From owner-freebsd-users-jp@freebsd.org  Mon May 24 05:00:09 2021
Return-Path: <owner-freebsd-users-jp@freebsd.org>
Delivered-To: freebsd-users-jp@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 1FBD8655716
 for <freebsd-users-jp@mailman.nyi.freebsd.org>;
 Mon, 24 May 2021 05:00:09 +0000 (UTC) (envelope-from paseri@fmp.to)
Received: from www3342.sakura.ne.jp (www3342.sakura.ne.jp [49.212.235.52])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 4FpQ4l5q8cz3q3F
 for <freebsd-users-jp@freebsd.org>; Mon, 24 May 2021 05:00:07 +0000 (UTC)
 (envelope-from paseri@fmp.to)
Received: from fsav401.sakura.ne.jp (fsav401.sakura.ne.jp [133.242.250.100])
 by www3342.sakura.ne.jp (8.15.2/8.15.2) with ESMTP id 14O4xw5b093325
 for <freebsd-users-jp@freebsd.org>; Mon, 24 May 2021 13:59:58 +0900 (JST)
 (envelope-from paseri@fmp.to)
Received: from www3342.sakura.ne.jp (49.212.235.52)
 by fsav401.sakura.ne.jp (F-Secure/fsigk_smtp/550/fsav401.sakura.ne.jp);
 Mon, 24 May 2021 13:59:58 +0900 (JST)
X-Virus-Status: clean(F-Secure/fsigk_smtp/550/fsav401.sakura.ne.jp)
Received: from [IPv6:2001:470:fd7a:a011:dcd5:8245:3ad3:51d3]
 ([IPv6:2001:470:fd7a:a011:dcd5:8245:3ad3:51d3])
 (authenticated bits=0)
 by www3342.sakura.ne.jp (8.15.2/8.15.2) with ESMTPSA id 14O4xv4j093322
 (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NO)
 for <freebsd-users-jp@freebsd.org>; Mon, 24 May 2021 13:59:57 +0900 (JST)
 (envelope-from paseri@fmp.to)
To: freebsd-users-jp@freebsd.org
From: Paseri <paseri@fmp.to>
Message-ID: <a0b73406-5dd0-e28b-4538-1550b7468440@fmp.to>
Date: Mon, 24 May 2021 13:59:57 +0900
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101
 Thunderbird/78.10.2
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-2022-jp; format=flowed; delsp=yes
Content-Language: en-US
Content-Transfer-Encoding: 8bit
X-Rspamd-Queue-Id: 4FpQ4l5q8cz3q3F
X-Spamd-Bar: -
Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none;
 spf=pass (mx1.freebsd.org: domain of paseri@fmp.to designates 49.212.235.52 as
 permitted sender) smtp.mailfrom=paseri@fmp.to
X-Spamd-Result: default: False [-1.30 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[];
 ARC_NA(0.00)[]; MID_RHS_MATCH_FROM(0.00)[];
 FROM_HAS_DN(0.00)[];
 RBL_DBL_DONT_QUERY_IPS(0.00)[49.212.235.52:from];
 TO_MATCH_ENVRCPT_ALL(0.00)[];
 R_SPF_ALLOW(-0.20)[+ip4:49.212.235.52];
 MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[];
 PREVIOUSLY_DELIVERED(0.00)[freebsd-users-jp@freebsd.org];
 RCPT_COUNT_ONE(0.00)[1];
 SPAMHAUS_ZRD(0.00)[49.212.235.52:from:127.0.2.255];
 RCVD_COUNT_THREE(0.00)[4]; DMARC_NA(0.00)[fmp.to];
 NEURAL_SPAM_SHORT(1.00)[1.000]; NEURAL_HAM_LONG(-1.00)[-1.000];
 NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FROM_EQ_ENVFROM(0.00)[];
 R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+];
 ASN(0.00)[asn:9371, ipnet:49.212.0.0/16, country:JP];
 RCVD_TLS_LAST(0.00)[]; MAILMAN_DEST(0.00)[freebsd-users-jp]
Subject: [FreeBSD-users-jp 96807] 
 =?utf-8?b?c2VjdXJpdHkvdHJvdXNlcnMg44GM6LW35YuV44GX44Gq44GE?=
X-BeenThere: freebsd-users-jp@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Discussion relevant to FreeBSD communities in Japan
 <freebsd-users-jp.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-users-jp>, 
 <mailto:freebsd-users-jp-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-users-jp/>
List-Post: <mailto:freebsd-users-jp@freebsd.org>
List-Help: <mailto:freebsd-users-jp-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-users-jp>, 
 <mailto:freebsd-users-jp-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 24 May 2021 05:00:09 -0000

たけふ＠大阪豊中です

send-pr する程でも無さげなので、ML に投げときます。

tpm の実験する為にと思い security/trousers を 13.0-RELEASE amd64 上でインスコしたのですが、
/usr/local/etc/tcsd.conf ファイルのユーザーが違うと云われてデーモンが起動しようとしませんでした。
アドホック的な対応で起動するようになりましたので、
trousers-0.3.15 が ports になる迄はこれで実験出来そうな気がしています。

<ぼそ>まだ、/dev/tpm の使い方が理解して無いのは内緒</ぼそ>

以下に試した結果とアドホック的解決法を書いています。
# service tcsd start
Starting tcsd.
/usr/local/etc/rc.d/tcsd: WARNING: failed to start tcsd
# /usr/local/sbin/tcsd -f
TCSD ERROR: TCSD config file (/usr/local/etc/tcsd.conf) must be user/group root/_tss
↑ここでやる気を失う

# sysrc tcsd_enable
tcsd_enable: YES
# sysrc tcsd_mode
sysrc: unknown variable 'tcsd_mode'
# sysrc tpmd_enable
sysrc: unknown variable 'tpmd_enable'
↑tcsd の設定だけ有効にしている

# ls -al /usr/local/etc/tcsd.conf*
-rw-------  1 _tss  _tss  7031 May 24 13:03 /usr/local/etc/tcsd.conf
-rw-------  1 _tss  _tss  7031 May 24 13:03 /usr/local/etc/tcsd.conf.sample
↑インスコ直後のパーミッションとオーナー

# sed -i.bak -e 's|0600|0640|' /usr/local/etc/rc.d/tcsd
↑アドホック的書換 :-p

# service tcsd start
Starting tcsd.

テスト環境
# uname -v
FreeBSD 13.0-RELEASE #0 releng/13.0-n244733-ea31abc261f: Fri Apr  9 04:24:09 UTC 2021     root@releng1.nyi.freebsd.org:/usr/obj/usr/src/amd64.amd64/sys/GENERIC
# freebsd-version -ku
13.0-RELEASE
13.0-RELEASE

最後に。
ソースには 0640 決め打ちの箇所が二か所ほど出てくるので、その辺りをなぶって見ると良いのかもしれませんね。
> dist/Makefile.am:       /bin/chmod 0640 ${DESTDIR}/@sysconfdir@/tcsd.conf
> src/tcsd/tcsd_conf.c:           LogError("TCSD config file (%s) must be mode 0640", tcsd_config_file);

それでは。

--