1 --- man/man8/tcsd.8.in 2009-09-08 07:39:30.000000000 -0700 |
|
2 +++ man/man8/tcsd.8.in.new 2010-09-16 08:13:25.613336616 -0700 |
|
3 @@ -74,12 +74,32 @@ |
|
4 the TCS and stays valid across application lifetimes, \fBtcsd\fR restarts and |
|
5 system resets. Data registered in system PS stays valid until an application |
|
6 requests that it be removed. User PS files are by default stored as |
|
7 -/var/tpm/user.{pid} and the system PS file by default is /var/tpm/system.data. |
|
8 -The system PS file is initially created when ownership of the TPM is first |
|
9 -taken. |
|
10 +/var/user/$USERNAME/tpm/userps/user.data and the system PS file by default is |
|
11 +/var/tpm/system/system.data. The system PS file is initially created when |
|
12 +ownership of the TPM is first taken. |
|
13 +.PP |
|
14 +\fB/var/tpm/system/system.data\fR |
|
15 +.ad |
|
16 +.RS 4n |
|
17 +Contains the system PS (persistent storage) data controlled by the TCS. By default, |
|
18 +the SRK key is installed in PS and does not require owner authorization to use. If the |
|
19 +TPM has previously been provisioned and owner-auth is required to load the SRK, |
|
20 +then the /var/tpm/system/system.data.auth file should be moved to |
|
21 +/var/tpm/system/system.data before starting the TCS (See NOTES). |
|
22 +.RE |
|
23 +.sp |
|
24 +.PP |
|
25 +\fB/var/tpm/system/system.data.auth\fR |
|
26 +.ad |
|
27 +.RS 4n |
|
28 +This is the default PS data file to use if the TPM has been previously |
|
29 +configured to require owner-auth to access the SRK. Copy this file |
|
30 +to /var/tpm/system/system.data prior to starting the TCS if owner-auth is |
|
31 +needed, otherwise this file can be ignored. |
|
32 +.RE |
|
33 |
|
34 .SH "CONFIGURATION" |
|
35 -\fBtcsd\fR configuration is stored by default in /etc/tcsd.conf |
|
36 +\fBtcsd\fR configuration is stored by default in /etc/security/tcsd.conf |
|
37 |
|
38 .SH "DEBUG OUTPUT" |
|
39 If TrouSerS has been compiled with debugging enabled, the debugging output |
|
40 @@ -88,8 +108,9 @@ |
|
41 .SH "DEVICE DRIVERS" |
|
42 .PP |
|
43 \fBtcsd\fR is compatible with the IBM Research TPM device driver available |
|
44 -from http://www.research.ibm.com/gsal/tcpa and the TPM device driver available |
|
45 -from http://sf.net/projects/tmpdd |
|
46 +from http://www.research.ibm.com/gsal/tcpa and the TPM device driver for |
|
47 +Linux available from http://sf.net/projects/tmpdd. It is also compatible |
|
48 +with the TPM device driver for Solaris which is available in the driver/crypto/tpm package. |
|
49 |
|
50 .SH "CONFORMING TO" |
|
51 .PP |
|
52 @@ -98,7 +119,23 @@ |
|
53 |
|
54 .SH "SEE ALSO" |
|
55 .PP |
|
56 -\fBtcsd.conf\fR(5) |
|
57 +\fBtcsd.conf\fR(5), \fBsvcadm\fR(1M), \fBsmf\fR(5) |
|
58 + |
|
59 +.SH "NOTES" |
|
60 +.sp |
|
61 +.LP |
|
62 +The \fBtcsd\fR service is managed by the service management facility, \fBsmf\fR(5), under |
|
63 +the service identifier: |
|
64 +.sp |
|
65 +.in +2 |
|
66 +.nf |
|
67 +svc:/application/security/tcsd:default |
|
68 +.fi |
|
69 +.in -2 |
|
70 +.sp |
|
71 +.LP |
|
72 +Administrative actions on this service, such as enabling, disabling, or requesting restart, can be |
|
73 +performed using \fBsvcadm\fR(1M). The service's status can be queried using the \fBsvcs\fR(1) command. |
|
74 |
|
75 .SH "AUTHOR" |
|
76 Kent Yoder |
|