(file) Return to notes.txt CVS log (file) (dir) Up to [Pegasus] / pegasus / src / Executor

Diff for /pegasus/src/Executor/notes.txt between version 1.1 and 1.1.2.11

version 1.1, 2006/12/28 03:59:20 version 1.1.2.11, 2007/01/09 23:26:21
Line 0 
Line 1 
   
       1.  The user that runs cimervermain is determined by the
           PEGASUS_CIMSERVERMAIN_USER constant defined in
           <Pegasus/Common/Constants.h>
   
       2.  All files but the repository are owned by root. The cimservermain
           process may read any of the root owned files, but it must ask the
           executor to modify them.
   
       3.  The executor gives ownership of the repository to the server user
           upon startup.
   
       4.  Executor checks whether Pegasus repository exists and errors out
           if not.
   
       5.  Cimservermain owns the local-domain socket file (/tmp/cimxml.socket).
   
       6.  For logging purposes, the executor uses "cimexecutor" as its syslog
           identifier.
   
       7.  Setting up PAM authentiction (non-standalone).
   
           First compile with PEGASUS_PAM_AUTHENTICATION.
   
           Next install the PAM configuration file.
   
               % cd $PEGASUS_ROOT
               % cp rpm/wbem /etc/pam.d
               % chmod 0644 /etc/pam.d/wbem
   
       8.  To build for standalone PAM authentication, compile with these:
   
               PEGASUS_PAM_AUTHENTICATION
               PEGASUS_USE_PAM_STANDALONE_PROC
   
       9.  To run cimserver to use PAM, use these configuration parameters.
   
               enableAuthentication=true
   
       10. To build SSL support, compile with these.
   
               OPENSSL_HOME=/usr
               PEGASUS_HAS_SSL=true
   
       11. To run cimerver to use SSL, use these configuration parameters.
   
               enableHttpsConnection=true
               enableAuthentication=true
               sslClientVerificationMode=optional
               sslTrustStoreUserName=root
   
       12. To add a user to cimserver.passwd, use the following format (the given
           user must be a real system user).
   
               jsmith:AB5bZ.JX9fQzA
   
           Use the following program to generate the password (at least on
           Linux).
   
               #define _XOPEN_SOURCE
               #include <unistd.h>
               #include <stdio.h>
   
               int main()
               {
                   printf("%s\n", crypt("changeme", "AB"));
                   return 0;
               }
   
           Compile and link the program as follows.
   
               % gcc -o mkpasswd mkpasswd.cpp -lcrypt
   
       13. The KerberosAuthenticationHandler.h and all Kerberos authentication
           logic is not part of the Pegasus repository.
   
       14.  The CIMExportIndicationRequestMessage comes back into the server
            and is delivered to an indication consumer (which must be loaded).
   
   

Legend:
Removed from v.1.1  
changed lines
  Added in v.1.1.2.11
No CVS admin address has been configured
 Powered by
ViewCVS 0.9.2