MyWebUniversity.com Home Page
 



OpenSolaris man pages main menu 


System Administration Commands                            dcs(1M)



NAME
     dcs - domain configuration server

SYNOPSIS
     /usr/lib/dcs [-s sessions]
          [ [-a auth] [-e encr] [-u espauth] ] [-l]


DESCRIPTION
     The Domain Configuration Server (DCS) is  a  daemon  process
     that  runs on Sun servers that support remote Dynamic Recon-
     figuration (DR)  clients.  It  is  started  by  the  Service
     Management  Facility  (see smf(5)) when the first DR request
     is received from a client connecting to the network  service
     sun-dr.  After  the  DCS  accepts  a DR request, it uses the
     libcfgadm(3LIB) interface to execute the DR operation. After
     the  operation is performed, the results are returned to the
     client.


     The DCS listens on the network service labeled  sun-dr.  Its
     underlying  protocol  is TCP. It is invoked as a server pro-
     gram by the SMF using the TCP transport. The  fault  manage-
     ment resource identifier (FMRI) for DCS is:

       svc:/platform/sun4u/dcs:default




     If you disable this service, DR operations initiated from  a
     remote host fail. There is no negative impact on the server.


     Security for the  DCS  connection  is  provided  differently
     based upon the architecture of the system. The SMF specifies
     the correct options when invoking the DCS daemon, based upon
     the current architecture. For all architectures, security is
     provided on a per-connection basis.


     The DCS daemon has no security options that  are  applicable
     when  used on a Sun Enterprise 10000 system. So there are no
     options applicable to that architecture.


     The security options for Sun Fire high-end systems are based
     on  IPsec  options  defined as SMF properties. These options
     include the -a auth, -e encr, and -u espauth  options,  and
     can  be set using the svccfg(1M) command. These options must
     match the IPsec policies defined for DCS on the system  con-
     troller.  Refer  to  the  kmd(1M)  man  page  in  the System



SunOS 5.11          Last change: 25 Apr 2006                    1






System Administration Commands                            dcs(1M)



     Management Services (SMS) Reference Manual. The kmd(1M)  man
     page is not part of the SunOS man page collection.


     Security on SPARC Enterprise Servers  is  not  configurable.
     The DCS daemon uses a platform-specific library to configure
     its security options when running on such  systems.  The  -l
     option  is  provided by the SMF when invoking the DCS daemon
     on SPARC Enterprise Servers. No other  security  options  to
     the DCS daemon should be used on SPARC Enterprise Servers.

OPTIONS
     The following options are supported:

     -a auth        Controls the IPsec Authentication Header (AH)
                    algorithm.  auth  can be one of none, md5, or
                    sha1.


     -e encr        Controls  the  IPsec  Encapsulating  Security
                    Payload  (ESP) encryption algorithm. encr can
                    be one of none, des, or 3des.


     -l             Enables the use of platform-specific security
                    options on SPARC Enterprise Servers.


     -s sessions    Sets the number of active sessions  that  the
                    DCS allows at any one time. When the limit is
                    reached, the DCS stops accepting  connections
                    until  active sessions complete the execution
                    of their DR operation. If this option is  not
                    specified, a default value of 128 is used.


     -u espauth    Controls  the  IPsec  Encapsulating  Security
                    Payload   (ESP)   authentication   algorithm.
                    espauth can be one of none, md5, or sha1.


EXAMPLES
     Example 1 Setting an IPSec Option


     The following command sets the Authentication  Header  algo-
     rithm  for the DCS daemon to use the HMAC-MD5 authentication
     algorithm. These settings are only applicable for using  the
     DCS daemon on a Sun Fire high-end system.


       # svccfg -s svc:/platform/sun4u/dcs setprop dcs/ahauth = "md5"



SunOS 5.11          Last change: 25 Apr 2006                    2






System Administration Commands                            dcs(1M)



       # svccfg -s svc:/platform/sun4u/dcs setprop dcs/espencr = "none"
       # svccfg -s svc:/platform/sun4u/dcs setprop dcs/espauth = "none"
       # svcadm refresh svc:/platform/sun4u/dcs



ERORS
     The DCS uses syslog(3C) to report status and error messages.
     All of the messages are logged with the LOGDAEMON facility.
     Error messages are logged with the  LOGER  and  LOGNOTICE
     priorities,  and  informational messages are logged with the
     LOGINFO   priority.   The   default    entries    in    the
     /etc/syslog.conf  file  log all of the DCS error messages to
     the /var/adm/messages log.

ATRIBUTES
     See attributes(5) for descriptions of the  following  attri-
     butes:



     
           ATRIBUTE TYPE               ATRIBUTE VALUE       
    
     Availability                 SUNWdcsu, SUNWdcsr          
    
     Interface Stability          Evolving                    
    


SEE ALSO
     svcs(1), cfgadmsbd(1M), svcadm(1M), svccfg(1M), syslog(3C),
     configadmin(3CFGADM),    libcfgadm(3LIB),   syslog.conf(4),
     attributes(5), smf(5), dr(7D)

NOTES
     The dcs service is managed by the service management  facil-
     ity,  smf(5), under the fault management resource identifier
     (FMRI):

       svc:/platform/sun4u/dcs:default




     Administrative actions on this service,  such  as  enabling,
     disabling,  or  requesting  restart,  can be performed using
     svcadm(1M). The service's status can be  queried  using  the
     svcs(1) command.






SunOS 5.11          Last change: 25 Apr 2006                    3
OpenSolaris man pages main menu
Contact us      |       About us      |       Term of use      |       Copyright © 2000-2010 MyWebUniversity.com ™