1cimconfig(8)                                                      cimconfig(8)
2
3
4

NAME

6       cimconfig  -  get, set, unset, or list CIM Server configuration proper‐
7       ties
8

SYNOPSIS

10       cimconfig -g name [ -c ] [ -d ] [ -p ]
11
12       cimconfig -s name=value [ -c ] [ -p ]
13
14       cimconfig -u name [ -c ] [ -p ]
15
16       cimconfig -l [ -c | -p ]
17
18       cimconfig -h
19
20       cimconfig --help
21
22       cimconfig --H name | "All"
23
24       cimconfig --version
25
26

DESCRIPTION

28       The cimconfig command manages CIM Server configuration properties.  The
29       operations are executed on the local host by submitting requests to the
30       CIM Server.  An operation on a  current  configuration  property  takes
31       effect  immediately,  and an operation on a planned configuration prop‐
32       erty takes effect the next time the CIM Server  is  started  with  cim‐
33       server  (8)  .  Modifications to a configuration property via cimconfig
34       remain in effect until changed via another cimconfig command.  Configu‐
35       ration  properties  may  also be modified temporarily via the cimserver
36       (8) command, in which case, the modification of the configuration prop‐
37       erty  remains in effect for that execution of the cimserver (8) command
38       only. A default value is associated with each  configuration  property.
39       Each  configuration  property  is initially assigned its default value,
40       until modified  by  a  cimconfig  command  or  cimserver  (8)  command.
41       Dynamic  configuration properties are those whose current values may be
42       set while the CIM server is running.
43
44       The following configuration properties are available:
45
46       authorizedUserGroups
47
48              Description: If set, the value  is  interpreted  as  a  list  of
49              comma-separated   user   groups  whose  members  may  issue  CIM
50              requests.  A user who is not a member of any of these groups  is
51              restricted  from  issuing  CIM  requests,  with the exception of
52              privileged users (superuser). If unset, any user may  issue  CIM
53              requests. Note: This configuration property operates in conjunc‐
54              tion with other CIM request authorization conditions rather than
55              overriding them.
56              Default Value: (None)
57              Dynamic: No
58
59       enableAssociationTraversal
60
61              Description: If True, the CIM Server will support the four asso‐
62              ciation traversal operators: Associators, AssociatorNames,  Ref‐
63              erences, and ReferenceNames.
64              Default Value: True
65              Dynamic: No
66
67       enableAuditLog
68
69              Description: If True, audit log entries for certain types of CIM
70              Server activities will be written to the system  log.   Examples
71              of audited activities include a CIM Server configuration change,
72              a Provider registration change, an authentication attempt and  a
73              modification  to the CIM Schema or a CIM Instance.  An audit log
74              entry describes the who,  what,  and  when  associated  with  an
75              audited activity.
76              Default Value: False
77              Dynamic: Yes
78
79       enableIndicationService
80
81              Description:  If  True,  the CIM Server will support CIM Indica‐
82              tions.
83              Default Value: True
84              Dynamic: No
85
86       enableHttpConnection
87
88              Description: If True, allows connections to the CIM Server using
89              the HTTP protocol
90              Default Value: False
91              Dynamic: No
92
93       enableHttpsConnection
94
95              Description: If True, allows connections to the CIM Server using
96              the HTTPS protocol (HTTP using Secure Socket Layer encryption)
97              Default Value: True
98              Dynamic: No
99
100       enableNamespaceAuthorization
101
102              Description: If True, the CIM Server restricts access to  names‐
103              paces  based  on configured user authorizations [user authoriza‐
104              tions may be configured using cimauth (8) ]
105              Default Value: False
106              Dynamic: No
107
108       enableRemotePrivilegedUserAccess
109
110              Description: If True, the CIM Server allows access by  a  privi‐
111              leged  user  from  a  remote  system. Many management operations
112              require privileged user access. Disabling remote access by priv‐
113              ileged user could significantly affect functionality
114              Default Value: True
115              Dynamic: No
116
117       enableSubscriptionsForNonprivilegedUsers
118
119              Description:  If  True, nonprivileged user of the system will be
120              allowed to manipulate indication subscriptions, indication  fil‐
121              ters,  and  listener  destination instances otherwise privileged
122              access is required.
123              Default Value: True
124              Dynamic: No
125
126       forceProviderProcesses
127
128              Description: If true, the CIM Server runs Providers in  separate
129              processes  rather  than  loading  and calling Provider libraries
130              directly within the CIM Server process.
131              Default Value: True
132              Dynamic: No
133
134       hostname
135
136              Description: Can be used to override the local  system  supplied
137              hostname  (without domain) the CIM Server uses to build objects.
138              If not set, querying this configuration option will  report  the
139              system  supplied  hostname and behavior is not changed.  Setting
140              this value to a valid hostname  on  CIM  Server  startup  or  as
141              planned  value  will  force  the server to assume the configured
142              name as the local hosts name. Setting this allows  the  adminis‐
143              trator  to set the name that operations such as associator, ref‐
144              erence etc. return with object paths.  When setting this option,
145              fullyQualifiedHostName should be set also.
146
147              In  common  setups  it is not recommended to explicitly set this
148              value.  Some scenarios scenarios in which changing  the  default
149              value makes sense include:
150
151              - The case where what the CIM Server shall return to clients for
152              host name is NOT the name of the current host but some  adminis‐
153              trator  defined name (ex. system behind a firewall or some redi‐
154              rector).
155
156              - Embedded systems that have a system set hostname which is  not
157              valid  and  needs  to be overridden by CIM administrator without
158              changing the actual IP configuration.
159              Default Value: (blank)
160              Dynamic: No
161
162       fullyQualifiedHostName
163
164              Description: Can be used to override the local  system  supplied
165              fully  qualified  hostname (with domain) the CIM Server is using
166              to build objects.   If  not  set,  querying  this  configuration
167              option  will report the system supplied fully qualified hostname
168              and behavior is not changed.  Setting  this  value  to  a  valid
169              hostname  on  CIM  Server startup or as planned value will force
170              the server to assume the configured name as the local hosts name
171              with  domain.  Setting  this allows the administrator to set the
172              name that indication operations and the CIM_ObjectManager assume
173              for SystemName returned as instance and key properties.
174
175              In  common  setups  it is not recommended to explicitly set this
176              value.  Some scenarios scenarios in which changing  the  default
177              value makes sense include:
178
179              - The case where what the CIM Server shall return to clients for
180              host name is NOT the name of the current host but some  adminis‐
181              trator  defined name (ex. system behind a firewall or some redi‐
182              rector).
183
184              - Embedded systems that have a system set hostname which is  not
185              valid  and  needs  to be overridden by CIM administrator without
186              changing the actual IP configuration.
187              Default Value: (blank)
188              Dynamic: No
189
190       idleConnectionTimeout
191
192              Description: If set to a positive integer, this value  specifies
193              a  minimum timeout value for idle client connections.  If set to
194              zero, idle client connections do not time out.
195
196              A client connection is considered idle when it  is  not  in  the
197              process  of sending a request and the CIM Server is not process‐
198              ing a request from that connection.  An idle connection  timeout
199              allows  reclamation  of  the system resources allocated for idle
200              CIM Server connections.  Note that the CIM Server may  allow  an
201              idle  connection  to  persist longer than the configured timeout
202              value based on server activity.
203
204              Some client applications may not behave correctly if  a  connec‐
205              tion timeout is introduced.  Client compatibility should be con‐
206              sidered when configuring an idle connection timeout value.   The
207              idle  connection time is computed using the system clock.  Thus,
208              resetting the system clock may cause unexpected  timeout  behav‐
209              ior.
210              Default Value: 0
211              Dynamic: No
212
213       listenAddress
214
215              Description:  Network  interfaces,  if  specified,  cimserver(8)
216              should listen to for connection requests.  It  accepts  a  comma
217              seperated  list(without  space) of network interfaces. Both ipv4
218              and ipv6 addresses is accepted. Default value of "All" make cim‐
219              server  to listen to all the available network interfaces. Exam‐
220              ples include:
221              -listenAddress=All
222              -listenAddress=121.12.33.112
223              -listenAddress=121.33.21.26,127.0.0.1,fe80::fe62:9346%eth0
224              Default Value: All
225              Dynamic: No
226
227
228       maxFailedProviderModuleRestarts
229
230              Description: If set to a positive integer, this value  specifies
231              the  number  of  times a failed provider module with indications
232              enabled  are  restarted  automatically  before  being  moved  to
233              Degraded  state.  If  set to zero, failed provider module is not
234              restarted with indications enabled  automatically  and  will  be
235              moved to Degraded state immediately.
236
237              This  option  controls  the  automatic re-enabling of the failed
238              provider module with indications enabled. If the provider module
239              with  indications  enabled fails very frequently, it affects the
240              CIMServer normal operations  because  CIMServer  would  be  busy
241              reloading  the  provider module every time it fails. This option
242              would be helpful if a long running indication  provider  crashes
243              and  the management application wants to receive the indications
244              from the provider while provider fix is being delivered.
245
246              In case of provider module grouping, if one  of  the  indication
247              provider  crashes,  it  affects  all indication providers in the
248              provider modules of the group.
249
250              Note that this is the facility provided  by  the  CIMServer  for
251              temporary  recovery  of the provider and the ultimate goal SHALL
252              be to fix the faulty provider.
253              Default Value: 3
254              Dynamic: Yes
255
256       maxIndicationDeliveryRetryAttempts
257
258              Description:If set to a positive integer, value defines the num‐
259              ber  of times indication service will enable the reliableIndica‐
260              tion feature and try to deliver an indication  to  a  particular
261              listener  destination.This does not effect the original delivery
262              attempt. A value of 0 disables reliable indication feature  com‐
263              pletely, and cimserver will deliver the indication once.
264
265              This  value  is  used  to  set  the CIM_IndicationService.Deliv‐
266              eryRetryAttempts  property.   See   CIM_IndicationService.Deliv‐
267              eryRetryAttempts property for more details.
268              Default Value: 3
269              Dynamic: No
270
271       minIndicationDeliveryRetryInterval
272
273              Description:If set to a positive integer, this value defines the
274              minimal time interval in seconds for the indication  service  to
275              wait before retrying to deliver an indication to a listener des‐
276              tination that previously failed. Cimserver may take  longer  due
277              to QoS or other processing.
278
279              This value is used to initialize the property CIM_IndicationSer‐
280              vice.DeliveryRetryInterval.   See   CIM_IndicationService.Deliv‐
281              eryRetryInterval property for more details.
282              Default Value: 30
283              Dynamic: No
284
285       shutdownTimeout
286
287              Description:  When  a  cimserver  -s shutdown command is issued,
288              specifies the maximum time in seconds for the CIM Server to com‐
289              plete  outstanding  CIM operation requests before shutting down;
290              if the specified timeout period expires,  the  CIM  Server  will
291              shut  down,  even if there are still CIM operations in progress.
292              Minimum value is 2 seconds.
293              Default Value: 30
294              Dynamic: Yes
295
296       slpProviderStartupTimeout
297
298              Description: Timeout value in milli seconds used to specify  how
299              long the registration with an SLP SA may take. Registration will
300              be retried three times.
301
302              This value only needs to be increased in case that  the  loading
303              of  a set of providers whose implementation of a registered pro‐
304              file takes very long.
305              Default Value: 300000
306              Dynamic: No
307
308       socketWriteTimeout
309
310              Description: Specifies the number of seconds the CIM Server will
311              wait  for  a  client connection to be ready to receive data.  If
312              the CIM Server is unable to write to a connection in this  time,
313              the connection is closed.
314
315              A  client  connection  can  become unable to receive data if the
316              client fails to read the data that has already been sent.   This
317              timeout  allows  the  CIM  Server  to reclaim resources that are
318              allocated to a malfunctioning client.
319
320              One might consider increasing this  timeout  value  if  the  CIM
321              Server prematurely closes connections with well-behaved clients.
322              Default Value: 20
323              Dynamic: Yes
324
325       sslClientVerificationMode
326
327              Description:  Defines  the desired level of support for certifi‐
328              cate-based authentication. It can be set to  required,  optional
329              or  disabled.   If  set to required, the CIM Server will require
330              all clients connecting over HTTPS to authenticate using  a  cer‐
331              tificate.   If the client certificate is not sent or not trusted
332              the connection will be rejected.  If set to  optional,  the  CIM
333              Server  will  allow, but not require, HTTPS clients to authenti‐
334              cate using a certificate. If the client does not send a certifi‐
335              cate,  the  CIM  Server  will attempt to authenticate the client
336              using HTTP basic authentication.  If set to  disabled,  the  CIM
337              Server will not allow HTTPS clients to authenticate using a cer‐
338              tificate. Basic authentication will be used to authenticate  all
339              HTTPS  clients. This property is only used if enableHttpsConnec‐
340              tion is true.
341              Default Value: disabled
342              Dynamic: No
343
344       traceFileSizeKBytes
345
346              Description:Defines the size of the  tracefile  in  Kilo  bytes.
347              The  trace  file will be rolled once its size exceeds the speci‐
348              fied size."
349              Default Value: 1048576
350              Dynamic: Yes
351
352       numberOfTraceFiles
353
354              Description:Specifies the number of the tracefiles for rolling.
355              Default Value: 3
356              Dynamic: Yes
357
358       sslCipherSuite
359
360              Description: String containing OpenSSL cipher specifications  to
361              configure  the cipher suite the client is permitted to negotiate
362              with the server during the SSL handshake phase. The value should
363              be  mentioned between single quotes since it can contain special
364              characters like .+, !, -.
365              Default   Value:   PROFILE=SYSTEM (Protocols enforced by system-
366              wide crypto policy)
367              Dynamic: No
368
369       sslBackwardCompatibility
370
371              Description:This  setting  specifies  whether  the  ssl supports
372              SSLv3 and versions of TLS lesser than 1.2 .Ideally for  security
373              Compilance purposes it is by default set to false.
374              Default Value: false
375              Dynamic: No
376
377       webRoot
378
379              Description:Points  to  a location where the static web pages to
380              be served by the pegasus webserver are stored.
381              Default Value: /var/tog-pegasus/www
382              Dynamic: No
383
384       indexFile
385
386              Description:Specifies the name of index  file  used  by  pegasus
387              webserver,  default to index.html, This file should be available
388              at the webRoot path.
389              Default Value: index.html
390              Dynamic: No
391
392       mimeTypesFile
393
394              Description: Refers to the file which holds the mime types being
395              served by the pegasus webserver.
396              Default Value: /var/tog-pegasus/www/mimeTypes.txt
397              Dynamic: No
398
399       httpSessionTimeout
400
401              Description:  If set to a positive integer, this value specifies
402              a HTTP session lifetime in seconds. After initial authentication
403              using  standard HTTP mechanisms (HTTP Basic or Negotiate authen‐
404              tication), the server generates a cookie and sends  it  back  to
405              the  client,  as  described in RFC 6265. The client can then use
406              the cookie in subsequent requests to skip the usual HTTP authen‐
407              tication.  The cookie is valid only for period of time specified
408              by this configuration option.  If set to zero,  session  manage‐
409              ment  is turned off and CIM server will not issue cookies.  This
410              option is available only when Pegasus was  compiled  with  PEGA‐
411              SUS_ENABLE_SESSION_COOKIES set to 'true'.
412              Default Value: 0
413              Dynamic: Yes
414
415       If  both  the enableHttpsConnection and enableHttpConnection properties
416       are set to False , neither HTTP nor HTTPS connections will be  allowed.
417       On  some  platforms,  the  OpenPegasus  CIM Server has been enhanced to
418       include support for a local  (single  system),  non-standard  protocol.
419       This  allows  the  OpenPegasus  CIM  Server  to continue to receive and
420       process requests from local OpenPegasus CIM Clients even if  both  HTTP
421       ports  are  disabled.  If  a  local  protocol is not supported, the CIM
422       Server will be shut down  and   disabled   from   automatically   being
423       re-started.
424
425       The  current  and  planned  values  of the configuration properties are
426       stored in  the  files  /var/opt/tog-pegasus/cimserver_current.conf  and
427       /var/opt/tog-pegasus/cimserver_planned.conf  ,  respectively.  The con‐
428       figuration properties may only be modified via the cimconfig  and  cim‐
429       server (8) commands; the files must not be edited directly.
430
431   Options
432       The cimconfig command recognizes the following options:
433
434              -g configuration_property
435                             Gets the specified value (current, planned and/or
436                             default) of the specified configuration property.
437                             By default, gets the current value.
438
439              -s configuration_property = value
440                             Sets the specified value (current and/or planned)
441                             of the  specified  configuration  property  to  R
442                             value .  By default, sets the current value.
443
444              -u configuration_property
445                             Unsets   the   specified  value  (current  and/or
446                             planned) of the specified configuration property,
447                             and  resets it to its default value.  By default,
448                             unsets the current value and  resets  it  to  its
449                             default value.
450
451              -l             Lists all the specified (current or planned) con‐
452                             figuration property name and value pairs  in  the
453                             CIM  Server.  By default, lists only the names of
454                             all the current configuration properties.
455
456              -c             Specifies that the operation (get, set, unset, or
457                             list)  be  performed on the current configuration
458                             properties.  For set or unset operations, returns
459                             an  error  when  the CIM Server is not running or
460                             the specified property is not a dynamic property.
461
462              -p             Specifies that the operation (get, set, unset, or
463                             list)  be  performed on the planned configuration
464                             properties.  For set and unset operations,  oper‐
465                             ates  on  the  value of the specified property in
466                             the planned configuration file if the CIM  Server
467                             is not running.
468
469              -d             Specifies  that the get operation be performed on
470                             the default configuration properties.  Returns an
471                             error when the CIM Server is not running.
472
473              -h, --help     Display the command usage message.
474
475              -H name|"All"  Display detailed help information on the configu‐
476                             raton property defined by the name  parameter  or
477                             on all properties if the keyword "All" is used.
478

EXIT STATUS

480       When  an  error  occurs,  an  error message is written to stderr and an
481       error value of 1 is returned. The following return values are returned:
482
483              0      Successful completion
484              1      Error
485

EXAMPLES

487       Get the current value for the configuration property shutdownTimeout .
488
489              cimconfig -g shutdownTimeout -c
490
491       Get the planned value for the configuration property shutdownTimeout .
492
493              cimconfig -g shutdownTimeout -p
494
495       Get the default value for the configuration property shutdownTimeout .
496
497              cimconfig -g shutdownTimeout -d
498
499       Set the current value of the property shutdownTimeout to the new  value
500       15.
501
502              cimconfig -s shutdownTimeout=15 -c
503
504       Set  the  planned  value  of  the property shutdownTimeout , to the new
505       value 5.
506
507              cimconfig -s shutdownTimeout=5 -p
508
509       Reset the current value of the property shutdownTimeout to its  default
510       value.
511
512              cimconfig -u shutdownTimeout -c
513
514       Reset  the planned value of the property shutdownTimeout to its default
515       value.
516
517              cimconfig -u shutdownTimeout -p
518
519       List all the current configuration property names.
520
521              cimconfig -l
522
523       List all the current configuration property names and their values.
524
525              cimconfig -l -c
526
527       List all the planned configuration property names and their values.
528
529              cimconfig -l -p
530

FILES

532       /var/opt/tog-pegasus/cimserver_current.conf
533                                     Current configuration
534       /var/opt/tog-pegasus/cimserver_planned.conf
535                                     Planned configuration
536

SEE ALSO

538       cimserver (8), cimauth (8).
539
540
541
542                                                                  cimconfig(8)
Impressum