dced(1m) Open Software Foundation dced(1m)
NAME [Toc] [Back]
dced - DCE Host daemon
SYNOPSIS [Toc] [Back]
dced [-ifhr] [-w route] [-t Interval] [-b|-p|-s] [-e|prot_seq...]
rpcd [-f] [-t Interval] [prot_seq...]
OPTIONS [Toc] [Back]
-h Prints the dced usage and exits.
-i Initializes the dced databases and ACLs and exits. If the
databases exist, this option displays an error. See the
list of databases in the FILES section.
-b Starts dced in bootstrap mode with the endpoint mapper
service and ACLs. This mode means it may need to wait for
other daemons such as secd and cdsd before it can perform
its own initialization.
-c Starts dced so it does not require DCE privacy encryption
for remote key table management. The default is to use DCE
privacy encryption. DCE Privacy encryption is supported
only by the Domestic (United States and Canada) versions of
the DCE library and dced. If the Export version of dced is
run without -c, then remote key table management is in
effect disabled; if the Export dced is run with -c, then
remote key table management is enabled. However, running
either version of dced with -c is insecure and not
recommended, because remote key table management without
privacy encryption allows an eavesdropper to learn the
long-term key of a service principal and thus to compromise
the security of services running as that principal.
-e Starts dced without the endpoint mapper service. No
protocol sequences are valid for this option.
-f Starts the dced or rpcd process in the foreground. The
default is to run in the background.
-p Purges the existing machine context and removes the bindings
file before starting.
-r Starts dced in remote-update mode. This mode allows DCE
cell administration tasks to be performed by an
administrator on a remote machine. By default, dced prevents
any remote administration to help prevent attacks by a
malicious administrators.
Hewlett-Packard Company - 1 OSF DCE 1.1/HP DCE 1.8 PHSS_26394-96
dced(1m) Open Software Foundation dced(1m)
-s Starts dced without the security validation service.
-t Sets time interval between successive execution of endpoint
scavenger.
-w Sets the routing for serviceability.
ARGUMENTS [Toc] [Back]
route Establishes the serviceability routing for dced's messages.
prot_seq Specifies the RPC protocol sequences that dced or rpcd will
use. Possible values include ncadg_ip_udp (for a datagram
protocol) and ncacn_ip_tcp (for a connection-based
protocol). A complete list of the protocol sequences
recognized can be found in dce/ep.idl.
Interval Time interval (greater than zero) in minutes between
successive endpoint scavenger operation.Default time
interval is 30 minutes.
DESCRIPTION [Toc] [Back]
The DCE Host daemon is a process that provides services for the local
host, and is also the server used by remote applications to access
these host services.
The daemon can be invoked either as dced or as rpcd. When invoked as
dced, it provides by default all of the services described below, and
it requires that the local host be configured into a DCE cell. When
invoked as rpcd, it provides only the Endpoint Mapper and Local
Location Broker services that were provided by rpcd in earlier
versions of DCE; The rpcd mode does not require that the host be
configured into a DCE cell, so this is a simple alternative for hosts
that run Networking Computing System (NCS) applications or DCE RPConly
applications.
The DCE Host daemon services include the following:
Endpoint Mapper
The endpoint mapper service maintains a database called the
local endpoint map which allows DCE clients to find servers,
individual services provided by servers, and objects managed
by services on the host. The endpoint mapper service maps
interfaces, object UUIDs, and protocol sequence
registrations to server ports (endpoints). Servers register
their bindings with the local endpoint mapper, and the
endpoint mapper service on each host uses the local endpoint
map to locate a compatible server for clients that do not
already know the endpoint of a compatible server.
Hewlett-Packard Company - 2 OSF DCE 1.1/HP DCE 1.8 PHSS_26394-96
dced(1m) Open Software Foundation dced(1m)
Local Location Broker
The local location broker service maintains a database
called the LLB database, which allows NCS clients to find
NCS servers on the host. This service was provided by rpcd
in earlier versions of DCE and by llbd in NCS.
Host Data Management
The host data management service maintains local files of
host data that include (among others) the host_name,
cell_name, cell_aliases, and a post_processors file. The
post_processors file contains program names matched with the
other host data items (UUIDs). The dced runs the program if
the corresponding host data item is changed. There may also
be host-specific data files.
Server Management
The server management service maintains data that describes
the startup configuration (srvrconf) and execution state
(srvrexec) for each server. It also has the functionality to
start or stop particular servers, and enable or disable
specific services of servers.
Security Validation
The security validation service acts as the client side of
the security server by assuring applications that the DCE
Security daemon (secd) that the host is using is legitimate.
In addition, this service performs a DCE login for the local
machine principal when dced is invoked, and it automatically
updates the local machine principal's keys.
Key Table Management
The key table management service allows for remote
maintenance of server's key tables (keytab files).
The DCE Host daemon must be running before any other DCE-based servers
are started. Each DCE host must run only a single dced, and it must
run with root privileges since it typically listens on privileged or
reserved network ports. Typically, dced starts each time a host
boots. (A file called /etc/rc.dce is responsible for configuration
issues such as deleting the endpoint map database and starting dced.)
By default, the DCE Host daemon listens on one well-known port for
each RPC protocol sequence (that is, each combination of an RPC
protocol and a transport protocol) supported by the host on which it
is running. A prot_seq argument lets you limit the protocol sequences
on which dced listens.
FILES [Toc] [Back]
dcelocal/var/dced/Ep.db dcelocal/dce_cf.db
dcelocal/var/dced/Llb.db dcelocal/var/dced/cell_aliases
Hewlett-Packard Company - 3 OSF DCE 1.1/HP DCE 1.8 PHSS_26394-96
dced(1m) Open Software Foundation dced(1m)
dcelocal/var/dced/Hostdata.db dcelocal/var/dced/cell_name
dcelocal/var/dced/Srvrconf.db dcelocal/var/dced/host_name
dcelocal/var/dced/Srvrexec.db dcelocal/var/dced/post_processes
dcelocal/var/dced/Keytab.db dcelocal/bin/dcecf_postproc
dcelocal/var/dced/Acl.db /krb5/v5srvtab
dcelocal/var/dced/Xattrschema.db
RELATED INFORMATION [Toc] [Back]
Commands: hostdata(1m), endpoint(1m), server(1m), secval(1m),
keytab(1m), attribute(1m)
Library calls: dce_server*(3), dced_*(3), rpc_mgmt_ep*(3)
Books:
Hewlett-Packard Company - 4 -�OSF DCE 1.1/HP DCE 1.8 PHSS_26394-96 [ Back ] |
