]> git.proxmox.com Git - swtpm.git/blame - man/man8/swtpm_setup.conf.pod
projects / swtpm.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
swtpm_setup: Implement option --create-config-files to create config files
[swtpm.git] / man / man8 / swtpm_setup.conf.pod
CommitLineData
e46a2b66
SB		 1=head1 NAME
2
5311e60e 3swtpm_setup.conf - Configuration file for swtpm_setup
e46a2b66
SB		 4
5=head1 DESCRIPTION
6
7The file I</etc/swtpm_setup.conf> contains configuration information for
4cd9390b 8swtpm_setup. It must only contain
2bc601bb 9one configuration keyword per line, followed by an equals sign (=) and then
e46a2b66
SB		 10followed by appropriate configuration information. A comment at the
11end of the line may be introduced by a hash (#) sign.
12
4cd9390b
SB		 13Users may write their own configuration into
14I<${XDG_CONFIG_HOME}/swtpm_setup.conf> or if XDG_CONFIG_HOME
15is not set it may be in I<${HOME}/.config/swtpm_setup.conf>.
16
e46a2b66
SB		 17The following keywords are recognized:
18
19=over 4
20
21=item B<create_certs_tool>
22
2bc601bb 23This keyword is to be followed by the name of an executable or executable
e46a2b66
SB		 24script used for creating various TPM certificates. The tool will be
25called with the following options
26
27=over 4
28
29=item B<--type type>
30
31This parameter indicates the type of certificate to create. The type parameter may
32be one of the following: I<ek>, or I<platform>
33
34=item B<--dir dir>
35
36This parameter indicates the directory into which the certificate is to be stored.
37It is expected that the EK certificate is stored in this directory under the name
38ek.cert and the platform certificate under the name platform.cert.
39
40=item B<--ek ek>
41
42This parameter indicates the modulus of the public key of the endorsement key
43(EK). The public key is provided as a sequence of ASCII hex digits.
44
45=item B<--vmid ID>
46
47This parameter indicates the ID of the VM for which to create the certificate.
48
49=item B<--logfile <logfile>>
50
51The log file to log output to; by default logging goes to stdout and stderr
52on the console.
53
54=item B<--configfile <configuration file>>
55
56The configuration file to use. This file typically contains configuration
57information for the invoked program. If omitted, the program must use
58its default configuration file.
59
60=item B<--optsfile <options file>>
61
62The options file to use. This file typically contains options that the
63invoked program uses. If omitted, the program must use its default
64options file.
65
e2951df7
SB		 66=item B<--tpm-spec-family <family>>, B<--tpm-spec-level <level>>, B<--tpm-spec-revision <revision>>
67
68These 3 options describe the TPM specification that was followed for
69the implementation of the TPM and will be part of the EK certificate.
70
15226ad9
SB		 71=item B<--tpm2>
72
73This option is passed in case a TPM 2 compliant certificate needs to be
74created.
75
e46a2b66
SB		 76=back
77
78=item B<create_certs_tool_config>
79
80This keyword is to be followed by the name of a configuration file
81that will be passed to the invoked program using the --configfile
82option described above. If omitted, the invoked program will use
83the default configuration file.
84
85=item B<create_certs_tool_options>
86
87This keyword is to be followed by the name of an options file
88that will be passed to the invoked program using the --optsfile
89option described above. If omitted, the invoked program will use
90the default options file.
91
92=back
93
94=head1 SEE ALSO
95
96B<swtpm_setup>
97
98=head1 REPORTING BUGS
99
100Report bugs to Stefan Berger <stefanb@linux.vnet.ibm.com>
Software TPM used for PVE's Virtual Machines