man/man8/swtpm_setup.conf.pod

   1 =head1 NAME
   2
   3 swtpm_setup.conf - Configuration file for swtpm_setup
   4
   5 =head1 DESCRIPTION
   6
   7 The file I</etc/swtpm_setup.conf> contains configuration information for
   8 the swtpm_setup and swtpm_setup.sh programs. It must only contain
   9 one configuration keyword per line, followed by an equals sign (=) and then
  10 followed by appropriate configuration information. A comment at the
  11 end of the line may be introduced by a hash (#) sign.
  12
  13 The following keywords are recognized:
  14
  15 =over 4
  16
  17 =item B<create_certs_tool>
  18
  19 This keyword is to be followed by the name of an executable or executable
  20 script used for creating various TPM certificates. The tool will be
  21 called with the following options
  22
  23 =over 4
  24
  25 =item B<--type type>
  26
  27 This parameter indicates the type of certificate to create. The type parameter may
  28 be one of the following: I<ek>, or I<platform>
  29
  30 =item B<--dir dir>
  31
  32 This parameter indicates the directory into which the certificate is to be stored.
  33 It is expected that the EK certificate is stored in this directory under the name
  34 ek.cert and the platform certificate under the name platform.cert.
  35
  36 =item B<--ek ek>
  37
  38 This parameter indicates the modulus of the public key of the endorsement key
  39 (EK). The public key is provided as a sequence of ASCII hex digits.
  40
  41 =item B<--vmid ID>
  42
  43 This parameter indicates the ID of the VM for which to create the certificate.
  44
  45 =item B<--logfile <logfile>>
  46
  47 The log file to log output to; by default logging goes to stdout and stderr
  48 on the console.
  49
  50 =item B<--configfile <configuration file>>
  51
  52 The configuration file to use. This file typically contains configuration
  53 information for the invoked program. If omitted, the program must use
  54 its default configuration file.
  55
  56 =item B<--optsfile <options file>>
  57
  58 The options file to use. This file typically contains options that the
  59 invoked program uses. If omitted, the program must use its default
  60 options file.
  61
  62 =item B<--tpm-spec-family <family>>, B<--tpm-spec-level <level>>, B<--tpm-spec-revision <revision>>
  63
  64 These 3 options describe the TPM specification that was followed for
  65 the implementation of the TPM and will be part of the EK certificate.
  66
  67 =item B<--tpm2>
  68
  69 This option is passed in case a TPM 2 compliant certificate needs to be
  70 created.
  71
  72 =back
  73
  74 =item B<create_certs_tool_config>
  75
  76 This keyword is to be followed by the name of a configuration file
  77 that will be passed to the invoked program using the --configfile
  78 option described above. If omitted, the invoked program will use
  79 the default configuration file.
  80
  81 =item B<create_certs_tool_options>
  82
  83 This keyword is to be followed by the name of an options file
  84 that will be passed to the invoked program using the --optsfile
  85 option described above. If omitted, the invoked program will use
  86 the default options file.
  87
  88 =back
  89
  90 =head1 SEE ALSO
  91
  92 B<swtpm_setup>
  93
  94 =head1 REPORTING BUGS
  95
  96 Report bugs to Stefan Berger <stefanb@linux.vnet.ibm.com>