Provided by: trousers_0.3.15-0.3_amd64 bug

NAME

       tcsd.conf - configuration file for the trousers TCS daemon.

DESCRIPTION

       This  file,  by  default  /etc/tcsd.conf  is  read  by the trousers TCSD daemon, tcsd (see
       tcsd(8)). The tcsd.conf file that is  installed  by  trousers  contains  all  the  default
       options, commented out.

OPTIONS

       port  The  port  that  TCSD  will  listen  on  for  connections,  local  and  remote, from
       applications.

       num_threads The maximum number of threads that  the  TCSD  will  spawn  simultaneously  to
       service  applications.  After  num_threads threads have been spawned, any application that
       attempts to connect to the TCSD will receive an error.

       system_ps_file The location of the system persistent storage file. The  system  persistent
       storage file holds keys and data across restarts of the TCSD and system reboots.

       firmware_log_file Path to the file containing the current firmware PCR event log data. The
       interface to this log is usually provided by the TPM device driver.

       kernel_log_file Path to the file containing the current kernel  PCR  event  log  data.  By
       default,  this  data  will  be  parsed in the format provided by the Integrity Measurement
       Architecture LSM.

       firmware_pcrs A list of PCR indices that are manipulated only by the system  firmware  and
       therefore are not extended or logged by the TCSD. Applications that call Tcsi_PcrExtend on
       PCRs listed here will receive an error.

       kernel_pcrs A list of PCR indices that are manipulated only by the  kernel  and  therefore
       are  not  extended  or  logged  by the TCSD. Applications that call Tcsi_PcrExtend on PCRs
       listed here will receive an error.

       platform_cred Path to the platform credential for your TPM.   Your  TPM  manufacturer  may
       have  provided  you  with  a  set  of  credentials (certificates) that should be used when
       creating identities using your TPM. When a user  of  your  TPM  makes  an  identity,  this
       credential  will be encrypted as part of that process. See the 1.1b TPM Main specification
       section 9.3 for information on this process.

       conformance_cred Path to the conformance credential for your TPM.  Your  TPM  manufacturer
       may  have  provided  you with a set of credentials (certificates) that should be used when
       creating identities using your TPM. When a user  of  your  TPM  makes  an  identity,  this
       credential  will be encrypted as part of that process. See the 1.1b TPM Main specification
       section 9.3 for information on this process.

       endorsement_cred Path to the endorsement credential for your TPM.  Your  TPM  manufacturer
       may  have  provided  you with a set of credentials (certificates) that should be used when
       creating identities using your TPM. When a user  of  your  TPM  makes  an  identity,  this
       credential  will be encrypted as part of that process. See the 1.1b TPM Main specification
       section 9.3 for information on this process.

       remote_ops A list of TCS commands which will be allowed to be executed on  this  machine's
       TCSD by TSP's on non-local hosts (over the internet). By default, access to all operations
       is denied.

       host_platform_class Determines the TCG specification of the host's  platform  class.  This
       refers  to  one  of  the  specifications  contained in the TCG web site. The default is PC
       specification version 1.2 .

       all_platform_classes Specifies all the TCG defined  platforms  associated  with  the  host
       platform.  The host_platform_class must not be defined here. By default, all platforms but
       the host platform are associated.

EXAMPLE

              port = 30003
              num_threads = 10
              system_ps_file = /usr/local/var/tpm/system.data
              firmware_log_file = /proc/tpm/firmware_events
              kernel_log_file = /proc/tcg/measurement_events
              firmware_pcrs = 0,1,2,3,4,5,6,7
              kernel_pcrs = 10,11
              platform_cred = /usr/local/var/lib/tpm/platform.cert
              conformance_cred = /usr/local/var/lib/tpm/conformance.cert
              endorsement_cred = /usr/local/var/lib/tpm/endorsement.cert
              remote_ops = create_key,random
              host_platform_class = server_12
              all_platform_classes = pc_11,pc_12,mobile_12

SEE ALSO

       tcsd(8)

AUTHOR

       Kent Yoder

REPORTING BUGS

       Report bugs to <trousers-tech@lists.sf.net>