Recommended OpenPegasus Build and Configuration Options for Selected Platforms
Abstract:
This document defines a set of recommended options for building,
testing and running OpenPegasus on a selected set of
platforms. In this version of the document, platform-specific configuration
information have been documented for the platforms described in the
"Documented Platforms" section of this document.
Note 1:
The recommendations defined in this document are not intended to document
the feature set included in any vendor's OpenPegasus-based product.
Rather, the purpose of this document is to provide input to vendors when
making product decisions.
Definition of the Problem
OpenPegasus supports a large number of build and runtime options.
Determining which options to use can be challenging. The purpose of this
document is to simplify the build, testing and administration of OpenPegasus
by providing a recommended, tested set of options.
Documented Platforms
Support for the OpenPegasus build and runtime options described in
this document varies by platform. In this version of the
document, platform-specific configuration information has been included
for the platforms described in the following table. For all other
platforms, please consult the OpenPegasus Platform Advocate for
additional information.
Platform |
Status |
HPUX_IA64_ACC |
|
HPUX_PARISC_ACC |
|
LINUX_IA64_GNU |
|
LINUX_IX86_GNU |
|
LINUX_PPC64_GNU |
|
LINUX_PPC_GNU |
|
LINUX_XSCALE_GNU |
|
LINUX_ZSERIES64_GNU |
|
LINUX_ZSERIES_GNU |
|
VMS_ALPHA_DECCXX |
|
VMS_IA64_DECCXX |
|
Proposed Solution
Security Considerations
-
To avoid introducing security vulnerabilities, vendors must never
ship providers incompatible with the security assumptions used in
their deployment.
For example, providers designed for a single-user deployment that
don't perform authorization must not be shipped with a CIM Server
that expects the providers to perform authorization. Note that
this authorization burden is considerably lighter if the provider
is registered as 'run as requestor' and if the CIM Server enables
that feature. See
PEP#223 - Security Coding Guidelines for additional
details.
-
Vendors should ensure they configure the CIM Server consistently
with the security requirements of their deployment.
Terminology Notes
-
In this document, the term "Not Set" is used to indicate
that the a value for the environment variable has not been defined.
"Set" is used to indicate that the value must be defined,
but the actual value of the variable is not checked.
General Notes
-
Not all functionality described in this document has achieved
"Green"status, please refer to the
OpenPegasus Project Feature Status page for information on
the maturity level of OpenPegasus features.
-
To encourage testing of new functionality, recommendations for the
Development Build may include features that are not yet recommended
for Release Builds.
Environment Variable Settings for Building OpenPegasus
Definitions
ICU_INSTALL
Description: When set, points to the directory containing
the ICU(International
Components for Unicode) installation. The 'include'
subdirectory is used to locate ICU header files at build time. The
'lib' subdirectory is used to locate ICU libraries at link
time.
Default Value: Not Set
Recommended Value (Development Build): Not Set
Recommended Value (Release Build): Not Set
Required: No. However, if PEGASUS_HAS_ICU is
set and ICU_INSTALL is not defined, the ICU libraries and header
files are expected to be installed in directories (e.g.,/usr/lib,
/usr/include) that are searched by default.
Considerations: This environment variable is only used
if PEGASUS_HAS_MESSAGES is set. Refer to PEGASUS_HAS_MESSAGES for
additional details.
ICU_NO_UPPERCASE_ROOT
Description: If set, the messages in the root resource
bundle will NOT be capitalized. By default, the root resource
bundle is capitalized.
Default Value: Not Set
Recommended Value (Development Build): Not Set
Recommended Value (Release Build): Not Set
Required: No
Considerations: This environment variable is only used
if PEGASUS_HAS_MESSAGES is set. Refer to PEGASUS_HAS_MESSAGES for
additional details.
ICU_ROOT_BUNDLE_LANG
Description: If set, specifies the language
to be used to generate the root resource bundle. The
default value for ICU_ROOT_BUNDLE_LANG is _en.
Default Value: _en
Recommended Value (Development Build): No
Recommendation
Recommended Value (Release Build): No Recommendation
Required: No
Considerations: This environment variable is
only used if PEGASUS_HAS_MESSAGES is set. Refer to
PEGASUS_HAS_MESSAGES for additional details.
If set, resource bundles for the designated language must
exist for the following files:
- pegasus/src/Pegasus/msg/Server/pegasusServer_en.txt
- pegasus/src/Pegasus/msg/Listener/pegasusListener_en.txt
OPENSSL_BIN
Description: Specifies the location of the
OpenSSL binary directory.
Default Value: Not Set
Recommended Value (Development Build):
No Specific Recommendation
Recommended Value (Release Build):
No Specific Recommendation
Required: No. By default, the openssl binary is
expected to be installed in a directory that is searched by default
(e.g., /usr/bin). For platforms where this isn't true, the
OPENSSL_BIN environment variable may be used to define an
alternative path. This environment variable is only used if
PEGASUS_HAS_SSL is set.
OPENSSL_HOME
Description: Specifies the location of the OpenSSL
SDK directory. This directory must contain the OpenSSL
include directory, $(OPENSSL_HOME)/include, and the OpenSSL
library directory, $(OPENSSL_HOME)/lib.
Default Value: Not Set
Recommended Value (Development Build):
No Specific Recommendation
Recommended Value (Release Build):
No Specific Recommendation
Required: Yes for Windows, if PEGASUS_HAS_SSL
is set. No for all other platforms. For AIX, the default
value for OPENSSL_HOME is /usr/linux. For all other
platforms, the OpenSSL include files and libraries are expected
to be installed in directories that are searched by default (e.g.,
/usr/bin, /usr/lib(64), and /usr/include).
For platforms where the default value is not correct, the
OPENSSL_HOME environment variable may be used to define an
alternative path (i.e., $(OPENSSL_HOME)/lib and
$(OPENSSL_HOME)/include). This environment variable
is only used if PEGASUS_HAS_SSL is set.
PEGASUS_ALLOW_ABSOLUTEPATH_IN_PROVIDERMODULE
Description: If set to true, a version of OpenPegasus
will be built that allows an absolute path to be specified as the
value of the Location property of PG_ProviderModule class.
Otherwise it does not allow the absolute path to be specified.
Default Value: Not Set
Recommended Value (Development Build): Not Set
Recommended Value (Release Build): Not Set
Required: No
Considerations: To avoid introducing security
vulnerabilities, vendors should analyze their deployment
environments to understand the security implications of allowing
providers to be loaded from a dynamically changing set of
directories.
PEGASUS_CCOVER
Description: This flag is currently only supported on
HP-UX. It is enabled on the Nightly Build & Test system,
HP-UX_11iv3_Integrity_C-Cover. This system is
used to generate the nightly BullseyeCoverage code coverage
metrics.
Default Value: Not Set
Recommended Value (Development Build): Not Set
Recommended Value (Release Build): Not Set
Required: No
Considerations: This flag is only supported on HP-UX to enable
CCOVER for the NB&T system.
PEGASUS_CIM_SCHEMA
Description: This variable is used internally by the
OpenPegasus development team when upgrading the OpenPegasus build
environment to a new version of the CIM Schema.
Default Value: CIM217
Recommended Value (Development Build):
No Specific Recommendation
Recommended Value (Release Build):
No Specific Recommendation
Required: No
Considerations: Additional code changes may be required when
upgrading or downgrading the CIM Schema version.
PEGASUS_CLASS_CACHE_SIZE
Description: This environment variable gives the size of
the class cache used by CIM repository. This variable defines the
size of the class cache (i.e., the maximum number of classes that
may be included). If this variable is set to 0, class caching is
disabled.
Default Value: 8
Recommended Value (Development Build): 8
Recommended Value (Release Build): 8
Required: No
PEGASUS_DEBUG
Description: Builds a debug version of OpenPegasus.
Concurrently, this flag controls a) enabling compiler specific
debug flags and b) the inclusion of debug-specific
functionality.
Default Value: Not Set
Recommended Value (Development Build): Set
Recommended Value (Release Build): Not Set
Required: No
PEGASUS_DEFAULT_USERCTXT_REQUESTOR
Description: If set to true, the Requestor user
context is used for providers that do not specify a UserContext
value in their registration. Otherwise, the Privileged user
context value is used by default.
Default Value: false
Recommended Value (Development Build): false
Recommended Value (Release Build): false
Required: No
Considerations: Use of the Requestor default has
improved provider security characteristics. However, some providers
may not operate correctly when run in the Requestor user
context and setting this value to true may cause those providers to
fail. Providers that can run in the Requestor
user context are encouraged to explicitly set the UserContext value
in their registration rather than rely on the default setting
default by this variable. Please refer to
SecurityGuidelinesForDevelopers.html. PEP 223 for a discussion
of the rationale/advantages of running providers in the
Requestor user context. Note: This build
variable is not meaningful if the Provider User Context feature is
disabled with the PEGASUS_DISABLE_PROV_USERCTXT
setting.
PEGASUS_DEFAULT_ENABLE_OOP
Description: When this variable is set to false, by
default, Providers are run in the cimserver process
(forceProviderProcesses=false). If this value is set true,
Providers are run out-of-process by default.
Default Value: true for HP-UX and Linux, false for
other platforms
Recommended Value (Development Build): true (HP-UX,
Linux)
Recommended Value (Release Build): true (HP-UX,
Linux)
Required: No
Considerations: This environment variable can be used to
change the "hard-coded" default setting for the
forceProviderProcesses configuration value.
Refer to the definition of forceProviderProcesses for
additional information.
PEGASUS_DEST_LIB_DIR
Description: Specifies the location of OpenPegasus
shared libraries.
Default Value: $(PEGASUS_HOME)/lib
Recommended Value (Development Build):
$(PEGASUS_HOME)/lib
Recommended Value (Release Build):
No Specific Recommendation
Required: No
Considerations: This variable is NOT is used to define
the location of the Provider library directories.
Please refer to the providerDir configuration option for details
on defining the directories for the Provider libraries.
PEGASUS_DISABLE_DEPRECATED_INTERFACES
Description: Removes deprecated symbol definitions
from OpenPegasus runtime libraries.
Default Value: Not Set
Recommended Value (Development Build): Not Set
Recommended Value (Release Build): Not Set
Required: No
Considerations: If this option is set, the resulting
OpenPegasus libraries will not be binary compatible with
clients and providers built using interface definitions from
prior releases. This option may be used to slightly reduce binary
footprint in an environment where compatibility is not required.
PEGASUS_DISABLE_INSTANCE_QUALIFIERS
Description: In the CIM Infrastructure Specification,
version 2.3, the DMTF clarified that instance-level qualifiers are
not allowed. In Version 1.2 of the Specification CIM
Operations over HTTP, use of the IncludeQualifiers parameter has
been DEPRECATED.
Default Value: Not Set
Recommended Value (Development Build): Not Set
Recommended Value (Release Build): Not Set
Required: No
Considerations: Existing CIM Clients may depend on
qualifiers being returned in the response. In this case, the
PEGASUS_DISABLE_INSTANCE_QUALIFIERS should not be set.
If this flag is set, the value of the IncludeQualifiers parameter
passed on the GetInstance and EnumerateInstance operations is
ignored and qualifiers are not returned.
Disabling the return of qualifiers as part of a CIM Instance will
improve performance.
PEGASUS_DISABLE_LOCAL_DOMAIN_SOCKET
Description: Disables support for local (same-system)
connections over a Unix domain socket. If this option is NOT set,
the CIM Server is built to allow connections to be established
using a domain socket rather than a TCP port.
Default Value: Not Set
Recommended Value (Development Build): Not Set
Recommended Value (Release Build): Not Set
Required: No
Considerations: (1) In high-threat environments, a
customer may want to disable all ports or reduce the number of
exposed network ports. Supporting a local connection mechanism
using Unix domain socket allows the CIM Server to continue to
receive and process requests from local CIM Clients. (2)
Enabling this option may result in lose of functionality when
sslClientVerificationMode = required. (3)The
"LOCAL_DOMAIN_SOCKET" functionality has not been
implemented for Windows or OpenVMS. Therefore, by
default, this option is "Set" for Windows and OpenVMS
platforms.
PEGASUS_DISABLE_PERFINST
Description: Builds a version of OpenPegasus that
disables support for gathering performance data.
Default Value: Not Set
Recommended Value (Development Build): Not Set
Recommended Value (Release Build): Set
Required: No
Considerations: The CIM_ObjectManager.GatherStatisticalData
property is used to control statistic gathering. Once enabled,
statistical data can be viewed by retrieving instances of the
CIM_StatisticalData class. Support for gathering performance
data requires PEGASUS_ENABLE_INTEROP_PROVIDER to be enabled. If
PEGASUS_ENABLE_INTEROP_PROVIDER is explicitly disabled (i.e., set
to false), then PEGASUS_DISABLE_PERFINST must be set to
true. If PEGASUS_DISABLE_PERFINST is not defined or set to
false and PEGASUS_ENABLE_INTEROP_PROVIDER is not set,
PEGASUS_ENABLE_INTEROP_PROVIDER will be automatically enabled.
PEGASUS_DISABLE_PRIVILEGED_TESTS
Description: This variable is used only in the development
environment to restrict the level of testing performed by default.
If set, tests that require the CIM Server to run in a privileged
mode will not be run. Setting this variable allows
developers, without privileged access, to successfully run a
subset of the OpenPegasus test suit. This variable does
not affect CIM Server functionality. It merely controls
the level of testing.
Default Value: Not Set
Recommended Value (Development Build): Not Set
Recommended Value (Release Build): Not Used
Required: No
Considerations: Enabling this variable will significantly
reduce the testing of security related features (e.g.,
authentication and authorization) and can affect testing in other
areas.
PEGASUS_DISABLE_PROV_USERCTXT
Description: Builds a version of OpenPegasus that
disables supports for the Provider User Context feature.
This feature allows a Provider to choose the user context in
which it is invoked, including the ability to run in the context of
the user requesting an operation.
Default Value: Set for Windows and OpenVMS, Not Set
for all other platforms
Recommended Value (Development Build): Set for Windows and
OpenVMS, Not Set for all other platforms
Recommended Value (Release Build): Set for Windows and
OpenVMS, Not Set for all other platforms
Required: No
Considerations: The Provider User Context feature may be
disabled by compiling with the PEGASUS_DISABLE_PROV_USERCTXT flag
defined. In this case, the Provider Registration Manager rejects
provider registration requests that specify a UserContext property
value. The user context in which providers run is then unchanged by
this enhancement. Some platforms, such as OS/400 and z/OS may
define the PEGASUS_DISABLE_PROV_USERCTXT as part of the platform
configuration, since these platforms already set the provider user
context on a per-thread basis. When the Provider User Context
feature is enabled, support for each of the User Context types may
be disabled individually. Provider registration fails when an
unsupported UserContext value is specified. Please refer to
SecurityGuidelinesForDevelopers.html / PEP 223 for a discussion of
the rationale/advantages of user context providers to many
platforms.
PEGASUS_EXTRA_PROVIDER_LIB_DIR
Description: Specifies the location of the extra provider
libraries which are part of the release builds.
Default Value: Not Set
Recommended Value (Development Build):
No Specific Recommendation
Recommended Value (Release Build):
No Specific Recommendation
Required: No.
Considerations: Since providerDir config property is fixed
and hidden in release builds, this build time option provides facilty
to include the extra provider directories without any security problems.
This build time option is useful only when PEGASUS_OVERRIDE_DEFAULT_RELEASE_DIRS
is set.
PEGASUS_EMANATE_INCLUDE_DIR
Description: Specifies the location of the EMANATE
include directory.
Default Value: Not Set
Recommended Value (Development Build):
No Specific Recommendation
Recommended Value (Release Build):
No Specific Recommendation
Required: No. By default, the EMANATE include files
are expected to be installed in directories that are searched by
default (e.g., /usr/include). For platforms where this isn't true,
the PEGASUS_EMANATE_INCLUDE_DIR environment variable may be used to
define an alternative path. This environment variable is only used
if PEGASUS_USE_EMANATE is set.
Considerations: Refer to the description of PEGASUS_USE_EMANATE
for additional details.
PEGASUS_EMANATE_LIB_DIR
Description: Specifies the location of the EMANATE
lib directory.
Default Value: Not Set
Recommended Value (Development Build):
No Specific Recommendation
Recommended Value (Release Build):
No Specific Recommendation
Required: No. By default, the EMANATE libraries are
expected to be installed in directories that are searched by
default (e.g., /usr/lib, /usr/lib64). For platforms where this
isn't true, the PEGASUS_EMANATE_LIB_DIR environment variable may
be used to define an alternative path. This environment variable
is only used if PEGASUS_USE_EMANATE is set.
Considerations: Refer to the description of PEGASUS_USE_EMANATE
for additional details.
PEGASUS_ENABLE_AUDIT_LOGGER
Description: When this variable is set to false, support
for audit logging will NOT be built into OpenPegasus. If this
variable is set to true, or not set, support for audit logging
will be included in the build. All other values are invalid.
Default Value: true
Recommended Value (Development Build): true
Recommended Value (Release Build): true
Required: No
PEGASUS_ENABLE_CMPI_PROVIDER_MANAGER
Description: If set to true, a version of OpenPegasus
that supports CMPI providers and their dependent components is
built. If this variable is not set or set to false, support
for CMPI providers will not be included.
Default Value: true for Linux and OpenVMS, false for
other platforms
Recommended Value (Development Build): true (Linux
Platform Only)
Recommended Value (Release Build): true (Linux Platform
Only)
Required: No
PEGASUS_ENABLE_COMPRESSED_REPOSITORY
PEGASUS_ENABLE_CQL
Description: When this variable is set to false, support
for Indication Subscription filters that have CQL as the language
is disabled. It does not remove CQL from the build.
Default Value: Not Set
Recommended Value (Development Build): Not Set
Recommended Value (Release Build): false
Required: No
Considerations: The DMTF CIM Query Language
Specification is Preliminary and subject to backward incompatible
changes.
PEGASUS_ENABLE_DMTF_INDICATION_PROFILE_SUPPORT
Description: When this variable is set to true, support the
DMTF Indications Profile (DSP1054) is included in OpenPegasus.
If this variable is not set or set to false, support for the DMTF
Indications Profile will not be included.
Default Value: Not Set
Recommended Value (Development Build): Not Set
Recommended Value (Release Build): Not Set
Required: No
Considerations: The implementation of this feature is
based on a preliminary version of the DMTF Indications Profile,
DSP1053, and subject to change. If this variable is enabled,
two DMTF experimental class definitions, CIM_IndicationService and
CIM_IndicationServiceCapabilities, will be added to the
root/PG_InterOp namespace. Experimental class definitions are
subject to change.
PEGASUS_ENABLE_DMTF_INDICATION_PROFILE_SUPPORT requires
PEGASUS_ENABLE_INTEROP_PROVIDER to be enabled.
If PEGASUS_ENABLE_INTEROP_PROVIDER is not set, setting
PEGASUS_ENABLE_DMTF_INDICATION_PROFILE_SUPPORT to true, will also
enable PEGASUS_ENABLE_INTEROP_PROVIDER. If
PEGASUS_ENABLE_INTEROP_PROVIDER is explicitly disabled (i.e., set
to false), a build error will be generated.
PEGASUS_ENABLE_EXECQUERY
Description: When this environment variable is set,
processing of ExecQuery operations is enabled. When not set,
ExecQuery operation requests get a NotSupported response. (Note:
The PEGASUS_ENABLE_EXECQUERY environment variable controls
the definition of the PEGASUS_DISABLE_EXECQUERY compile macro.)
Default Value: Not Set
Recommended Value (Development Build): Not Set
Recommended Value (Release Build): Not Set
Required: No
PEGASUS_ENABLE_EMAIL_HANDLER
Description: When this environment variable is set, an
E-Mail Indication Handler is built as part of the OpenPegasus
build. The E-Mail Indication Handler can be used to
delivered CIM Indications to a designated e-mail address.
Default Value: Not Set
Recommended Value (Development Build): Not Set
Recommended Value (Release Build): Not Set
Required: No
Considerations: If PEGASUS_ENABLE_EMAIL_HANDLER is
not set when OpenPegasus is built, a request to create an Email
Indication Handler instance will be rejected will the error
CIM_ERR_NOT_SUPPORTED.
PEGASUS_ENABLE_GCOV
Description: GCOV,
http://gcc.gnu.org/onlinedocs/gcc/index.html#toc_Gcov, is a
code coverage utility. If PEGASUS_ENABLE_GCOV is set,
GCC will instrument the code to support analysis by GCOV.
Default Value: Not Set
Recommended Value (Development Build):
Not Set
Recommended Value (Release Build): Not Set
Required: No
Considerations:
This flag is currently only supported with GCC on Linux.
Note: LCOV,
http://ltp.sourceforge.net/coverage/lcov.php, is a
graphical front-end extension for GCOV. It collects GCOV data
for multiple source files and creates HTML pages with coverage
information. You can use the following steps to use LCOV to
analyze OpenPegasus GCOV data.
- Set PEGASUS_ENABLE_GCOV = true.
- Build and test OpenPegasus (e.g.,
make -f pegasus/TestMakefile build
alltests).
- For each source directory,
- copy the .gcda and .gcno files from the object
directory to the source directory (e.g.,
cp build/obj/Pegasus/Common/*.gcda
src/Pegasus/Common/);
- execute the lcov command
(e.g.,
lcov --directory src/Pegasus/Common/ --capture
--output-file result.info) to build the result.info
file; and finally,
- use the genhtml command to generate the .html
output (e.g., genhtml result.info). The
top .html file is named index.html.
PEGASUS_ENABLE_INDICATION_COUNT
Description: If true, the CIM
Server will be built to count the number of CIM indications
generated by providers and matched with subscriptions. If false
or not set, indication statistic support will not be included.
Default Value: true
Recommended Value (Development Build): true
Recommended Value (Release Build): true
Required: No
Considerations: The number of CIM indications generated by
providers and matched with subscriptions is stored in hash tables
which causes memory usage to increase by 4 bytes for each
active subscription and by about 400 bytes for each active
indication provider.
PEGASUS_ENABLE_PROTOCOL_BINARY
Description: If true, OpenPegasus uses a faster binary
protocol between local clients and the CIM server. If false, OpenPegasus
uses the conventional XML-based protocol instead.
See PEP#340 for more details.
Default Value: false
Recommended Value (Development Build): false
Recommended Value (Release Build): false
Required: No
Considerations: This option improves performance by using a faster
binary protocol between local clients and the CIM server.
PEGASUS_ENABLE_INTEROP_PROVIDER
Description: If true, the OpenPegasus Interop Provider
will be build. If false or not set, the OpenPegasus Interop
Provider will not be built.
Default Value: Not Set
Recommended Value (Development Build): Not Set
Recommended Value (Release Build): false
Required: No
Considerations: A number of features controlled by
OpenPegasus build options are dependent on the Interop
Provider. Please refer to PEGASUS_ENABLE_SLP,
PEGASUS_DISABLE_PERFINST, and
PEGASUS_ENABLE_DMTF_INDICATION_PROFILE_SUPPORT for additional
details.
PEGASUS_ENABLE_IPV6
Description: This variable can be used to specify
whether IPv6 support should be included in OpenPegasus.
Default Value: true
Recommended Value (Development Build): true
Recommended Value (Release Build): true
Required: No
Considerations: When this variable is set to
'false', support for IPv6 socket APIs and structures is disabled,
and the CIM Server will not accept connections to or from IPv6
network interfaces. When this variable is set to 'true', the
newer IPv6 socket APIs and structures will be included when
OpenPegasus is built, so they must be supported on the build
platform. However, if IPv6 is not supported on the platform on
which an IPv6-enabled version of OpenPegasus is run, then the IPv6
feature will be disabled at run-time and only IPv4 connections
will be supported.
PEGASUS_ENABLE_JMPI_PROVIDER_MANAGER
Description: If true, a version of OpenPegasus that
supports JMPI providers and their dependent components is built.
If false or not set, support for JMPI Providers is not included
in OpenPegasus. All other values are invalid.
Default Value: false
Recommended Value (Development Build): false
Recommended Value (Release Build): false
Required: No
PEGASUS_ENABLE_OBJECT_NORMALIZATION
Description: If set, builds in support so that objects
returned from provider instance operations can be validated.
The enableNormalization must also be set to 'true' (default)
Default Value: Not Set
Recommended Value (Development Build): Not Set
Recommended Value (Release Build): Not Set
Required: No
Considerations: If PEGASUS_ENABLE_OBJECT_NORMALIZATION is
set, two new configuration options are defined: enableNormalization
and excludeModulesFromNormalization.
PEGASUS_ENABLE_PRIVILEGE_SEPARATION
Description: If true, a version of OpenPegasus that
enables the Privilege Separation feature is built. This feature
allows the CIM Server to run in a non-privileged user context and
use a small executor process to perform privileged operations. If
false or not set, the Privilege Separate feature will not be
included.
Default Value: false
Recommended Value (Development Build): true (HP-UX,
Linux)
Recommended Value (Release Build): true (HP-UX,
Linux)
Required: No
Considerations: The Privilege Separation feature is
only supported on HP-UX and Linux platforms. The 'cimsrvr' user
must be defined on the system. If the umask setting in the
environment is not 0, PEGASUS_TMP must be set to a directory that
is writable by the 'cimsrvr' user for the tests to run
successfully.
PEGASUS_ENABLE_PROTOCOL_WSMAN
Description: If true, a version of OpenPegasus is
built that accepts and processes WS-Management requests. This
feature is initially limited to WS-Transfer and WS-Enumeration
operations. If false or not set, WS-Management support is not
built or included in any way.
Default Value: false
Recommended Value (Development Build): true
Recommended Value (Release Build): false
Required: No
Considerations: The WS-Management standards are not
mature, and interoperability problems may arise. The WS-Management
functionality may change in incompatible ways in subsequent
releases. Also note the known limitations specified in PEP 311.
PEGASUS_ENABLE_REMOTE_CMPI
Description: If set, a version of OpenPegasus that
support Remote CMPI providers and their dependent components
is built.
Default Value: Not Set
Recommended Value (Development Build): Not Set
Recommended Value (Release Build): Not Set
Required: No
PEGASUS_ENABLE_SLP
Description: This variable controls of the inclusion
of SLP functionality in the OpenPegasus build. When this
environment variable is set to 'true', SLP functionality will be
included as part of the OpenPegasus build. If
this variable is set to 'false' or not set, the SLP functionality
will not be included. All other values are considered
invalid and will result in a build error
(e.g., "PEGASUS_ENABLE_SLP ($(PEGASUS_ENABLE_SLP)) invalid,
must be true or false").
Default Value: 'true' for Windows; 'false' for all other
Platforms
Recommended Value (Development Build): 'true' for
Windows; 'false' for all other Platforms
Recommended Value (Release Build):
Required: No
Considerations: PEGASUS_ENABLE_SLP requires
PEGASUS_ENABLE_INTEROP_PROVIDER to be enabled. If
PEGASUS_ENABLE_INTEROP_PROVIDER is not set, setting
PEGASUS_ENABLE_SLP to true, will also enable
PEGASUS_ENABLE_INTEROP_PROVIDER. If
PEGASUS_ENABLE_INTEROP_PROVIDER is explicitly disabled
(i.e., set to false), a build error will be generated.
PEGASUS_ENABLE_SORTED_DIFF
Description: This controls if the DIFFSORT function
is used rather than a simple DIFF of the test results files
to the static results file. Set to 'true' enables the sorted
diffs of results to static results files. Otherwise results
in regular diffs of results to static results files.
See OpenPegasus bug 2283 for background information concerning
this config variable.
Default Value: true
Recommended Value (Development Build): true
Recommended Value (Release Build): true
Required: No
PEGASUS_ENABLE_SYSTEM_LOG_HANDER
Description: When this environment variable is set, a
SysLog Indication Handler is built as part of the OpenPegasus
build. The SysLog Indication Handler can be used to
delivered CIM Indications to the system log file.
Default Value: Not Set
Recommended Value (Development Build): Not Set
Recommended Value (Release Build): Not Set
Required: No
Considerations: If PEGASUS_ENABLE_SYSTEM_LOG_HANDLER
is not set when OpenPegasus is built, a request to create a SysLog
Indication Handler instance will be rejected with the error
CIM_ERR_NOT_SUPPORTED.
PEGASUS_ENABLE_SSLV2
Description: By default, support for the SSLV2 protocol
is disabled in OpenPegasus. The option can be used to build a
version of OpenPegasus that supports SSLV2. This variable affects
how SSL contexts are constructed for both the CIM Server and CIM
Clients.
Default Value: Not Set
Recommended Value (Development Build): Not Set
Recommended Value (Release Build): Not Set
Required: No
Considerations: Unless SSLV2 is required for backward
compatibility, enabling this protocol is not recommended (SSLV3
or later is preferred).
PEGASUS_ENABLE_USERGROUP_AUTHORIZATION
Description: Builds a version of OpenPegasus that
allows an administrator to restrict access to CIM operations
to members of a designated set of groups. Refer to the
authorizedUserGroupsconfiguration option for additional
details.
Default Value: Not Set
Recommended Value (Development Build): Not Set
Recommended Value (Release Build): Set
Required: No
PEGASUS_EXTRA_C_FLAGS
Description: This environment variable allows a
developer to specify an additional set of flags to be included
on the C compile command line.
Default Value: Not Set
Recommended Value (Development Build): No Set
Recommended Value (Release Build): Not Set
Required: No
PEGASUS_EXTRA_CXX_FLAGS
Description: This environment variable allows a
developer to specify an additional set of flags to be included
on the C++ compile command line.
Default Value: Not Set
Recommended Value (Development Build): Not Set
Recommended Value (Release Build): Not Set
Required: No
PEGASUS_EXTRA_LIBRARY_LINK_FLAGS
Description: This environment variable allows a
developer to specify an additional set of flags to include on
the link command line used to build a library.
Default Value: Not Set
Recommended Value (Development Build): Not Set
Recommended Value (Release Build): Not Set
Required: No
PEGASUS_EXTRA_LINK_FLAGS
Description: This environment variable allows a
developer to specify an additional set of flags to be included
on the link command line. These flags will be included on
both library and program executable link command lines.
Default Value: Not Set
Recommended Value (Development Build): Not Set
Recommended Value (Release Build): Not Set
Required: No
Considerations: Refer to PEGASUS_EXTRA_LIBRARY_LINK_FLAGS and
PEGASUS_EXTRA_PROGRAM_FLAGS to add flags specific to either a
library or program link command line.
PEGASUS_EXTRA_PROGRAM_LINK_FLAGS
Description: This environment variable allows a
developer to specify an additional set of flags to include on
the link command line used to build an executable program.
Recommended Value (Development Build): Not Set
Recommended Value (Release Build): Not Set
Required: No
PEGASUS_HAS_MESSAGES
Description: When set (to anything) during the build,
OpenPegasus compiles with localization support. The
ICU (International Components for Unicode) variables,
ICU_ROOT and ICU_INSTALL, indicate that the
localization support is based on ICU. Only ICU is supported
at this time.
Default Value: Not Set
Recommended Value (Development Build): Not Set
Recommended Value (Release Build): Not Set
Required: No
Considerations: If the PEGASUS_HAS_MESSAGES is not
set, OpenPegasus is built without localization support. This
means that all messages sent by the CIM Server and the CLIs are in
English. ICU is an open source project at
http://oss.software.ibm.com/icu.
Only English translations are included with the OpenPegasus
distribution. The OpenPegasus distribution does not provide
translated messages. But, enabling for ICU would allow vendor to
provide the translations. Refer to the OpenPegasus Release README
for additional information regarding the use of ICU. Although, in
OpenPegasus 2.3.2, experience with localization support
has been limited to a select set of platforms, wider platform
adoption of this technology is planned for 2.5.
PEGASUS_HAS_SSL
Description: If set, a version of OpenPegasus that
supports SSL (i.e., https) is built.
Default Value: Not Set
Recommended Value (Development Build): Set
Recommended Value (Release Build): Set
Required: No
Considerations: Support for SSL in OpenPegasus is
dependent on the OpenSSL software developed by the
OpenSSL Project (http://www.openssl.org/).
If the PEGASUS_HAS_SSL variable is set, the variable OPENSSL_HOME
must also be defined. The OPENSSL_HOME variable is used, by the
OpenPegasus build, to determine the location of the OpenSSL
include files, libraries and binaries.
PEGASUS_HOME
Description: Specifies the location of the
OpenPegasus working directory. The OpenPegasus
build will use this directory as the default location
for files generated during the build (e.g., binaries,
libraries, objects).
Default Value: None
Recommended Value (Development Build):
No Specific Recommendation
Recommended Value (Release Build):
No Specific Recommendation
Required: Yes
Considerations: The error "PEGASUS_HOME
environment variable undefined" is returned if the
PEGASUS_HOME environment variable is not set.
This variable is also used during runtime. Refer to the section
titled "Environment Variable Settings for Running OpenPegasus
2.3.2 on Linux" for additional details.
PEGASUS_INDICATIONS_Q_THRESHOLD
Description: Controls if indications providers are stalled
if the indications service queue is too large. It can be set
to any positive value. If not set providers are never
stalled. This implies that the indications service
queue may become as large as necessary to hold all the
indications generated. If set to any value then
providers are stalled by forcing them to sleep when they
try to deliver an indication and the indications service
queue exceeds this value. They are resumed when the queue
count falls 10 percent below this value. Stall and resume log
entries are made to inform the administrator the condition has
occurred.
Default Value: Not Set
Recommended Value (Development Build): Not Set
Recommended Value (Release Build): Not Set
Required: No
Considerations: Use of this setting may have
unintended side-effects when using Out-of-Process Providers
including delayed processing of CIM Operation Requests.
PEGASUS_MAX_THREADS_PER_SVC_QUEUE
Description: Controls the maximum number of threads
allowed per message service queue. It is allowed to range
between 1 and MAX_THREADS_PER_SVC_QUEUE_LIMIT (currently 5000)
as set in pegasus/src/Pegasus/Common/MessageQueueService.cpp.
If set to 0 (zero) the max threads per service queue is then
set to MAX_THREADS_PER_SVC_QUEUE_LIMIT. If set larger than the
MAX_THREADS_PER_SVC_QUEUE_LIMIT it is set equal to
MAX_THREADS_PER_SVC_QUEUE_LIMIT. There are no other limits on the
total number of threads that can exist within the system at this
time. When the server starts there on the order of 10 to 20
message service queues created dependent upon
build options.
Default Value: 5
Recommended Value (Development Build): 5
Recommended Value (Release Build): 5
Required: No
Considerations: This flag affects consumption of
system resources. Not setting, or inappropriately setting
this value, may cause the cimserver to hang or crash.
PEGASUS_ROOT
Description: Specifies the location of the directory
that corresponds to "pegasus" source directory defined in the
OpenPegasus CVS source tree. This environment variable is
used by the OpenPegasus build to locate the required build
and source files (e.g., $(PEGASUS_ROOT)/mak and
$(PEGASUS_ROOT)/src).
Default Value: None
Recommended Value (Development Build):
No Specific Recommendation
Recommended Value (Release Build):
No Specific Recommendation
Required: Yes
Considerations: The error "PEGASUS_ROOT environment
variable undefined" is returned if the PEGASUS_ROOT
environment variable is not set.
PEGASUS_NET_SNMP_INCLUDE_DIR
Description: Specifies the location of the NET-SNMP
include directory.
Default Value: Not Set
Recommended Value (Development Build):
No Specific Recommendation
Recommended Value (Release Build):
No Specific Recommendation
Required: No. By default, the NET-SNMP include
files are expected to be installed in directories that
are searched by default (e.g., /usr/include). For platforms
where this isn't true, the PEGASUS_NET_SNMP_INCLUDE_DIR
environment variable may be used to define an alternative path.
This environment variable is only used if PEGASUS_USE_NET_SNMP
is set.
PEGASUS_NET_SNMP_LIB_DIR
Description: Specifies the location of the NET-SNMP
lib directory.
Default Value: Not Set
Recommended Value (Development Build):
No Specific Recommendation
Recommended Value (Release Build):
No Specific Recommendation
Required: No. By default, the NET-SNMP library is
expected to be installed in a directory that is searched by
default (e.g., /usr/lib, /usr/lib64). For platforms where
this isn't true, the PEGASUS_NET_SNMP_LIB_DIR environment
variable may be used to define an alternative path. This
environment variable is only used if PEGASUS_USE_NET_SNMP is set.
PEGASUS_NOASSERTS
Description: Defines the NDEBUG compilation macro, which
causes the preprocessor to remove PEGASUS_ASSERT() statements.
Default Value: Not Set
Recommended Value (Development Build): Not Set
Recommended Value (Release Build): Set
Required: No
PEGASUS_OPENSLP_HOME
Description: Specifies the location of the OpenSLP
SDK directory. This directory must contain the OpenSLP
include directory, $(PEGASUS_OPENSLP_HOME)/include,
and the OpenSLP library directory,
$(PEGASUS_OPENSLP_HOME)/lib.
Default Value: Not Set
Recommended Value (Development Build):
No Specific Recommendation
Recommended Value (Release Build):
No Specific Recommendation
Required: No. If not set, no additional include or
library search paths will be included.
Considerations: This value is not used if PEGASUS_USE_OPENSLP
is not defined.
PEGASUS_PAM_AUTHENTICATION
Description: Enables support for PAM-(Pluggable
Authentication Modules) based authentication.
Default Value: Not Set
Recommended Value (Development Build): Set
Recommended Value (Release Build): Set
Required: No
Considerations: Support for PAM in OpenPegasus is
dependent on platform support for PAM.
PEGASUS_PLATFORM
Description: Describes the target platform for the
build. The list of supported values for this variable
is defined in pegasus/mak/config.mak. Please refer to
that file for a complete list of valid PEGASUS_PLATFORM
values. This document includes platform-specific configuration
data for only a subset of the supported platforms. The
following table describes the platforms documented in
this version of the document.
Default Value: None
Platform |
Recommended Value
Development Build |
Recommended Value
Release Build |
Linux IA32 |
LINUX_IX86_GNU |
LINUX_IX86_GNU |
Linux IA64 |
LINUX_IA64_GNU |
LINUX_IA64_GNU |
Linux X86_64 |
LINUX_X86_64_GNU |
LINUX_X86_64_GNU |
HP-UX PA-RISC |
HPUX_PARISC_ACC |
HPUX_PARISC_ACC |
HP-UX IPF |
HPUX_IA64_ACC |
HPUX_IA64_ACC |
OpenVMS Alpha |
VMS_ALPHA_DECCXX |
VMS_ALPHA_DECCXX |
OpenVMS IA64 |
VMS_IA64_DECCXX |
VMS_IA64_DECCXX |
Required: Yes
Considerations: The error "PEGASUS_PLATFORM
environment variable undefined." is returned if the
PEGASUS_PLATFORM environment variable is not set.
PEGASUS_REMOVE_METHODTRACE
Description: If true, the CIM Server is compiled without
method enter and exit trace statements. Trace Level 5 will
continue to be accepted as a valid trace level but, without the
method enter and exit trace statements, it will be equivalent to
Trace Level 4. If PEGASUS_REMOVE_METHODTRACE is false or not set,
method enter and exit trace statements are included. All
other values are considered invalid and will result in a build
error.
Default Value: Not Set
Recommended Value (Development Build): Not Set (The
Considerations section gives guidance on when a different
decision would be made.)
Recommended Value (Release Build): Not Set (The
Considerations section gives guidance on when a different
decision would be made.)
Required: No
Considerations: This option completely removes the
method enter/exit trace statements from the generated object code.
It defines the PEG_METHOD_ENTER and PEG_METHOD_EXIT macros
to null statements. This helps to keep static code size small
but reduces the serviceability of the CIM server.
PEGASUS_REPOSITORY_MODE
Description: This variable defines the default mode
used to create repositories that are constructed as part of the
automated build tests. It does not affect the runtime
environment. Valid values include: XML (causes
the repository to be built in XML mode); BIN (causes
the repository to be built in binary mode). Use cimconfig to
modify the runtime environment.
Default Value: XML
Recommended Value (Development Build): XML
Recommended Value (Release Build): XML
Required: No
PEGASUS_REPOSITORY_STORE_COMPLETE_CLASSES
Description: This variable defines the default contents of a
class definition in the repository store when a new repository is created.
Specifically, when set to true, propagated elements are included in a
class definition in the persistent store. The contents of a class
definition returned from the repository interface is not affected by this
option.
Default Value: false
Recommended Value (Development Build): false
Recommended Value (Release Build): false
Required: No
Considerations: A repository which stores complete class
definitions does not allow modifications to non-leaf classes or changes
to a superclass designation. Complete classes use more storage space,
often twice as much as local (incomplete) classes. Class retrieval may
be more expensive when local classes are stored. No specific mechanism
is available to change this setting in an existing repository.
PEGASUS_SLP_REG_TIMEOUT
Description: Most SLP implementations allow a lifetime
value to be specified in the registration sent to the SLP SA or
DA. The PEGASUS_SLP_REG_TIMEOUT build variable allows a lifetime
(ie. timeout) value to be specified on the SLP registration, with
a 're-registration' being sent to SLP at the same specified
timeout interval. The purpose of this lifetime or timeout value
is to avoid the accumulation of stale service information
in the SA or DA.
Default Value: Undefined
Recommended Value (Development Build): Undefined
Recommended Value (Release Build): Undefined
Required: NoExample:
PEGASUS_SLP_REG_TIME=1440 (ie. 24 hours or 1 day)
Considerations: (1) The OpenPegasus internal SLP
implementation does not support timeout registrations. This
build option is useful, for example, if PEGASUS_USE_OPENSLP is
defined. (2) Some SLP implementations may impose a
maximum value for the lifetime parameter. For example, OpenSLP
limits this value to SLP_LIFETIME_MAXIMUM (or 0xFFFF), and
if this maximum value is passed to OpenSLP, then the timeout
feature is disabled. Refer to the documentation of your SLP
implementation for more information. (3) OpenPegasus will not
do any validity checking on the specified value, either
to determine if it is a valid positive integer or if it
exceeds some maximum value.
PEGASUS_SNIA_EXTENSIONS
Description: This variable is used to enable a
set of workarounds that support the use of OpenPegasus
in the SNIA Test Environment.
Default Value: Not Set
Recommended Value (Development Build): Not Set
Recommended Value (Release Build): Not Set
Required: No
Considerations: The functionality enabled with this
variable is experimental and subject to change.
PEGASUS_SKIP_MOST_TEST_DIRS
Description: If set to true, this variable can be used
to reduce the time required to build OpenPegasus by significantly
reducing the number of tests that are built.
Default Value: Not Set
Recommended Value (Development Build): Not Set
Recommended Value (Release Build): Not Set
Required: No
Considerations: Setting this variable to true
affects the behavior of all recursive make targets (e.g.,
clean, depend, all, unittests, alltests, and slptests).
Use of this variable with test-related targets (e.g., unittests,
alltests and slptests) can produce unexpected results.
To avoid creating an inconsistent PEGASUS_HOME directory,
the PEGASUS_HOME directory (i.e., the OpenPegasus build
directory) should be removed prior to enabling or disabling
this variable. This variable should not be used to characterize
the set of files to be packaged in a release build. Please
refer to the Runtime Packaging Definition PEP for the release
for a recommended list of files to be included in a release.
PEGASUS_TEST_ENABLE_DEBUG_TRACE
Description:
This variable is only used for testing. If set to true,
Discarded data trace will be enabled by the install_run
target of the src/Server/Makefile before running the
OpenPegasus TestMakefile test suite.
Default Value: Not Set
Recommended Value (Development Build): Set
Recommended Value (Release Build): Not Set
Required: No
Considerations:
This variable is useful in certain test environments to
explicitly enable tracing to aid in better troubleshooting and
detection of test failures (E.g. Test systems are experiencing
test failures due to connection timeouts, lost indications
etc).
PEGASUS_TEST_ISGROUP_GROUP/PEGASUS_TEST_ISGROUP_USER_SUCCESS/PEGASUS_TEST_ISGROUP_USER_FAILURE
Description: These variables are only used for testing.
These variables allow the developer to define a valid group name,
PEGASUS_TEST_ISGROUP_GROUP, a valid user name that is in the
group, PEGASUS_TEST_ISGROUP_USER_SUCCESS, and an a valid user
name that is not in the group, PEGASUS_TEST_ISGROUP_USER_FAILURE.
These variables are only used for testing and NOT part of the
release.
Default Value(Windows):
Administrator/Administrators/Guest
Default Value(Non-Windows): root/root/guest
Recommended Value (Development Build):
No Recommendation
Recommended Value (Release Build): Not Used
Required: No
PEGASUS_TEST_IPV6
Description: This variable is only used for
testing. If set to true, the IPv6-specific tests will
be run as part of the "alltests" OpenPegasus
TestMakefile test suite. If this variable is not set or set to
false, the IPv6-specific tests will not be run. All
other values are invalid.
Default Value: If PEGASUS_TEST_IPV6 is not defined,
PEGASUS_TEST_IPV6 is set to the value of PEGASUS_ENABLE_IPV6.
Recommended Value (Development Build): Set to the value
of PEGASUS_ENABLE_IPV6
Recommended Value (Release Build): Not Used
Required: No
Considerations: This variable is useful in certain
test environments to explicitly disable running the IPv6
tests (e.g., when running an IPv6-enabled version of
OpenPegasus on an an IPv4 system).
PEGASUS_TEST_SDK
Description: This variable is only used for
testing. It is used to control testing of the SDK
sample providers and clients. If set, the setup, building and
testing of the SDK samples is enabled as part of the
OpenPegasus automated build and test.
Default Value: Not Set
Recommended Value (Development Build): Set
Recommended Value (Release Build): Not Used
Required: No
PEGASUS_TEST_USER_DEFINED
Description: This variable is only used for testing.
If this variable is set, the tests will assume that the
PEGASUS_TEST_USER_ID and PEGASUS_TEST_USER_PASS variables
defines a valid user/password pair and can be used for
certificate-based authentication testing. These tests
also assumes that "invalidUser" is not a valid
user.
Default Value: Not Set
Recommended Value (Development Build): Set
Recommended Value (Release Build): Not Used
Required: No
PEGASUS_TEST_USER_ID/PEGASUS_TEST_USER_PASS
Description: These variables are only used for
testing. These variables allow the developer to define a
valid, non-privileged user name and password
on the test system that can be used as part of the OpenPegasus
automated test scripts to perform authentication and
authorization testing. These variables are only used for
testing and NOT part of the release.
Default Value: guest/guest
Recommended Value (Development Build):
No Recommendation
Recommended Value (Release Build): Not Used
Required: No
PEGASUS_TEST_VALGRIND_LOG_DIR
Description:
This variable is currently only supported on Linux. It may be
set to run regression tests under the
Valgrind memory
checking tool. It must specify a directory for writing
Valgrind log files. The file name format for a particular
log is PEGASUS_TEST_VALGRIND_LOG_DIR/PROGRAM_NAME.pid.
Default Value: Not Set
Recommended Value (Development Build): Not Set
Recommended Value (Release Build): Not Set
Required: No
Considerations: This flag is only supported on Linux to
enable running tests under Valgrind.
PEGASUS_TMP
Description: This variable is only used in a test
environment. It can be used to define the directory that
OpenPegasus test programs should use to store temporary files.
Default Value: "."
Recommended Value (Development Build):
No Specific Recommendation
Recommended Value (Release Build): Not Used
Required: No
PEGASUS_USE_DEBUG_BUILD_OPTIONS
Description: The PEGASUS_DEBUG flag is used to control
a variety of settings, including compile options, assertion
enablement, method definitions for testing, and diagnostic
output. The PEGASUS_USE_DEBUG_BUILD_OPTIONS variable
can be used to enable just the compiler specific debug options
(e.g., -g in g++) .
Default Value: Not Set
Recommended Value (Development Build): Set
Recommended Value (Release Build): Not Set
Required: No
Considerations: This variable is automatically set
if PEGASUS_DEBUG is set.
PEGASUS_USE_EMANATE
Description: EMANATE,
http://www.snmp.com/products/emanate.html, is an SNMP Research
International product that supports SNMPv1, SNMPv2c, and
SNMPv3. If the PEGASUS_USE_EMANATE variable is defined,
the OpenPegasus SNMP Handler will use the EMANATE libraries
to send traps to the SNMP Management application.
The EMANATE libraries are NOT included as part of OpenPegasus.
Default Value: Not Set
Recommended Value (Development Build): Not Set
Recommended Value (Release Build): Not Set
Required: No
Considerations: Either the PEGASUS_USE_NET_SNMP or
PEGASUS_USE_EMANATE variable must be set for the SNMP
Handler to be supported.
PEGASUS_USE_NET_SNMP
Description: NET-SNMP,
http://net-snmp.sourceforge.net, is an OSS
implementation of a suite of applications used to implement
SNMP v1,
SNMP v2c and
SNMP v3 using
both IPv4 and IPv6. If the PEGASUS_USE_NET_SNMP
variable is defined, the OpenPegasus SNMP Handler will use
the NET-SNMP libraries to send traps to the SNMP Management
application. The NET-SNMP libraries are NOT included
as part of OpenPegasus.
Default Value: Not Set
Recommended Value (Development Build): Not Set
Recommended Value (Release Build): true for Linux,
false for all other platforms
Required: No
Considerations: Either the PEGASUS_USE_NET_SNMP or
PEGASUS_USE_EMANATE variable must be set for the SNMP
Handler to be supported.
PEGASUS_ENABLE_NET_SNMPV3
PEGASUS_USE_OPENSLP
Description: OpenSLP,
http://openslp.org, is an open-source implementation of
Service Location Protocol. If the PEGASUS_USE_OPENSLP variable
is defined, OpenPegasus will be built to use the OpenSLP
implementation of SLP instead of the internal OpenPegasus
implementation of SLP. The OpenSLP libaries are NOT included
as part of OpenPegasus.
Default Value: Not Set
Recommended Value (Development Build): Not Set
Recommended Value (Release Build): Not Set
Required: No
Considerations: PEGASUS_ENABLE_SLP must be defined
if this variable is set.
PEGASUS_USE_PAM_STANDALONE_PROC
Description: Moves the processing of PAM requests from
the CIM Server process to a separate process managed by the
CIM Server.
Default Value: Not Set
Recommended Value (Development Build): Set
Recommended Value (Release Build): Set
Required: No
Considerations: If PAM Authentication is enabled,
the PAM API is used, during the processing of each request, to
authenticate the client. This level of use makes the CIM Server
extremely sensitive to memory leaks in the PAM library. In
addition, certain PAM modules are not thread-safe. If your
platform is experiencing problems with PAM Authentication,
use of option may provide a work-around.
PEGASUS_USE_PAM_STANDALONE_PROC requires
PEGASUS_PAM_AUTHENTICATION to be set.
PEGASUS_USE_RELEASE_CONFIG_OPTIONS
Description: If set, OpenPegasus is built using
the "Release Build" configuration options. By default,
OpenPegasus is built using the "Development Build"
configuration options.
Default Value: false
Recommended Value (Development Build): false
Recommended Value (Release Build): true
Required: No
Considerations: (1)The
PEGASUS_USE_RELEASE_CONFIG_OPTIONS variable allows a platform
vendor to easily toggle between two sets of configurations
options, a set of options tuned for the development/debug
("Development Build") environment and a set of options
tuned for the production environment ("Release Build").
Refer the section titled "Configuration Properties" for
additional detail. (2) For each configuration
variable, the "Recommended Value (Release Build)"
value defines the recommended settings to use for a
"Release Build". Please refer to the
description of each variable for additional information.
PEGASUS_USE_RELEASE_DIRS
Description: If set, OpenPegasus is built using
the "Release Build" directory definitions. By default,
OpenPegasus is built using the "Development Build"
directory definitions.
Default Value: Not Set
Recommended Value (Development Build): Not Set
Recommended Value (Release Build): Set
Required: No
Considerations:
The PEGASUS_USE_RELEASE_DIRS variable allows a platform
vendor to easily toggle between two sets of directory
definitions, a set tuned for the development/debug
("Development Build") environment and a set tuned for the
production environment ("Release Build"). Refer the section
titled "Configuration Properties" for additional detail.
PEGASUS_FLAVOR
Description: This variable is used for configuring Multi CIMOM
on same OS by eliminating single point for storage of PID's and configuration
files. Flavor is used in structuring the release dirs,configuration file names,
log identity and PAM config file.
If set, OpenPegasus is built using the flavor value. By default OpenPegasus is
built using "tog" as the flavor. RPMs are named using the flavor value.
Default Value: tog
Recommended Value (Development Build): tog
Recommended Value (Release Build): tog
Required: No
Considerations:
To build RPM using flavor, RPM spec file needs to be regenerated after setting the flavor value.
This can be done using the create_OpenPegasusRPMSpecFile target in the Makefile.Release.
Platforms have to define their own release dir structure using the flavor for release builds.
An error will be reported if both PEGASUS_FLAVOR and PEGASUS_USE_RELEASE_DIRS are set and
PEGASUS_OVERRIDE_DEFAULT_RELEASE_DIRS is not set.
RPM build on linux defines PEGASUS_OVERRIDE_DEFAULT_RELEASE_DIRS by default.
PEGASUS_PLATFORM_FOR_32BIT_PROVIDER_SUPPORT
Description: Builds the Pegasus with 32-bit provider support for the specified platform.
If this option is set, the value MUST be one of the 32-bit supported platforms by Pegasus.
Default Value: Not set
Recommended Value (Development Build): Not set
Recommended Value (Release Build): Not set
Required: No
Considerations:
This option is used to run the 32-bit providers under 64-bit CIMserver.
To register the 32-bit providers, register the provider module by setting the
Bitness property value to "2". 32-bit Providers are always loaded out of process
irrespective of forceProviderProcesses config option.
PEGASUS_USE_SQLITE_REPOSITORY
Description: If true, new repository stores are created
using a SQLite database. Existing file-based stores will continue
to be recognized and operate seamlessly.
Default Value: false
Recommended Value (Development Build): true
Recommended Value (Release Build): true
Required: No
Considerations: If PEGASUS_USE_SQLITE_REPOSITORY is set to true
and SQLite files are not installed in default search locations,
SQLITE_HOME must also be configured.
PEGASUS_REPOSITORY_STORE_COMPLETE_CLASSES may not be set to true when
PEGASUS_USE_SQLITE_REPOSITORY is set to true.
PEGASUS_USE_SYSLOGS
Description: If set, OpenPegasus will be built
to send log messages to the system logger (syslog).
Otherwise, log messages will be sent to OpenPegasus
specific log files.
Recommended Value (Development Build): Set
Recommended Value (Release Build): Set
Required: No
Considerations: This variable is currently
not implemented as an environment variable. To use
the option -DPEGASUS_USE_SYSLOGS must
be explicitly included in the appropriate platform
makefile (pegasus/mak/platform_*.mak).
PEGASUS_WINDOWS_SDK_HOME
Description: This variable should be set to point
to the Microsoft Platform SDK on Windows if using a compiler
version < 1300 (i.e. VC6). If using VC7 or VC8, this flag
does not need to be set, as the necessary libraries are already
included.
Recommended Value (Development Build):
No Specific Recommendation
Recommended Value (Release Build):
No Specific Recommendation
Required: Yes, if building on Windows with a
compiler version < 1300.
SQLITE_HOME
Description: Specifies the location of the SQLite SDK directory.
This directory must contain sqlite3.h in the $(SQLITE_HOME)/include
directory, and libsqlite3 in the $(SQLITE_HOME)/lib directory.
Default Value: Not Set
Recommended Value (Development Build):
No Specific Recommendation
Recommended Value (Release Build):
No Specific Recommendation
Required: Yes, if PEGASUS_USE_SQLITE_REPOSITORY is set to true
and the SQLite files are not installed in locations that are searched by
default.
Considerations: This environment variable is only used if
PEGASUS_USE_SQLITE_REPOSITORY is set to true.
PEGASUS_INITIAL_THREADSTACK_SIZE
Description: This environment variable sets the initial size
of the stack on new threads. Value is specified in number of bytes.
Default Value: 262144
Recommended Value (Development Build): 262144
Recommended Value (Release Build): 262144
Required: No
Examples Building a Linux IA32 (#IA64) Development/Debug Version
export PEGASUS_ROOT=/home/pegasusbld/pegasus
export PEGASUS_HOME=/home/pegasusbld/pegasus/build
export PEGASUS_PLATFORM=LINUX_IX86_GNU
#export PEGASUS_PLATFORM=LINUX_IA64_GNU
export PEGASUS_PAM_AUTHENTICATION=true
export PEGASUS_USE_PAM_STANDALONE_PROC=true
export PEGASUS_HAS_SSL=yes
export PEGASUS_DEBUG=TRUE
export ENABLE_CMPI_PROVIDER_MANAGER=true
export PEGASUS_USE_SYSLOGS=true
export PATH=/home/pegasusbld:/home/pegasusbld/pegasus/build/bin:/usr/local/bin:$PATH
Building a Linux IA32 (#IA64) Production Release Version
export PEGASUS_ROOT=/home/pegasusbld/pegasus
export PEGASUS_HOME=/home/pegasusbld/pegasus/build
export PEGASUS_PLATFORM=LINUX_IX86_GNU
#export PEGASUS_PLATFORM=LINUX_IA64_GNU
export PEGASUS_ENABLE_CQL=false
export PEGASUS_PAM_AUTHENTICATION=true
export PEGASUS_USE_PAM_STANDALONE_PROC=true
export PEGASUS_HAS_SSL=yes
export PEGASUS_USE_RELEASE_CONFIG_OPTIONS=true
export PEGASUS_USE_RELEASE_DIRS=true
export PEGASUS_NOASSERTS=true
export ENABLE_CMPI_PROVIDER_MANAGER=true
export PEGASUS_ENABLE_USERGROUP_AUTHORIZATION=true
export PEGASUS_USE_SYSLOGS=true
export PATH=/home/pegasusbld:/home/pegasusbld/pegasus/build/bin:/usr/local/bin:$PATH
Environment Variable Settings for Running OpenPegasus
Definitions
PEGASUS_HOME
Description: There are multiple options for
configuring the location of OpenPegasus runtime
files (e.g., configuration files, libraries,
repository, executables). If no other option is
specified, OpenPegasus will attempt to use the value
PEGASUS_HOME.
Default Value: "."
Recommended Value (Development Build):
The same value defined at build time.
Recommended Value (Release Build): Not Set
Required: No
Considerations: Although this variable can be
useful in a development environment use of this environment
variable is not recommended in a production environment.
Instead, the use of configuration properties to explicitly
set the location of runtime files and directories is recommended.
PEGASUS_MSG_HOME
Description: This value is not used by the CIM
Server. The CIM Server uses the messageDir configuration
parameter to locate the directory where the ICU resource bundles.
However, CIM Client applications must rely on an alternative
mechanism to locate this directory.
Default Value: if $PEGASUS_HOME is set then
"$PEGASUS_HOME/msg" else "."
Recommended Value (Development Build): $PEGASUS_HOME/msg
Recommended Value (Release Build): Not Set
Required: No
Configuration Properties
Notation
This section describes the notation used to define the
configuration properties.
Default Value
The value of Default Value is the OpenPegasus
default setting for this configuration option. This
value is used if a platform-specific setting is not
defined.
Recommended Default Value
The PEGASUS_USE_RELEASE_CONFIG_OPTIONS variable allows a
platform vendor to easily toggle between two sets of
configurations options, a set of options tuned for the
development/debug ("Development Build") environment
and a set of options tuned for the production environment
("Release Build"). The value of
Recommended Value (Development Build)
is the recommended default value for use in a development/
debug environment. The value of
Recommended Value (Release Build) is the recommended
default value for use in a production environment.
Recommend To Be Fixed/Hidden
Configuration options can be defined as fixed or hidden.
A "fix" configuration option is set at build time
and cannot be changed without rebuilding. "Fixed"
configuration options are not displayed using the cimconfig
command. This feature can be used by vendors to limit
OpenPegasus functionality and configurability.
A "hidden" configuration option is an option that is
configurable (i.e., "not fixed"), but not externally
advertised using the cimconfig command. The "hidden"
feature can be used to define "internal use only"
configuration options.
Dynamic?
If yes, the value of the configuration option can be
changed without stopping and restarting the CIM Server.
Directory Specifications
Note that the variables included in the following table
(e.g., $LOGDIR) are for documentation purposes only and
have been defined to simplify the description of the
configuration options. In particular,
these variables DO NOT correspond to environment variables
implemented in the OpenPegasus code. Default values
for the following variables are platform
and vendor dependent and not documented in this document.
|
$LOGDIR |
$PROVIDERDIRS |
$PROVIDERMANAGERDIRS |
$REPOSITORYDIR |
$CERTIFICATEDIR
|
$LOCALAUTHDIR |
$TRACEDIR |
$CONFIGDIR |
$PIDFILE |
$RANDOMDIR |
$SOCKETDIR |
$MESSAGEDIR |
Definitions
authorizedUserGroups
Description: If the authorizedUserGroups
property is set, the value is interpreted as a list of
comma-separated user groups whose members may issue CIM
requests. A user who is not a member of any of these groups is
restricted from issuing CIM requests, with the exception of
privileged users (root user). If the authorizedUserGroups
property is not set, any user may issue CIM requests.
Default Value: blank
Recommended Default Value (Development Build): blank
Recommended Default Value (Release Build): blank
Recommend To Be Fixed/Hidden (Development Build):
No/No
Recommend To Be Fixed/Hidden (Release Build): No/No
Dynamic?: No
Example:
#cimconfig -s authorizedUserGroups=users,systemusers -p
Considerations: This feature is available only when
the OpenPegasus source is compiled with the flag
PEGASUS_ENABLE_USERGROUP_AUTHORIZATION set.
daemon
Description: This option enables/disables forking of
the code to create a background daemon process.
Default Value: true
Recommended Default Value (Development Build): true
Recommended Default Value (Release Build): true
Recommend To Be Fixed/Hidden (Development Build):
No/No
Recommend To Be Fixed/Hidden (Release Build):
No/Yes
Dynamic?: No
Platform |
Source Configuration File |
Linux |
Pegasus/Config/DefaultPropertyTableLinux.h |
HP-UX |
Pegasus/Config/DefaultPropertyTableHpux.h |
OpenVMS |
Pegasus/Config/DefaultPropertyTableVms.h |
enableAssociationTraversal
Description: If true, the CIM Server will support
the four association traversal operators: Associators,
AssociatorNames,References, and ReferenceNames.
Default Value: true
Recommended Default Value (Development Build): true
Recommended Default Value (Release Build): true
Recommend To Be Fixed/Hidden (Development Build):
No/No
Recommend To Be Fixed/Hidden (Release Build): No/No
Dynamic?: No
Considerations: There is still an outstanding
Provider Registration issue that restricts the degree to
which separate Providers can register for Associations.
Platform |
Source Configuration File |
Linux |
Pegasus/Config/DefaultPropertyTableLinux.h |
HP-UX |
Pegasus/Config/DefaultPropertyTableHpux.h |
OpenVMS |
Pegasus/Config/DefaultPropertyTableVms.h |
enableAuditLog
Description: Used to enable or disable audit
logging at run time. If true, audit logging will be enabled.
Recommended Default Value (Development Build): false
Recommended Default Value (Release Build): false
Recommend To Be Fixed/Hidden (Development Build):
No/No
Recommend To Be Fixed/Hidden (Release Build): No/No
Dynamic?: Yes
Source Configuration File:
Pegasus/Config/DefaultPropertyTable.h
enableAuthentication
Description: If true, a Client must be authenticated
to access the CIM Server.
Recommended Default Value (Development Build): false
Recommended Default Value (Release Build): true
Recommend To Be Fixed/Hidden (Development Build): No/No
Recommend To Be Fixed/Hidden (Release Build): Yes
Dynamic?: No
Source Configuration File:
Pegasus/Config/SecurityPropertyOwner.cpp
enableBinaryRepository
Description: Setting this to true will activate the
binary repository support on the next restart of cimserver.
Recommended Default Value (Development Build): false
Recommended Default Value (Release Build): false
Recommend To Be Fixed/Hidden (Development Build): Yes
Recommend To Be Fixed/Hidden (Release Build): Yes
Dynamic?: No
Considerations: Repositories containing a mixture
of binary and XML objects are supported.
Source Configuration File:
Pegasus/Config/RepositoryPropertyOwner.cpp
enableHttpConnection
Description: If true, allows connections to
the CIM Server using the HTTP protocol
Default Value: true
Recommended Default Value (Development Build): true
Recommended Default Value (Release Build): false
Recommend To Be Fixed/Hidden (Development Build): No/No
Recommend To Be Fixed/Hidden (Release Build): No/No
Dynamic?: No
Considerations:
Enabling HTTP will allow clients to connect with security
properties different than those associated with encrypted SSL
traffic, and its configured SSL authentication or other security
behavior. This option should only be enabled in environments
where sending the HTTP Request and HTTP Response as
clear text messages does not introduce a security risk.
Note that if authentication is enabled (enableAuthentication),
user names and passwords will be included in the text of the
HTTP message.
Platform |
Source Configuration File |
Linux |
Pegasus/Config/DefaultPropertyTableLinux.h |
HP-UX |
Pegasus/Config/DefaultPropertyTableHpux.h |
OpenVMS |
Pegasus/Config/DefaultPropertyTableVms.h |
enableHttpsConnection
Description: If true, allows connections to
the CIM Server using the HTTPS protocol (HTTP using
Secure Socket Layer encryption)
Default Value: false
Recommended Default Value (Development Build): true
Recommended Default Value (Release Build): true
Recommend To Be Fixed/Hidden (Development Build): No/No
Recommend To Be Fixed/Hidden (Release Build): No/No
Dynamic?: No
Considerations: For this option to work,
the environment variable PEGASUS_HAS_SSL must have
been set when CIM Server was built.
Platform |
Source Configuration File |
Linux |
Pegasus/Config/DefaultPropertyTableLinux.h |
HP-UX |
Pegasus/Config/DefaultPropertyTableHpux.h |
OpenVMS |
Pegasus/Config/DefaultPropertyTableVms.h |
enableIndicationService
Description: If true, the CIM Server will support
CIM Indications.
Default Value: true
Recommended Default Value (Development Build): true
Recommended Default Value (Release Build): true
Recommend To Be Fixed/Hidden (Development Build): No/No
Recommend To Be Fixed/Hidden (Release Build): No/No
Dynamic?: Yes/No
Considerations: When enableIndicationService is set to
false dynamically, delete subscription requests are sent to all
indication providers and indication related operations are
not supported until indication service is re-enabled. Dynamic
configuration facility is available only when Pegasus is compiled
with PEGASUS_ENABLE_DMTF_INDICATION_PROFILE_SUPPORT=true. Clients
who wants to utilize the IndicationService services MUST check for
CIM_IndicationService EnabledState and HealthState properties to know
the current indication service state. For example, User can enumerate
instances of CIM_IndicationService and there is exactly one instance
of CIM_IndicationService returned. (Ex. using cimcli command
'cimcli ei -n root/PG_InterOp CIM_IndicationService'). When requested state
change(Enabled/Disabled) cannot be made because of timeout or some
other exception IndicationService HealthState is set to "Degraded/Warning".
For example, if user requested for indication service disable (by setting
enableIndicationService=false), disable failed because of timeout or some
other exception. Now service health state is set to "Degraded/Warning"
and service EnabledState will remain enabled. User can now identify the
faulty provider causing the timeout or any other problem and can take
appropriate action. User can again request for service disable to recover
from degraded state. Similar sequence applies while enabling the indication
service. Only difference is that service EnabledState is set to Enabled
if exception or timeout happens. There is no automatic recovery from
degraded state is available at present.
Platform |
Source Configuration File |
Linux |
Pegasus/Config/DefaultPropertyTableLinux.h |
HP-UX |
Pegasus/Config/DefaultPropertyTableHpux.h |
OpenVMS |
Pegasus/Config/DefaultPropertyTableVms.h |
enableNamespaceAuthorization
Description: If true, the CIM Server restricts
access to namespaces based on configured user authorizations
[user authorizations may be configured using the cimauth
command]
Default Value: false
Recommended Default Value (Development Build): false
Recommended Default Value (Release Build): false
Recommend To Be Fixed/Hidden (Development Build): No/No
Recommend To Be Fixed/Hidden (Release Build): No/No
Dynamic?: No
Considerations:
This option offers limited functionality and, in most
environments, expensive to administer. It's use is not
recommended.
Source Configuration File:
Pegasus/Config/SecurityPropertyOwner.cpp
enableNormalization
Description: If true, objects returned from instance
providers are validated and normalized.
Default Value: true
Recommended Default Value (Development Build): true
Recommended Default Value (Release Build): false
Recommend To Be Fixed/Hidden (Development Build): No/No
Recommend To Be Fixed/Hidden (Release Build): No/No
Dynamic?: Yes
Considerations:
- Any errors encountered during normalization result in a
CIMException with the status code set to CIM_ERR_FAILED
and a meaningful, context specific error description
(messages will be localized). Providers that catch the
exception have an opportunity to handle the error.
Otherwise, the exception is passed to the Provider Manager
and becomes the response for that Provider.
- Provider Modules that are listed on the
excludeModulesFromNormalization
configuration option are excluded from normalization.
- Since the concept of normalization is relatively new to
OpenPegasus and it establishes and enforces rules for
objects returned by providers, it should only
apply to providers written against the SDK in which it was
introduced (or later). Therefore only Provider Modules that
have the following InterfaceType and InterfaceVersion
combination will be subject to normalization:
- 'C++Default' / 2.5.0 or greater
- 'CMPI' / 2.0.0 or greater
- 'JMPI' / 1.0.0 or greater
Source Configuration File:
Pegasus/Config/NormalizationPropertyOwner.cpp
enableRemotePrivilegedUserAccess
Description: If true, the CIM Server allows
access by a privileged user from a remote system
Default Value: true
Recommended Default Value (Development Build): true
Recommended Default Value (Release Build): true
Recommend To Be Fixed/Hidden (Development Build): No/No
Recommend To Be Fixed/Hidden (Release Build): No/No
Dynamic?: No
Considerations: Many management operations require
privileged user access. Disabling remote access by
privileged user could significantly affect
functionality.
Source Configuration File:
Pegasus/Config/SecurityPropertyOwner.cpp
enableSubscriptionsForNonprivilegedUsers
Description: If true, operations (create instance,
modify instance, delete instance, get instance, enumerate
instances, enumerate instance names) on indication
filter, listener destination, and subscription instances
may be performed by non-privileged users. Otherwise, these
operations may only be performed on these instances by
privileged users.
Default Value: true
Recommended Default Value (Development Build): true
Recommended Default Value (Release Build): false
Recommend To Be Fixed/Hidden (Development Build): No/No
Recommend To Be Fixed/Hidden (Release Build): No/No
Dynamic?: No
Considerations: This option has meaning only if
enableIndicationService=true.
Source Configuration File:
Pegasus/Config/SecurityPropertyOwner.cpp
excludeModulesFromNormalization
Description: If the excludeModulesfromNormalization
property is set, the value is interpreted as a list of
comma-separated Provider Module names (as specified in
PG_ProviderModule.Name) to exclude from validation and
normalization.
Default Value: ""
Recommended Default Value (Development Build):
""
Recommended Default Value (Release Build):
""
Recommend To Be Fixed/Hidden (Development Build): No/No
Recommend To Be Fixed/Hidden (Release Build): No/No
Dynamic?: No
Considerations: All objects managed by all
providers will be excluded from validation and normalization
if its module name appears in this list.
Source Configuration File:
Pegasus/Config/NormalizationPropertyOwner.cpp
forceProviderProcesses
Description: If true, the CIM Server runs Providers
in separate processes rather than loading and calling Provider
libraries directly within the CIM Server process.
Default Value: Dependent on the value of
PEGASUS_DEFAULT_ENABLE_OOP
Recommended Default Value (Development Build):true (HP-UX,
Linux)
Recommended Default Value (Release Build): true (HP-UX,
Linux)
Recommend To Be Fixed/Hidden (Development Build): No/No
Recommend To Be Fixed/Hidden (Release Build): No/No
Dynamic?: No
Considerations: In a dynamic, potentially multi-vendor,
environment, the ability to run Providers in separate processes
can significantly increase the stability, maintainability and
supportability of the overall solution. Running Providers
in separate process spaces: (1) helps isolate components (i.e.,
cimserver and Providers) from a catastrophic failure
(segmentation faults, memory leaks) of a single Provider and (2)
reduces the risk of accidental or malicious sharing of sensitive
data among Providers. This benefit comes at a cost.
Moving Providers out of the cimserver process increases
communication costs and can significantly increase response
time. Actual results will vary, but it is common for
response times to increase by a factor of 2.
Note 1: When forceProviderProcesses is true, the CIM
Server will load each Provider Module (i.e., library) into a
separate process. Providers in different Provider Modules
cannot depend on a communication mechanism that
requires them to run in the same process space.
Note 2: Although the catastrophic failure of an
Out-Of-Process (OOP) Provider Module will not result in a
failure of the CIM Server process, if the failed OOP Provider
Module included Indication Providers, Indications may be
lost. If logging is enabled, the CIM Server will log a
message informing administrators of what happened and what
corrective actions can be taken.
Platform |
Source Configuration File |
Linux |
Pegasus/Config/DefaultPropertyTableLinux.h |
HP-UX |
Pegasus/Config/DefaultPropertyTableHpux.h |
OpenVMS |
Pegasus/Config/DefaultPropertyTableVms.h |
home
Description: If set, this configuration option defines
the runtime default value for PEGASUS_HOME.
Default Value: "./"
Recommended Default Value (Development Build)"./"
Recommended Default Value (Release Build)""
Recommend To Be Fixed/Hidden (Development Build): No/No
Recommend To Be Fixed/Hidden (Release Build): Yes
Dynamic?: No
Platform |
Source Configuration File |
Linux |
Pegasus/Config/DefaultPropertyTableLinux.h |
HP-UX |
Pegasus/Config/DefaultPropertyTableHpux.h |
OpenVMS |
Pegasus/Config/DefaultPropertyTableVms.h |
httpPort
Description: OpenPegasus first attempts to look up the
port number for HTTP using getservbyname for the 'wbem-http'
service. The httpPort configuration setting is used only when the
getservbyname lookup fails.
Default Value: blank
Recommended Default Value (Development Build): blank
Recommended Default Value (Release Build): 5988
Recommend To Be Fixed/Hidden (Development Build): No/No
Recommend To Be Fixed/Hidden (Release Build): Yes
Dynamic?: No
Considerations: (1)The use of 5988 for WBEM HTTP is
recommended by the DMTF. This port has been registered with
IANA. In a production environment, the recommendation is
to use /etc/services to configure the value of this port. (2)
With the release of OpenPegasus 2.5, the default values for
httpPort was changed from 5988 to "". This
change was made to allow the OpenPegasus to differentiate
between a default setting of 5988 and a customer-defined
setting of 5988. With this change, if the port
number is explicitly set, the configured port will be used
regardless of the settings in /etc/services. If no port number
is specified, the server will continue to use the value in
/etc/services.
Platform |
Source Configuration File |
Linux |
Pegasus/Config/DefaultPropertyTableLinux.h |
HP-UX |
Pegasus/Config/DefaultPropertyTableHpux.h |
OpenVMS |
Pegasus/Config/DefaultPropertyTableVms.h |
httpsPort
Description:
OpenPegasus first attempts to look up the port number for HTTPS
using getservbyname for the 'wbem-https' service. The httpsPort
configuration setting is used only when the getservbyname lookup
fails.
Default Value: blank
Recommended Default Value (Development Build): blank
Recommended Default Value (Release Build): 5989
Recommend To Be Fixed/Hidden (Development Build): No/No
Recommend To Be Fixed/Hidden (Release Build): Yes
Dynamic?: No
Considerations: (1)The use of 5989 for WBEM HTTPS
is recommended by the DMTF. This port has been registered with
IANA.
In a production environment, the recommendation is to use
/etc/services to configure the value of this port.(2)
With the release of OpenPegasus 2.5, the default values for
httpPort was changed from 5989 to "". This
change was made to allow the OpenPegasus to differentiate
between a default setting of 5989 and a customer-defined
setting of 5989. With this change, if the port number
is explicitly set, the configured port will be used regardless
of the settings in /etc/services. If no port number is specified,
the server will continue to use the value in /etc/services.
Platform |
Source Configuration File |
Linux |
Pegasus/Config/DefaultPropertyTableLinux.h |
HP-UX |
Pegasus/Config/DefaultPropertyTableHpux.h |
OpenVMS |
Pegasus/Config/DefaultPropertyTableVms.h |
idleConnectionTimeout
Description: If set to a positive integer, this value
specifies a minimum timeout value for idle client connections.
If set to zero, idle client connections do not time out.
Recommended Default Value (Development Build): 0
Recommended Default Value (Release Build): 0
Recommend To Be Fixed/Hidden (Development Build): No/No
Recommend To Be Fixed/Hidden (Release Build): No/No
Dynamic?: Yes
Considerations: A client connection is considered
idle when it is not in the process of sending a request and
the CIM Server is not processing a request from that connection.
An idle connection timeout allows reclamation of the system
resources allocated for idle CIM Server connections. Note that
the CIM Server may allow an idle connection to persist longer
than the configured timeout value based on server activity.
Some client applications may not behave correctly if a
connection timeout is introduced. Client compatibility should be
considered when configuring an idle connection timeout value.
The idle connection time is computed using the system clock.
Thus, resetting the system clock may cause unexpected timeout
behavior.This config property can be changed dynamically. The
changes will apply to all new and existing connections.
maxFailedProviderModuleRestarts
Description: If set to a positive integer, this value
specifies the number of times the failed provider module with
indications enabled are restarted automatically before being
moved to Degraded state. If set to zero, failed provider module
is not restarted with indications enabled automatically and
will be moved to Degraded state immediately.
Recommended Default Value (Development Build): 3
Recommended Default Value (Release Build): 3
Recommend To Be Fixed/Hidden (Development Build): No/No
Recommend To Be Fixed/Hidden (Release Build): No/No
Dynamic?: Yes
Considerations: This option controls the automatic
re-enabling of the failed provider module with indications
enabled. If the provider module with indications enabled fails
very frequently, it affects the CIMServer normal operations because
CIMServer would be busy with reloading the provider module every
time it fails. This option would be helpful if the long running
indication provider crashes and the management application want
to receive the indications from the provider while provider fix
is being delivered. In case of provider module grouping, if one of
the indication provider crashes, it affects all indication providers
in the provider modules of the group. Note that this is the facility
provided by the CIMServer for temporary recovery of the provider and
the ultimate goal SHALL be fixing the faulty provider.
maxIndicationDeliveryRetryAttempts
Description: If set to a positive integer, this value
defines the number of times that the indication service will
try to deliver an indication to a particular listener destination.
This does not effect the original delivery attempt, thus if set to 0,
cimserver will only try to deliver the indication once.
Recommended Default Value (Development Build): 3
Recommended Default Value (Release Build): 3
Recommend To Be Fixed/Hidden (Development Build): No/No
Recommend To Be Fixed/Hidden (Release Build): No/No
Dynamic?: No
Considerations: This value is used to set the
CIM_IndicationService.DeliveryRetryAttempts property. See
CIM_IndicationService.DeliveryRetryAttempts property for more details. This
option is supported only when PEGASUS_ENABLE_DMTF_INDICATION_PROFILE_SUPPORT
is defined.
Source Configuration File:
Pegasus/Config/IndicationServicePropertyOwner.cpp
minIndicationDeliveryRetryInterval
Description: If set to a positive integer, this value defines
the minimal time interval in seconds for the indication service to wait
before retrying to deliver an indication to a listener destination that
previously failed. Cimserver may take longer due to QoS or other processing.
Recommended Default Value (Development Build): 30
Recommended Default Value (Release Build): 30
Recommend To Be Fixed/Hidden (Development Build): No/No
Recommend To Be Fixed/Hidden (Release Build): No/No
Dynamic?: No
Considerations: This value is used to initialize the property
CIM_IndicationService.DeliveryRetryInterval. See
CIM_IndicationService.DeliveryRetryInterval property for more details. This
option is supported only when PEGASUS_ENABLE_DMTF_INDICATION_PROFILE_SUPPORT
is defined.
Source Configuration File:
Pegasus/Config/IndicationServicePropertyOwner.cpp
logdir
Description: Specifies the name of the directory
to be used for the OpenPegasus specific log files.
Recommended Default Value (Development Build): logs
Recommended Default Value (Release Build): $LOGDIR
Recommend To Be Fixed/Hidden (Development Build): No/No
Recommend To Be Fixed/Hidden (Release Build): Yes
Dynamic?: Yes
Considerations: This option is not supported if
PEGASUS_USE_SYSLOGS is defined.
Source Configuration File:
Pegasus/Config/LogPropertyOwner.cpp
logLevel
Description: Defines the desired level of logging.
Valid values include: TRACE, INFORMATION, WARNING, SEVERE,
FATAL.
Default Value: "INFORMATION"
Recommended Default Value (Development Build):
"INFORMATION"
Recommended Default Value (Release Build): "SEVERE"
Recommend To Be Fixed/Hidden (Development Build): No/No
Recommend To Be Fixed/Hidden (Release Build): No/No
Dynamic?: Yes
Considerations:
Source Configuration File:
Pegsus/Config/LogPropertyOwner.cpp
maxLogFileSizeKBytes
Description: Specifies the maximum size of the logfile in Kilo
Bytes. If the logfile size exceeds maxLogFileSizeKBytes logfile will be pruned.
Default Value: 32768
Recommended Default Value (Development Build): 32768
Recommended Default Value (Release Build): 32768
Recommend To Be Fixed/Hidden (Development Build): No/No
Recommend To Be Fixed/Hidden (Release Build): No/No
Dynamic?: Yes
Considerations: This option is not supported if PEGASUS_USE_SYSLOGS is defined. Minimum accepted value is 32 KB.
Source Configuration File: Pegsus/Config/LogPropertyOwner.cpp
maxProviderProcesses
Description: Limits the number of provider
processes (see 'forceProviderProcesses) that may run
concurrently. A 'maxProviderProcesses' value of '0' indicates
that the number of Provider Agent processes is unlimited
Default Value: 0
Recommended Default Value (Development Build): 0
Recommended Default Value (Release Build): 0
Recommend To Be Fixed/Hidden (Development Build): No/No
Recommend To Be Fixed/Hidden (Release Build): No/Yes
Dynamic?: Yes
Considerations: Consider there are five provider processes
already running and the maxProviderProcesses is dynamically changed to
four. In this case though new provider processes will not be created
but existing five will continue running
Platform |
Source Configuration File |
Linux |
Pegasus/Config/DefaultPropertyTableLinux.h |
HP-UX |
Pegasus/Config/DefaultPropertyTableHpux.h |
OpenVMS |
Pegasus/Config/DefaultPropertyTableVms.h |
messageDir
Description: Specifies the name of the directory to
be used for the OpenPegasus translated messages.
Default Value: msg
Recommended Default Value (Development Build): msg
Recommended Default Value (Release Build):
$MESSAGEDIR/msg
Recommend To Be Fixed/Hidden (Development Build): No/No
Recommend To Be Fixed/Hidden (Release Build): Yes
Dynamic?: No
Considerations: Only used when message localization
is enabled. See PEGASUS_HAS_MESSAGES for details.
Source Configuration File:
FileSystemPropertyOwner.cpp
providerDir
Description: Specifies the names of the directories
that contains Provider executables.
Recommended Default Value (Development Build): lib
Recommended Default Value (Release Build):
$PROVIDERDIRS
Recommend To Be Fixed/Hidden (Development Build): No/No
Recommend To Be Fixed/Hidden (Release Build): Yes
Dynamic?: Yes
Considerations: The CIM Server runs as a privileged
user. And, since Providers run in the same process space as the
CIM Server, Providers also have privileged access to the
system. Allowing a registered Provider’s executable to be
replaced with malicious code would result in a critical
security defect, giving a malicious user privileged access
to the system. Adminstrators are responsible for ensuring
that only trusted Providers are loaded into providerDir.
In order to simplify the management task associated with
securing Provider executable, the value of providerDir can be
fixed at build time (i.e., set to one or more fixed, well-known
locations).
Source Configuration File:
Pegasus/Config/FileSystemPropertyOwner.cpp
providerManagerDir
Description: Specifies the name of the directory that
contains the ProviderManager plugin libraries.
Recommended Default Value (Development Build): lib
Recommended Default Value (Release Build):
$PROVIDERMANAGERDIRS
Recommend To Be Fixed/Hidden (Development Build): No/No
Recommend To Be Fixed/Hidden (Release Build): Yes
Dynamic?: No
Considerations: Should be a dedicated directory to
minimize inspection of non-applicable files. Additionally,
since all calls to the providers go through the provider
managers, the same care should be taken with regards to
security for the provider manager directory, as for provider
directories.
Source Configuration File:
Pegasus/Config/FileSystemPropertyOwner.cpp
repositoryDir
Description: Specifies the name of the directory
to be used for the OpenPegasus repository.
Recommended Default Value (Development Build): repository
Recommended Default Value (Release Build):
$REPOSITORYDIR/repository
Recommend To Be Fixed/Hidden (Development Build): No/No
Recommend To Be Fixed/Hidden (Release Build): Yes
Dynamic?: No
Considerations:
Source Configuration File:
Pegasus/Config/FileSystemPropertyOwner.cpp
repositoryIsDefaultInstanceProvider
Description: If true, the Repository functions
as the Instance Provider for all classes for which there
is not an explicitly registered Provider. This flag is
also used to control the behavior of the repository when
processing association operators.
Recommended Default Value (Development Build): true
Recommended Default Value (Release Build): false
Recommend To Be Fixed/Hidden (Development Build): No/No
Recommend To Be Fixed/Hidden (Release Build): No/Yes
Dynamic?: No
Considerations: This flag can be used to configure
the CIM Server to allow the Repository to be used by CIM Clients
and CIM Providers as a dynamic data store. The setting of this
flag will significantly affect CIM Server behavior as viewed
by the CIM Client.
The following issues should be considered when setting
repositoryIsDefaultInstanceProvider=true:
- Authorization. The repository has no
concept of which users (or components) are authorized to
perform which operations.
- Appearance of instrumentation. A client application
cannot determine whether instrumentation exists for a
given CIM class. For example, imagine a client
issues a CreateInstance operation on a Disk class
for which no provider is registered.
The instance will be stored in the repository, and
the client gets a "success" response. Does that mean a
disk device has been created on the server? Even worse,
when another client issues an EnumerateInstances
operation, the spurious Disk instance is returned.
With repositoryIsDefaultInstanceProvider=false, the
CreateInstance operation above would have returned a
NOT_SUPPORTED error.
- Potential for inconsistent data. Using the
repository as a data cache increases the probability
that a client will see stale or incorrect data. A
provider can better control the correlation
between the data returned and the current state of the
underlying managed resource (whether or not the provider
caches the data).
The following issues should be considered when setting
repositoryIsDefaultInstanceProvider=false:
- Provider Availability. Certain Providers have been
developed to use the Repository as a dynamic data store.
These Providers are currently not supported on system
where this flag is disabled. E.g., the Common Diagnostics
Model (CDM) Provider
(http://developer.intel.com/design/servers/cdm/)
relies on use of the Repository to store instances
of CIM_DiagnosticSetting. If this flag set to
false, this Provider will not function correctly. Note
that this feature is supported by other WBEM
implementation. Therefore, disabling this feature
can increase the cost of migrating existing Providers to
OpenPegasus.
Source Configuration File:
Pegasus/Config/RepositoryPropertyOwner.cpp
shutdownTimeout
Description: When a cimserver -s shutdown command is
issued, specifies the maximum time in seconds for the CIM Server
to complete outstanding CIM operation requests before shutting
down; if the specified timeout period expires, the CIM Server
will shut down, even if there are still CIM operations in
progress. Minimum value is 2 seconds.
Recommended Default Value (Development Build): 10
Recommended Default Value (Release Build): 10
Recommend To Be Fixed/Hidden (Development Build): No/No
Recommend To Be Fixed/Hidden (Release Build):No/No
Dynamic?: Yes
Considerations:
Source Configuration File:
Pegasus/Config/ShutdownPropertyOwner.cpp
slp
Description: When set to true, OpenPegasus activates
an SLP SA and issues DMTF defined SLP advertisements to this SA
on startup.
Default Value: false
Recommended Default Value (Development Build): false
Recommended Default Value (Release Build): false
Recommend To Be Fixed/Hidden (Development Build): No/No
Recommend To Be Fixed/Hidden (Release Build): Yes
Dynamic?: No
Platform |
Source Configuration File |
Linux |
Pegasus/Config/DefaultPropertyTableLinux.h |
HP-UX |
Pegasus/Config/DefaultPropertyTableHpux.h |
OpenVMS |
Pegasus/Config/DefaultPropertyTableVms.h |
socketWriteTimeout
Description: If the CIM Server receives an
EWOULDBLOCK/EAGAIN error on a non-blocking write,
socketWriteTimeout defines the number of seconds the
CIM Server will wait for the socket to get ready and resume
writing data.
Recommended Default Value (Development Build):
20 (seconds)
Recommended Default Value (Release Build):
20 (seconds)
Recommend To Be Fixed/Hidden (Development Build): No/No
Recommend To Be Fixed/Hidden (Release Build): No/No
Dynamic?: Yes
Considerations: Any changes made to this config property
dynamically will apply to new CIM Server connections only
keeping old already established connections unchanged.
Source Configuration File:
Pegasus/Config/DefaultPropertyTable.h
sslCertificateFilePath
Description: Contains the CIM Server SSL
Certificate.
Recommended Default Value (Development Build):
server.pem
Recommended Default Value (Release Build):
$CERTIFICATEDIR/server.pem"
Recommend To Be Fixed/Hidden (Development Build): No/No
Recommend To Be Fixed/Hidden (Release Build): Yes
Dynamic?: No
Considerations: For a more detailed look at SSL options
and their ramifications, please see the SSL guidelines.
Source Configuration File:
Pegasus/Config/SecurityPropertyOwner.cpp
sslClientVerificationMode
Description: Describes the desired level of support
for certificate-based authentication.
- “required” – The server requires certificate-based
client authentication. A client MUST present a
trusted certificate in order to access the CIM Server.
If the client fails to send a certificate or sends an
untrusted certificate, the connection will be rejected.
- “optional” – The server supports, but does not
require, certificate-based client authentication. The
server will request and attempt to validate a client
certificate, however the connection will be accepted even
if no certificate is sent or an untrusted certificate is
sent. The server will then seek to authenticate the
client via an authentication header.
- “disabled” – The server does not support
certificate-based client authentication.
Recommended Default Value (Development Build):
disabled
Recommended Default Value (Release Build):
disabled
Recommend To Be Fixed/Hidden (Development Build): No/No
Recommend To Be Fixed/Hidden (Release Build): No/No
Dynamic?: No
Considerations: (1) This property is only used if
enableHttpsConnection is "true".
(2) If the platform does not support PEGASUS_LOCAL_DOMAIN_SOCKET,
OpenPegasus attempts to use either HTTPS or
HTTP to establish a local connection (connectLocal).
For platforms that do not support PEGASUS_LOCAL_DOMAIN_SOCKET,
Clients which use connectLocal, such as cimconfig -l -c,
cimprovider -l -s and cimserver -s, will not work if the
"sslClientVerificationMode" variable is set to
"required" and HTTP is disabled. For these
platforms, the recommended course of action is to change the
property value to "optional."
Source Configuration File:
Pegasus/Config/SecurityPropertyOwner.cpp
sslKeyFilePath
Description: Contains the private key for the CIM
Server SSL Certificate.
Recommended Default Value (Development Build):
file.pem
Recommended Default Value (Release Build):
$CERTIFICATEDIR/file.pem
Recommend To Be Fixed/Hidden (Development Build): No/No
Recommend To Be Fixed/Hidden (Release Build): Yes
Dynamic?: No
Considerations: File should be readable only by the
user the cimserver is running as and/or privileged users. The
file should be writeable only by a privileged user.
Source Configuration File:
Pegasus/Config/SecurityPropertyOwner.cpp
sslTrustStore
Description: Specifies the location of the OpenSSL
truststore. Consistent with the OpenSSL implementation, a
truststore can be either a file or directory. If the truststore
is a directory, all the certificates within the directory are
considered trusted.
Recommended Default Value (Development Build):
client.pem
Recommended Default Value (Release Build):
$CERTIFICATEDIR/client.pem
Recommend To Be Fixed/Hidden (Development Build): No/No
Recommend To Be Fixed/Hidden (Release Build): Yes
Dynamic?: No
Source Configuration File:
Pegsus/Config/SecurityPropertyOwner.cpp
sslTrustStoreUserName
Description: Specifies the system user name to be
associated with all certificate-based authenticated requests.
Recommended Default Value (Development Build): NONE
Recommended Default Value (Release Build): NONE
Recommend To Be Fixed/Hidden (Development Build): No/No
Recommend To Be Fixed/Hidden (Release Build): No/No
Dynamic?: No
Considerations: This property has no default; for
security reasons, the system administrator must explicitly
specify this value. This feature allows a single user
name to be specified. This user will be associated
with all certificates in the truststore. In the future,
OpenPegasus will allow a system administrator to associate a
distinct user name with each certificate.
Source Configuration File:
Pegsus/Config/SecurityPropertyOwner.cpp
traceComponents
Description: Defines the components to be traced.
Default Value: ""
Recommended Default Value (Development Build): ""
Recommended Default Value (Release Build): ""
Recommend To Be Fixed/Hidden (Development Build): No/No
Recommend To Be Fixed/Hidden (Release Build): No/Yes
Dynamic?: Yes
Source Configuration File:
Pegasus/Config/TracePropertyOwner.cpp
traceFacility
Description: Defines the desired facility for trace
messages. Valid values include: "File"
, "Log" and "Memory" .
Default Value: File
Recommended Default Value (Development Build): File
Recommended Default Value (Release Build): File
Recommend To Be Fixed/Hidden (Development Build): No/No
Recommend To Be Fixed/Hidden (Release Build): No/Yes
Dynamic?: Yes
Case Sensitive?: No
Considerations: If you specify "File",
trace messagesare written into the file specified by the
configuration option traceFilePath. If you specify
"Log", trace messages are written to the
OpenPegasus Log. If you specify Memory, the trace messages
are collected in a wrap-around memory buffer.
If this memory is part of a dump the trace messages can be
found by the eye-catcher "PEGASUSMEMTRACE" at
the top of the memory buffer. The trace is in clear text and
the last written message has the suffix "EOTRACE".
Source Configuration File:
Pegasus/Config/TracePropertyOwner.cpp
traceFilePath
Description: Specifies the location of the
OpenPegasus trace file.
Default Value: cimserver.trc
Recommended Default Value (Development Build):
cimserver.trc
Recommended Default Value (Release Build):
$TRACEDIR/cimserver.trc
Recommend To Be Fixed/Hidden (Development Build):No/No
Recommend To Be Fixed/Hidden (Release Build): Yes
Dynamic?: Yes
Source Configuration File:
Pegasus/Config/TracePropertyOwner.cpp
traceLevel
Description: Defines the desired level of
tracing. Valid values include: 0, 1, 2, 3, 4, 5.
Default Value: 0
Recommended Default Value (Development Build): 0
Recommended Default Value (Release Build): 0<
Recommend To Be Fixed/Hidden (Development Build): No/No
Recommend To Be Fixed/Hidden (Release Build): No/Yes
Dynamic?: Yes
Source Configuration File:
Pegasus/Config/TracePropertyOwner.cpp
traceMemoryBufferKbytes
Description: Defines the size of the buffer for
in memory tracing in kbytes ( 210 bytes ).
Smallest value is 16.
Default Value: 10240
Recommended Default Value (Development Build): 10240
Recommended Default Value (Release Build): 10240
Recommend To Be Fixed/Hidden (Development Build): No/No
Recommend To Be Fixed/Hidden (Release Build): No/No
Dynamic?: No
Case Sensitive?: No
Considerations: Is ignored if configuration
property traceFacility is not set to Memory.
Source Configuration File:
Pegasus/Config/TracePropertyOwner.cpp
Configuration Constants
Definitions
static char CURRENT_CONFIG_FILE [] =
Description: Default file name for the current
configuration file.
Recommended Default Value (Development Build):
cimserver_current.conf
Recommended Default Value (Release Build):
$CONFIGDIR/cimserver_current.conf
Dynamic?: No
Platform |
Source Configuration File |
Linux |
Pegasus/Config/ConfigFileDirLinux.h |
HP-UX |
ConfigFileDirHpux.h |
OpenVMS |
Pegasus/Config/ConfigFileDirVms.h |
static char PLANNED_CONFIG_FILE [] =
Description: Default file name for the planned
configuration file.
Recommended Default Value (Development Build):
cimserver_planned.conf
Recommended Default Value (Release Build):
$CONFIGDIR/cimserver_planned.conf
Dynamic?: No
Platform |
Source Configuration File |
Linux |
Pegasus/Config/ConfigFileDirLinux.h |
HP-UX |
Pegasus/Config/ConfigFileDirHpux.h |
OpenVMS |
Pegasus/Config/ConfigFileDirVms.h |
static char CIMSERVER_START_FILE [] =
Description: This is for the default file name
for the cimserver startup file containing the PID.
Default Value: /tmp/cimserver_start.conf
Recommended Default Value (Development Build):
/tmp/cimserver_start.conf
Recommended Default Value (Release Build):
$PIDFILE
Dynamic?: No
Platform |
Source Configuration File |
Linux |
Pegasus/Config/ConfigFileDirLinux.h |
HP-UX |
Pegasus/Config/ConfigFileDirHpux.h |
OpenVMS |
Pegasus/Config/ConfigFileDirVms.h |
Configuration Macros
Definitions
PEGASUS_SSLCLIENT_CERTIFICATEFILE
Description:
Recommended Default Value (Development Build): client.pem
Recommended Default Value (Release Build):
$CERTIFICATEDIR/client.pem
Dynamic?: No
Source Configuration File:
Pegasus/Common/Constants.h
PEGASUS_SSLCLIENT_RANDOMFILE
Description: On platforms that do not support
/dev/random or /dev/urandom, OpenSSL will use this file to
seed the PRNG (Pseudo-Random Number Generator). This
PEGASUS_SSLCLIENT_RANDOMFILE defines the default CIM
Client random file.
Recommended Default Value (Development Build):ssl.rnd
Recommended Default Value (Release Build):
$RANDOMDIR/ssl.rnd
Dynamic?: No
Considerations: Use of this variable requires
PEGASUS_HAS_SSL to be set. CIM Client use of a
shared random file is not recommended. On systems where
/dev/random or /dev/urandom are not available, CIM Clients are
encouraged to generate a unique random file which
contains sufficient entropy.
Source Configuration File:
Pegasus/Common/Constants.h
PEGASUS_SSLSERVER_RANDOMFILE
Description: On platforms that do not support
/dev/random or /dev/urandom, OpenSSL will use this file
to seed the PRNG (Pseudo-Random Number Generator). This
PEGASUS_SSLSERVER_RANDOMFILE defines the CIM Server
random file.
Recommended Default Value (Development Build):
cimserver.rnd
Recommended Default Value (Release Build):
$RANDOMDIR/cimserver.rnd
Dynamic?: No
Considerations: 1)Use of this variable
requires PEGASUS_HAS_SSL to be set.(2) On systems where
/dev/random or /dev/urandom are not available, CIM Server
vendors need to be sure that the cimserver.rnd file
contains sufficient entropy and is uniquely generated for
each system.
Source Configuration File:
Pegasus/Common/Constants.h
PEGASUS_LOCAL_AUTH_DIR
Description: For local connections (i.e.,
connectLocal), OpenPegasus uses a file-based authentication
mechanism.
Recommended Default Value (Development Build): /tmp
Recommended Default Value (Release Build):
$LOCALAUTHDIR/localauth
Dynamic?: No
Source Configuration File:
Pegasus/Common/Constants.h
PEGASUS_LOCAL_DOMAIN_SOCKET_PATH
Description:
Recommended Default Value (Development Build):
/tmp/cimxml.socket
Recommended Default Value (Release Build):
$SOCKETDIR/cimxml.socket
Dynamic?: No
Source Configuration File:
Pegasus/Common/Constants.h
Licensed to The Open Group (TOG) under one or more contributor license
agreements. Refer to the OpenPegasusNOTICE.txt file distributed with
this work for additional information regarding copyright ownership.
Each contributor licenses this file to you under the OpenPegasus Open
Source License; you may not use this file except in compliance with the
License.
Permission is hereby granted, free of charge, to any person obtaining a
copy of this software and associated documentation files (the "Software"),
to deal in the Software without restriction, including without limitation
the rights to use, copy, modify, merge, publish, distribute, sublicense,
and/or sell copies of the Software, and to permit persons to whom the
Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included
in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.