Solved

How do I disable SNMP on an AIX server?

Posted on 2013-02-01
14
4,706 Views
Last Modified: 2016-09-09
I need to disable SNMP on several AIX servers.
0
Comment
Question by:babyb00mer
14 Comments
 
LVL 18

Expert Comment

by:Raheman M. Abdul
ID: 38845576
Try the following:

edit /etc/rc.tcpip

Comment the below:

#start /usr/sbin/rwhod "$src_running"
0
 
LVL 68

Accepted Solution

by:
woolmilkporc earned 500 total points
ID: 38845588
Edit /rc.tcpip, comment out these lines:

start /usr/sbin/snmpd "$src_running"
start /usr/sbin/hostmibd "$src_running"
start /usr/sbin/snmpmibd "$src_running"
and (if activated)
start /usr/sbin/dpid2 "$src_running"

like this:

#start /usr/sbin/snmpd "$src_running"
#start /usr/sbin/hostmibd "$src_running"
#start /usr/sbin/snmpmibd "$src_running"
#start /usr/sbin/dpid2 "$src_running"

then issue

stopsrc -s dpid2
stopsrc -s snmpmibd
stopsrc -s hostmibd
stopsrc -s snmpd

and you're done.

Please note that you should not deactivate snmp on systems running HACMP.
PowerHA doesn't use snmp anymore, so you can deactivate it on such systems.
0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 38845592
@marahman3001, "rwhod" is in no way related to snmp (although it's also considered a security risk, or at least a "time waster").
0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 38845622
Sorry, comment deleted, posted in the wrong thread!
0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 38845801
I just realized that you wrote "on several AIX servers".

If you prefer running commands (also via ssh) instead of editing a file do this:

/usr/sbin/chrctcp -S -d dpid2
/usr/sbin/chrctcp -S -d snmpmibd
/usr/sbin/chrctcp -S -d hostmibd
/usr/sbin/chrctcp -S -d  snmpd

This will remove the relevant entries from rc.tcpip and will also stop the services immediately.
0
 

Expert Comment

by:system engineer
ID: 41558626
Hello, This might be old post. But I have same requirement and wanted to disable SNMP on AIX permanently (even after reboot).

I followed the above procedure to disable SNMP on 2 test AIX LPARs.

I disabled SNMP related daemons on test AIX LPARs by commenting  
#start /usr/sbin/snmpd "$src_running"
# Start up the snmpmibd daemon
#start /usr/sbin/hostmibd "$src_running"
#start /usr/sbin/aixmibd "$src_running"


#lssrc -a | grep -e snmp -e mib
 snmpd            tcpip                         inoperative
 aixmibd          tcpip                         inoperative
 hostmibd         tcpip                         inoperative
 snmpmibd         tcpip                         inoperative


rebooted the test AIX LPARs, But some how snmp demon/service got started.
#lssrc -a | grep tcpip
 xntpd            tcpip            6076858      active
 inetd            tcpip            6739073      active
 snmpd            tcpip            6774176      active
 muxatmd          tcpip                         inoperative
 rwhod            tcpip                         inoperative


lssrc -a | grep -e snmp -e mib
 snmpd            tcpip            6774176      active
 aixmibd          tcpip                         inoperative
 hostmibd         tcpip                         inoperative
 snmpmibd         tcpip                         inoperative

Can you please suggest on how to disable SNMP permanently on AIX (even after reboot).
Thank you.
0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 41558697
Could it be that you're running some application which would start snmpd on your behalf because this application relies on it?

Are you really sure that you commented out the "start" line on both LPARs?

Did you try the "/usr/sbin/chrctcp -S -d  snmpd" method?
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 

Expert Comment

by:system engineer
ID: 41558991
Could it be that you're running some application which would start snmpd on your behalf because this application relies on it?
after the reboot, we've not started any applications. snmpd was started and active.

I can see the below java process (comes with OS installation) running after the reboot. I believe this caused SNMP to start/active ?

  root 123333 12312121   0 13:36:50      -  0:19 /var/opt/tivoli/ep/_jvm/jre/bin/java -Xmx364m -Xminf0.01 -Xmaxf0.4 -Dsun.rmi.dgc.client.gcInterval=3600000 -Dsun.rmi.dgc.server.gcInterval=3600000 -Xbootclasspath/a:/var/opt/tivoli/ep/runtime/core/eclipse/plugins/com.ibm.rcp.base_6.2.3.20110824-0615/rcpbootcp.jar:/var/opt/tivoli/ep/lib/com.ibm.logging.icl_1.1.1.jar:/var/opt/tivoli/ep/lib/jaas2zos.jar:/var/opt/tivoli/ep/lib/jaasmodule.jar:/var/opt/tivoli/ep/lib/lwidiag.jar:/var/opt/tivoli/ep/lib/lwinative.jar:/var/opt/tivoli/ep/lib/lwinl.jar:/var/opt/tivoli/ep/lib/lwirolemap.jar:/var/opt/tivoli/ep/lib/lwisecurity.jar:/var/opt/tivoli/ep/lib/lwitools.jar:/var/opt/tivoli/ep/lib/passutils.jar:../../runtime/agent/lib/cas-bootcp.jar -Xverify:none -cp eclipse/launch.jar:eclipse/startup.jar:/var/opt/tivoli/ep/runtime/core/eclipse/plugins/com.ibm.rcp.base_6.2.3.20110824-0615/launcher.jar com.ibm.lwi.LaunchLWI

Open in new window



FYI
we are not using any monitoring tools like tivoli etc on these LPARs. we just use shells cripts.

do you think this java caused the SNMP to start ? can i just stop that java process, i don't think it will impact my LPARs ?


Are you really sure that you commented out the "start" line on both LPARs?

Yes, am pretty sure that we've commented on both the LPARs.
 
# Start up the Simple Network Management Protocol (SNMP) daemon
#start /usr/sbin/snmpd "$src_running"
# Start up the snmpmibd daemon
#start /usr/sbin/snmpmibd "$src_running"

Open in new window



Did you try the "/usr/sbin/chrctcp -S -d  snmpd" method?

I've not tried this method. just 2 servers. I just wanted to comment it on rc.tcpip file. (instead of removing, we can use it later if needed)

please suggest. thank you.
0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 41559037
This Java process is the IBM Systems Director Common Agent (cas_agent) which, as you correctly stated, comes with the OS.
To stop this process you should run "stopsrc -s cas_agent"
I'm rather sure that this agent does not start/use snmp, however.
Anyway, if you don't have an IBM Systems Director Server at your site you can uninstall the agent with

/opt/ibm/director/bin/diruninstall

Are there any snmpd startup console messages during reboot?
Run "alog -t console -o | more" to check.
1
 

Expert Comment

by:system engineer
ID: 41560375
Thank you...

I think we've stopped cas_agent on some of the servers earlier by stopping the daemon and commenting the entry on inittab file. I believe that would be sufficient instead of uninstalling cas_agent.
what do you think ?

Are there any snmpd startup console messages during reboot?


   
      0 Wed Apr 20 14:66:21 EDT 2016 Multi-user initialization completed
         0 Wed Apr 20 14:66:21 EDT 2016 Checking for srcmstr active...         0 Wed Apr 20 14:66:21 EDT 2016 complete
         0 Wed Apr 20 14:66:21 EDT 2016 Starting tcpip daemons:
         0 Wed Apr 20 14:66:26 EDT 2016 0414-049 The syslogd Subsystem has been started. Subsystem PID is 2424008.
         0 Wed Apr 20 14:66:26 EDT 2016 0414-049 The portmap Subsystem has been started. Subsystem PID is 6964688.
         0 Wed Apr 20 14:66:26 EDT 2016 0414-049 The inetd Subsystem has been started. Subsystem PID is 6469014.
         0 Wed Apr 20 14:66:26 EDT 2016 0414-049 The xntpd Subsystem has been started. Subsystem PID is 2886998.
         0 Wed Apr 20 14:66:26 EDT 2016 Finished starting tcpip daemons.
         0 Wed Apr 20 14:66:26 EDT 2016 Starting NFS services:
         0 Wed Apr 20 14:66:26 EDT 2016 0414-049 The hrd Subsystem has been started. Subsystem PID is 6690160.
         0 Wed Apr 20 14:66:26 EDT 2016 0414-049 The biod Subsystem has been started. Subsystem PID is 2942666.
         0 Wed Apr 20 14:66:29 EDT 2016 0414-049 The nfsd Subsystem has been started. Subsystem PID is 4422128.
         0 Wed Apr 20 14:66:29 EDT 2016 0414-049 The rpc.mountd Subsystem has been started. Subsystem PID is 4849814.
         0 Wed Apr 20 14:66:29 EDT 2016 0414-049 The rpc.statd Subsystem has been started. Subsystem PID is 6962600.
         0 Wed Apr 20 14:66:29 EDT 2016 0414-049 The rpc.lockd Subsystem has been started. Subsystem PID is 4199426.
         0 Wed Apr 20 14:66:29 EDT 2016 Completed NFS services.
         0 Wed Apr 20 14:66:62 EDT 2016 Could not load host key: /etc/ssh/ssh_host_ecdsa_key
         0 Wed Apr 20 14:66:62 EDT 2016 0414-049 The ctrmc Subsystem has been started. Subsystem PID is 4608604.
         0 Wed Apr 20 14:66:46 EDT 2016 Starting The LWI Nonstop Profile..

Open in new window



I believe you are correct. cas_agent does not use snmp. SNMP was activated on boot even after disabling the cas_agent on inittab. (uninstalling the director would be good, but I just removed the entries from inittab)

platform_agent:2:once:/usr/bin/startsrc -s platform_agent >/dev/null 2>&1

Open in new window


The above entry caused SNMP activation. I believe xntpd (NTP) is not depends on SNMP ?
And cim_sys subsystem is started even after dsiabling iton inittab. do you want me to uninstall director ? any other idea ?

Thank you.
0
 

Expert Comment

by:system engineer
ID: 41562399
never mind, everything is working as expected. Thanks again.
0
 
LVL 68

Expert Comment

by:woolmilkporc
ID: 41562512
Why this, all of a sudden?
0
 

Expert Comment

by:system engineer
ID: 41567213
Please don't take me wrong.
 Actually I had a question on stopping cim_sys daemon permanently. for some reason , it was started on reboot (even after removing from inittab);

everything seems to be working as expected on LPAR now after disabling SNMP, cim_sys and other unused daemons like platform_agent, etc
and based on some online articles,  I understood that NTP is not dependent on SNMP.  I got some clarification related my questions.

thank you.
0
 

Expert Comment

by:Mark .
ID: 41792083
I installed a new server, AIX 7.1 ML4
On a KVM switch
The main console always has this entry as the last thing showing and I never get a login:

Starting The LWI Nonstop Profile...

I don't think  it's the KVM switch as I have other servers using KVMs with no issues.

I just can't figure out what this is and why it's basically locking the console

Any ideas?
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Host issue and need to move VM's 2 240
Solaris 10.  Nmap installation fails 2 49
unix example issues 18 70
How to Insert a File Using Text Editor 9 79
Attention: This article will no longer be maintained. If you have any questions, please feel free to mail me. jgh@FreeBSD.org Please see http://www.freebsd.org/doc/en_US.ISO8859-1/articles/freebsd-update-server/ for the updated article. It is avail…
Why Shell Scripting? Shell scripting is a powerful method of accessing UNIX systems and it is very flexible. Shell scripts are required when we want to execute a sequence of commands in Unix flavored operating systems. “Shell” is the command line i…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
This video shows how to set up a shell script to accept a positional parameter when called, pass that to a SQL script, accept the output from the statement back and then manipulate it in the Shell.

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now