Партнёры:
Хостинг:
dcs - domain configuration server
/usr/lib/dcs [-s sessions]
[ [-a auth] [-e encr] [-u esp_auth] ] [-l]
The Domain Configuration Server (DCS) is a daemon process that runs on Sun servers that support remote Dynamic Reconfiguration (DR) clients. It is started by the Service Management Facility (see smf(5)) when the first DR request is received from a client connecting to the network service sun-dr. After the DCS accepts a DR request, it uses the libcfgadm(3LIB) interface to execute the DR operation. After the operation is performed, the results are returned to the client.
The DCS listens on the network service labeled sun-dr. Its underlying protocol is TCP. It is invoked as a server program by the SMF using the TCP transport. The fault management resource identifier (FMRI) for DCS is:
svc:/platform/sun4u/dcs:default
If you disable this service, DR operations initiated from a remote host fail. There is no negative impact on the server.
Security for the DCS connection is provided differently based upon the architecture of the system. The SMF specifies the correct options when invoking the DCS daemon, based upon the current architecture. For all architectures, security is provided on a per-connection basis.
The DCS daemon has no security options that are applicable when used on a Sun Enterprise 10000 system. So there are no options applicable to that architecture.
The security options for Sun Fire high-end systems are based on IPsec options defined as SMF properties. These options include the -a auth, -e encr, and -u esp_auth options, and can be set using the svccfg(1M) command. These options must match the IPsec policies defined for DCS on the system controller. Refer to the kmd(1M) man page in the System Management Services (SMS) Reference Manual. The kmd(1M) man page is not part of the SunOS man page collection.
Security on SPARC Enterprise Servers is not configurable. The DCS daemon uses a platform-specific library to configure its security options when running on such systems. The -l option is provided by the SMF when invoking the DCS daemon on SPARC Enterprise Servers. No other security options to the DCS daemon should be used on SPARC Enterprise Servers.
The following options are supported:
-a auth
-e encr
-l
-s sessions
-u esp_auth
Example 1 Setting an IPSec Option
The following command sets the Authentication Header algorithm for the DCS daemon to use the HMAC-MD5 authentication algorithm. These settings are only applicable for using the DCS daemon on a Sun Fire high-end system.
# svccfg -s svc:/platform/sun4u/dcs setprop dcs/ah_auth = "md5" # svccfg -s svc:/platform/sun4u/dcs setprop dcs/esp_encr = "none" # svccfg -s svc:/platform/sun4u/dcs setprop dcs/esp_auth = "none" # svcadm refresh svc:/platform/sun4u/dcs
The DCS uses syslog(3C) to report status and error messages. All of the messages are logged with the LOG_DAEMON facility. Error messages are logged with the LOG_ERR and LOG_NOTICE priorities, and informational messages are logged with the LOG_INFO priority. The default entries in the /etc/syslog.conf file log all of the DCS error messages to the /var/adm/messages log.
See attributes(5) for descriptions of the following attributes:
| |||||||||
svcs(1), cfgadm_sbd(1M), svcadm(1M), svccfg(1M), syslog(3C), config_admin(3CFGADM), libcfgadm(3LIB), syslog.conf(4), attributes(5), smf(5), dr(7D)
The dcs service is managed by the service management facility, smf(5), under the fault management resource identifier (FMRI):
svc:/platform/sun4u/dcs:default
Administrative actions on this service, such as enabling, disabling, or requesting restart, can be performed using svcadm(1M). The service's status can be queried using the svcs(1) command.
|
Закладки на сайте Проследить за страницей |
Created 1996-2024 by Maxim Chirkov Добавить, Поддержать, Вебмастеру |