blob: f1ca44331c23e31570a0b245e17b07866b7eb580 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
|
#!/bin/sh
# $FreeBSD$
#
# PROVIDE: tcsd
# REQUIRE: SERVERS tpmd
# BEFORE: named hastd kerberos
# KEYWORD: shutdown
#
# Add the following lines to /etc/rc.conf.local or /etc/rc.conf
# to enable this service:
#
# tcsd_enable (bool): Set to NO by default.
# Set it to YES to enable tcsd.
# tcsd_mode (string): Set to "native" by default.
# Set it to "emulator" to use software TPM emulator.
# "emulator" depends on tpmd (emulators/tpm-emulator).
. /etc/rc.subr
name=tcsd
rcvar=tcsd_enable
command="%%PREFIX%%/sbin/${name}"
start_precmd="tcsd_precmd"
required_files="%%PREFIX%%/etc/${name}.conf"
tcsd_precmd()
{
/usr/bin/install -d -m 0700 -o %%USERS%% -g %%GROUPS%% \
/var/run/tpm /var/run/ima %%PREFIX%%/var/lib/tpm
/usr/sbin/chown %%USERS%%:%%GROUPS%% \
%%PREFIX%%/etc/tcsd.conf
/bin/chmod 0600 \
%%PREFIX%%/etc/tcsd.conf
}
load_rc_config $name
: ${tcsd_enable:="NO"}
: ${tcsd_mode:="native"}
case $tcsd_mode in
emulator)
if checkyesno tpmd_enable; then
command="%%PREFIX%%/sbin/tcsd_emu"
else
err 1 "tcsd_mode=\"emulator\" requires tpmd_enable=\"YES\"."
fi
;;
esac
run_rc_command "$1"
|
