[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 6101
  • Last Modified:

How do I disable SNMP on an AIX server?

I need to disable SNMP on several AIX servers.
0
babyb00mer
Asked:
babyb00mer
1 Solution
 
Raheman M. AbdulCommented:
Try the following:

edit /etc/rc.tcpip

Comment the below:

#start /usr/sbin/rwhod "$src_running"
0
 
woolmilkporcCommented:
Edit /rc.tcpip, comment out these lines:

start /usr/sbin/snmpd "$src_running"
start /usr/sbin/hostmibd "$src_running"
start /usr/sbin/snmpmibd "$src_running"
and (if activated)
start /usr/sbin/dpid2 "$src_running"

like this:

#start /usr/sbin/snmpd "$src_running"
#start /usr/sbin/hostmibd "$src_running"
#start /usr/sbin/snmpmibd "$src_running"
#start /usr/sbin/dpid2 "$src_running"

then issue

stopsrc -s dpid2
stopsrc -s snmpmibd
stopsrc -s hostmibd
stopsrc -s snmpd

and you're done.

Please note that you should not deactivate snmp on systems running HACMP.
PowerHA doesn't use snmp anymore, so you can deactivate it on such systems.
0
 
woolmilkporcCommented:
@marahman3001, "rwhod" is in no way related to snmp (although it's also considered a security risk, or at least a "time waster").
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
woolmilkporcCommented:
Sorry, comment deleted, posted in the wrong thread!
0
 
woolmilkporcCommented:
I just realized that you wrote "on several AIX servers".

If you prefer running commands (also via ssh) instead of editing a file do this:

/usr/sbin/chrctcp -S -d dpid2
/usr/sbin/chrctcp -S -d snmpmibd
/usr/sbin/chrctcp -S -d hostmibd
/usr/sbin/chrctcp -S -d  snmpd

This will remove the relevant entries from rc.tcpip and will also stop the services immediately.
0
 
system engineerCommented:
Hello, This might be old post. But I have same requirement and wanted to disable SNMP on AIX permanently (even after reboot).

I followed the above procedure to disable SNMP on 2 test AIX LPARs.

I disabled SNMP related daemons on test AIX LPARs by commenting  
#start /usr/sbin/snmpd "$src_running"
# Start up the snmpmibd daemon
#start /usr/sbin/hostmibd "$src_running"
#start /usr/sbin/aixmibd "$src_running"


#lssrc -a | grep -e snmp -e mib
 snmpd            tcpip                         inoperative
 aixmibd          tcpip                         inoperative
 hostmibd         tcpip                         inoperative
 snmpmibd         tcpip                         inoperative


rebooted the test AIX LPARs, But some how snmp demon/service got started.
#lssrc -a | grep tcpip
 xntpd            tcpip            6076858      active
 inetd            tcpip            6739073      active
 snmpd            tcpip            6774176      active
 muxatmd          tcpip                         inoperative
 rwhod            tcpip                         inoperative


lssrc -a | grep -e snmp -e mib
 snmpd            tcpip            6774176      active
 aixmibd          tcpip                         inoperative
 hostmibd         tcpip                         inoperative
 snmpmibd         tcpip                         inoperative

Can you please suggest on how to disable SNMP permanently on AIX (even after reboot).
Thank you.
0
 
woolmilkporcCommented:
Could it be that you're running some application which would start snmpd on your behalf because this application relies on it?

Are you really sure that you commented out the "start" line on both LPARs?

Did you try the "/usr/sbin/chrctcp -S -d  snmpd" method?
0
 
system engineerCommented:
Could it be that you're running some application which would start snmpd on your behalf because this application relies on it?
after the reboot, we've not started any applications. snmpd was started and active.

I can see the below java process (comes with OS installation) running after the reboot. I believe this caused SNMP to start/active ?

  root 123333 12312121   0 13:36:50      -  0:19 /var/opt/tivoli/ep/_jvm/jre/bin/java -Xmx364m -Xminf0.01 -Xmaxf0.4 -Dsun.rmi.dgc.client.gcInterval=3600000 -Dsun.rmi.dgc.server.gcInterval=3600000 -Xbootclasspath/a:/var/opt/tivoli/ep/runtime/core/eclipse/plugins/com.ibm.rcp.base_6.2.3.20110824-0615/rcpbootcp.jar:/var/opt/tivoli/ep/lib/com.ibm.logging.icl_1.1.1.jar:/var/opt/tivoli/ep/lib/jaas2zos.jar:/var/opt/tivoli/ep/lib/jaasmodule.jar:/var/opt/tivoli/ep/lib/lwidiag.jar:/var/opt/tivoli/ep/lib/lwinative.jar:/var/opt/tivoli/ep/lib/lwinl.jar:/var/opt/tivoli/ep/lib/lwirolemap.jar:/var/opt/tivoli/ep/lib/lwisecurity.jar:/var/opt/tivoli/ep/lib/lwitools.jar:/var/opt/tivoli/ep/lib/passutils.jar:../../runtime/agent/lib/cas-bootcp.jar -Xverify:none -cp eclipse/launch.jar:eclipse/startup.jar:/var/opt/tivoli/ep/runtime/core/eclipse/plugins/com.ibm.rcp.base_6.2.3.20110824-0615/launcher.jar com.ibm.lwi.LaunchLWI

Open in new window



FYI
we are not using any monitoring tools like tivoli etc on these LPARs. we just use shells cripts.

do you think this java caused the SNMP to start ? can i just stop that java process, i don't think it will impact my LPARs ?


Are you really sure that you commented out the "start" line on both LPARs?

Yes, am pretty sure that we've commented on both the LPARs.
 
# Start up the Simple Network Management Protocol (SNMP) daemon
#start /usr/sbin/snmpd "$src_running"
# Start up the snmpmibd daemon
#start /usr/sbin/snmpmibd "$src_running"

Open in new window



Did you try the "/usr/sbin/chrctcp -S -d  snmpd" method?

I've not tried this method. just 2 servers. I just wanted to comment it on rc.tcpip file. (instead of removing, we can use it later if needed)

please suggest. thank you.
0
 
woolmilkporcCommented:
This Java process is the IBM Systems Director Common Agent (cas_agent) which, as you correctly stated, comes with the OS.
To stop this process you should run "stopsrc -s cas_agent"
I'm rather sure that this agent does not start/use snmp, however.
Anyway, if you don't have an IBM Systems Director Server at your site you can uninstall the agent with

/opt/ibm/director/bin/diruninstall

Are there any snmpd startup console messages during reboot?
Run "alog -t console -o | more" to check.
1
 
system engineerCommented:
Thank you...

I think we've stopped cas_agent on some of the servers earlier by stopping the daemon and commenting the entry on inittab file. I believe that would be sufficient instead of uninstalling cas_agent.
what do you think ?

Are there any snmpd startup console messages during reboot?


   
      0 Wed Apr 20 14:66:21 EDT 2016 Multi-user initialization completed
         0 Wed Apr 20 14:66:21 EDT 2016 Checking for srcmstr active...         0 Wed Apr 20 14:66:21 EDT 2016 complete
         0 Wed Apr 20 14:66:21 EDT 2016 Starting tcpip daemons:
         0 Wed Apr 20 14:66:26 EDT 2016 0414-049 The syslogd Subsystem has been started. Subsystem PID is 2424008.
         0 Wed Apr 20 14:66:26 EDT 2016 0414-049 The portmap Subsystem has been started. Subsystem PID is 6964688.
         0 Wed Apr 20 14:66:26 EDT 2016 0414-049 The inetd Subsystem has been started. Subsystem PID is 6469014.
         0 Wed Apr 20 14:66:26 EDT 2016 0414-049 The xntpd Subsystem has been started. Subsystem PID is 2886998.
         0 Wed Apr 20 14:66:26 EDT 2016 Finished starting tcpip daemons.
         0 Wed Apr 20 14:66:26 EDT 2016 Starting NFS services:
         0 Wed Apr 20 14:66:26 EDT 2016 0414-049 The hrd Subsystem has been started. Subsystem PID is 6690160.
         0 Wed Apr 20 14:66:26 EDT 2016 0414-049 The biod Subsystem has been started. Subsystem PID is 2942666.
         0 Wed Apr 20 14:66:29 EDT 2016 0414-049 The nfsd Subsystem has been started. Subsystem PID is 4422128.
         0 Wed Apr 20 14:66:29 EDT 2016 0414-049 The rpc.mountd Subsystem has been started. Subsystem PID is 4849814.
         0 Wed Apr 20 14:66:29 EDT 2016 0414-049 The rpc.statd Subsystem has been started. Subsystem PID is 6962600.
         0 Wed Apr 20 14:66:29 EDT 2016 0414-049 The rpc.lockd Subsystem has been started. Subsystem PID is 4199426.
         0 Wed Apr 20 14:66:29 EDT 2016 Completed NFS services.
         0 Wed Apr 20 14:66:62 EDT 2016 Could not load host key: /etc/ssh/ssh_host_ecdsa_key
         0 Wed Apr 20 14:66:62 EDT 2016 0414-049 The ctrmc Subsystem has been started. Subsystem PID is 4608604.
         0 Wed Apr 20 14:66:46 EDT 2016 Starting The LWI Nonstop Profile..

Open in new window



I believe you are correct. cas_agent does not use snmp. SNMP was activated on boot even after disabling the cas_agent on inittab. (uninstalling the director would be good, but I just removed the entries from inittab)

platform_agent:2:once:/usr/bin/startsrc -s platform_agent >/dev/null 2>&1

Open in new window


The above entry caused SNMP activation. I believe xntpd (NTP) is not depends on SNMP ?
And cim_sys subsystem is started even after dsiabling iton inittab. do you want me to uninstall director ? any other idea ?

Thank you.
0
 
system engineerCommented:
never mind, everything is working as expected. Thanks again.
0
 
woolmilkporcCommented:
Why this, all of a sudden?
0
 
system engineerCommented:
Please don't take me wrong.
 Actually I had a question on stopping cim_sys daemon permanently. for some reason , it was started on reboot (even after removing from inittab);

everything seems to be working as expected on LPAR now after disabling SNMP, cim_sys and other unused daemons like platform_agent, etc
and based on some online articles,  I understood that NTP is not dependent on SNMP.  I got some clarification related my questions.

thank you.
0
 
Mark .Commented:
I installed a new server, AIX 7.1 ML4
On a KVM switch
The main console always has this entry as the last thing showing and I never get a login:

Starting The LWI Nonstop Profile...

I don't think  it's the KVM switch as I have other servers using KVMs with no issues.

I just can't figure out what this is and why it's basically locking the console

Any ideas?
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now