HPE Community
Insight Remote Support
1753835 Members
7407 Online
108806 Solutions
New Discussion юеВ

Re: Useless Use of ISEE Cronjob

 
SOLVED
Go to solution
Ralph Grothe
Honored Contributor

тАО07-22-2007 08:29 PM

тАО07-22-2007 08:29 PM

Useless Use of ISEE Cronjob

Hello,

I seem to have a superfluous cronjob running

that must have been sneaked in by some OS installation procedure.

I get the same pointless output from this cronjob as mentioned in this thread:

http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=1058778

I could identify the pruneIncidents script as being part of the ISEE package,
which to my knowledge we make no use of,
according to (silly?) business security policy.

# crontab -l|grep pruneIncidents
0 0 * * 1 /opt/hpservices/RemoteSupport/config/pruneIncidents.sh

# swlist -l file ISEE|grep pruneIncidents
/opt/hpservices/RemoteSupport/config/pruneIncidents.sh

For this reason I at best would like to swremove the whole ISEE package altogether.
However, I am not aware of any implications (bad side effects) this may have.
At least an swremove does not seem to require a reboot.
But I haven't yet checked any lurking dependencies.

# swlist -l fileset -a is_reboot ISEE|grep ^[^#]
ISEE.CORE false


Or is it safe to simply comment the pruneIncident job in crontab?
What bothers me somewhat is this comment in the pruneIncident.sh script:

# It is called
# by a cron job to keep the file system from
# filling up without bound.

Does it mean I would end up with bloating (log)files if I did deactivate the job?

I couldn't find a sensible global ISEE deactivation switch/directive in /opt/hpservices/RemoteSupport/config/baseConfig


Also there appear log entries about strange start stop and restart attempts of some Mad daemon (nomen est omen) in
/var/opt/hpservices/log/pruneIncidents.log

Mon Jul 16 00:00:00 METDST 2007 : Starting Mad Daemon
Mon Jul 16 00:00:00 METDST 2007 : Failed to start Mad !
Mon Jul 23 00:00:00 METDST 2007 : Stopping mad
Mon Jul 23 00:00:00 METDST 2007 : Mad has been Stopped
Mon Jul 23 00:00:00 METDST 2007 : List of all Closed Incidents


Will these be supressed if the pruneIncident cronjob was deactivated?

Regards

Ralph
Madness, thy name is system administration
0 Kudos
Reply
4 REPLIES 4
Liem Nguyen
Honored Contributor

тАО07-23-2007 12:26 AM

тАО07-23-2007 12:26 AM

Re: Useless Use of ISEE Cronjob

Hi Ralph,

pruneIncidents.sh is a cron job for ISEE to clean up the database, it runs once a week.

If you DO NOT have ISEE (swlist | grep -i isee), then you can remove the cron entry.

If you want to remove the whole ISEE package, you can simply run "swremove ISEEPlatform), there is no reboot needed.

Regards,
0 Kudos
Reply
Ralph Grothe
Honored Contributor

тАО07-23-2007 01:20 AM

тАО07-23-2007 01:20 AM

Re: Useless Use of ISEE Cronjob

Hi Nguyen,

as I wrote, I do have ISEE installed though not deliberately because it must have been installed together with the OS surreptitiously.
Since I have no need for ISEE (actually I would, but our security folks would not allow a host making connections to the Internet, even if it was encrypted or tunneled), it was never configured, and thus there is most likely nothing for pruneIncident to clean up.
So the whole cronjob seems pretty useless to me.
But because these are production cluster nodes I wanted to make sure that I wouldn't bugger something up by running the swremove ISEE.
Of course have I seen that this would go without a reboot.
But who knows, actually who he knows nothing about ISEE like me, what other vital parts of the OS might be broken after the swremove?
Madness, thy name is system administration
0 Kudos
Reply
Frauke Denker_2
Esteemed Contributor

тАО07-24-2007 06:35 PM

тАО07-24-2007 06:35 PM

Solution

Re: Useless Use of ISEE Cronjob

Hallo Ralph,
you are right, ISEE is part of the OS by now. It will be installed but not configured - and disabled to be started during system boot. The pruneIncident entry in the crontab is part of the installation and as long as you do not use ISEE you do not need this script - is is used to remove closed incidents of a certain age to cleanup the filesysem.
Frauke
Reply
Ralph Grothe
Honored Contributor

тАО07-24-2007 07:46 PM

тАО07-24-2007 07:46 PM

Re: Useless Use of ISEE Cronjob

Hi Frauke,

many thanks for confirming my (by avoidance of perusal of hundreds of documentation pages, uneducated) notion of ISEE.
So I will leave the ISEE package installed,
and only comment out the disturbing cronjob.
I will start with the least important node of the cluster and watch the effect (though I am convinced of the total harmlessness ;-)
However, unlike our "security governance wardens" I am pretty convinced of the benevolence of ISEE, and I really urge this tool to be established in our HP environment one day.
Unfortunately, as a mere admin I am a rather uninfluencial employee as far as these decisions are concerned.
In the past I several times have been asked by various HP CEs during their occassional repair appearances in our bunker if we weren't interested in rigging up ISEE for our servers under service contract, at even no additional costs for us.
And several times have I asked the relevant people to spare a few minutes to contemplate about this, also providing them with links of the streaming video demos HP offers for free.
But then I am not a very insistant guy in this respect and often too happily try to avoid those talks and venting meetings whenever I can (admittedly, a big mistake and possible career damper).
Perhaps you could provide me with a link to some paper that especially stresses the security features of ISEE and related technical aspects?
This might give me some persuasion ammo.

Madness, thy name is system administration
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.