Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

HACMP service dependencies 1

Status
Not open for further replies.
Ukyo

Ukyo

Technical User
Mar 4, 2002
24
AU
Hi,

as a security rule of thumb, a system shouldn't run services/sub servers/daemons that aren't used. I've been having trouble tracking down the service dependencies for HACMP. Does any1 know what can and can't be disabled for HACMP to work properly?

Thanks in advance! :)

Ukyo
 
Sort by date Sort by votes
Ukyo,

Really we should be reversing the question here, what are the services you want to comment out? HACMP only requires the key TCP/IP services i.e. things you cannot stop from running. Post up what you would like to stop and lets take it from there.

Cheers

Paul PSD
IBM Certified Specialist - AIX V4.3 Systems Support
IBM Certified Specialist - AIX V4 HACMP
 
Upvote 0 Downvote
Paul,

It's been a while... and this task has been on the backburner.
I hope to only leave godm, and login in /etc/inetd.conf and removing the rest.
We maybe considering to leave telnet and ftp until we have ssh up and running.
Am I right that HACMP uses godm? and it uses "login" for rsh for C-SPOC related things?

From /etc/inittab, we plan to remove:
- httpdlite
- dt_nogb
- imnss
- piode
- qdaemon
- uprintfd

In /etc/rc.tcpip, we plan to only keep snmpd because I think smux needs this and therefore, cluster smux may need this.

Will I break anything from what I plan to do?

Thanks, :)

Ukyo
 
Upvote 0 Downvote
Hello,
IMNSS is for man page search and documentation.
HTTPlite is HTTP server with lite version.
 
Upvote 0 Downvote
Ukyo,

That all looks fine - godm is required by HACMP when sync. the cluster. Also rshd will be used (rlogin) will not be used, this is of course dependant of the existance of an .rhosts file.

The inittab services you listed have no impact of HACMP so they are o.k.

When you say only leave snmpd in /etc/rc.tcpip, what about portmapper and inetd (for rsh and godm) they are both required for TCP/IP.

When you comment everything out I would take HA down and sync. topology and resources and perhaps ensure that a failover is successful.

Let me know if I can be of further help.
Cheers

PSD
IBM Certified Specialist - AIX V4.3 Systems Support
IBM Certified Specialist - AIX V4 HACMP
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

JC01
  • Locked
  • Question
rpm -ivh libgcc-6.3.0-1.aix7.2.ppc.rpm error: Failed dependencies: AIX-rpm >= 7.2.0.0 is needed
Replies
2
Views
191
JC01
JC01
takheen
  • Locked
  • Question
moving to none HACMP Environment
Replies
1
Views
134
w5000
w5000
selvyn
  • Locked
  • Question
hacmp two node clusters in two different data centers
Replies
0
Views
88
selvyn
selvyn
w5000
  • Locked
  • Question
hacmp vs. split brain occurence
Replies
1
Views
96
nomad1945
nomad1945
w5000
  • Locked
  • Question
HACMP, 2-node cluster setup
Replies
3
Views
97
DukeSSD
DukeSSD

Part and Inventory Search

Sponsor

Back
Top