Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

How do I disable SNMP on an AIX server?

Posted on 2013-02-01
14
Medium Priority
?
5,881 Views
Last Modified: 2016-09-09
I need to disable SNMP on several AIX servers.
0
Comment
Question by:babyb00mer
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
14 Comments
 
LVL 19

Expert Comment

by:Raheman M. Abdul
ID: 38845576
Try the following:

edit /etc/rc.tcpip

Comment the below:

#start /usr/sbin/rwhod "$src_running"
0
 
LVL 68

Accepted Solution

by:
woolmilkporc earned 2000 total points
ID: 38845588
Edit /rc.tcpip, comment out these lines:

start /usr/sbin/snmpd "$src_running"
start /usr/sbin/hostmibd "$src_running"
start /usr/sbin/snmpmibd "$src_running"
and (if activated)
start /usr/sbin/dpid2 "$src_running"

like this:

#start /usr/sbin/snmpd "$src_running"
#start /usr/sbin/hostmibd "$src_running"
#start /usr/sbin/snmpmibd "$src_running"
#start /usr/sbin/dpid2 "$src_running"

then issue

stopsrc -s dpid2
stopsrc -s snmpmibd
stopsrc -s hostmibd
stopsrc -s snmpd

and you're done.

Please note that you should not deactivate snmp on systems running HACMP.
PowerHA doesn't use snmp anymore, so you can deactivate it on such systems.
0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 38845592
@marahman3001, "rwhod" is in no way related to snmp (although it's also considered a security risk, or at least a "time waster").
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
LVL 68

Expert Comment

by:woolmilkporc
ID: 38845622
Sorry, comment deleted, posted in the wrong thread!
0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 38845801
I just realized that you wrote "on several AIX servers".

If you prefer running commands (also via ssh) instead of editing a file do this:

/usr/sbin/chrctcp -S -d dpid2
/usr/sbin/chrctcp -S -d snmpmibd
/usr/sbin/chrctcp -S -d hostmibd
/usr/sbin/chrctcp -S -d  snmpd

This will remove the relevant entries from rc.tcpip and will also stop the services immediately.
0
 

Expert Comment

by:system engineer
ID: 41558626
Hello, This might be old post. But I have same requirement and wanted to disable SNMP on AIX permanently (even after reboot).

I followed the above procedure to disable SNMP on 2 test AIX LPARs.

I disabled SNMP related daemons on test AIX LPARs by commenting  
#start /usr/sbin/snmpd "$src_running"
# Start up the snmpmibd daemon
#start /usr/sbin/hostmibd "$src_running"
#start /usr/sbin/aixmibd "$src_running"


#lssrc -a | grep -e snmp -e mib
 snmpd            tcpip                         inoperative
 aixmibd          tcpip                         inoperative
 hostmibd         tcpip                         inoperative
 snmpmibd         tcpip                         inoperative


rebooted the test AIX LPARs, But some how snmp demon/service got started.
#lssrc -a | grep tcpip
 xntpd            tcpip            6076858      active
 inetd            tcpip            6739073      active
 snmpd            tcpip            6774176      active
 muxatmd          tcpip                         inoperative
 rwhod            tcpip                         inoperative


lssrc -a | grep -e snmp -e mib
 snmpd            tcpip            6774176      active
 aixmibd          tcpip                         inoperative
 hostmibd         tcpip                         inoperative
 snmpmibd         tcpip                         inoperative

Can you please suggest on how to disable SNMP permanently on AIX (even after reboot).
Thank you.
0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 41558697
Could it be that you're running some application which would start snmpd on your behalf because this application relies on it?

Are you really sure that you commented out the "start" line on both LPARs?

Did you try the "/usr/sbin/chrctcp -S -d  snmpd" method?
0
 

Expert Comment

by:system engineer
ID: 41558991
Could it be that you're running some application which would start snmpd on your behalf because this application relies on it?
after the reboot, we've not started any applications. snmpd was started and active.

I can see the below java process (comes with OS installation) running after the reboot. I believe this caused SNMP to start/active ?

  root 123333 12312121   0 13:36:50      -  0:19 /var/opt/tivoli/ep/_jvm/jre/bin/java -Xmx364m -Xminf0.01 -Xmaxf0.4 -Dsun.rmi.dgc.client.gcInterval=3600000 -Dsun.rmi.dgc.server.gcInterval=3600000 -Xbootclasspath/a:/var/opt/tivoli/ep/runtime/core/eclipse/plugins/com.ibm.rcp.base_6.2.3.20110824-0615/rcpbootcp.jar:/var/opt/tivoli/ep/lib/com.ibm.logging.icl_1.1.1.jar:/var/opt/tivoli/ep/lib/jaas2zos.jar:/var/opt/tivoli/ep/lib/jaasmodule.jar:/var/opt/tivoli/ep/lib/lwidiag.jar:/var/opt/tivoli/ep/lib/lwinative.jar:/var/opt/tivoli/ep/lib/lwinl.jar:/var/opt/tivoli/ep/lib/lwirolemap.jar:/var/opt/tivoli/ep/lib/lwisecurity.jar:/var/opt/tivoli/ep/lib/lwitools.jar:/var/opt/tivoli/ep/lib/passutils.jar:../../runtime/agent/lib/cas-bootcp.jar -Xverify:none -cp eclipse/launch.jar:eclipse/startup.jar:/var/opt/tivoli/ep/runtime/core/eclipse/plugins/com.ibm.rcp.base_6.2.3.20110824-0615/launcher.jar com.ibm.lwi.LaunchLWI

Open in new window



FYI
we are not using any monitoring tools like tivoli etc on these LPARs. we just use shells cripts.

do you think this java caused the SNMP to start ? can i just stop that java process, i don't think it will impact my LPARs ?


Are you really sure that you commented out the "start" line on both LPARs?

Yes, am pretty sure that we've commented on both the LPARs.
 
# Start up the Simple Network Management Protocol (SNMP) daemon
#start /usr/sbin/snmpd "$src_running"
# Start up the snmpmibd daemon
#start /usr/sbin/snmpmibd "$src_running"

Open in new window



Did you try the "/usr/sbin/chrctcp -S -d  snmpd" method?

I've not tried this method. just 2 servers. I just wanted to comment it on rc.tcpip file. (instead of removing, we can use it later if needed)

please suggest. thank you.
0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 41559037
This Java process is the IBM Systems Director Common Agent (cas_agent) which, as you correctly stated, comes with the OS.
To stop this process you should run "stopsrc -s cas_agent"
I'm rather sure that this agent does not start/use snmp, however.
Anyway, if you don't have an IBM Systems Director Server at your site you can uninstall the agent with

/opt/ibm/director/bin/diruninstall

Are there any snmpd startup console messages during reboot?
Run "alog -t console -o | more" to check.
1
 

Expert Comment

by:system engineer
ID: 41560375
Thank you...

I think we've stopped cas_agent on some of the servers earlier by stopping the daemon and commenting the entry on inittab file. I believe that would be sufficient instead of uninstalling cas_agent.
what do you think ?

Are there any snmpd startup console messages during reboot?


   
      0 Wed Apr 20 14:66:21 EDT 2016 Multi-user initialization completed
         0 Wed Apr 20 14:66:21 EDT 2016 Checking for srcmstr active...         0 Wed Apr 20 14:66:21 EDT 2016 complete
         0 Wed Apr 20 14:66:21 EDT 2016 Starting tcpip daemons:
         0 Wed Apr 20 14:66:26 EDT 2016 0414-049 The syslogd Subsystem has been started. Subsystem PID is 2424008.
         0 Wed Apr 20 14:66:26 EDT 2016 0414-049 The portmap Subsystem has been started. Subsystem PID is 6964688.
         0 Wed Apr 20 14:66:26 EDT 2016 0414-049 The inetd Subsystem has been started. Subsystem PID is 6469014.
         0 Wed Apr 20 14:66:26 EDT 2016 0414-049 The xntpd Subsystem has been started. Subsystem PID is 2886998.
         0 Wed Apr 20 14:66:26 EDT 2016 Finished starting tcpip daemons.
         0 Wed Apr 20 14:66:26 EDT 2016 Starting NFS services:
         0 Wed Apr 20 14:66:26 EDT 2016 0414-049 The hrd Subsystem has been started. Subsystem PID is 6690160.
         0 Wed Apr 20 14:66:26 EDT 2016 0414-049 The biod Subsystem has been started. Subsystem PID is 2942666.
         0 Wed Apr 20 14:66:29 EDT 2016 0414-049 The nfsd Subsystem has been started. Subsystem PID is 4422128.
         0 Wed Apr 20 14:66:29 EDT 2016 0414-049 The rpc.mountd Subsystem has been started. Subsystem PID is 4849814.
         0 Wed Apr 20 14:66:29 EDT 2016 0414-049 The rpc.statd Subsystem has been started. Subsystem PID is 6962600.
         0 Wed Apr 20 14:66:29 EDT 2016 0414-049 The rpc.lockd Subsystem has been started. Subsystem PID is 4199426.
         0 Wed Apr 20 14:66:29 EDT 2016 Completed NFS services.
         0 Wed Apr 20 14:66:62 EDT 2016 Could not load host key: /etc/ssh/ssh_host_ecdsa_key
         0 Wed Apr 20 14:66:62 EDT 2016 0414-049 The ctrmc Subsystem has been started. Subsystem PID is 4608604.
         0 Wed Apr 20 14:66:46 EDT 2016 Starting The LWI Nonstop Profile..

Open in new window



I believe you are correct. cas_agent does not use snmp. SNMP was activated on boot even after disabling the cas_agent on inittab. (uninstalling the director would be good, but I just removed the entries from inittab)

platform_agent:2:once:/usr/bin/startsrc -s platform_agent >/dev/null 2>&1

Open in new window


The above entry caused SNMP activation. I believe xntpd (NTP) is not depends on SNMP ?
And cim_sys subsystem is started even after dsiabling iton inittab. do you want me to uninstall director ? any other idea ?

Thank you.
0
 

Expert Comment

by:system engineer
ID: 41562399
never mind, everything is working as expected. Thanks again.
0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 41562512
Why this, all of a sudden?
0
 

Expert Comment

by:system engineer
ID: 41567213
Please don't take me wrong.
 Actually I had a question on stopping cim_sys daemon permanently. for some reason , it was started on reboot (even after removing from inittab);

everything seems to be working as expected on LPAR now after disabling SNMP, cim_sys and other unused daemons like platform_agent, etc
and based on some online articles,  I understood that NTP is not dependent on SNMP.  I got some clarification related my questions.

thank you.
0
 

Expert Comment

by:Mark .
ID: 41792083
I installed a new server, AIX 7.1 ML4
On a KVM switch
The main console always has this entry as the last thing showing and I never get a login:

Starting The LWI Nonstop Profile...

I don't think  it's the KVM switch as I have other servers using KVMs with no issues.

I just can't figure out what this is and why it's basically locking the console

Any ideas?
0

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hello fellow BSD lovers, I've created a patch process for patching openjdk6 for BSD (FreeBSD specifically), although I tried to keep all BSD versions in mind when creating my patch. Welcome to OpenJDK6 on BSD First let me start with a little …
A metadevice consists of one or more devices (slices). It can be expanded by adding slices. Then, it can be grown to fill a larger space while the file system is in use. However, not all UNIX file systems (UFS) can be expanded this way. The conca…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.
Suggested Courses

609 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question