headers
Anton Hergenröder | 1 Jun 2011 11:25
Favicon

openpegasus password file

Is there any way to use an existing password file, like shadow on linux
systems? As cimserver requires all its users to be valid local system
users, it is tricky to permit users to change their passwords...

Generally, why does pegasus require all its users be valid local users?
As we have a quite dynamic set of pegasus users, it's a big effort to
manage this....

Best regards
Anton Hergenröder
Permalink | Reply | 5 comments |
headers
Deshpande, Rohini (STSD | 1 Jun 2011 11:59
Picon
Favicon

RE: openpegasus password file

Anton,

Open Pegasus uses PAM, so it does use /etc/shadow if present. The PAM conf file Open Pegasus uses is usually
named /etc/pam.d/wbem.

You can modify the above PAM configuration file to allow non local users. But currently there is a defect
related to this http://bugzilla.openpegasus.org/show_bug.cgi?id=8653. You can try the patch in the bug.

Regards,
Rohini

-----Original Message-----
From: Anton Hergenröder [mailto:hergenroeder <at> kit.edu] 
Sent: Wednesday, June 01, 2011 2:55 PM
To: pegasus-l <at> opengroup.org
Subject: openpegasus password file

Is there any way to use an existing password file, like shadow on linux
systems? As cimserver requires all its users to be valid local system
users, it is tricky to permit users to change their passwords...

Generally, why does pegasus require all its users be valid local users?
As we have a quite dynamic set of pegasus users, it's a big effort to
manage this....

Best regards
Anton Hergenröder
Permalink | Reply | 4 comments |
headers
Anton Hergenröder | 1 Jun 2011 14:47
Favicon

RE: openpegasus password file

OpenPegasus 2.11.00 does not compile with
PEGASUS_PAM_AUTHENTICATION=true, saying "cimmofl not found".
Something goes wrong while building the tools :(

Am Mittwoch, den 01.06.2011, 09:59 +0000 schrieb Deshpande, Rohini
(STSD):
> Anton,
> 
> Open Pegasus uses PAM, so it does use /etc/shadow if present. The PAM conf file Open Pegasus uses is usually
named /etc/pam.d/wbem.
> 
> You can modify the above PAM configuration file to allow non local users. But currently there is a defect
related to this http://bugzilla.openpegasus.org/show_bug.cgi?id=8653. You can try the patch in the bug.
> 
> Regards,
> Rohini
> 
> -----Original Message-----
> From: Anton Hergenröder [mailto:hergenroeder <at> kit.edu] 
> Sent: Wednesday, June 01, 2011 2:55 PM
> To: pegasus-l <at> opengroup.org
> Subject: openpegasus password file
> 
> Is there any way to use an existing password file, like shadow on linux
> systems? As cimserver requires all its users to be valid local system
> users, it is tricky to permit users to change their passwords...
> 
> Generally, why does pegasus require all its users be valid local users?
> As we have a quite dynamic set of pegasus users, it's a big effort to
> manage this....
(Continue reading)

Permalink | Reply | 3 comments |
headers
Deshpande, Rohini (STSD | 3 Jun 2011 08:10
Picon
Favicon

RE: openpegasus password file

Can you check your PATH environment variable? Maybe the location of cimmofl is not found. It is found in
"bin" directory of your build directory.
I'm not sure how the two(PAM & cimmofl) are related, maybe some test setup.

Regards,
Rohini

-----Original Message-----
From: Anton Hergenröder [mailto:hergenroeder <at> kit.edu] 
Sent: Wednesday, June 01, 2011 6:18 PM
To: pegasus-l <at> opengroup.org
Subject: RE: openpegasus password file

OpenPegasus 2.11.00 does not compile with
PEGASUS_PAM_AUTHENTICATION=true, saying "cimmofl not found".
Something goes wrong while building the tools :(

Am Mittwoch, den 01.06.2011, 09:59 +0000 schrieb Deshpande, Rohini
(STSD):
> Anton,
> 
> Open Pegasus uses PAM, so it does use /etc/shadow if present. The PAM conf file Open Pegasus uses is usually
named /etc/pam.d/wbem.
> 
> You can modify the above PAM configuration file to allow non local users. But currently there is a defect
related to this http://bugzilla.openpegasus.org/show_bug.cgi?id=8653. You can try the patch in the bug.
> 
> Regards,
> Rohini
>
(Continue reading)

Permalink | Reply | 2 comments |
headers
Anton Hergenröder | 3 Jun 2011 09:04
Favicon

Re: openpegasus password file

Simple Test:
- Pegasus compiles and builds Fine without pam auth enabled by environment variable
- the Same environment and setup but pam enabled and i get the errors

Maybe i'll have some more time next week to take a closer look on my build logs...

Best regards
Anton 

Am 03.06.2011 um 08:10 schrieb "Deshpande, Rohini (STSD)" <rohini.deshpande <at> hp.com>:

> Can you check your PATH environment variable? Maybe the location of cimmofl is not found. It is found in
"bin" directory of your build directory.
> I'm not sure how the two(PAM & cimmofl) are related, maybe some test setup.
> 
> Regards,
> Rohini
> 
> -----Original Message-----
> From: Anton Hergenröder [mailto:hergenroeder <at> kit.edu] 
> Sent: Wednesday, June 01, 2011 6:18 PM
> To: pegasus-l <at> opengroup.org
> Subject: RE: openpegasus password file
> 
> OpenPegasus 2.11.00 does not compile with
> PEGASUS_PAM_AUTHENTICATION=true, saying "cimmofl not found".
> Something goes wrong while building the tools :(
> 
> Am Mittwoch, den 01.06.2011, 09:59 +0000 schrieb Deshpande, Rohini
> (STSD):
(Continue reading)

Permalink | Reply | 1 comment |
headers
Anton Hergenröder | 7 Jun 2011 14:10
Favicon

Re: openpegasus password file

OK, finally got some time to face my initial PAM authentication
problems.
Result: mea culpa! just missed some pam dev packages on my unbuntu!
Were are all the dependencies of pegasus listed?
The documentation is awful!

regards
Anton

Am Freitag, den 03.06.2011, 09:04 +0200 schrieb Anton Hergenröder:
> Simple Test:
> - Pegasus compiles and builds Fine without pam auth enabled by environment variable
> - the Same environment and setup but pam enabled and i get the errors
> 
> Maybe i'll have some more time next week to take a closer look on my build logs...
> 
> Best regards
> Anton 
> 
> Am 03.06.2011 um 08:10 schrieb "Deshpande, Rohini (STSD)" <rohini.deshpande <at> hp.com>:
> 
> > Can you check your PATH environment variable? Maybe the location of cimmofl is not found. It is found in
"bin" directory of your build directory.
> > I'm not sure how the two(PAM & cimmofl) are related, maybe some test setup.
> > 
> > Regards,
> > Rohini
> > 
> > -----Original Message-----
> > From: Anton Hergenröder [mailto:hergenroeder <at> kit.edu]
(Continue reading)

Permalink | Reply | 0 comments |
headers
V, Hitha | 22 Jun 2011 13:42

Issue regarding CIMServerDiscovery.lookup() method

Hi,

 

Our application uses Pegasus SLP APIs to discover the CIMOMs in a network. This method works correctly when invoked from a Linux machine. However, on some Windows machines it has been seen that the method throws the exception “The byte sequence starting at index 3936 is not valid UTF-8 encoding and subsequently fails to return the CIMOM list.

 

When I run “slptool” from Linux (I don’t have a Windows version of it) and look at the output URL list, I don’t see any invalid characters.

 

Has anyone faced a similar issue anytime? If so, what is the work around? How can we identify the URL which contains the invalid character, so that we can isolate it from the network and proceed with testing?

 

Regards,

Hitha V 

 

Permalink | Reply | 2 comments |
headers
Marek Szermutzky | 27 Jun 2011 12:41
Picon
Favicon

Re: Issue regarding CIMServerDiscovery.lookup() method

Hi.


In OpenPegasus 2.11 we introduced an improved version of the exception you see. It prints data up to the "bad" point and hex coded some of the following bytes.
Since this is not the case on your side I assume that you currently use an earlier version of OP. The fix was brought back to OP 2.10.1 which is not released yet though.

What you could do to identify the URL is to put the patch from Bug#8813 onto your OP source and go from there. Please also note the two defines BADUTF8_MAX_CLEAR_CHAR and BADUTF8_MAX_CHAR_TO_HEX which allow you to steer how many clear(=clean=okay) characters are printed and how many of the "bad" characters are encoded into hex chars. For your specific case I recommend to set #define BADUTF8_MAX_CLEAR_CHAR to at least 4000 (so you get the entire clear text string).



Mit freundlichen Grüßen / Kind regards
Marek Szermutzky

Software Engineer / OpenPegasus Maintainer (PMC) and z/OS PlatformRep.
IBM Systems &Technology Group, Systems Software Development / z/OS Capacity Management and Support
-------------------------------------------------------------------------------------------------------------------------------------------
IBM Deutschland
Schoenaicher Str. 220
71032 Boeblingen
Phone: +49-7031-16-5182
E-Mail: mszermutzky <at> de.ibm.com
-------------------------------------------------------------------------------------------------------------------------------------------
IBM Deutschland Research & Development GmbH / Vorsitzender des Aufsichtsrats: Martin Jetter
Geschäftsführung: Dirk Wittkopp
Sitz der Gesellschaft: Böblingen / Registergericht: Amtsgericht Stuttgart, HRB 243294



From:        "V, Hitha" <Hitha.V <at> lsi.com>
To:        "pegasus-l <at> openpegasus.org" <pegasus-l <at> openpegasus.org>
Cc:        "CK, Syamlal" <Syamlal.CK <at> lsi.com>, "Pandurengan, Ponselvarani" <Ponselvarani.Pandurengan <at> lsi.com>
Date:        22.06.2011 13:48
Subject:        Issue regarding CIMServerDiscovery.lookup() method



Hi,
 
Our application uses Pegasus SLP APIs to discover the CIMOMs in a network. This method works correctly when invoked from a Linux machine. However, on some Windows machines it has been seen that the method throws the exception “The byte sequence starting at index 3936 is not valid UTF-8 encoding” and subsequently fails to return the CIMOM list.
 
When I run “slptool” from Linux (I don’t have a Windows version of it) and look at the output URL list, I don’t see any invalid characters.
 
Has anyone faced a similar issue anytime? If so, what is the work around? How can we identify the URL which contains the invalid character, so that we can isolate it from the network and proceed with testing?
 
Regards,
Hitha V
 
Permalink | Reply | 1 comment |
headers
V, Hitha | 29 Jun 2011 12:50

RE: Issue regarding CIMServerDiscovery.lookup() method

Our application uses OP 2.6.

 

Regards,

Hitha V 

 

From: Marek Szermutzky [mailto:MSzermutzky <at> de.ibm.com]
Sent: Monday, June 27, 2011 4:12 PM
To: V, Hitha
Cc: pegasus-l <at> openpegasus.org; Pandurengan, Ponselvarani; CK, Syamlal
Subject: Re: Issue regarding CIMServerDiscovery.lookup() method

 

Hi.


In OpenPegasus 2.11 we introduced an improved version of the exception you see. It prints data up to the "bad" point and hex coded some of the following bytes.
Since this is not the case on your side I assume that you currently use an earlier version of OP. The fix was brought back to OP 2.10.1 which is not released yet though.

What you could do to identify the URL is to put the patch from Bug#8813 onto your OP source and go from there. Please also note the two defines BADUTF8_MAX_CLEAR_CHAR and BADUTF8_MAX_CHAR_TO_HEX which allow you to steer how many clear(=clean=okay) characters are printed and how many of the "bad" characters are encoded into hex chars. For your specific case I recommend to set #define BADUTF8_MAX_CLEAR_CHAR to at least 4000 (so you get the entire clear text string).



Mit freundlichen Grüßen / Kind regards
Marek Szermutzky

Software Engineer / OpenPegasus Maintainer (PMC) and z/OS PlatformRep.
IBM Systems &Technology Group, Systems Software Development / z/OS Capacity Management and Support
-------------------------------------------------------------------------------------------------------------------------------------------
IBM Deutschland
Schoenaicher Str. 220
71032 Boeblingen
Phone: +49-7031-16-5182
E-Mail: mszermutzky <at> de.ibm.com
-------------------------------------------------------------------------------------------------------------------------------------------
IBM Deutschland Research & Development GmbH / Vorsitzender des Aufsichtsrats: Martin Jetter
Geschäftsführung: Dirk Wittkopp
Sitz der Gesellschaft: Böblingen / Registergericht: Amtsgericht Stuttgart, HRB 243294



From:        "V, Hitha" <Hitha.V <at> lsi.com>
To:        "pegasus-l <at> openpegasus.org" <pegasus-l <at> openpegasus.org>
Cc:        "CK, Syamlal" <Syamlal.CK <at> lsi.com>, "Pandurengan, Ponselvarani" <Ponselvarani.Pandurengan <at> lsi.com>
Date:        22.06.2011 13:48
Subject:        Issue regarding CIMServerDiscovery.lookup() method




Hi,
 
Our application uses Pegasus SLP APIs to discover the CIMOMs in a network. This method works correctly when invoked from a Linux machine. However, on some Windows machines it has been seen that the method throws the exception “The byte sequence starting at index 3936 is not valid UTF-8 encoding” and subsequently fails to return the CIMOM list.
 
When I run “slptool” from Linux (I don’t have a Windows version of it) and look at the output URL list, I don’t see any invalid characters.
 
Has anyone faced a similar issue anytime? If so, what is the work around? How can we identify the URL which contains the invalid character, so that we can isolate it from the network and proceed with testing?
 
Regards,
Hitha V
 

Permalink | Reply | 0 comments |
headers
Marek Szermutzky | 30 Jun 2011 13:36
Picon
Favicon

RE: Issue regarding CIMServerDiscovery.lookup() method

Last code changes made to CIMServerDiscovery were done 5 years ago, which means in these specific code parts nothing changed since OP 2.6.

To a certain degree I agree with your perception that one bad apple should not ruin the entire applesauce.
Ideally the discovery function would report errors(be it through an error structure, an error code or an exception), but still return all information that could be gathered. Maybe in the case of the lookup this could be as easy as writing the error from the exception to Log and return the number of CIMOMs that failed to report correctly.
The CIMServerDiscovery class is not part of the external interface yet, which means we have every chance to make even substantial changes to it.


Mit freundlichen Grüßen / Kind regards
Marek Szermutzky
p.s.: OP 2.6 is real, real old... We are currently developing 2.12 or 3.0 and have fixed little more then two thousand bugs since OP 2.6.

Software Engineer / OpenPegasus Maintainer (PMC) and z/OS PlatformRep.
IBM Systems &Technology Group, Systems Software Development / z/OS Capacity Management and Support
-------------------------------------------------------------------------------------------------------------------------------------------
IBM Deutschland
Schoenaicher Str. 220
71032 Boeblingen
Phone: +49-7031-16-5182
E-Mail: mszermutzky <at> de.ibm.com
-------------------------------------------------------------------------------------------------------------------------------------------
IBM Deutschland Research & Development GmbH / Vorsitzender des Aufsichtsrats: Martin Jetter
Geschäftsführung: Dirk Wittkopp
Sitz der Gesellschaft: Böblingen / Registergericht: Amtsgericht Stuttgart, HRB 243294



From:        "CK, Syamlal" <Syamlal.CK <at> lsi.com>
To:        "V, Hitha" <Hitha.V <at> lsi.com>, Marek Szermutzky/Germany/IBM <at> IBMDE
Cc:        "pegasus-l <at> openpegasus.org" <pegasus-l <at> openpegasus.org>, "Pandurengan, Ponselvarani" <Ponselvarani.Pandurengan <at> lsi.com>
Date:        30.06.2011 09:01
Subject:        RE: Issue regarding CIMServerDiscovery.lookup() method



Hi Marek,
 
  Does 2.11 version also has the capability to log the problematic url and continue with the discovery of other CIMOMs in the network. ? I think ideally one problematic server in the network should not cause the whole discovery to fail.  Please let us know your thoughts.
 
Regards
Syamlal.
 
 
From: V, Hitha
Sent: Wednesday, June 29, 2011 4:20 PM
To: Marek Szermutzky
Cc: pegasus-l <at> openpegasus.org; Pandurengan, Ponselvarani; CK, Syamlal
Subject: RE: Issue regarding CIMServerDiscovery.lookup() method
 
Our application uses OP 2.6.
 
Regards,
Hitha V
 
From: Marek Szermutzky [mailto:MSzermutzky <at> de.ibm.com]
Sent: Monday, June 27, 2011 4:12 PM
To: V, Hitha
Cc: pegasus-l <at> openpegasus.org; Pandurengan, Ponselvarani; CK, Syamlal
Subject: Re: Issue regarding CIMServerDiscovery.lookup() method
 
Hi.


In OpenPegasus 2.11 we introduced an improved version of the exception you see. It prints data up to the "bad" point and hex coded some of the following bytes.
Since this is not the case on your side I assume that you currently use an earlier version of OP. The fix was brought back to OP 2.10.1 which is not released yet though.

What you could do to identify the URL is to put the patch from Bug#8813 onto your OP source and go from there. Please also note the two defines BADUTF8_MAX_CLEAR_CHAR and BADUTF8_MAX_CHAR_TO_HEX which allow you to steer how many clear(=clean=okay) characters are printed and how many of the "bad" characters are encoded into hex chars. For your specific case I recommend to set #define BADUTF8_MAX_CLEAR_CHAR to at least 4000 (so you get the entire clear text string).



Mit freundlichen Grüßen / Kind regards
Marek Szermutzky

Software Engineer / OpenPegasus Maintainer (PMC) and z/OS PlatformRep.
IBM Systems &Technology Group, Systems Software Development / z/OS Capacity Management and Support
-------------------------------------------------------------------------------------------------------------------------------------------
IBM Deutschland
Schoenaicher Str. 220
71032 Boeblingen
Phone: +49-7031-16-5182
E-Mail: mszermutzky <at> de.ibm.com
-------------------------------------------------------------------------------------------------------------------------------------------
IBM Deutschland Research & Development GmbH / Vorsitzender des Aufsichtsrats: Martin Jetter
Geschäftsführung: Dirk Wittkopp
Sitz der Gesellschaft: Böblingen / Registergericht: Amtsgericht Stuttgart, HRB 243294



From:        "V, Hitha" <Hitha.V <at> lsi.com>
To:        "pegasus-l <at> openpegasus.org" <pegasus-l <at> openpegasus.org>
Cc:        "CK, Syamlal" <Syamlal.CK <at> lsi.com>, "Pandurengan, Ponselvarani" <Ponselvarani.Pandurengan <at> lsi.com>
Date:        22.06.2011 13:48
Subject:        Issue regarding CIMServerDiscovery.lookup() method





Hi,
 
Our application uses Pegasus SLP APIs to discover the CIMOMs in a network. This method works correctly when invoked from a Linux machine. However, on some Windows machines it has been seen that the method throws the exception “The byte sequence starting at index 3936 is not valid UTF-8 encoding” and subsequently fails to return the CIMOM list.
 
When I run “slptool” from Linux (I don’t have a Windows version of it) and look at the output URL list, I don’t see any invalid characters.
 
Has anyone faced a similar issue anytime? If so, what is the work around? How can we identify the URL which contains the invalid character, so that we can isolate it from the network and proceed with testing?
 
Regards,
Hitha V
 
Permalink | Reply | 0 comments |

Gmane