Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

tcsd(8) [debian man page]

tcsd(8) 						      System Manager's Manual							   tcsd(8)

								TCG Software Stack

NAME

       tcsd - daemon that manages Trusted Computing resources

SYNOPSIS

       tcsd [-f] [-c <configfile> ]

DESCRIPTION

       Trousers is an open-source TCG Software Stack (TSS), released under the Common Public License. Trousers aims to be compliant with the
       current (1.1b) and upcoming (1.2) TSS specifications available from the Trusted Computing Group website:
       http://www.trustedcomputinggroup.org.

       tcsd is a user space daemon that should be (according to the TSS spec) the only portal to the TPM device driver. At boot time, tcsd should
       be started, it should open the TPM device driver and from that point on, all requests to the TPM should go through the TSS stack. The tcsd
       manages TPM resources and handles requests from TSP's both local and remote.

       -f     run the daemon in the foreground

       -c <configfile>
	      use the provided configuration file rather than the default configuration file

ACCESS CONTROL

       There are two types of access control for the tcsd, access to the daemon's socket itself and access to specific commands internal to the
       tcsd. Access to the tcsd's port should be controlled by the system administrator using firewall rules.  If using iptables, the following
       rule will allow a specific host access to the tcsd:

       # iptables -A INPUT -s $IP_ADDRESS -p tcp --destination-port 30003 -j ACCEPT

       Access to individual commands internal to the tcsd is configured by the tcsd configuration file's "remote_ops" directive. Each function
       call in the TCS API is reachable by a unique ordinal.  Each labeled "remote op" actually defines a set of ordinals (usually more than one)
       necessary to accomplish the operation. So, for example, the "random" operation enables the ordinals for opening and closing a context,
       calling TCS_StirRandom and TCS_GetRandom, as well as TCS_FreeMemory. By default, connections from localhost will allow any ordinals.

DATA FILES

       TSS applications have access to 2 different kinds of 'persistent' storage. 'User' persistent storage has the lifetime of that of the
       application using it and therefore is destroyed when an application exits.  User PS is controlled by the TSP of the application.  'System'
       persistent storage is controlled by the TCS and stays valid across application lifetimes, tcsd restarts and system resets. Data registered
       in system PS stays valid until an application requests that it be removed. User PS files are by default stored as /var/tpm/user.{pid} and
       the system PS file by default is /var/tpm/system.data.  The system PS file is initially created when ownership of the TPM is first taken.

CONFIGURATION

       tcsd configuration is stored by default in /etc/tcsd.conf

DEBUG OUTPUT

       If TrouSerS has been compiled with debugging enabled, the debugging output can be supressed by setting the TSS_DEBUG_OFF environment
       variable.

DEVICE DRIVERS

       tcsd is compatible with the IBM Research TPM device driver available from http://www.research.ibm.com/gsal/tcpa and the TPM device driver
       available from http://sf.net/projects/tmpdd

CONFORMING TO

       tcsd conforms to the Trusted Computing Group Software Specification version 1.1 Golden

SEE ALSO

       tcsd.conf(5)

AUTHOR

       Kent Yoder

REPORTING BUGS

       Report bugs to <trousers-tech@lists.sf.net>

TSS 1.1 							    2005-03-15								   tcsd(8)

Check Out this Related Man Page

tpm_setenable(8)					      System Manager's Manual						  tpm_setenable(8)

							  TPM Management - tpm_setenable

NAME

       tpm_setenable - change TPM enable states

SYNOPSIS

       tpm_setenable [OPTION]

DESCRIPTION

       tpm_setenable reports the status of the TPM's flags regarding the enable state of the TPM.  This is the default behavior and also
       accessible via the --status option. Requesting a report of this status prompts for the owner password.  The --enable option changes the
       system's TPM to the enabled state (via the TPM_OwnerSetDisable API).  This operation prompts for the owner password and is persistent. The
       --disable option (via the TPM_OwnerSetDisable API) changes the system's TPM to the disabled state.  This operation prompts for the owner
       password and is persistent.  A disabled TPM is essentially off and does not allow a tpm_takeownership to occur.	The --force option
       overrides the owner password prompt and relies on physical presence for the operation authorization (via the TPM_PhysicalEnable and
       TPM_PhysicalDisable APIs).  The --enable, --disable, and --status options are mutually exclusive and the last one on the command line will
       be carried out.

       -h, --help
	      Display command usage info.

       -v, --version
	      Display command version info.

       -l, --log [none|error|info|debug]
	      Set logging level.

       -u, --unicode
	      Use TSS UNICODE encoding for passwords to comply with applications using TSS popup boxes

       -s, --status
	      Report the status of flags regarding the TPM enable states.

       -e, --enable
	      Make the TPM enabled.  Operation is persistent and  prompts for owner authorization.

       -d, --disable
	      Make the TPM disabled.   Operation is persistent and prompts for owner authorization.

       -f, --force
	      Overrides the prompt for owner authorization and uses physical presence to authorize the action.

       -z, --well-known
	      Authenticate using 20 bytes of zeros as owner password (the default TSS Well Known Secret), instead of prompting for an owner
	      password.

SEE ALSO

       tpm_version(1), tpm_setpresence(8), tpm_takeownership(8), tpm_setactive(8), tcsd(8)

REPORTING BUGS

       Report bugs to <trousers-users@lists.sourceforge.net>

TPM Management							    2005-05-06							  tpm_setenable(8)
Man Page