Manualshelf

HP-UX Trusted Computing Services A.01.00 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX Trusted Computing Services (TCS) Software
31323334353637383940
6. If the /etc/opt/tcs directory is not accessible, or the system persistent storage
(system.data) is corrupted, tcsd does not start.
7. The TPM device driver might not have been installed or configured properly.
8. For HP-UX TCS system data restoration, see Chapter 7 (page 33).
9. Make sure the TPM is owned, enabled, and activated.
10. Use the swconfig TCS command or enable the TPM. See Chapter 2 (page 13).
Troubleshooting EVFS/HP-UX TCS Integration
This section provides troubleshooting steps for EVFS/HP-UX TCS integration.
1. Verify that tcsd is running using the tpmlist status command. If tcsd is not running,
see “Troubleshooting tcsd” (page 37).
2. Ensure the contents of the /etc/evfs/evfs.conf file are correct. Verify there are no
typographic errors in both the keywrap and the pbe parameters.
3. Ensure that the /usr/lib/evfs/hpux64/libevfs_pbe.so symbolic link is pointing to
the /usr/lib/evfs/hpux64/libevfs_pbe.so1 file, and ensure that both of these files
exist.
The tpmadm restore Command Fails
The tpmadm restore command can fail for the following reasons:
You are not root.
The tpmadm restore command attempts to delete the existing RK before migrating the
new RK from the backup file, and the deletion succeeds only if the user is root. This is a
security precaution. The tcsd daemon allows only the root user to delete the SRK, RK, and
SK on HP-UX.
Incorrect passwords are used.
Ensure that passwords and secret used are either limited to eight characters, or are
consistently passed using the command-line environment (see Known Limitations in the
HP-UX Trusted Computing Services Release Notes).
Commands Fail When Run as a Non-Privileged User
Make sure each non-privileged user has a home directory. The tcsd daemon attempts to create
a .trousers/user.data file under the home directory.
Reporting Problems
If you are unable to solve a problem with HP-UX TCS, follow these steps:
1. Read the HP-UX Trusted Computing Services Release Notes to see if the problem is known. If
it is, follow the solution offered to solve the problem.
2. Determine if the product is still under warranty or if your company purchased support
services for the product. Your operations manager can supply you with the necessary
information.
3. Access http://www.itrc.hp.com and search the technical knowledge databases to determine
if the problem you are experiencing has been reported already. The type of documentation
and resources you have access to depend on your level of entitlement.
NOTE: The ITRC resource forums at http://www.itrc.hp.com offer peer-to-peer support
to solve problems and are free to users after registration.
If this is a new problem or if you need additional help, log your problem with the HP
Response Center, either online through the support case manager at http://www.itrc.hp.com,
38 HP-UX TCS Troubleshooting and Known Issues