Ernesto Puig Rodriguez | 27 Aug 10:12 2014
Picon

Re: CIM Client 2.13.0 crashes on Solaris


Hi,

After further tracing I found the place in the code causing the crash. It
is the static definition of IDFactory in the MessageQueue.cpp. More exactly
it is the Array object of the class Stack which seems not to be allocated
correctly. Below a list of tracing:

Entering CIMClient()
Entering MessageQueue::getNextQueueId()
Entering IDFactory::getID()
In IDFactory::getID() after asserting _magic
In IDFactory::getID() 1
In IDFactory::getID() 2
Entering Stack::isEmpty
Entering Array::size()

Moving the definition of IDFactory into the class MessageQueue also did not
help.

Unfortunately I do not see that behaviour when I run the test using the
OpenPegasus program TestClient. This provides the suspicion that the merge
of the standard libraries of Solaris with OpenPegasus may be causing the
problem.

I appreciate any hints or comments on that. Thanks.

Mit freundlichen Gruessen/Kind regards/Atentamen
te

(Continue reading)

Andreas Maier | 25 Aug 15:13 2014
Picon

Avoiding PAM checks Bug 9892


Kirk,
On your statement:
> If you use a cookie, then the server will have to request it each time
and cause excess wasted traffic.
I was not aware that in order to use cookies, the server has to turn around
and ask the client. The proposed approach would cause the server to include
the cookie in the response header of the response it sends anyway, and the
client would include the so received cookie in the request header of any
subsequent requests it sends anyway. That would not incur any additional
traffic.
Are you saying that the proposed approach cannot work that way?

On DMTF involvement:
DMTF would be involved to document the concept as an optional feature in
DSP0200, as it does already with a number of other HTTP headers (both
standard and extension). Reason being that DMTF wants to foster
interoperability across *multiple* implementations, instead of just
allowing a particular implementation between its client and server to do
something that is allowed as per the HTTP standard, but otherwise not known
outside of that particular implementation. Now that is Andy's view on how
DMTF operates, but it is with my DMTF hat (particularly the CIM-XML hat)
on.... Plus, IBM uses CIM clients and servers form multiple
implementations, so we have also a company interest for interoperability.

Andy

Andreas Maier
IBM Senior Technical Staff Member, Systems Management Architecture & Design
IBM Research & Development Laboratory Boeblingen, Germany
(Continue reading)

Ernesto Puig Rodriguez | 7 Aug 22:43 2014
Picon

CIMClient of version 2.13.0 crashes on Solaris


Hi All,

I am not able to get the CIM Client of the release 2.13.0 running for
Solaris.  In contrast AIX, Linux and HP-UX are working fine.

I am having a core dump creating the object of the CIMClient Pegasus class.
It doesn't  matter whether 32 or 64 bit. The Solaris version I am using is
the following:
     Oracle Solaris 10 9/10 s10s_u9wos_14a SPARC  Assembled 11 August 2010

The compiler is the CC of the sun studio 12.1.

In the past it was working fine using OpenPegasus 2.9.1.

Is there some experiences of facing similar issue with OpenPegasus 2.13.0?.

Some more details:
OpenSSL is version 1.0.1h, ICU 4.4.1
Below are the last calls in the stack:

$mdb program core
Loading modules: [ libc.so.1 ld.so.1 ]
> ::stack
__1cHPegasusFArray4CI_Esize6kM_I_+8(10267e6f8, 10142b050, 10267e700,
10273f6c0, 1025b0a98, 4c00)
__1cHPegasusMMessageQdDueueOgetNextQdDueueId6F_I_+0x28(10273f590, 4e20,
1025b0a98, cdc60, 183ff9c, cdc00)
__1cHPegasusMMessageQdDueue2t5B6Mpkc_v_+0x34(10273f6a8, 10142b050, cdc00,
10273f6c0, 1025b0a98, 4c00)
(Continue reading)

Andreas Maier | 30 Jul 16:34 2014
Picon

Avoiding PAM checks


Karl, Jan,
I have discussed the issue with a number of folks, and that helped me to
better understand how Jan's proposal works.

I'd like to make the following comments, before I leave for vacation (back
at home from 8/16 on, back in the office from 8/25 on):

Just to recap the overall approach: Upon successful authentication of a CIM
request, if the server supports the new feature, it invents a session ID
and sends that back with the CIM response. If the client supports the new
feature, it uses that session ID on subsequent CIM requests. Upon receipt
of a CIM request with such a session ID, the server can decide whether it
trusts the session ID sufficiently at that moment to bypass the
authentication check.

I'm fine with that overall approach, but I kept the description
deliberately high level, because there are some considerations and
requirements:

- It depends very much on the data that makes up the session ID. A
   suggestion from one of our security folks was that the session ID be a
   hash of (userid, timestamp, randon number, underlying SSL session ID).
   It is definitely a requirement that the session ID cannot be calculated
   by an intruder. For example, just using timestamp and userid would
   probably be not sufficient. Keep in mind that the code is open source,
   so the algorithm how exactly the hash is calculated will be known, and
   the secret must be in the data, not in the algorithm. Using the
   underlying SSL session ID for example ensures that the same SSL session
   is still in place. Maybe that is too much of a requirement, but it is
(Continue reading)

Prakash Narayanaswamy | 15 Jul 03:25 2014

Fwd: On PG_ProviderProfileCapabilities

Hello,

To gain understanding of the modelling required to support SNIA's Array profile, I'm wondering if it's possible to model all the classes, instances and the associations statically in a mof and load it into OpenPegasus.

If this is possible, how can I register support for Array profile in OpenPegasus without writing a PG_ProviderModule and the associated PG_ProviderProfileCapabilities.

​Prakash 


Cheng Yong CY Zhao | 12 May 04:36 2014
Picon

A question about PEGASUS_INTEROP_NAMESPACE

Hello,

I set PEGASUS_INTEROP_NAMESPACE=interop PEGASUS_ENABLE_DMTF_INDICATION_PROFILE_SUPPORT=true and PEGASUS_ENABLE_INTEROP_PROVIDER=true to enable indications support. I got following errors when trying to ei PG_ComputerSystem, CIM_ComputerSystem:

CLI CIMException:  Cmd= ei Object= PG_ComputerSystem
CIM_ERR_INVALID_NAMESPACE: root/cimv2

CLI CIMException:  Cmd= ei Object= CIM_ComputerSystem
root/cimv2

do I set wrong build options? Thank you.

Regards,
Cheney
Sheng SH Liu | 9 May 08:46 2014
Picon

A question about comprovagt accessing storage nodes

Hi all:
we are using cimprovagt and get some error.
we check the log and see following:

type=AVC msg=audit(1394502919.480:2066713): avc:  denied  { getattr } for  pid=32761 comm="cimprovagt" path="/dev/dm-7" dev=devtmpfs ino=31093 scontext=system_u:system_r:pegasus_t:s0 tcontext=system_u:object_r:svirt_image_t:s0:c43,c115 tclass=blk_file
type=SYSCALL msg=audit(1394502919.480:2066713): arch=c000003e syscall=4 success=no exit=-13 a0=7f72b80186f0 a1=7f72f9a17040 a2=7f72f9a17040 a3=0 items=0 ppid=19642 pid=32761 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="cimprovagt" exe="/usr/sbin/cimprovagt" subj=system_u:system_r:pegasus_t:s0 key=(null)

here /dev/dm-7 is a guest storage nodes.
Should comprovagt legitimitely be accessing guest storage nodes?

Thanks!
Best Regards!

Manav | 2 May 20:38 2014
Picon

cimserver crash on Solaris

Hi All,

I am trying to build OpenPegasus 2.13 on Solaris.
I did the following:
export PEGASUS_HOME=/dev/pegasus/
export PEGASUS_ROOT=/dev/pegasus/
export PEGASUS_PLATFORM==SOLARIS_X86_64_CC

./configure

gmake
gmake repository

export LD_LIBRARY_PATH=$PEGASUS_HOME/lib

We are using /opt/SUWspro/bin/cc.
After some tweaks in the code, we were able to build it but when we run the
cimserver, get the following:
(dbx) run
Running: cimserver
(process id 2691)
t <at> 1 (l <at> 1) signal SEGV (no mapping at the fault address) in atomic_inc_32 at
0xfffffd7ffed43f54
0xfffffd7ffed43f54: atomic_inc_32+0x0004:    lock xaddl  %eax,(%rdi)
Current function is Pegasus::AtomicIntTemplate<Pegasus::AtomicType>::inc
 1031       atomic_inc_32(&_rep.n);
(dbx) where
current thread: t <at> 1
  [1] atomic_inc_32(0x10, 0x0, 0x0, 0x0, 0x0, 0x0), at 0xfffffd7ffed43f54
=>[2] Pegasus::AtomicIntTemplate<Pegasus::AtomicType>::inc(this = 0x10),
line 1031 in "AtomicInt.h"
  [3] Pegasus::AtomicIntTemplate<Pegasus::AtomicType>::operator++(this =
0x10, _ARG2 = 0), line 75 in "AtomicInt.h"
  [4] Pegasus::StringRep::ref(rep = (nil)), line 103 in "StringRep.h"
  [5] Pegasus::String::String(this = 0xfffffd7fd020b1c0, str = CLASS), line
90 in "StringInline.h"
  [6] Pegasus::CIMName::CIMName(0x0, 0x0, 0x0, 0x0, 0x0, 0x0), at
0xfffffd7fd019d272
  [7] __SLIP.INIT_B(), line 243 in "reg_table.cpp"
  [8] __STATIC_CONSTRUCTOR(), line 243 in "reg_table.cpp"
  [9] _init(0x0, 0x0, 0x0, 0x0, 0x0, 0x0), at 0xfffffd7fd01ab8f7
  [10] call_init(0x0, 0x0, 0x0, 0x0, 0x0, 0x0), at 0xfffffd7fff3c0588
  [11] is_dep_init(0x0, 0x0, 0x0, 0x0, 0x0, 0x0), at 0xfffffd7fff3c03a6
  [12] elf_bndr(0x0, 0x0, 0x0, 0x0, 0x0, 0x0), at 0xfffffd7fff3d077e
  [13] elf_rtbndr(0x0, 0x0, 0x0, 0x0, 0x0, 0x0), at 0xfffffd7fff3b13f3
  [14] 0xfffffd7fff150030(0x0, 0x0, 0x0, 0x0, 0x0, 0x0), at
0xfffffd7fff150030
  [15] 0xfffffd7fff150030(0x0, 0x0, 0x0, 0x0, 0x0, 0x0), at
0xfffffd7fff150030
  [16] __STATIC_CONSTRUCTOR(), line 37 in "CIMQualifierNames.cpp"
  [17] _init(0x0, 0x0, 0x0, 0x0, 0x0, 0x0), at 0xfffffd7fcf364c95
  [18] call_init(0x0, 0x0, 0x0, 0x0, 0x0, 0x0), at 0xfffffd7fff3c0588
  [19] setup(0x0, 0x0, 0x0, 0x0, 0x0, 0x0), at 0xfffffd7fff3bf5f7
  [20] _setup(0x0, 0x0, 0x0, 0x0, 0x0, 0x0), at 0xfffffd7fff3d20f9
  [21] _rt_boot(0x0, 0x0, 0x0, 0x0, 0x0, 0x0), at 0xfffffd7fff3b1036
  [22] 0xfffffd7fffdffd10(0x0, 0x0, 0x0, 0x0, 0x0, 0x0), at
0xfffffd7fffdffd10
(dbx) quit

What am I missing?

Thanks in advance,
Manav.

rajeev verma | 2 May 02:22 2014
Picon

Open Pegasus 2.12 memory and thread pool tuning

Hi All,

 We have Open Pegasus 2.12 running on our array and I’m trying to understand the cimserver peak memory requirement under load.

  Is there a way to cap/tune the memory size of the cimserver?

If not directly, then is there a way to do it indirectly by adjusting the thread pool size or some such?

 
Please let me know…

 
Thanks & Regards,

-Rajeev Verma

Nimble Storage

Khushboo Sancheti | 15 Apr 20:47 2014

Building Open Pegasus 2.12 with OpenSLP v2

Hi,

 

Are there any build time options – specifically where the appropriate CFLAGS and LDFLAGs can be put – to ensure that Open Pegasus picks up the open slp v2 stuff from a particular location rather than grabiing the defaults on the build machine? The build machine current has open slp v1.

 

We are using OP 2.12.

 

Thanks,

Khushboo

Khushboo Sancheti | 14 Apr 23:58 2014

Disabling Open pegasus log rotation of cimserver.trc

Hi,

 

I’d like to have logrotate control the rotation of the cimserver.trc file and disable the automatic rotation policy of cimserver.trc as controlled by Open Pegasus. I could not find an environment variable or build time flag or cimconfig command to achieve this.

 

Any ideas on how to go about this? I am using version 2.12.

 

Thanks!

Khushboo


Gmane