Unix‎ > ‎Solaris‎ > ‎Solaris man pages‎ > ‎1m‎ > ‎


     dcs - domain configuration server

     /usr/lib/dcs  [-s  sessions]  [  [-a  auth]  [-e  encr]  [-u
     esp_auth]  ] [-l]

     The Domain Configuration Server (DCS) is  a  daemon  process
     that  runs on Sun servers that support remote Dynamic Recon-
     figuration (DR)  clients.  It  is  started  by  the  Service
     Management  Facility  (see smf(5)) when the first DR request
     is received from a client connecting to the network  service
     sun-dr.  After  the  DCS  accepts  a DR request, it uses the
     libcfgadm(3LIB) interface to execute the DR operation. After
     the  operation is performed, the results are returned to the

     The DCS listens on the network service labeled  sun-dr.  Its
     underlying  protocol  is TCP. It is invoked as a server pro-
     gram by the SMF using the TCP transport. The  fault  manage-
     ment resource identifier (FMRI) for DCS is:


     If you disable this service, DR operations initiated from  a
     remote host fail. There is no negative impact on the server.

     Security for the  DCS  connection  is  provided  differently
     based upon the architecture of the system. The SMF specifies
     the correct options when invoking the DCS daemon, based upon
     the current architecture. For all architectures, security is
     provided on a per-connection basis.

     The DCS daemon has no security options that  are  applicable
     when  used on a Sun Enterprise 10000 system. So there are no
     options applicable to that architecture.

     The security options for Sun Fire high-end systems are based
     on  IPsec  options  defined as SMF properties. These options
     include the -a auth, -e encr, and -u esp_auth  options,  and
     can  be set using the svccfg(1M) command. These options must
     match the IPsec policies defined for DCS on the system  con-
     troller. Refer to the kmd(1M) man page in the System Manage-
     ment Services (SMS) Reference Manual. The kmd(1M)  man  page
     is not part of the SunOS man page collection.

     Security on SPARC Enterprise Servers  is  not  configurable.
     The DCS daemon uses a platform-specific library to configure
     its security options when running on such  systems.  The  -l
     option  is  provided by the SMF when invoking the DCS daemon
     on SPARC Enterprise Servers. No other  security  options  to
     the DCS daemon should be used on SPARC Enterprise Servers.

     The following options are supported:

     -a auth

         Controls the IPsec Authentication Header (AH) algorithm.
         auth can be one of none, md5, or sha1.

     -e encr

         Controls the IPsec Encapsulating Security Payload  (ESP)
         encryption  algorithm.  encr can be one of none, des, or


         Enables the use of platform-specific security options on
         SPARC Enterprise Servers.

     -s sessions

         Sets the number of active sessions that the  DCS  allows
         at  any  one  time.  When  the limit is reached, the DCS
         stops accepting connections until active  sessions  com-
         plete  the  execution  of  their  DR  operation. If this
         option is not specified, a default value of 128 is used.

     -u esp_auth

         Controls the IPsec Encapsulating Security Payload  (ESP)
         authentication  algorithm.  esp_auth can be one of none,
         md5, or sha1.

     Example 1: Setting an IPSec Option

     The following command sets the Authentication  Header  algo-
     rithm  for the DCS daemon to use the HMAC-MD5 authentication
     algorithm. These settings are only applicable for using  the
     DCS daemon on a Sun Fire high-end system.
     # svccfg -s svc:/platform/sun4u/dcs setprop dcs/ah_auth = "md5"
     # svccfg -s svc:/platform/sun4u/dcs setprop dcs/esp_encr = "none"
     # svccfg -s svc:/platform/sun4u/dcs setprop dcs/esp_auth = "none"
     # svcadm refresh svc:/platform/sun4u/dcs

     The DCS uses syslog(3C) to report status and error messages.
     All of the messages are logged with the LOG_DAEMON facility.
     Error messages are logged with the  LOG_ERR  and  LOG_NOTICE
     priorities,  and  informational messages are logged with the
     LOG_INFO   priority.   The   default    entries    in    the
     /etc/syslog.conf  file  log all of the DCS error messages to
     the /var/adm/messages log.

     See attributes(5) for descriptions of the  following  attri-

    |       ATTRIBUTE TYPE        |       ATTRIBUTE VALUE       |
    | Availability                | SUNWdcsu, SUNWdcsr          |
    | Interface Stability         | Evolving                    |

     svcs(1), cfgadm_sbd(1M), svcadm(1M), svccfg(1M), syslog(3C),
     config_admin(3CFGADM),    libcfgadm(3LIB),   syslog.conf(4),
     attributes(5), smf(5), dr(7D)

     The dcs service is managed by the service management  facil-
     ity,  smf(5), under the fault management resource identifier


     Administrative actions on this service,  such  as  enabling,
     disabling,  or  requesting  restart,  can be performed using
     svcadm(1M). The service's status can be  queried  using  the
     svcs(1) command.

Man pages from Solaris 10 Update 8. See docs.sun.com and www.oracle.com for further documentation and Solaris information.