1cimconfig(8)                                                      cimconfig(8)
2
3
4

NAME

6       cimconfig  -  get, set, unset, or list CIM Server configuration proper‐
7       ties
8

SYNOPSIS

10       cimconfig -g name [ -c ] [ -d ] [ -p ]
11
12       cimconfig -s name=value [ -c ] [ -p ]
13
14       cimconfig -u name [ -c ] [ -p ]
15
16       cimconfig -l [ -c | -p ]
17
18       cimconfig -h
19
20       cimconfig --help
21
22       cimconfig --H name | "All"
23
24       cimconfig --version
25
26

DESCRIPTION

28       The cimconfig command manages CIM Server configuration properties.  The
29       operations are executed on the local host by submitting requests to the
30       CIM Server.  An operation on a  current  configuration  property  takes
31       effect  immediately,  and an operation on a planned configuration prop‐
32       erty takes effect the next time the CIM Server  is  started  with  cim‐
33       server  (8)  .  Modifications to a configuration property via cimconfig
34       remain in effect until changed via another cimconfig command.  Configu‐
35       ration  properties  may  also be modified temporarily via the cimserver
36       (8) command, in which case, the modification of the configuration prop‐
37       erty  remains in effect for that execution of the cimserver (8) command
38       only. A default value is associated with each  configuration  property.
39       Each  configuration  property  is initially assigned its default value,
40       until modified  by  a  cimconfig  command  or  cimserver  (8)  command.
41       Dynamic  configuration properties are those whose current values may be
42       set while the CIM server is running.
43
44       The following configuration properties are available:
45
46       authorizedUserGroups
47
48              Description: If set, the value  is  interpreted  as  a  list  of
49              comma-separated   user   groups  whose  members  may  issue  CIM
50              requests.  A user who is not a member of any of these groups  is
51              restricted  from  issuing  CIM  requests,  with the exception of
52              privileged users (superuser). If unset, any user may  issue  CIM
53              requests. Note: This configuration property operates in conjunc‐
54              tion with other CIM request authorization conditions rather than
55              overriding them.
56              Default Value: (None)
57              Dynamic: No
58
59       enableAssociationTraversal
60
61              Description: If True, the CIM Server will support the four asso‐
62              ciation traversal operators: Associators, AssociatorNames,  Ref‐
63              erences, and ReferenceNames.
64              Default Value: True
65              Dynamic: No
66
67       enableAuditLog
68
69              Description: If True, audit log entries for certain types of CIM
70              Server activities will be written to the system  log.   Examples
71              of audited activities include a CIM Server configuration change,
72              a Provider registration change, an authentication attempt and  a
73              modification  to the CIM Schema or a CIM Instance.  An audit log
74              entry describes the who,  what,  and  when  associated  with  an
75              audited activity.
76              Default Value: False
77              Dynamic: Yes
78
79       enableIndicationService
80
81              Description:  If  True,  the CIM Server will support CIM Indica‐
82              tions.
83              Default Value: True
84              Dynamic: No
85
86       enableHttpConnection
87
88              Description: If True, allows connections to the CIM Server using
89              the HTTP protocol
90              Default Value: False
91              Dynamic: No
92
93       enableHttpsConnection
94
95              Description: If True, allows connections to the CIM Server using
96              the HTTPS protocol (HTTP using Secure Socket Layer encryption)
97              Default Value: True
98              Dynamic: No
99
100       enableNamespaceAuthorization
101
102              Description: If True, the CIM Server restricts access to  names‐
103              paces  based  on configured user authorizations [user authoriza‐
104              tions may be configured using cimauth (8) ]
105              Default Value: False
106              Dynamic: No
107
108       enableRemotePrivilegedUserAccess
109
110              Description: If True, the CIM Server allows access by  a  privi‐
111              leged  user  from  a  remote  system. Many management operations
112              require privileged user access. Disabling remote access by priv‐
113              ileged user could significantly affect functionality
114              Default Value: True
115              Dynamic: No
116
117       enableSubscriptionsForNonprivilegedUsers
118
119              Description:  If  True, nonprivileged user of the system will be
120              allowed to manipulate indication subscriptions, indication  fil‐
121              ters,  and  listener  destination instances otherwise privileged
122              access is required.
123              Default Value: True
124              Dynamic: No
125
126       forceProviderProcesses
127
128              Description: If true, the CIM Server runs Providers in  separate
129              processes  rather  than  loading  and calling Provider libraries
130              directly within the CIM Server process.
131              Default Value: True
132              Dynamic: No
133
134       hostname
135
136              Description: Can be used to override the local  system  supplied
137              hostname  (without domain) the CIM Server uses to build objects.
138              If not set, querying this configuration option will  report  the
139              system  supplied  hostname and behavior is not changed.  Setting
140              this value to a valid hostname  on  CIM  Server  startup  or  as
141              planned  value  will  force  the server to assume the configured
142              name as the local hosts name. Setting this allows  the  adminis‐
143              trator  to set the name that operations such as associator, ref‐
144              erence etc. return with object paths.  When setting this option,
145              fullyQualifiedHostName should be set also.
146
147              In  common  setups  it is not recommended to explicitly set this
148              value.  Some scenarios scenarios in which changing  the  default
149              value makes sense include:
150
151              - The case where what the CIM Server shall return to clients for
152              host name is NOT the name of the current host but some  adminis‐
153              trator  defined name (ex. system behind a firewall or some redi‐
154              rector).
155
156              - Embedded systems that have a system set hostname which is  not
157              valid  and  needs  to be overridden by CIM administrator without
158              changing the actual IP configuration.
159              Default Value: (blank)
160              Dynamic: No
161
162       fullyQualifiedHostName
163
164              Description: Can be used to override the local  system  supplied
165              fully  qualified  hostname (with domain) the CIM Server is using
166              to build objects.   If  not  set,  querying  this  configuration
167              option  will report the system supplied fully qualified hostname
168              and behavior is not changed.  Setting  this  value  to  a  valid
169              hostname  on  CIM  Server startup or as planned value will force
170              the server to assume the configured name as the local hosts name
171              with  domain.  Setting  this allows the administrator to set the
172              name that indication operations and the CIM_ObjectManager assume
173              for SystemName returned as instance and key properties.
174
175              In  common  setups  it is not recommended to explicitly set this
176              value.  Some scenarios scenarios in which changing  the  default
177              value makes sense include:
178
179              - The case where what the CIM Server shall return to clients for
180              host name is NOT the name of the current host but some  adminis‐
181              trator  defined name (ex. system behind a firewall or some redi‐
182              rector).
183
184              - Embedded systems that have a system set hostname which is  not
185              valid  and  needs  to be overridden by CIM administrator without
186              changing the actual IP configuration.
187              Default Value: (blank)
188              Dynamic: No
189
190       idleConnectionTimeout
191
192              Description: If set to a positive integer, this value  specifies
193              a  minimum timeout value for idle client connections.  If set to
194              zero, idle client connections do not time out.
195
196              A client connection is considered idle when it  is  not  in  the
197              process  of sending a request and the CIM Server is not process‐
198              ing a request from that connection.  An idle connection  timeout
199              allows  reclamation  of  the system resources allocated for idle
200              CIM Server connections.  Note that the CIM Server may  allow  an
201              idle  connection  to  persist longer than the configured timeout
202              value based on server activity.
203
204              Some client applications may not behave correctly if  a  connec‐
205              tion timeout is introduced.  Client compatibility should be con‐
206              sidered when configuring an idle connection timeout value.   The
207              idle  connection time is computed using the system clock.  Thus,
208              resetting the system clock may cause unexpected  timeout  behav‐
209              ior.
210              Default Value: 0
211              Dynamic: No
212
213       listenAddress
214
215              Description:  Network  interfaces,  if  specified,  cimserver(8)
216              should listen to for connection requests.  It  accepts  a  comma
217              seperated  list(without  space) of network interfaces. Both ipv4
218              and ipv6 addresses is accepted. Default value of "All" make cim‐
219              server  to listen to all the available network interfaces. Exam‐
220              ples include:
221              -listenAddress=All
222              -listenAddress=121.12.33.112
223              -listenAddress=121.33.21.26,127.0.0.1,fe80::fe62:9346%eth0
224              Default Value: All
225              Dynamic: No
226
227
228       maxFailedProviderModuleRestarts
229
230              Description: If set to a positive integer, this value  specifies
231              the  number  of  times a failed provider module with indications
232              enabled  are  restarted  automatically  before  being  moved  to
233              Degraded  state.  If  set to zero, failed provider module is not
234              restarted with indications enabled  automatically  and  will  be
235              moved to Degraded state immediately.
236
237              This  option  controls  the  automatic re-enabling of the failed
238              provider module with indications enabled. If the provider module
239              with  indications  enabled fails very frequently, it affects the
240              CIMServer normal operations  because  CIMServer  would  be  busy
241              reloading  the  provider module every time it fails. This option
242              would be helpful if a long running indication  provider  crashes
243              and  the management application wants to receive the indications
244              from the provider while provider fix is being delivered.
245
246              In case of provider module grouping, if one  of  the  indication
247              provider  crashes,  it  affects  all indication providers in the
248              provider modules of the group.
249
250              Note that this is the facility provided  by  the  CIMServer  for
251              temporary  recovery  of the provider and the ultimate goal SHALL
252              be to fix the faulty provider.
253              Default Value: 3
254              Dynamic: Yes
255
256       maxIndicationDeliveryRetryAttempts
257
258              Description:If set to a positive integer, value defines the num‐
259              ber  of times indication service will enable the reliableIndica‐
260              tion feature and try to deliver an indication  to  a  particular
261              listener  destination.This does not effect the original delivery
262              attempt. A value of 0 disables reliable indication feature  com‐
263              pletely, and cimserver will deliver the indication once.
264
265              This  value  is  used  to  set  the CIM_IndicationService.Deliv‐
266              eryRetryAttempts  property.   See   CIM_IndicationService.Deliv‐
267              eryRetryAttempts property for more details.
268              Default Value: 3
269              Dynamic: No
270
271       minIndicationDeliveryRetryInterval
272
273              Description:If set to a positive integer, this value defines the
274              minimal time interval in seconds for the indication  service  to
275              wait before retrying to deliver an indication to a listener des‐
276              tination that previously failed. Cimserver may take  longer  due
277              to QoS or other processing.
278
279              This value is used to initialize the property CIM_IndicationSer‐
280              vice.DeliveryRetryInterval.   See   CIM_IndicationService.Deliv‐
281              eryRetryInterval property for more details.
282              Default Value: 30
283              Dynamic: No
284
285       shutdownTimeout
286
287              Description:  When  a  cimserver  -s shutdown command is issued,
288              specifies the maximum time in seconds for the CIM Server to com‐
289              plete  outstanding  CIM operation requests before shutting down;
290              if the specified timeout period expires,  the  CIM  Server  will
291              shut  down,  even if there are still CIM operations in progress.
292              Minimum value is 2 seconds.
293              Default Value: 30
294              Dynamic: Yes
295
296       slpProviderStartupTimeout
297
298              Description: Timeout value in milli seconds used to specify  how
299              long the registration with an SLP SA may take. Registration will
300              be retried three times.
301
302              This value only needs to be increased in case that  the  loading
303              of  a set of providers whose implementation of a registered pro‐
304              file takes very long.
305              Default Value: 300000
306              Dynamic: No
307
308       socketWriteTimeout
309
310              Description: Specifies the number of seconds the CIM Server will
311              wait  for  a  client connection to be ready to receive data.  If
312              the CIM Server is unable to write to a connection in this  time,
313              the connection is closed.
314
315              A  client  connection  can  become unable to receive data if the
316              client fails to read the data that has already been sent.   This
317              timeout  allows  the  CIM  Server  to reclaim resources that are
318              allocated to a malfunctioning client.
319
320              One might consider increasing this  timeout  value  if  the  CIM
321              Server prematurely closes connections with well-behaved clients.
322              Default Value: 20
323              Dynamic: Yes
324
325       sslClientVerificationMode
326
327              Description:  Defines  the desired level of support for certifi‐
328              cate-based authentication. It can be set to  required,  optional
329              or  disabled.   If  set to required, the CIM Server will require
330              all clients connecting over HTTPS to authenticate using  a  cer‐
331              tificate.   If the client certificate is not sent or not trusted
332              the connection will be rejected.  If set to  optional,  the  CIM
333              Server  will  allow, but not require, HTTPS clients to authenti‐
334              cate using a certificate. If the client does not send a certifi‐
335              cate,  the  CIM  Server  will attempt to authenticate the client
336              using HTTP basic authentication.  If set to  disabled,  the  CIM
337              Server will not allow HTTPS clients to authenticate using a cer‐
338              tificate. Basic authentication will be used to authenticate  all
339              HTTPS  clients. This property is only used if enableHttpsConnec‐
340              tion is true.
341              Default Value: disabled
342              Dynamic: No
343
344       traceFileSizeKBytes
345
346              Description:Defines the size of the  tracefile  in  Kilo  bytes.
347              The  trace  file will be rolled once its size exceeds the speci‐
348              fied size."
349              Default Value: 1048576
350              Dynamic: Yes
351
352       numberOfTraceFiles
353
354              Description:Specifies the number of the tracefiles for rolling.
355              Default Value: 3
356              Dynamic: Yes
357
358       sslCipherSuite
359
360              Description: String containing OpenSSL cipher specifications  to
361              configure  the cipher suite the client is permitted to negotiate
362              with the server during the SSL handshake phase. The value should
363              be  mentioned between single quotes since it can contain special
364              characters like .+, !, -.
365              Default Value: DEFAULT (The default cipher list of OpenSSL)
366              Dynamic: No
367
368       sslBackwardCompatibility
369
370              Description:This setting  specifies  whether  the  ssl  supports
371              SSLv3.   Ideally  for  security  Compilance  purposes  it  is by
372              default set to false.
373              Default Value: false
374              Dynamic: No
375
376       webRoot
377
378              Description:Points to a location where the static web  pages  to
379              be served by the pegasus webserver are stored.
380              Default Value: /var/tog-pegasus/www
381              Dynamic: No
382
383       indexFile
384
385              Description:Specifies  the  name  of  index file used by pegasus
386              webserver, default to index.html, This file should be  available
387              at the webRoot path.
388              Default Value: index.html
389              Dynamic: No
390
391       mimeTypesFile
392
393              Description: Refers to the file which holds the mime types being
394              served by the pegasus webserver.
395              Default Value: /var/tog-pegasus/www/mimeTypes.txt
396              Dynamic: No
397
398       httpSessionTimeout
399
400              Description: If set to a positive integer, this value  specifies
401              a HTTP session lifetime in seconds. After initial authentication
402              using standard HTTP mechanisms (HTTP Basic or Negotiate  authen‐
403              tication),  the  server  generates a cookie and sends it back to
404              the client, as described in RFC 6265. The client  can  then  use
405              the cookie in subsequent requests to skip the usual HTTP authen‐
406              tication. The cookie is valid only for period of time  specified
407              by  this  configuration option.  If set to zero, session manage‐
408              ment is turned off and CIM server will not issue cookies.   This
409              option  is  available  only when Pegasus was compiled with PEGA‐
410              SUS_ENABLE_SESSION_COOKIES set to 'true'.
411              Default Value: 0
412              Dynamic: Yes
413
414       If both the enableHttpsConnection and  enableHttpConnection  properties
415       are  set to False , neither HTTP nor HTTPS connections will be allowed.
416       On some platforms, the OpenPegasus CIM  Server  has  been  enhanced  to
417       include  support  for  a  local (single system), non-standard protocol.
418       This allows the OpenPegasus CIM  Server  to  continue  to  receive  and
419       process  requests  from local OpenPegasus CIM Clients even if both HTTP
420       ports are disabled. If a local  protocol  is  not  supported,  the  CIM
421       Server  will  be  shut  down  and  disabled  from  automatically  being
422       re-started.
423
424       The current and planned values  of  the  configuration  properties  are
425       stored  in  the  files  /var/opt/tog-pegasus/cimserver_current.conf and
426       /var/opt/tog-pegasus/cimserver_planned.conf , respectively.   The  con‐
427       figuration  properties  may only be modified via the cimconfig and cim‐
428       server (8) commands; the files must not be edited directly.
429
430   Options
431       The cimconfig command recognizes the following options:
432
433              -g configuration_property
434                             Gets the specified value (current, planned and/or
435                             default) of the specified configuration property.
436                             By default, gets the current value.
437
438              -s configuration_property = value
439                             Sets the specified value (current and/or planned)
440                             of  the  specified  configuration  property  to R
441                             value .  By default, sets the current value.
442
443              -u configuration_property
444                             Unsets  the  specified  value   (current   and/or
445                             planned) of the specified configuration property,
446                             and resets it to its default value.  By  default,
447                             unsets  the  current  value  and resets it to its
448                             default value.
449
450              -l             Lists all the specified (current or planned) con‐
451                             figuration  property  name and value pairs in the
452                             CIM Server.  By default, lists only the names  of
453                             all the current configuration properties.
454
455              -c             Specifies that the operation (get, set, unset, or
456                             list) be performed on the  current  configuration
457                             properties.  For set or unset operations, returns
458                             an error when the CIM Server is  not  running  or
459                             the specified property is not a dynamic property.
460
461              -p             Specifies that the operation (get, set, unset, or
462                             list) be performed on the  planned  configuration
463                             properties.   For set and unset operations, oper‐
464                             ates on the value of the  specified  property  in
465                             the  planned configuration file if the CIM Server
466                             is not running.
467
468              -d             Specifies that the get operation be performed  on
469                             the default configuration properties.  Returns an
470                             error when the CIM Server is not running.
471
472              -h, --help     Display the command usage message.
473
474              -H name|"All"  Display detailed help information on the configu‐
475                             raton  property  defined by the name parameter or
476                             on all properties if the keyword "All" is used.
477

EXIT STATUS

479       When an error occurs, an error message is  written  to  stderr  and  an
480       error value of 1 is returned. The following return values are returned:
481
482              0      Successful completion
483              1      Error
484

EXAMPLES

486       Get the current value for the configuration property shutdownTimeout .
487
488              cimconfig -g shutdownTimeout -c
489
490       Get the planned value for the configuration property shutdownTimeout .
491
492              cimconfig -g shutdownTimeout -p
493
494       Get the default value for the configuration property shutdownTimeout .
495
496              cimconfig -g shutdownTimeout -d
497
498       Set  the current value of the property shutdownTimeout to the new value
499       15.
500
501              cimconfig -s shutdownTimeout=15 -c
502
503       Set the planned value of the property  shutdownTimeout  ,  to  the  new
504       value 5.
505
506              cimconfig -s shutdownTimeout=5 -p
507
508       Reset  the current value of the property shutdownTimeout to its default
509       value.
510
511              cimconfig -u shutdownTimeout -c
512
513       Reset the planned value of the property shutdownTimeout to its  default
514       value.
515
516              cimconfig -u shutdownTimeout -p
517
518       List all the current configuration property names.
519
520              cimconfig -l
521
522       List all the current configuration property names and their values.
523
524              cimconfig -l -c
525
526       List all the planned configuration property names and their values.
527
528              cimconfig -l -p
529

FILES

531       /var/opt/tog-pegasus/cimserver_current.conf
532                                     Current configuration
533       /var/opt/tog-pegasus/cimserver_planned.conf
534                                     Planned configuration
535

SEE ALSO

537       cimserver (8), cimauth (8).
538
539
540
541                                                                  cimconfig(8)
Impressum