Man Linux: Main Page and Category List

NAME

       tcsd.conf - configuration file for the trousers TCS daemon.

DESCRIPTION

       This  file,  by  default  /etc/tcsd.conf  is  read by the trousers TCSD
       daemon, tcsd (see tcsd(8)). The tcsd.conf file  that  is  installed  by
       trousers contains all the default options, commented out.

OPTIONS

       port  The  port  that  TCSD  will  listen on for connections, local and
       remote, from applications.

       num_threads The maximum number of threads  that  the  TCSD  will  spawn
       simultaneously  to service applications. After num_threads threads have
       been spawned, any application that attempts to connect to the TCSD will
       receive an error.

       system_ps_file  The location of the system persistent storage file. The
       system persistent storage file holds keys and data across  restarts  of
       the TCSD and system reboots.

       firmware_log_file  Path to the file containing the current firmware PCR
       event log data. The interface to this log is usually  provided  by  the
       TPM device driver.

       kernel_log_file  Path  to  the  file  containing the current kernel PCR
       event log data. By default, this data will  be  parsed  in  the  format
       provided by the Integrity Measurement Architecture LSM.

       firmware_pcrs  A  list  of PCR indices that are manipulated only by the
       system firmware and therefore are not extended or logged by  the  TCSD.
       Applications  that call Tcsi_PcrExtend on PCRs listed here will receive
       an error.

       kernel_pcrs A list of PCR indices that  are  manipulated  only  by  the
       kernel   and  therefore  are  not  extended  or  logged  by  the  TCSD.
       Applications that call Tcsi_PcrExtend on PCRs listed here will  receive
       an error.

       platform_cred  Path  to the platform credential for your TPM.  Your TPM
       manufacturer  may  have  provided  you  with  a  set   of   credentials
       (certificates)  that should be used when creating identities using your
       TPM. When a user of your TPM makes an identity, this credential will be
       encrypted  as part of that process. See the 1.1b TPM Main specification
       section 9.3 for information on this process.

       conformance_cred Path to the conformance credential for your TPM.  Your
       TPM  manufacturer  may  have  provided  you  with  a set of credentials
       (certificates) that should be used when creating identities using  your
       TPM. When a user of your TPM makes an identity, this credential will be
       encrypted as part of that process. See the 1.1b TPM Main  specification
       section 9.3 for information on this process.

       endorsement_cred Path to the endorsement credential for your TPM.  Your
       TPM manufacturer may have  provided  you  with  a  set  of  credentials
       (certificates)  that should be used when creating identities using your
       TPM. When a user of your TPM makes an identity, this credential will be
       encrypted  as part of that process. See the 1.1b TPM Main specification
       section 9.3 for information on this process.

       remote_ops A list of TCS commands which will be allowed to be  executed
       on this machine’s TCSD by TSP’s on non-local hosts (over the internet).
       By default, access to all operations is denied.

       host_platform_class Determines the  TCG  specification  of  the  host’s
       platform  class.  This refers to one of the specifications contained in
       the TCG web site. The default is PC specification version 1.2 .

       all_platform_classes Specifies all the TCG defined platforms associated
       with  the  host  platform.  The host_platform_class must not be defined
       here. By default, all platforms but the host platform are associated.

EXAMPLE

              port = 30003
              num_threads = 10
              system_ps_file = /usr/local/var/tpm/system.data
              firmware_log_file = /proc/tpm/firmware_events
              kernel_log_file = /proc/tcg/measurement_events
              firmware_pcrs = 0,1,2,3,4,5,6,7
              kernel_pcrs = 10,11
              platform_cred = /usr/local/var/lib/tpm/platform.cert
              conformance_cred = /usr/local/var/lib/tpm/conformance.cert
              endorsement_cred = /usr/local/var/lib/tpm/endorsement.cert
              remote_ops = create_key,random
              host_platform_class = server_12
              all_platform_classes = pc_11,pc_12,mobile_12

SEE ALSO

       tcsd(8)

AUTHOR

       Kent Yoder

REPORTING BUGS

       Report bugs to <trousers-tech@lists.sf.net>