1tnd(1M)                 System Administration Commands                 tnd(1M)
2
3
4

NAME

6       tnd - trusted network daemon
7

SYNOPSIS

9       /usr/sbin/tnd  [-p poll-interval]
10
11

DESCRIPTION

13       The  tnd  (trusted  network daemon) initializes the kernel with trusted
14       network databases and also reloads the databases on demand from an LDAP
15       server  and  local  files.  tnd follows the order specified in the nss‐
16       witch.conf file when loading configuration databases. tnd is started at
17       the beginning of the boot process.
18
19
20       tnd  loads  two  databases  into  the kernel: the remote host database,
21       tnrhdb and the remote-host template database, tnrhtp.  These  databases
22       and  their effect on the trusted network are described in their respec‐
23       tive man pages. When the associated LDAP database  or  local  databases
24       are  changed,  tnd also updates the local kernel cache at the predeter‐
25       mined interval.
26
27
28       If a local trusted networking database file is modified,  the  adminis‐
29       trator  should run tnchkdb(1M) to check the syntax, and should also run
30       svcadm refresh svc:/network/tnd to initiate an immediate database  scan
31       by tnd.
32
33
34       tnd  is  intended to be started from an smf(5) script and to run in the
35       global zone. The following signals cause specific svcadm actions:
36
37       SIGHUP     Causes svcadm refresh svc:/network/tnd to be run.
38
39                  Initiates a rescan of the local and LDAP tnrhdb  and  tnrhtp
40                  databases.  tnd updates the kernel database with any changes
41                  found.
42
43
44       SIGTERM    Causes svcadm disable svc:/network/tnd to be run.
45
46                  Terminates the tnd daemon. No changes are made to the kernel
47                  database.
48
49
50
51       Running  tnd  in debug mode is determined by the value of the following
52       service  management facility (SMF) property:
53
54         tnd/debug_level = 0
55
56
57
58       A value of 0, as above, prevents  debug  information  from  being  col‐
59       lected;  1 turns on debugging. The default value is 0.  Debug output is
60       sent to the /var/tsol/tndlog log file.
61

OPTIONS

63       -p poll-interval    Set poll interval  to  poll-interval  seconds.  The
64                           default poll-interval is 1800 seconds (30 minutes).
65
66

EXAMPLES

68       Example 1 Changing the Poll Interval
69
70
71       The  following  command  changes  the polling interval to one hour, and
72       puts this interval in the SMF repository. At the  next  boot,  the  tnd
73       poll interval will be one hour.
74
75
76         # svccfg -s network/tnd setprop tnd/poll_interval=3600
77
78
79
80
81       The following command changes the polling interval, but does not update
82       the repository. At the next boot, the tnd  poll  interval  remains  the
83       default, 30 minutes.
84
85
86         # tnd -p 3600
87
88
89

FILES

91       /etc/security/tsol/tnrhdb
92
93           Trusted network remote-host database
94
95
96       /etc/security/tsol/tnrhtp
97
98           Trusted network remote-host templates
99
100
101       /etc/security/tsol/tnzonecfg
102
103           Trusted zone configuration database
104
105
106       /etc/nsswitch.conf
107
108           Configuration file for the name service switch
109
110

ATTRIBUTES

112       See attributes(5) for descriptions of the following attributes:
113
114
115
116
117       ┌─────────────────────────────┬─────────────────────────────┐
118       │      ATTRIBUTE TYPE         │      ATTRIBUTE VALUE        │
119       ├─────────────────────────────┼─────────────────────────────┤
120       │Availability                 │SUNWtsu                      │
121       ├─────────────────────────────┼─────────────────────────────┤
122       │Interface Stability          │See below.                   │
123       └─────────────────────────────┴─────────────────────────────┘
124
125
126       The command invocation is Committed. The service is Private.
127

SEE ALSO

129       svcs(1),   svcadm(1M),   tninfo(1M),   tnctl(1M),   tnchkdb(1M),   nss‐
130       witch.conf(4), attributes(5), smf(5)
131
132
133       How to Synchronize Kernel  Cache  With  Network  Databases  in  Solaris
134       Trusted Extensions Administrator's Procedures
135

NOTES

137       The  functionality  described  on this manual page is available only if
138       the system is configured with Trusted Extensions.
139
140
141       The tnd service is managed by the service  management facility, smf(5),
142       under the service identifier:
143
144         svc:/network/tnd
145
146
147
148
149       The   service's  status can be queried by using svcs(1). Administrative
150       actions on this service,  such as requests to restart the  daemon,  can
151       be performed using svcadm(1M), as in:
152
153         svcadm restart svc:/network/tnd
154
155
156
157
158
159SunOS 5.11                        15 May 2008                          tnd(1M)
Impressum