?
Solved

How do I disable SNMP on an AIX server?

Posted on 2013-02-01
14
Medium Priority
?
6,544 Views
Last Modified: 2016-09-09
I need to disable SNMP on several AIX servers.
0
Comment
Question by:babyb00mer
14 Comments
 
LVL 19

Expert Comment

by:Raheman M. Abdul
ID: 38845576
Try the following:

edit /etc/rc.tcpip

Comment the below:

#start /usr/sbin/rwhod "$src_running"
0
 
LVL 68

Accepted Solution

by:
woolmilkporc earned 2000 total points
ID: 38845588
Edit /rc.tcpip, comment out these lines:

start /usr/sbin/snmpd "$src_running"
start /usr/sbin/hostmibd "$src_running"
start /usr/sbin/snmpmibd "$src_running"
and (if activated)
start /usr/sbin/dpid2 "$src_running"

like this:

#start /usr/sbin/snmpd "$src_running"
#start /usr/sbin/hostmibd "$src_running"
#start /usr/sbin/snmpmibd "$src_running"
#start /usr/sbin/dpid2 "$src_running"

then issue

stopsrc -s dpid2
stopsrc -s snmpmibd
stopsrc -s hostmibd
stopsrc -s snmpd

and you're done.

Please note that you should not deactivate snmp on systems running HACMP.
PowerHA doesn't use snmp anymore, so you can deactivate it on such systems.
0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 38845592
@marahman3001, "rwhod" is in no way related to snmp (although it's also considered a security risk, or at least a "time waster").
0
Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

 
LVL 68

Expert Comment

by:woolmilkporc
ID: 38845622
Sorry, comment deleted, posted in the wrong thread!
0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 38845801
I just realized that you wrote "on several AIX servers".

If you prefer running commands (also via ssh) instead of editing a file do this:

/usr/sbin/chrctcp -S -d dpid2
/usr/sbin/chrctcp -S -d snmpmibd
/usr/sbin/chrctcp -S -d hostmibd
/usr/sbin/chrctcp -S -d  snmpd

This will remove the relevant entries from rc.tcpip and will also stop the services immediately.
0
 

Expert Comment

by:system engineer
ID: 41558626
Hello, This might be old post. But I have same requirement and wanted to disable SNMP on AIX permanently (even after reboot).

I followed the above procedure to disable SNMP on 2 test AIX LPARs.

I disabled SNMP related daemons on test AIX LPARs by commenting  
#start /usr/sbin/snmpd "$src_running"
# Start up the snmpmibd daemon
#start /usr/sbin/hostmibd "$src_running"
#start /usr/sbin/aixmibd "$src_running"


#lssrc -a | grep -e snmp -e mib
 snmpd            tcpip                         inoperative
 aixmibd          tcpip                         inoperative
 hostmibd         tcpip                         inoperative
 snmpmibd         tcpip                         inoperative


rebooted the test AIX LPARs, But some how snmp demon/service got started.
#lssrc -a | grep tcpip
 xntpd            tcpip            6076858      active
 inetd            tcpip            6739073      active
 snmpd            tcpip            6774176      active
 muxatmd          tcpip                         inoperative
 rwhod            tcpip                         inoperative


lssrc -a | grep -e snmp -e mib
 snmpd            tcpip            6774176      active
 aixmibd          tcpip                         inoperative
 hostmibd         tcpip                         inoperative
 snmpmibd         tcpip                         inoperative

Can you please suggest on how to disable SNMP permanently on AIX (even after reboot).
Thank you.
0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 41558697
Could it be that you're running some application which would start snmpd on your behalf because this application relies on it?

Are you really sure that you commented out the "start" line on both LPARs?

Did you try the "/usr/sbin/chrctcp -S -d  snmpd" method?
0
 

Expert Comment

by:system engineer
ID: 41558991
Could it be that you're running some application which would start snmpd on your behalf because this application relies on it?
after the reboot, we've not started any applications. snmpd was started and active.

I can see the below java process (comes with OS installation) running after the reboot. I believe this caused SNMP to start/active ?

  root 123333 12312121   0 13:36:50      -  0:19 /var/opt/tivoli/ep/_jvm/jre/bin/java -Xmx364m -Xminf0.01 -Xmaxf0.4 -Dsun.rmi.dgc.client.gcInterval=3600000 -Dsun.rmi.dgc.server.gcInterval=3600000 -Xbootclasspath/a:/var/opt/tivoli/ep/runtime/core/eclipse/plugins/com.ibm.rcp.base_6.2.3.20110824-0615/rcpbootcp.jar:/var/opt/tivoli/ep/lib/com.ibm.logging.icl_1.1.1.jar:/var/opt/tivoli/ep/lib/jaas2zos.jar:/var/opt/tivoli/ep/lib/jaasmodule.jar:/var/opt/tivoli/ep/lib/lwidiag.jar:/var/opt/tivoli/ep/lib/lwinative.jar:/var/opt/tivoli/ep/lib/lwinl.jar:/var/opt/tivoli/ep/lib/lwirolemap.jar:/var/opt/tivoli/ep/lib/lwisecurity.jar:/var/opt/tivoli/ep/lib/lwitools.jar:/var/opt/tivoli/ep/lib/passutils.jar:../../runtime/agent/lib/cas-bootcp.jar -Xverify:none -cp eclipse/launch.jar:eclipse/startup.jar:/var/opt/tivoli/ep/runtime/core/eclipse/plugins/com.ibm.rcp.base_6.2.3.20110824-0615/launcher.jar com.ibm.lwi.LaunchLWI

Open in new window



FYI
we are not using any monitoring tools like tivoli etc on these LPARs. we just use shells cripts.

do you think this java caused the SNMP to start ? can i just stop that java process, i don't think it will impact my LPARs ?


Are you really sure that you commented out the "start" line on both LPARs?

Yes, am pretty sure that we've commented on both the LPARs.
 
# Start up the Simple Network Management Protocol (SNMP) daemon
#start /usr/sbin/snmpd "$src_running"
# Start up the snmpmibd daemon
#start /usr/sbin/snmpmibd "$src_running"

Open in new window



Did you try the "/usr/sbin/chrctcp -S -d  snmpd" method?

I've not tried this method. just 2 servers. I just wanted to comment it on rc.tcpip file. (instead of removing, we can use it later if needed)

please suggest. thank you.
0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 41559037
This Java process is the IBM Systems Director Common Agent (cas_agent) which, as you correctly stated, comes with the OS.
To stop this process you should run "stopsrc -s cas_agent"
I'm rather sure that this agent does not start/use snmp, however.
Anyway, if you don't have an IBM Systems Director Server at your site you can uninstall the agent with

/opt/ibm/director/bin/diruninstall

Are there any snmpd startup console messages during reboot?
Run "alog -t console -o | more" to check.
1
 

Expert Comment

by:system engineer
ID: 41560375
Thank you...

I think we've stopped cas_agent on some of the servers earlier by stopping the daemon and commenting the entry on inittab file. I believe that would be sufficient instead of uninstalling cas_agent.
what do you think ?

Are there any snmpd startup console messages during reboot?


   
      0 Wed Apr 20 14:66:21 EDT 2016 Multi-user initialization completed
         0 Wed Apr 20 14:66:21 EDT 2016 Checking for srcmstr active...         0 Wed Apr 20 14:66:21 EDT 2016 complete
         0 Wed Apr 20 14:66:21 EDT 2016 Starting tcpip daemons:
         0 Wed Apr 20 14:66:26 EDT 2016 0414-049 The syslogd Subsystem has been started. Subsystem PID is 2424008.
         0 Wed Apr 20 14:66:26 EDT 2016 0414-049 The portmap Subsystem has been started. Subsystem PID is 6964688.
         0 Wed Apr 20 14:66:26 EDT 2016 0414-049 The inetd Subsystem has been started. Subsystem PID is 6469014.
         0 Wed Apr 20 14:66:26 EDT 2016 0414-049 The xntpd Subsystem has been started. Subsystem PID is 2886998.
         0 Wed Apr 20 14:66:26 EDT 2016 Finished starting tcpip daemons.
         0 Wed Apr 20 14:66:26 EDT 2016 Starting NFS services:
         0 Wed Apr 20 14:66:26 EDT 2016 0414-049 The hrd Subsystem has been started. Subsystem PID is 6690160.
         0 Wed Apr 20 14:66:26 EDT 2016 0414-049 The biod Subsystem has been started. Subsystem PID is 2942666.
         0 Wed Apr 20 14:66:29 EDT 2016 0414-049 The nfsd Subsystem has been started. Subsystem PID is 4422128.
         0 Wed Apr 20 14:66:29 EDT 2016 0414-049 The rpc.mountd Subsystem has been started. Subsystem PID is 4849814.
         0 Wed Apr 20 14:66:29 EDT 2016 0414-049 The rpc.statd Subsystem has been started. Subsystem PID is 6962600.
         0 Wed Apr 20 14:66:29 EDT 2016 0414-049 The rpc.lockd Subsystem has been started. Subsystem PID is 4199426.
         0 Wed Apr 20 14:66:29 EDT 2016 Completed NFS services.
         0 Wed Apr 20 14:66:62 EDT 2016 Could not load host key: /etc/ssh/ssh_host_ecdsa_key
         0 Wed Apr 20 14:66:62 EDT 2016 0414-049 The ctrmc Subsystem has been started. Subsystem PID is 4608604.
         0 Wed Apr 20 14:66:46 EDT 2016 Starting The LWI Nonstop Profile..

Open in new window



I believe you are correct. cas_agent does not use snmp. SNMP was activated on boot even after disabling the cas_agent on inittab. (uninstalling the director would be good, but I just removed the entries from inittab)

platform_agent:2:once:/usr/bin/startsrc -s platform_agent >/dev/null 2>&1

Open in new window


The above entry caused SNMP activation. I believe xntpd (NTP) is not depends on SNMP ?
And cim_sys subsystem is started even after dsiabling iton inittab. do you want me to uninstall director ? any other idea ?

Thank you.
0
 

Expert Comment

by:system engineer
ID: 41562399
never mind, everything is working as expected. Thanks again.
0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 41562512
Why this, all of a sudden?
0
 

Expert Comment

by:system engineer
ID: 41567213
Please don't take me wrong.
 Actually I had a question on stopping cim_sys daemon permanently. for some reason , it was started on reboot (even after removing from inittab);

everything seems to be working as expected on LPAR now after disabling SNMP, cim_sys and other unused daemons like platform_agent, etc
and based on some online articles,  I understood that NTP is not dependent on SNMP.  I got some clarification related my questions.

thank you.
0
 

Expert Comment

by:Mark .
ID: 41792083
I installed a new server, AIX 7.1 ML4
On a KVM switch
The main console always has this entry as the last thing showing and I never get a login:

Starting The LWI Nonstop Profile...

I don't think  it's the KVM switch as I have other servers using KVMs with no issues.

I just can't figure out what this is and why it's basically locking the console

Any ideas?
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

A metadevice consists of one or more devices (slices). It can be expanded by adding slices. Then, it can be grown to fill a larger space while the file system is in use. However, not all UNIX file systems (UFS) can be expanded this way. The conca…
I have been running these systems for a few years now and I am just very happy with them.   I just wanted to share the manual that I have created for upgrades and other things.  Oooh yes! FreeBSD makes me happy (as a server), no maintenance and I al…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

579 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question