1sfcbd(1) General Commands Manual sfcbd(1)
3
7 sfcbd - Small-Footprint CIM Broker (sfcb)
8
10 sfcbd [options]
11
13 sfcb is a lightweight CIM daemon (aka CIMOM) that responds to CIM
14 client requests for system management data and/or performs system man‐
15 agement tasks. sfcb supports most of the standard CIM XML over
16 http/https protocol. It is highly modular, allowing functionality to
17 be easily added, removed or customized for different management appli‐
18 cations. sfcb is specifically targetted for small embedded system that
19 do not have the available CPU, memory or disk resources to support a
20 full-blown enterprise-level CIMOM. That said, sfcb runs very well on a
21 regular Linux/Unix system and supports most of the functions required
22 by CIM clients to manage such the system. Supported CIM operations
23 include:
24 GetClass
26 EnumerateClasses
27 EnumerateClassNames
28 GetInstance
29 DeleteInstance
30 CreateInstance
31 ModifyInstance
32 EnumerateInstances
33 EnumerateInstanceNames
34 InvokeMethod (MethodCall)
35 ExecQuery
36 Associators
37 AssociatorNames
38 References
39 ReferenceNames
40 CIM process and lifecycle indications (aka 'events') are also sup‐
42 ported.
43
45 Supported command line options are:
46 -c, --config-file=FILE
48 Specify an alternative configuration file.
49 Default=/etc/sfcb/sfcb.cfg
50 -d, --daemon
52 Run sfcbd (and child processes) in the background.
53 -h, --help
55 Print help message and exit.
56 -k, --color-trace
58 -k, --color-trace Color the trace output of each process
59 -s, --collect-stats
61 Turn on runtime statistics collecting. If enabled then various
62 sfcbd runtime statistics will be written to ./sfcbStat. Default
63 is no statistics are collected.
64 -t, --trace-components=NUM
66 Activate component-level tracing messages, where NUM is an OR-ed
67 bitmask integer defining which component to trace. Specifying
68 "-t ?" will list all the components and their associated integer
69 bitmask.
70 -v, --version
72 Prints version information and exits.
73
75 sfcbd reads the configuration file /etc/sfcb/sfcb.cfg (or the file
76 specified with the -c option) at start up. The configuration file con‐
77 tains option : value pairs, one per line. For a complete list of
78 options, see the default configuration file included with the sfcb
79 package.
80 httpPort
82 Local port that sfcbd should listen to receive HTTP (i.e. inse‐
83 cure) requests from CIM clients. Default=5988
84 enableHttp
86 Whether sfcb should accept HTTP client connections.
87 Default=true.
88 httpProcs
90 Maximum number of simultaneous HTTP client connections before
91 blocking new incoming HTTP requests. Default=8
92 httpsPort
94 Local port that sfcbd should listen to receive HTTPS (i.e.
95 secure) requests from CIM clients. Default=5989
96 enableHttps
98 Whether sfcb should accept HTTPS client connections.
99 Default=false.
100 httpsProcs
102 Maximum number of simultaneous HTTPS client connections before
103 blocking new incoming HTTPS requests. Default=8
104 enableInterOp
106 Whether sfcb should provide the interop namespace for indication
107 support. Default=true
108 provProcs
110 Maximum number of simultaneous provider processes. After this
111 point if a new incoming request requires loading a new provider,
112 then one of the existing providers will first be automatically
113 unloaded. Default=32
114 doBasicAuth
116 Perform basic authentication on the client userid (obtained from
117 the HTTP/HTTPS header) before allowing the request.
118 Default=false (i.e. no client authentication performed).
119 basicAuthLib
121 Name of the local library to call to authenticate the client
122 userid. Default=sfcBasicAuthentication
123 useChunking
125 Tell sfcbd to use HTTP/HTTPS 'chunking' to return large volumes
126 of response data to the client in 'chunks', rather than buffer‐
127 ing the data and sending it back all at once. Default=true
128 keepaliveTimeout
130 Specify the maximum time in seconds an sfcb HTTP process will
131 wait between two requests on one connection before terminating.
132 Setting it to 0 will disable HTTP keep-alive. Default=0
133 keepaliveMaxRequest
135 Specify the maximum number of consecutive request on one connec‐
136 tion. Setting it to 0 will effectively disable HTTP keep-alive.
137 Default=10
138 registrationDir
140 Specify the registration directory, which contains the provider
141 registration data, the staging area and the static repository.
142 Default=/var/lib/sfcb/registration
143 providerDirs
145 A space separated list of directories where sfcb is looking for
146 provider libraries. Default=/usr/lib64 /usr/lib64/cmpi
147 providerSampleInterval
149 The interval in seconds at which the provider manager is check‐
150 ing for idle providers. Default: 30
151 providerTimeoutInterval
153 The interval in seconds before an idle provider gets unloaded by
154 the provider manager. Default: 60
155 providerAutoGroup
157 If set to true, all providers residing in the same shared
158 library will be executed in the same process unless another
159 group has been specified in the provider registration file.
160 Default: true
161 sslCertificateFilePath
163 Specify the name of the file containing the server's certifi‐
164 cate. The file must be in PEM format. This file is only
165 required if enableHttps is set to true. Default=
166 /etc/sfcb/server.pem
167 sslKeyFilePath
169 Specify the name of the file containing the private key for the
170 server's certificate. The file must be in PEM format and may not
171 be passphrase-protected. This file is only required if enable‐
172 Https is set to true. Default=/etc/sfcb/file.pem
173 sslClientTrustStore
175 Specify the name of the file or directory containing either the
176 CA certificate issuing client certificates or self-signed cer‐
177 tificates of the clients. This setting is only required if
178 sslClientCertificate is set to accept or require.
179 If a file, it must be in PEM format.
181 If a directory, it must be in "hash format": each file in the
183 directory should be named hash.0, where hash is the output of
184 openssl x509 -hash. See the -CApath option in verify(1) from the
185 openssl package for more information about the hash format.
186 Default=/etc/sfcb/client.pem
188 sslClientCertificate
190 Specify the way sfcb handles client certificate based authenti‐
191 cation. If set to ignore it will not request a certificate from
192 the client. If set to accept it will request a certificate from
193 the client but not fail if the client doesn't present one. If
194 set to require it will refuse the client connection if the
195 client doesn't present a certificate. Default=ignore
196 certificateAuthLib
198 Name of the local library to call for client-certificate based
199 user authentication. Called only if sslClientCertificate is not
200 set to ignore. Default=sfcCertificateAuthentication
201 traceLevel
203 Specify the trace level for sfcb. Can be overriden by setting
204 environment variable SFCB_TRACE_LEVEL. Default:0.
205 traceMask
207 Specify the trace mask for sfcb. Can be overriden by the command
208 line option --trace-components. Default: 0.
209 traceFile
211 Specify the trace file for sfcb. Can be overriden by setting
212 environment variable SFCB_TRACE_FILE. Default: stderr.
213
215 SFCB_PAUSE_PROVIDER
216 Specifies the name of the provider to pause after first being
217 loaded to facilitate attaching a runtime debugger to the
218 provider's process for debugging purposes.
219 SFCB_PAUSE_CODEC
221 Specifies the name of the sfcb codec (currently only "http") to
222 pause after first being started to facilitate attaching a run‐
223 time debugger to the process.
224 SFCB_TRACE
226 Specifies the level of trace/debug messages for sfcb. Valid
227 values are 0 (no trace messages), or 1 (key trace messages only)
228 to 4 (all messages). A default value of 1 will be assumed, if
229 this variable is not set.
230 [Note: SFCB_TRACE level is used in conjunction with sfcb's com‐
231 ponent-level tracing to control the level of detail of trace
232 messages to display within each component]
233 SFCB_TRACE_FILE
235 By default sfcb trace messages are written to STDERR. Setting
236 this envorinment variable causes the trace messages to be writ‐
237 ten to a file instead.
238 SFCB_TRAP
240 If set this environment variable enables trap interrupts on x86
241 platforms to be generated by sfcb in special situations.
242 [Note: not currently ever used]
243 SBLIM_TRACE
245 Specifies the level of trace/debug messages for SBLIM providers.
246 Valid values are 0 (no trace messages), or 1 (key trace messages
247 only) to 4 (all messages).
248 [Note: this only applies to SBLIM providers written with
249 explicit trace messages in their source code.]
250 SBLIM_TRACE_FILE
252 By default SBLIM provider trace messages are written to STDERR.
253 Setting this envorinment variable causes the trace messages to
254 be written to a file instead.
255
257 /etc/sfcb/sfcb.cfg
258 Default sfcb configuration file.
259 /etc/sfcb/server.pem
261 SSL server certificate for sfcb.
262 /etc/sfcb/file.pem
264 SSL private key file for sfcb.
265 /etc/sfcb/client.pem
267 SSL client certificate / trust store for sfcb.
268
270 /usr/lib64/libsfc*
271 Binaries for sfcb runtime libraries.
272 /usr/lib64/cmpi/*
274 Binaries for providers
275
277 Adrian Schuur <schuur@de.ibm.com>
278
280 Dr. Gareth S. Bestor <bestor@us.ibm.com>,
281 Viktor Mihajlovski <MIHAJLOV@de.ibm.com>,
282 Chris Buccella <buccella@linux.vnet.ibm.com>
283
285 The SBLIM project maintains a mailing list to which you should direct
286 all questions regarding sfcb, sfcc, wbemcli, or any of the SBLIM
287 providers. To subscribe to this mailing list visit
288 http://lists.sourceforge.net/lists/listinfo/sblim-devel
290 The SBLIM Project Bug tracking page can be found at
292 http://sourceforge.net/tracker/?group_id=128809&atid=712784
294
296 (C) Copyright IBM Corp. 2004, 2005, 2009
297
299 The Small-Footprint CIM Broker (sfcb) is a part of the SBLIM project.
300 The most recent version is available on the web at
301 http://sblim.sourceforge.net/
303
305 sfcbmof(1), sfcbstage(1), sfcbunstage(1), sfcbrebos(1),
306 genSslCert.sh(1), getSchema.sh(1), wbemcli(1)
307sfcb Version 1.3.8 June 2009 sfcbd(1)