erences, and ReferenceNames.
64 Default Value: True
65 Dynamic: No
66
67 enableAuditLog
68
69 Description: If True, audit log entries for certain types of CIM
70 Server activities will be written to the system log. Examples
71 of audited activities include a CIM Server configuration change,
72 a Provider registration change, an authentication attempt and a
73 modification to the CIM Schema or a CIM Instance. An audit log
74 entry describes the who, what, and when associated with an
75 audited activity.
76 Default Value: False
77 Dynamic: Yes
78
79 enableIndicationService
80
81 Description: If True, the CIM Server will support CIM Indica‐
82 tions.
83 Default Value: True
84 Dynamic: No
85
86 enableHttpConnection
87
88 Description: If True, allows connections to the CIM Server using
89 the HTTP protocol
90 Default Value: False
91 Dynamic: No
92
93 enableHttpsConnection
94
95 Description: If True, allows connections to the CIM Server using
96 the HTTPS protocol (HTTP using Secure Socket Layer encryption)
97 Default Value: True
98 Dynamic: No
99
100 enableNamespaceAuthorization
101
102 Description: If True, the CIM Server restricts access to names‐
103 paces based on configured user authorizations [user authoriza‐
104 tions may be configured using cimauth (8) ]
105 Default Value: False
106 Dynamic: No
107
108 enableRemotePrivilegedUserAccess
109
110 Description: If True, the CIM Server allows access by a privi‐
111 leged user from a remote system. Many management operations
112 require privileged user access. Disabling remote access by priv‐
113 ileged user could significantly affect functionality
114 Default Value: True
115 Dynamic: No
116
117 enableSubscriptionsForNonprivilegedUsers
118
119 Description: If True, nonprivileged user of the system will be
120 allowed to manipulate indication subscriptions, indication fil‐
121 ters, and listener destination instances otherwise privileged
122 access is required.
123 Default Value: True
124 Dynamic: No
125
126 forceProviderProcesses
127
128 Description: If true, the CIM Server runs Providers in separate
129 processes rather than loading and calling Provider libraries
130 directly within the CIM Server process.
131 Default Value: True
132 Dynamic: No
133
134 hostname
135
136 Description: Can be used to override the local system supplied
137 hostname (without domain) the CIM Server uses to build objects.
138 If not set, querying this configuration option will report the
139 system supplied hostname and behavior is not changed. Setting
140 this value to a valid hostname on CIM Server startup or as
141 planned value will force the server to assume the configured
142 name as the local hosts name. Setting this allows the adminis‐
143 trator to set the name that operations such as associator, ref‐
144 erence etc. return with object paths. When setting this option,
145 fullyQualifiedHostName should be set also.
146
147 In common setups it is not recommended to explicitly set this
148 value. Some scenarios scenarios in which changing the default
149 value makes sense include:
150
151 - The case where what the CIM Server shall return to clients for
152 host name is NOT the name of the current host but some adminis‐
153 trator defined name (ex. system behind a firewall or some redi‐
154 rector).
155
156 - Embedded systems that have a system set hostname which is not
157 valid and needs to be overridden by CIM administrator without
158 changing the actual IP configuration.
159 Default Value: (blank)
160 Dynamic: No
161
162 fullyQualifiedHostName
163
164 Description: Can be used to override the local system supplied
165 fully qualified hostname (with domain) the CIM Server is using
166 to build objects. If not set, querying this configuration
167 option will report the system supplied fully qualified hostname
168 and behavior is not changed. Setting this value to a valid
169 hostname on CIM Server startup or as planned value will force
170 the server to assume the configured name as the local hosts name
171 with domain. Setting this allows the administrator to set the
172 name that indication operations and the CIM_ObjectManager assume
173 for SystemName returned as instance and key properties.
174
175 In common setups it is not recommended to explicitly set this
176 value. Some scenarios scenarios in which changing the default
177 value makes sense include:
178
179 - The case where what the CIM Server shall return to clients for
180 host name is NOT the name of the current host but some adminis‐
181 trator defined name (ex. system behind a firewall or some redi‐
182 rector).
183
184 - Embedded systems that have a system set hostname which is not
185 valid and needs to be overridden by CIM administrator without
186 changing the actual IP configuration.
187 Default Value: (blank)
188 Dynamic: No
189
190 idleConnectionTimeout
191
192 Description: If set to a positive integer, this value specifies
193 a minimum timeout value for idle client connections. If set to
194 zero, idle client connections do not time out.
195
196 A client connection is considered idle when it is not in the
197 process of sending a request and the CIM Server is not process‐
198 ing a request from that connection. An idle connection timeout
199 allows reclamation of the system resources allocated for idle
200 CIM Server connections. Note that the CIM Server may allow an
201 idle connection to persist longer than the configured timeout
202 value based on server activity.
203
204 Some client applications may not behave correctly if a connec‐
205 tion timeout is introduced. Client compatibility should be con‐
206 sidered when configuring an idle connection timeout value. The
207 idle connection time is computed using the system clock. Thus,
208 resetting the system clock may cause unexpected timeout behav‐
209 ior.
210 Default Value: 0
211 Dynamic: No
212
213 listenAddress
214
215 Description: Network interfaces, if specified, cimserver(8)
216 should listen to for connection requests. It accepts a comma
217 seperated list(without space) of network interfaces. Both ipv4
218 and ipv6 addresses is accepted. Default value of "All" make cim‐
219 server to listen to all the available network interfaces. Exam‐
220 ples include:
221 -listenAddress=All
222 -listenAddress=121.12.33.112
223 -listenAddress=121.33.21.26,127.0.0.1,fe80::fe62:9346%eth0
224 Default Value: All
225 Dynamic: No
226
227
228 maxFailedProviderModuleRestarts
229
230 Description: If set to a positive integer, this value specifies
231 the number of times a failed provider module with indications
232 enabled are restarted automatically before being moved to
233 Degraded state. If set to zero, failed provider module is not
234 restarted with indications enabled automatically and will be
235 moved to Degraded state immediately.
236
237 This option controls the automatic re-enabling of the failed
238 provider module with indications enabled. If the provider module
239 with indications enabled fails very frequently, it affects the
240 CIMServer normal operations because CIMServer would be busy
241 reloading the provider module every time it fails. This option
242 would be helpful if a long running indication provider crashes
243 and the management application wants to receive the indications
244 from the provider while provider fix is being delivered.
245
246 In case of provider module grouping, if one of the indication
247 provider crashes, it affects all indication providers in the
248 provider modules of the group.
249
250 Note that this is the facility provided by the CIMServer for
251 temporary recovery of the provider and the ultimate goal SHALL
252 be to fix the faulty provider.
253 Default Value: 3
254 Dynamic: Yes
255
256 maxIndicationDeliveryRetryAttempts
257
258 Description:If set to a positive integer, value defines the num‐
259 ber of times indication service will enable the reliableIndica‐
260 tion feature and try to deliver an indication to a particular
261 listener destination.This does not effect the original delivery
262 attempt. A value of 0 disables reliable indication feature com‐
263 pletely, and cimserver will deliver the indication once.
264
265 This value is used to set the CIM_IndicationService.Deliv‐
266 eryRetryAttempts property. See CIM_IndicationService.Deliv‐
267 eryRetryAttempts property for more details.
268 Default Value: 3
269 Dynamic: No
270
271 minIndicationDeliveryRetryInterval
272
273 Description:If set to a positive integer, this value defines the
274 minimal time interval in seconds for the indication service to
275 wait before retrying to deliver an indication to a listener des‐
276 tination that previously failed. Cimserver may take longer due
277 to QoS or other processing.
278
279 This value is used to initialize the property CIM_IndicationSer‐
280 vice.DeliveryRetryInterval. See CIM_IndicationService.Deliv‐
281 eryRetryInterval property for more details.
282 Default Value: 30
283 Dynamic: No
284
285 shutdownTimeout
286
287 Description: When a cimserver -s shutdown command is issued,
288 specifies the maximum time in seconds for the CIM Server to com‐
289 plete outstanding CIM operation requests before shutting down;
290 if the specified timeout period expires, the CIM Server will
291 shut down, even if there are still CIM operations in progress.
292 Minimum value is 2 seconds.
293 Default Value: 30
294 Dynamic: Yes
295
296 slpProviderStartupTimeout
297
298 Description: Timeout value in milli seconds used to specify how
299 long the registration with an SLP SA may take. Registration will
300 be retried three times.
301
302 This value only needs to be increased in case that the loading
303 of a set of providers whose implementation of a registered pro‐
304 file takes very long.
305 Default Value: 300000
306 Dynamic: No
307
308 socketWriteTimeout
309
310 Description: Specifies the number of seconds the CIM Server will
311 wait for a client connection to be ready to receive data. If
312 the CIM Server is unable to write to a connection in this time,
313 the connection is closed.
314
315 A client connection can become unable to receive data if the
316 client fails to read the data that has already been sent. This
317 timeout allows the CIM Server to reclaim resources that are
318 allocated to a malfunctioning client.
319
320 One might consider increasing this timeout value if the CIM
321 Server prematurely closes connections with well-behaved clients.
322 Default Value: 20
323 Dynamic: Yes
324
325 sslClientVerificationMode
326
327 Description: Defines the desired level of support for certifi‐
328 cate-based authentication. It can be set to required, optional
329 or disabled. If set to required, the CIM Server will require
330 all clients connecting over HTTPS to authenticate using a cer‐
331 tificate. If the client certificate is not sent or not trusted
332 the connection will be rejected. If set to optional, the CIM
333 Server will allow, but not require, HTTPS clients to authenti‐
334 cate using a certificate. If the client does not send a certifi‐
335 cate, the CIM Server will attempt to authenticate the client
336 using HTTP basic authentication. If set to disabled, the CIM
337 Server will not allow HTTPS clients to authenticate using a cer‐
338 tificate. Basic authentication will be used to authenticate all
339 HTTPS clients. This property is only used if enableHttpsConnec‐
340 tion is true.
341 Default Value: disabled
342 Dynamic: No
343
344 traceFileSizeKBytes
345
346 Description:Defines the size of the tracefile in Kilo bytes.
347 The trace file will be rolled once its size exceeds the speci‐
348 fied size."
349 Default Value: 1048576
350 Dynamic: Yes
351
352 numberOfTraceFiles
353
354 Description:Specifies the number of the tracefiles for rolling.
355 Default Value: 3
356 Dynamic: Yes
357
358 sslCipherSuite
359
360 Description: String containing OpenSSL cipher specifications to
361 configure the cipher suite the client is permitted to negotiate
362 with the server during the SSL handshake phase. The value should
363 be mentioned between single quotes since it can contain special
364 characters like .+, !, -.
365 Default Value: DEFAULT (The default cipher list of OpenSSL)
366 Dynamic: No
367
368 sslBackwardCompatibility
369
370 Description:This setting specifies whether the ssl supports
371 SSLv3. Ideally for security Compilance purposes it is by
372 default set to false.
373 Default Value: false
374 Dynamic: No
375
376 webRoot
377
378 Description:Points to a location where the static web pages to
379 be served by the pegasus webserver are stored.
380 Default Value: /var/tog-pegasus/www
381 Dynamic: No
382
383 indexFile
384
385 Description:Specifies the name of index file used by pegasus
386 webserver, default to index.html, This file should be available
387 at the webRoot path.
388 Default Value: index.html
389 Dynamic: No
390
391 mimeTypesFile
392
393 Description: Refers to the file which holds the mime types being
394 served by the pegasus webserver.
395 Default Value: /var/tog-pegasus/www/mimeTypes.txt
396 Dynamic: No
397
398 httpSessionTimeout
399
400 Description: If set to a positive integer, this value specifies
401 a HTTP session lifetime in seconds. After initial authentication
402 using standard HTTP mechanisms (HTTP Basic or Negotiate authen‐
403 tication), the server generates a cookie and sends it back to
404 the client, as described in RFC 6265. The client can then use
405 the cookie in subsequent requests to skip the usual HTTP authen‐
406 tication. The cookie is valid only for period of time specified
407 by this configuration option. If set to zero, session manage‐
408 ment is turned off and CIM server will not issue cookies. This
409 option is available only when Pegasus was compiled with PEGA‐
410 SUS_ENABLE_SESSION_COOKIES set to 'true'.
411 Default Value: 0
412 Dynamic: Yes
413
414 If both the enableHttpsConnection and enableHttpConnection properties
415 are set to False , neither HTTP nor HTTPS connections will be allowed.
416 On some platforms, the OpenPegasus CIM Server has been enhanced to
417 include support for a local (single system), non-standard protocol.
418 This allows the OpenPegasus CIM Server to continue to receive and
419 process requests from local OpenPegasus CIM Clients even if both HTTP
420 ports are disabled. If a local protocol is not supported, the CIM
421 Server will be shut down and disabled from automatically being
422 re-started.
423
424 The current and planned values of the configuration properties are
425 stored in the files /var/opt/tog-pegasus/cimserver_current.conf and
426 /var/opt/tog-pegasus/cimserver_planned.conf , respectively. The con‐
427 figuration properties may only be modified via the cimconfig and cim‐
428 server (8) commands; the files must not be edited directly.
429
430 Options
431 The cimconfig command recognizes the following options:
432
433 -g configuration_property
434 Gets the specified value (current, planned and/or
435 default) of the specified configuration property.
436 By default, gets the current value.
437
438 -s configuration_property = value
439 Sets the specified value (current and/or planned)
440 of the specified configuration property to R
441 value . By default, sets the current value.
442
443 -u configuration_property
444 Unsets the specified value (current and/or
445 planned) of the specified configuration property,
446 and resets it to its default value. By default,
447 unsets the current value and resets it to its
448 default value.
449
450 -l Lists all the specified (current or planned) con‐
451 figuration property name and value pairs in the
452 CIM Server. By default, lists only the names of
453 all the current configuration properties.
454
455 -c Specifies that the operation (get, set, unset, or
456 list) be performed on the current configuration
457 properties. For set or unset operations, returns
458 an error when the CIM Server is not running or
459 the specified property is not a dynamic property.
460
461 -p Specifies that the operation (get, set, unset, or
462 list) be performed on the planned configuration
463 properties. For set and unset operations, oper‐
464 ates on the value of the specified property in
465 the planned configuration file if the CIM Server
466 is not running.
467
468 -d Specifies that the get operation be performed on
469 the default configuration properties. Returns an
470 error when the CIM Server is not running.
471
472 -h, --help Display the command usage message.
473
474 -H name|"All" Display detailed help information on the configu‐
475 raton property defined by the name parameter or
476 on all properties if the keyword "All" is used.
477
479 When an error occurs, an error message is written to stderr and an
480 error value of 1 is returned. The following return values are returned:
481
482 0 Successful completion
483 1 Error
484
486 Get the current value for the configuration property shutdownTimeout .
487
488 cimconfig -g shutdownTimeout -c
489
490 Get the planned value for the configuration property shutdownTimeout .
491
492 cimconfig -g shutdownTimeout -p
493
494 Get the default value for the configuration property shutdownTimeout .
495
496 cimconfig -g shutdownTimeout -d
497
498 Set the current value of the property shutdownTimeout to the new value
499 15.
500
501 cimconfig -s shutdownTimeout=15 -c
502
503 Set the planned value of the property shutdownTimeout , to the new
504 value 5.
505
506 cimconfig -s shutdownTimeout=5 -p
507
508 Reset the current value of the property shutdownTimeout to its default
509 value.
510
511 cimconfig -u shutdownTimeout -c
512
513 Reset the planned value of the property shutdownTimeout to its default
514 value.
515
516 cimconfig -u shutdownTimeout -p
517
518 List all the current configuration property names.
519
520 cimconfig -l
521
522 List all the current configuration property names and their values.
523
524 cimconfig -l -c
525
526 List all the planned configuration property names and their values.
527
528 cimconfig -l -p
529
531 /var/opt/tog-pegasus/cimserver_current.conf
532 Current configuration
533 /var/opt/tog-pegasus/cimserver_planned.conf
534 Planned configuration
535
537 cimserver (8), cimauth (8).
538
539
540
541 cimconfig(8)