For what it's worth,
It may be instructive to look at the Debian package, to see what might be
needed. If, on a Debian or Ubuntu system, you issue the command:
$ apt-get source trousers
... it will download the TrouSerS source, and also patch it with the changes
necessary to create the Debain package.
If you then take a look at trousers-*/debian/trousers.postinst, you'll see
what happens in order to satisfy the post-install dependencies. (script pasted
below my signature, FYI.)
Regards,
Mike Pontillo
$ cat trousers-*/debian/trousers.postinst
#!/bin/sh
set -e
case "${1}" in
configure)
# Adding tss system user
adduser --system --quiet --home /var/lib/tpm --shell /bin/false
--no-create-home --group tss
# Setting owner
chown tss:tss /var/lib/tpm -R
chown tss:tss /etc/tcsd.conf
# Setting permissions
chmod 0600 /etc/tcsd.conf
chmod 0700 /var/lib/tpm
# ask udev to check for new udev rules (and fix device permissions)
if [ -x /etc/init.d/udev ] && pidof udevd > /dev/null; then
udevadm control --reload-rules
udevadm trigger --sysname-match="tpm[0-9]*"
fi
;;
abort-upgrade|abort-remove|abort-deconfigure)
;;
*)
echo "postinst called with unknown argument \`${1}'" >&2
exit 1
;;
esac
#DEBHELPER#
exit 0
From: David Li <[email protected]<mailto:[email protected]>>
Date: Monday, October 6, 2014 at 4:01 PM
To: Hon Ching Lo <[email protected]<mailto:[email protected]>>
Cc: trousers-users
<[email protected]<mailto:[email protected]>>
Subject: Re: [TrouSerS-users] Requirements to start tcsd
Hi Vicki,
I managed to get tcsd started. But looking at the /var/log/messages, I am not
sure if it's working properly on my embedded system:
Oct 6 21:46:43 box local5.warn TCSD TDDL[1297]: TrouSerS ioctl: (25)
Inappropriate ioctl for device
Oct 6 21:46:43 box local5.info<http://local5.info> TCSD TDDL[1297]: TrouSerS
Falling back to Read/Write device support.
Oct 6 21:46:43 box local5.warn TCSD[1297]: TrouSerS Failed IPv6 socket:
Address family not supported by protocol
Oct 6 21:46:43 box local5.info<http://local5.info> TCSD[1300]: TrouSerS
trousers 0.3.13: TCSD up and running.
David
On Thu, Oct 2, 2014 at 6:50 PM, Hon Ching Lo
<[email protected]<mailto:[email protected]>> wrote:
Hi David,
I've just recently become the maintainer for TrouSers. I primarily test it on
both RHEL and SLES. AFAIK, there isn't a complete list of required steps on
all different distros.
Vicky
On Thu, Oct 2, 2014 at 7:52 PM, David Li
<[email protected]<mailto:[email protected]>> wrote:
Hi,
I am running tcsd in a customized Linux environment so there might be something
different from standard RH or CentOS.
I have already discovered that it requires an tss user in the tss group. I have
also found that the /usr/local/etc/tcsd.conf needs to be owned by tss:tss too.
Is there a complete list of required steps to start tcsd?
David
------------------------------------------------------------------------------
Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer
Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports
Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper
Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer
http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk
_______________________________________________
TrouSerS-users mailing list
[email protected]<mailto:[email protected]>
https://lists.sourceforge.net/lists/listinfo/trousers-users
------------------------------------------------------------------------------
Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer
Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports
Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper
Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer
http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk
_______________________________________________
TrouSerS-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/trousers-users
