Provided by: tpm2-abrmd_2.4.1-1_amd64 
NAME
tpm2-abrmd - TPM2 access broker and resource management daemon
SYNOPSIS
tpm2-abrmd [-m][-e][-i][-o][-l logger-name][-r][-s][-g /dev/urandom][-t conf]
DESCRIPTION
tpm2-abrmd is a daemon that implements the TPM access broker and resource manager as
described by the Trusted Computing Group (TGC) in the “TSS System Level API and TPM
Command Transmission Interface Specification”. This daemon uses the DBus system bus and
some pipes to communicate with clients.
OPTIONS
-t, --tcti
Provide the daemon with a string that describes the TCTI and how to configure it
for communication with the next component down the TSS2 stack. This string is
formatted as "tcti-name:tcti-conf" where:
'tcti-name'
The name of the TCTI library shared object file. Libraries are found using
the same algorithm as dlopen (3). If the TCTI library file name follows the
naming convention: libtss2-tcti-<name>.so.0 where <name> is the name for the
TCTI, the value of <name> may be supplied in place of the full library file
name. See 'EXAMPLES' below.
'tcti-conf'
The configuration string passed to the TCTI library upon initialization.
If this option is omitted (or a NULL string provided) then a default TCTI is used
in it's default configuration. If the string does not contain a colon then it will
be interpreted as only the 'tcti-name'. To provide only the configuration string
(using the default TCTI) then the first character in the string passed to this
option must be a colon followed by the configuration string. See examples below.
-o, --allow-root
Allow daemon to run as root. If this option is not provided the daemon will refused
to run as the root user. Use of this option is not recommended.
-m, --max-connections
Set an upper bound on the number of concurrent client connections allowed. Once
this number of client connections is reached new connections will be rejected with
an error. If the option is not specified the default is 27.
-f, --flush-all
Flush all objects and sessions when daemon is started.
-l, --logger
Direct logging output to named logging target. Supported targets are stdout and
syslog. If the logger option is not specified the default is stdout.
-e, --max-sessions
Set and upper bound on the number of sessions that each client connection is
allowed to create (loaded or active) at any one time. If the option is not
specified the default is 4.
-r, --max-transients
Set an upper bound on the number of transient objects that each client connection
allowed to load. Once this number of objects is reached attempts to load new
transient objects will produce an error. If the option is not specified the default
is 27.
-n, --dbus-name
Claim the given name on dbus. This option overrides the default of
com.intel.tss2.Tabrmd.
-g, --prng-seed-file
Read seed for pseudo-random number generator from the provided file.
-s, --session
Connect daemon to the session dbus. If the option is not specified the daemon
connects to the system dbus.
-v, --version
Display version string.
EXAMPLES
Execute daemon with default TCTI and options:
tpm2-abrmd
Execute daemon with default TCTI and provided config string:
tpm2-abrmd --tcti=":/dev/tpm0"
This is equivalent to:
tpm2-abrmd --tcti="device:/dev/tpm0"
tpm2-abrmd --tcti="libtss2-tcti-device.so.0:/dev/tpm0"
Have daemon use swtpm TPM2 Simulator tcti library
´libtss2-tcti-swtpm.so.0´. This connects to a TPM2 simulator via a TCP swtpm.
tpm2-abrmd --tcti="swtpm"
tpm2-abrmd --tcti="libtss2-tcti-swtpm.so.0"
Have daemon use tcti library ´libtss2-tcti-swtpm.so.0´ and config string
´host=127.0.0.1,port=5555´: tpm2-abrmd --tcti=swtpm:host=127.0.0.1,port=5555"
tpm2-abrmd --tcti="libtss2-tcti-swtpm.so.0:host=127.0.0.1,port=5555"
AUTHOR
Philip Tricca <philip.b.tricca@intel.com>
SEE ALSO
tcsd(8)
COLOPHON
This page is part of the 2.4.1 release of Intel's TPM2 Access Broker & Resource Management
Daemon. A description of the project, information about reporting bugs, and the latest
version of this page can be found at https://github.com/01org/tpm2-abrmd/.