--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/components/trousers/patches/man_man8_tcsd.8.in.patch	Sat Oct 20 00:06:08 2012 -0700
@@ -0,0 +1,92 @@
+--- man/man8/tcsd.8.in	2010-01-28 08:27:51.000000000 -0800
++++ man/man8/tcsd.8.in	2012-04-16 17:46:52.763527000 -0700
+@@ -51,10 +51,11 @@
+ There are two types of access control for the \fBtcsd\fR, access to the
+ daemon's socket itself and access to specific commands internal to the
+ \fBtcsd\fR. Access to the \fBtcsd\fR's port should be controlled by the system
+-administrator using firewall rules.  If using iptables, the following rule
+-will allow a specific host access to the tcsd:
+-
+-# iptables -A INPUT -s $IP_ADDRESS -p tcp --destination-port @TCSD_DEFAULT_PORT@ -j ACCEPT
++administrator using firewall rules.
++If port = 0 in /etc/security/tcsd.conf, \fBtcsd\R uses a UNIX Domain socket.
++Otherwise, \fBtcsd\fR uses a TCP port.
++By default the TCP port, when enabled, is accessible only from localhost,
++unless "remote_ops" in tcsd.conf is not empty.
+ 
+ Access to individual commands internal to the tcsd is configured by the
+ \fBtcsd\fR configuration file's "remote_ops" directive. Each function call
+@@ -74,12 +75,32 @@
+ the TCS and stays valid across application lifetimes, \fBtcsd\fR restarts and 
+ system resets. Data registered in system PS stays valid until an application 
+ requests that it be removed. User PS files are by default stored as 
+-/var/tpm/user.{pid} and the system PS file by default is /var/tpm/system.data. 
+-The system PS file is initially created when ownership of the TPM is first 
+-taken.
++/var/user/$USERNAME/tpm/userps/user.data and the system PS file by default is
++/var/tpm/system/system.data.  The system PS file is initially created when 
++ownership of the TPM is first taken.
++.PP
++\fB/var/tpm/system/system.data\fR
++.ad
++.RS 4n
++Contains the system PS (persistent storage) data controlled by the TCS.  By default,
++the SRK key is installed in PS and does not require owner authorization to use.  If the
++TPM has previously been provisioned and owner-auth is required to load the SRK,
++then the /var/tpm/system/system.data.auth file should be moved to 
++/var/tpm/system/system.data before starting the TCS (See NOTES).
++.RE
++.sp
++.PP
++\fB/var/tpm/system/system.data.auth\fR
++.ad
++.RS 4n
++This is the default PS data file to use if the TPM has been previously 
++configured to require owner-auth to access the SRK.  Copy this file 
++to /var/tpm/system/system.data prior to starting the TCS if owner-auth is
++needed, otherwise this file can be ignored.
++.RE
+ 
+ .SH "CONFIGURATION"
+-\fBtcsd\fR configuration is stored by default in /etc/tcsd.conf
++\fBtcsd\fR configuration is stored by default in /etc/security/tcsd.conf
+ 
+ .SH "DEBUG OUTPUT"
+ If TrouSerS has been compiled with debugging enabled, the debugging output
+@@ -88,8 +109,9 @@
+ .SH "DEVICE DRIVERS"
+ .PP
+ \fBtcsd\fR is compatible with the IBM Research TPM device driver available
+-from http://www.research.ibm.com/gsal/tcpa and the TPM device driver available
+-from http://sf.net/projects/tmpdd
++from http://www.research.ibm.com/gsal/tcpa and the TPM device driver for 
++Linux available from http://sf.net/projects/tmpdd.  It is also compatible 
++with the TPM device driver for Solaris which is available in the driver/crypto/tpm package.
+ 
+ .SH "CONFORMING TO"
+ .PP
+@@ -98,7 +120,23 @@
+ 
+ .SH "SEE ALSO"
+ .PP
+-\fBtcsd.conf\fR(5)
++\fBtcsd.conf\fR(5), \fBsvcadm\fR(1M), \fBsmf\fR(5)
++
++.SH "NOTES"
++.sp
++.LP
++The \fBtcsd\fR service is managed by the service management facility, \fBsmf\fR(5), under
++the service identifier:
++.sp
++.in +2
++.nf
++svc:/application/security/tcsd:default
++.fi
++.in -2
++.sp
++.LP
++Administrative actions on this service, such as enabling, disabling, or requesting restart, can be
++performed using \fBsvcadm\fR(1M). The service's status can be queried using the \fBsvcs\fR(1) command.
+ 
+ .SH "AUTHOR"
+ Kent Yoder