1sfcbd(1) General Commands Manual sfcbd(1)
3
7 sfcbd - Small-Footprint CIM Broker (sfcb)
8
10 sfcbd [options]
11
13 sfcb is a lightweight CIM daemon (aka CIMOM) that responds to CIM
14 client requests for system management data and/or performs system man‐
15 agement tasks. sfcb supports most of the standard CIM XML over
16 http/https protocol. It is highly modular, allowing functionality to
17 be easily added, removed or customized for different management appli‐
18 cations. sfcb is specifically targetted for small embedded system that
19 do not have the available CPU, memory or disk resources to support a
20 full-blown enterprise-level CIMOM. That said, sfcb runs very well on a
21 regular Linux/Unix system and supports most of the functions required
22 by CIM clients to manage such the system. Supported CIM operations
23 include:
24 GetClass
26 EnumerateClasses
27 EnumerateClassNames
28 GetInstance
29 DeleteInstance
30 CreateInstance
31 ModifyInstance
32 EnumerateInstances
33 EnumerateInstanceNames
34 InvokeMethod (MethodCall)
35 ExecQuery
36 Associators
37 AssociatorNames
38 References
39 ReferenceNames
40 CIM process and lifecycle indications (aka 'events') are also sup‐
42 ported.
43
45 Supported command line options are:
46 -c, --config-file=FILE
48 Specify an alternative configuration file.
49 Default=/etc/sfcb/sfcb.cfg
50 -d, --daemon
52 Run sfcbd (and child processes) in the background.
53 -h, --help
55 Print help message and exit.
56 -k, --color-trace
58 -k, --color-trace Color the trace output of each process
59 -s, --collect-stats
61 Turn on runtime statistics collecting. If enabled then various
62 sfcbd runtime statistics will be written to ./sfcbStat. Default
63 is no statistics are collected.
64 -t, --trace-components=NUM
66 Activate component-level tracing messages, where NUM is an OR-ed
67 bitmask integer defining which component to trace. Specifying
68 "-t ?" will list all the components and their associated integer
69 bitmask.
70 -v, --version
72 Prints version information and exits.
73
75 sfcbd reads the configuration file /etc/sfcb/sfcb.cfg (or the file
76 specified with the -c option) at start up. The configuration file con‐
77 tains option : value pairs, one per line. For a complete list of
78 options, see the default configuration file included with the sfcb
79 package.
80 httpPort
82 Local port that sfcbd should listen to receive HTTP (i.e. inse‐
83 cure) requests from CIM clients. Default=5988
84 enableHttp
86 Whether sfcb should accept HTTP client connections.
87 Default=true.
88 httpProcs
90 Maximum number of simultaneous HTTP client connections before
91 blocking new incoming HTTP requests. Default=8
92 httpsPort
94 Local port that sfcbd should listen to receive HTTPS (i.e.
95 secure) requests from CIM clients. Default=5989
96 enableHttps
98 Whether sfcb should accept HTTPS client connections.
99 Default=false.
100 httpsProcs
102 Maximum number of simultaneous HTTPS client connections before
103 blocking new incoming HTTPS requests. Default=8
104 enableInterOp
106 Whether sfcb should provide the interop namespace for indication
107 support. Default=true
108 provProcs
110 Maximum number of simultaneous provider processes. After this
111 point if a new incoming request requires loading a new provider,
112 then one of the existing providers will first be automatically
113 unloaded. Default=32
114 doBasicAuth
116 Perform basic authentication on the client userid (obtained from
117 the HTTP/HTTPS header) before allowing the request.
118 Default=false (i.e. no client authentication performed).
119 basicAuthLib
121 Name of the local library to call to authenticate the client
122 userid. Default=sfcBasicAuthentication
123 useChunking
125 Tell sfcbd to use HTTP/HTTPS 'chunking' to return large volumes
126 of response data to the client in 'chunks', rather than buffer‐
127 ing the data and sending it back all at once. Default=true
128 keepaliveTimeout
130 Specify the maximum time in seconds an sfcb HTTP process will
131 wait between two requests on one connection before terminating.
132 Setting it to 0 will disable HTTP keep-alive. Default=0
133 keepaliveMaxRequest
135 Specify the maximum number of consecutive request on one connec‐
136 tion. Setting it to 0 will effectively disable HTTP keep-alive.
137 Default=10
138 registrationDir
140 Specify the registration directory, which contains the provider
141 registration data, the staging area and the static repository.
142 Default=/var/lib/sfcb/registration
143 providerDirs
145 A space separated list of directories where sfcb is looking for
146 provider libraries. Default=/usr/lib /usr/lib/cmpi
147 /usr/lib64 /usr/lib64/cmpi
148 providerSampleInterval
150 The interval in seconds at which the provider manager is check‐
151 ing for idle providers. Default: 30
152 providerTimeoutInterval
154 The interval in seconds before an idle provider gets unloaded by
155 the provider manager. Default: 60
156 providerAutoGroup
158 If set to true, all providers residing in the same shared
159 library will be executed in the same process unless another
160 group has been specified in the provider registration file.
161 Default: true
162 sslCertificateFilePath
164 Specify the name of the file containing the server's certifi‐
165 cate. The file must be in PEM format. This file is only
166 required if enableHttps is set to true. Default=
167 /etc/sfcb/server.pem
168 sslKeyFilePath
170 Specify the name of the file containing the private key for the
171 server's certificate. The file must be in PEM format and may not
172 be passphrase-protected. This file is only required if enable‐
173 Https is set to true. Default=/etc/sfcb/file.pem
174 sslClientTrustStore
176 Specify the name of the file or directory containing either the
177 CA certificate issuing client certificates or self-signed cer‐
178 tificates of the clients. This setting is only required if
179 sslClientCertificate is set to accept or require.
180 If a file, it must be in PEM format.
182 If a directory, it must be in "hash format": each file in the
184 directory should be named hash.0, where hash is the output of
185 openssl x509 -hash. See the -CApath option in verify(1) from the
186 openssl package for more information about the hash format.
187 Default=/etc/sfcb/client.pem
189 sslClientCertificate
191 Specify the way sfcb handles client certificate based authenti‐
192 cation. If set to ignore it will not request a certificate from
193 the client. If set to accept it will request a certificate from
194 the client but not fail if the client doesn't present one. If
195 set to require it will refuse the client connection if the
196 client doesn't present a certificate. Default=ignore
197 certificateAuthLib
199 Name of the local library to call for client-certificate based
200 user authentication. Called only if sslClientCertificate is not
201 set to ignore. Default=sfcCertificateAuthentication
202 traceLevel
204 Specify the trace level for sfcb. Can be overriden by setting
205 environment variable SFCB_TRACE_LEVEL. Default:0.
206 traceMask
208 Specify the trace mask for sfcb. Can be overriden by the command
209 line option --trace-components. Default: 0.
210 traceFile
212 Specify the trace file for sfcb. Can be overriden by setting
213 environment variable SFCB_TRACE_FILE. Default: stderr.
214
216 SFCB_PAUSE_PROVIDER
217 Specifies the name of the provider to pause after first being
218 loaded to facilitate attaching a runtime debugger to the
219 provider's process for debugging purposes.
220 SFCB_PAUSE_CODEC
222 Specifies the name of the sfcb codec (currently only "http") to
223 pause after first being started to facilitate attaching a run‐
224 time debugger to the process.
225 SFCB_TRACE
227 Specifies the level of trace/debug messages for sfcb. Valid
228 values are 0 (no trace messages), or 1 (key trace messages only)
229 to 4 (all messages). A default value of 1 will be assumed, if
230 this variable is not set.
231 [Note: SFCB_TRACE level is used in conjunction with sfcb's com‐
232 ponent-level tracing to control the level of detail of trace
233 messages to display within each component]
234 SFCB_TRACE_FILE
236 By default sfcb trace messages are written to STDERR. Setting
237 this envorinment variable causes the trace messages to be writ‐
238 ten to a file instead.
239 SFCB_TRAP
241 If set this environment variable enables trap interrupts on x86
242 platforms to be generated by sfcb in special situations.
243 [Note: not currently ever used]
244 SBLIM_TRACE
246 Specifies the level of trace/debug messages for SBLIM providers.
247 Valid values are 0 (no trace messages), or 1 (key trace messages
248 only) to 4 (all messages).
249 [Note: this only applies to SBLIM providers written with
250 explicit trace messages in their source code.]
251 SBLIM_TRACE_FILE
253 By default SBLIM provider trace messages are written to STDERR.
254 Setting this envorinment variable causes the trace messages to
255 be written to a file instead.
256
258 /etc/sfcb/sfcb.cfg
259 Default sfcb configuration file.
260 /etc/sfcb/server.pem
262 SSL server certificate for sfcb.
263 /etc/sfcb/file.pem
265 SSL private key file for sfcb.
266 /etc/sfcb/client.pem
268 SSL client certificate / trust store for sfcb.
269
271 /usr/lib/libsfc* /usr/lib64/libsfc*
272 Binaries for sfcb runtime libraries.
273 /usr/lib/cmpi/* /usr/lib64/cmpi/*
275 Binaries for providers.
276
278 Adrian Schuur <schuur@de.ibm.com>
279
281 Dr. Gareth S. Bestor <bestor@us.ibm.com>,
282 Viktor Mihajlovski <MIHAJLOV@de.ibm.com>,
283 Chris Buccella <buccella@linux.vnet.ibm.com>
284
286 The SBLIM project maintains a mailing list to which you should direct
287 all questions regarding sfcb, sfcc, wbemcli, or any of the SBLIM
288 providers. To subscribe to this mailing list visit
289 http://lists.sourceforge.net/lists/listinfo/sblim-devel
291 The SBLIM Project Bug tracking page can be found at
293 http://sourceforge.net/tracker/?group_id=128809&atid=712784
295
297 (C) Copyright IBM Corp. 2004, 2005, 2009
298
300 The Small-Footprint CIM Broker (sfcb) is a part of the SBLIM project.
301 The most recent version is available on the web at
302 http://sblim.sourceforge.net/
304
306 sfcbmof(1), sfcbstage(1), sfcbunstage(1), sfcbrebos(1),
307 genSslCert.sh(1), getSchema.sh(1), wbemcli(1)
308sfcb Version 1.3.16 June 2009 sfcbd(1)