1tnd(1M) System Administration Commands tnd(1M)
2
6 tnd - trusted network daemon
7
9 /usr/sbin/tnd [-p poll-interval]
10
13 The tnd (trusted network daemon) initializes the kernel with trusted
14 network databases and also reloads the databases on demand from an LDAP
15 server and local files. tnd follows the order specified in the nss‐
16 witch.conf file when loading configuration databases. tnd is started at
17 the beginning of the boot process.
18 tnd loads two databases into the kernel: the remote host database,
21 tnrhdb and the remote-host template database, tnrhtp. These databases
22 and their effect on the trusted network are described in their respec‐
23 tive man pages. When the associated LDAP database or local databases
24 are changed, tnd also updates the local kernel cache at the predeter‐
25 mined interval.
26 If a local trusted networking database file is modified, the adminis‐
29 trator should run tnchkdb(1M) to check the syntax, and should also run
30 svcadm refresh svc:/network/tnd to initiate an immediate database scan
31 by tnd.
32 tnd is intended to be started from an smf(5) script and to run in the
35 global zone. The following signals cause specific svcadm actions:
36 SIGHUP Causes svcadm refresh svc:/network/tnd to be run.
38 Initiates a rescan of the local and LDAP tnrhdb and tnrhtp
40 databases. tnd updates the kernel database with any changes
41 found.
42 SIGTERM Causes svcadm disable svc:/network/tnd to be run.
45 Terminates the tnd daemon. No changes are made to the kernel
47 database.
48 Running tnd in debug mode is determined by the value of the following
52 service management facility (SMF) property:
53 tnd/debug_level = 0
55 A value of 0, as above, prevents debug information from being col‐
59 lected; 1 turns on debugging. The default value is 0. Debug output is
60 sent to the /var/tsol/tndlog log file.
61
63 -p poll-interval Set poll interval to poll-interval seconds. The
64 default poll-interval is 1800 seconds (30 minutes).
65
68 Example 1 Changing the Poll Interval
69 The following command changes the polling interval to one hour, and
72 puts this interval in the SMF repository. At the next boot, the tnd
73 poll interval will be one hour.
74 # svccfg -s network/tnd setprop tnd/poll_interval=3600
77 The following command changes the polling interval, but does not update
82 the repository. At the next boot, the tnd poll interval remains the
83 default, 30 minutes.
84 # tnd -p 3600
87
91 /etc/security/tsol/tnrhdb
92 Trusted network remote-host database
94 /etc/security/tsol/tnrhtp
97 Trusted network remote-host templates
99 /etc/security/tsol/tnzonecfg
102 Trusted zone configuration database
104 /etc/nsswitch.conf
107 Configuration file for the name service switch
109
112 See attributes(5) for descriptions of the following attributes:
113 ┌─────────────────────────────┬─────────────────────────────┐
118 │ ATTRIBUTE TYPE │ ATTRIBUTE VALUE │
119 ├─────────────────────────────┼─────────────────────────────┤
120 │Availability │SUNWtsu │
121 ├─────────────────────────────┼─────────────────────────────┤
122 │Interface Stability │See below. │
123 └─────────────────────────────┴─────────────────────────────┘
124 The command invocation is Committed. The service is Private.
127
129 svcs(1), svcadm(1M), tninfo(1M), tnctl(1M), tnchkdb(1M), nss‐
130 witch.conf(4), attributes(5), smf(5)
131 How to Synchronize Kernel Cache With Network Databases in Solaris
134 Trusted Extensions Administrator's Procedures
135
137 The functionality described on this manual page is available only if
138 the system is configured with Trusted Extensions.
139 The tnd service is managed by the service management facility, smf(5),
142 under the service identifier:
143 svc:/network/tnd
145 The service's status can be queried by using svcs(1). Administrative
150 actions on this service, such as requests to restart the daemon, can
151 be performed using svcadm(1M), as in:
152 svcadm restart svc:/network/tnd
154SunOS 5.11 15 May 2008 tnd(1M)