dced(1m)dced(1m)NAMEdced - DCE Host daemon
SYNOPSISdced [-ifhr] [-w route] [-t Interval] [-b|-p|-s] [-e|prot_seq...]
rpcd [-f] [-t Interval] [prot_seq...]
OPTIONS
Prints the dced usage and exits. Initializes the dced databases and
ACLs and exits. If the databases exist, this option displays an error.
See the list of databases in the FILES section. Starts dced in boot‐
strap mode with the endpoint mapper service and ACLs. This mode means
it may need to wait for other daemons such as secd and cdsd before it
can perform its own initialization. Starts dced so it does not require
DCE privacy encryption for remote key table management. The default is
to use DCE privacy encryption. DCE Privacy encryption is supported
only by the Domestic (United States and Canada) versions of the DCE
library and dced. If the Export version of dced is run without -c,
then remote key table management is in effect disabled; if the Export
dced is run with -c, then remote key table management is enabled. How‐
ever, running either version of dced with -c is insecure and not recom‐
mended, because remote key table management without privacy encryption
allows an eavesdropper to learn the long-term key of a service princi‐
pal and thus to compromise the security of services running as that
principal. Starts dced without the endpoint mapper service. No proto‐
col sequences are valid for this option. Starts the dced or rpcd
process in the foreground. The default is to run in the background.
Purges the existing machine context and removes the bindings file
before starting. Starts dced in remote-update mode. This mode allows
DCE cell administration tasks to be performed by an administrator on a
remote machine. By default, dced prevents any remote administration to
help prevent attacks by a malicious administrators. Starts dced with‐
out the security validation service. Sets time interval between suc‐
cessive execution of endpoint scavenger. Changes the permissions of
the error, warning, fatal logfiles in the /var/opt/dce/svc directory
from 0644 to 0666. This also changes the permissions of
/var/opt/dce/svc directory from 0744 to 0777. Sets the routing for
serviceability.
ARGUMENTS
Establishes the serviceability routing for dced's messages. Specifies
the RPC protocol sequences that dced or rpcd will use. Possible values
include ncadg_ip_udp (for a datagram protocol) and ncacn_ip_tcp (for a
connection-based protocol). A complete list of the protocol sequences
recognized can be found in dce/ep.idl. Time interval (greater than
zero) in minutes between successive endpoint scavenger opera‐
tion.Default time interval is 30 minutes.
DESCRIPTION
The DCE Host daemon is a process that provides services for the local
host, and is also the server used by remote applications to access
these host services.
The daemon can be invoked either as dced or as rpcd. When invoked as
dced, it provides by default all of the services described below, and
it requires that the local host be configured into a DCE cell. When
invoked as rpcd, it provides only the Endpoint Mapper and Local Loca‐
tion Broker services that were provided by rpcd in earlier versions of
DCE; The rpcd mode does not require that the host be configured into a
DCE cell, so this is a simple alternative for hosts that run Networking
Computing System (NCS) applications or DCE RPC-only applications.
The DCE Host daemon services include the following: The endpoint mapper
service maintains a database called the local endpoint map which allows
DCE clients to find servers, individual services provided by servers,
and objects managed by services on the host. The endpoint mapper ser‐
vice maps interfaces, object UUIDs, and protocol sequence registrations
to server ports (endpoints). Servers register their bindings with the
local endpoint mapper, and the endpoint mapper service on each host
uses the local endpoint map to locate a compatible server for clients
that do not already know the endpoint of a compatible server. The
local location broker service maintains a database called the LLB data‐
base, which allows NCS clients to find NCS servers on the host. This
service was provided by rpcd in earlier versions of DCE and by llbd in
NCS. The host data management service maintains local files of host
data that include (among others) the host_name, cell_name,
cell_aliases, and a post_processors file. The post_processors file
contains program names matched with the other host data items (UUIDs).
The dced runs the program if the corresponding host data item is
changed. There may also be host-specific data files. The server man‐
agement service maintains data that describes the startup configuration
(srvrconf) and execution state (srvrexec) for each server. It also has
the functionality to start or stop particular servers, and enable or
disable specific services of servers. The security validation service
acts as the client side of the security server by assuring applications
that the DCE Security daemon (secd) that the host is using is legiti‐
mate. In addition, this service performs a DCE login for the local
machine principal when dced is invoked, and it automatically updates
the local machine principal's keys. The key table management service
allows for remote maintenance of server's key tables (keytab files).
The DCE Host daemon must be running before any other DCE-based servers
are started. Each DCE host must run only a single dced, and it must run
with root privileges since it typically listens on privileged or
reserved network ports. Typically, dced starts each time a host boots.
(A file called /etc/rc.dce is responsible for configuration issues such
as deleting the endpoint map database and starting dced.)
By default, the DCE Host daemon listens on one well-known port for each
RPC protocol sequence (that is, each combination of an RPC protocol and
a transport protocol) supported by the host on which it is running. A
prot_seq argument lets you limit the protocol sequences on which dced
listens.
FILES
dcelocal/var/dced/Ep.db dcelocal/dce_cf.db
dcelocal/var/dced/Llb.db dcelocal/var/dced/cell_aliases
dcelocal/var/dced/Hostdata.db dcelocal/var/dced/cell_name
dcelocal/var/dced/Srvrconf.db dcelocal/var/dced/host_name
dcelocal/var/dced/Srvrexec.db dcelocal/var/dced/post_processes
dcelocal/var/dced/Keytab.db dcelocal/bin/dcecf_postproc
dcelocal/var/dced/Acl.db /krb5/v5srvtab
dcelocal/var/dced/Xattrschema.db
RELATED INFORMATION
Commands: hostdata(1m), endpoint(1m), server(1m), secval(1m),
keytab(1m), attribute(1m)
Library calls: dce_server*(3), dced_*(3), rpc_mgmt_ep*(3)
Books:
dced(1m)