hvrremotelistener - HVR Remote Listener.
hvrremotelistener [-options] portnum [access_conf.xml]
HVR Remote Listener listens on a TCP/IP port number and invokes an hvr process for each connection. The mechanism is the same as that of the Unix/Linux daemon inetd, xinetd or systemd.
On Windows, HVR Remote Listener is a Windows Service which is administered with option -a. The account under which it is installed must be member of the Administrator group, and must be granted privilege to act as part of the operating system (SeTcbPrivilege). The service can either run as the default system account, or (if option -P is used) can run under the HVR account which created the Windows Service.
On Unix and Linux, HVR Remote Listener runs as a daemon which can be started with option -d and killed with option -k.
Optionally, after the port number portnum an access configuration file access_conf.xml can be specified. This can be used to authenticate the identity of incoming connections using SSL. For example, the following contents will restrict access to only connections from a certain hub machine:
HVR Remote Listener is supported on Unix and Linux but it is more common on these machines to start remote HVR executables using the system process (inetd, xinetd or systemd). For more information, see Configuring Remote Installation of HVR on Unix or Linux.
When HVR Remote Listener is executed as a Windows service the errors are written to the Windows event log (Control Panel ▶ Adminitrative Tools ▶ Event Viewer ▶ Windows Logs ▶ Application).
This section describes the options available for command hvrremotelistener.
|Administration operations for Microsoft Windows system service.Values of x can be:|
Remote HVR connections should only authenticate login/password supplied from hub, but should not change from the current operating system username to that login. This option can be combined with the -p option (PAM) if the PAM service recognizes login names which are not known to the operating system. In that case the daemon service should be configured to start the HVR child process as the correct operating system user (instead of root).
Enroll the Remote Listener Service in a Windows cluster named clus in the cluster group clusgrp. Once the service is enrolled in the cluster it should only be stopped and started with the Windows cluster dialogs instead of the service being stopped and started directly (in the Windows Services dialog or with options -as or -ah). In Windows, failover clusters clusgrp is the network name of the item under Services and Applications. The group chosen should also contain the remote location; either the DBMS service for the remote database or the shared storage for a file location's top directory and state directory. The service needs to be created (with option -ac) on each node in the cluster. This service will act as a 'Generic Service' resource within the cluster. This option must be used with option -a.
Start hvrremotelistener as a daemon process.
Set environment variable name to value value for the HVR processes started by this service.
Interactive invocation. HVR Remote Listener stays attached to the terminal instead of redirecting its output to a log file.
Stop hvrremotelistener daemon using the process-id available in $HVR_CONFIG/files/hvrremotelistenerport.pid.
SSL encryption using two files (public certificate and private key) to match public certificate supplied by /SslRemoteCertificate. If pair is relative, then it is found in directory $HVR_HOME/lib/cert. Value pair specifies two files; the names of these files are calculated by removing any extension from pair and then adding extensions .pub_cert and .priv_key. For example, option -Khvr refers to files $HVR_HOME/lib/cert/hvr.pub_cert and $HVR_HOME/lib/cert/hvr.priv_key.
Do not authenticate passwords or change the current user name. Disabling password authentication is a security hole, but may be useful as a temporary measure. For example, if a configuration problem is causing an 'incorrect password' error, then this option will bypass that check.
Use Pluggable Authentication Module pamsrv for login password authentication of remote HVR connections. PAM is a service provided by several Operation Systems as an alternative to regular login/password authentication, e.g. checking the /etc/passwd file. Often -plogin will configure HVR child processes to check passwords in the same way as the operating system. Available PAM services can be found in file /etc/pam.conf or directory /etc/pam.d.
Configure HVR Remote Listener service to run under the current login HVR account using password pwd, instead of under the default system login account. May only be supplied with option -ac. Empty passwords are not allowed. The password is kept (hidden) within the Microsoft Windows operating system and must be re-entered if passwords change.
Limits the HVR child process to only accept connections which are able to supply the password for account user. Multiple -U options can be supplied.
To create and start a Windows listener service to listen on port number 4343:
To run hvrremotelistener interactively so that it listens on a Unix machine, use the following command. Note that option -N is used to disable password authentication; this is necessary when running as an unprivileged user because only root has permission to check passwords.
Executable for remote HVR service.
HVR Remote Listener executable.
Password file employed by hvrvalidpwfile.
Used by HVR for user authentication.
The plugin file for private password file authentication.
The plugin file for LDAP authentication.
Configuration for LDAP authentication plugin.
Example configuration file for LDAP authentication plugin.
Process-id of daemon started with option -d.
Logfile for daemon started with -d.