hvrremotelistener – HVR Remote Listener.
hvrremotelistener [-options] portnum [access_conf.xml]
HVR Remote Listener listens on a TCP/IP port number and invokes an hvr process for each connection. The mechanism is the same as that of the Unix daemon inetd.
On Windows HVR Remote Listener is a Windows Service which is administered with option -a.
The account under which it is installed must be member of the Administrator group, and must be granted privilege to act as part of the Operating System (SeTcbPrivilege). The service can either run as the default system account, or (if option -P is used) can run under the HVR account which created the Windows Service.
On Unix and Linux HVR Remote Listener runs as a daemon which can be started with option -d and killed with option -k.
Optionally, after the port number an access configuration file can be specified. This can be used to authenticate the identity of incoming connections using SSL. For example, the following contents will restrict access to only connections from a certain hub machine:
<?xml version="1.0" encoding="utf-8"?> <!DOCTYPE hvraccess SYSTEM "hvraccess.dtd"> <hvraccess> <allow> <from> <host>myhub</host> <ssl remote_cert="hub"/> </from> </allow> </hvraccess>
|Administration operations for Microsoft Windows system service. Values of x can be:
Several -ax operations can be supplied together; allowed combinations are e.g. -acs (create and start) or -ahd (halt and destroy). Operations -as and -ah can also be performed from the Manage ▶ Services and Applications ▶ Services window of Windows.
|Remote HVR connections should only authenticate login/password supplied from hub, but should not change from the current Operating System username to that login. This option can be combined with the -p option (PAM) if the PAM service recognizes login names which are not known to the Operating System. In that case the inetd service should be configured to start the HVR slave as the correct Operating System user (instead of root).|
|Enroll the Remote Listener Service in a Windows cluster named clus in the cluster group clusgrp. Once the service is enrolled in the cluster it should only be stopped and started with the Windows cluster dialogs instead of the service being stopped and started directly (in the Windows Services dialog or with options -as or -ah). In Windows failover clusters clsgrp is the network name of the item under Services and Applications. The group chosen should also contain the remote location; either the DBMS service for the remote database or the shared storage for a file location's top directory and state directory. The service needs to be created (with option -ac) on each node in the cluster. This service will act as a 'Generic Service' resource within the cluster. This option must be used with option -a.|
|-d||Start hvrremotelistener as a daemon process.|
|-Ename=value||Set environment variable name to value value for the HVR processes started by this service.|
|-i||Interactive invocation. HVR Remote Listener stays attached to the terminal instead of redirecting its output to a log file.|
|-k||Stop hvrremotelistener daemon using the process–id in $HVR_CONFIG/files/hvrremotelistenerport.pid.|
|-Kpair||SSL encryption using two files (public certificate and private key) to match public certificate supplied by /SslRemoteCertificate. If pair is relative, then it is found in directory $HVR_HOME/lib/cert. Value pair specifies two files; the names of these files are calculated by removing any extension from pair and then adding extensions .pub_cert and .priv_key. For example, option -Khvr refers to files $HVR_HOME/lib/cert/hvr.pub_cert and $HVR_HOME/lib/cert/hvr.priv_key.|
|-N||Do not authenticate passwords or change the current user name. Disabling password authentication is a security hole, but may be useful as a temporary measure. For example, if a configuration problem is causing an 'incorrect password' error, then this option will bypass that check.|
|Use Pluggable Authentication Module pamsrv for login password authentication of remote HVR connections. PAM is a service provided by several Operation Systems as an alternative to regular login/password authentication, e.g. checking the /etc/passwd file. Often -plogin will configure hvr slaves to check passwords in the same way as the operating system. Available PAM services can be found in file /etc/pam.conf or directory /etc/pam.d.|
|Configure HVR Remote Listener service to run under the current login HVR account using password pwd, instead of under the default system login account. May only be supplied with option -ac. Empty passwords are not allowed. The password is kept (hidden) within the Microsoft Windows OS and must be re–entered if passwords change.|
|-Uuser||Limits the HVR slave so it only accepts connections which are able to supply the password for account user. Multiple -U options can be supplied.|
Custom HVR Password Validation
When hvrremotelistener is used for remote connections (option -r) it must validate passwords. This can be customized if the executable file hvrvalidpw exists in $HVR_HOME/lib/. HVR will then invoke this command without arguments and will supply the login and password as stdin, separated by spaces. If hvrvalidpw returns with exit code 0, then the password is accepted. For more information, see hvrvalidpw.
To create and start a Windows listener service to listen on port number 4343:
c:\> hvrremotelistener -acs 4343
|Unix & Linux|
To run hvrremotelistener interactively so that it listens on a Unix machine, use the following command. Note that option -N is used to disable password authentication; this is necessary when running as an unprivileged user because only root has permission to check passwords.
$ hvrremotelistener -i -N 4343
Command hvr runtime engine.