SFS maps file system requests to particular sfsagent processes using the notion of agent ID, or aid. Every process has a 64-bit aid associated with it. Ordinarily, a process's aid is simply its 32-bit user ID. Thus, when a user runs sfsagent, both the agent and all of the users' processes have the same aid.

To allow different processes owned by the same user to have different agents, a system administrator can reserve a range of group IDs for the purpose of flagging different aids. See the ResvGids directive described in the sfs_config man page for a description of how to do this.

(Note that after changing ResvGids, you must kill and restart sfscd for things to work properly.) If the range of reserved group IDs is min..max, and the @emph{first} element of a process's grouplist, g0 is at least min and not more than max, then a process's aid is computed as ((g0 - min + 1) << 32) | uid). The newaid command therefore lets people insert any of the reserved group IDs at the start of a process's group list.

For root-owned processes, it is also possible for processes to be associated with a non-root agent. In this case, the reserved sfs-group (as a marker) and target user's uid are actually placed in the process's grouplist, as well as any reserved group ID to select amongst multiple agents of the same user. After making appropriate changes to its user ID and/or grouplists, newaid executes the program specified on the command line. If no program is specified, the program specified by the environment variable SHELL is used by default.

-l

Run the command as a login shell. This argument simply prepends a - character to argv[0] when executing program. Command shells interpret this to mean that they are being being run a login shells, and usually exhibit slightly different behavior. (For example csh will execute the commands in a user's .login file.)

-u uid

For root-owned process, specifies that the program should be run as root, but should be associated with the non-root agent of user uid.

-U uid

When newaid is invoked by a root-owned processes, this option sets the real uid to uid to run program, instead of running it with uid 0. This is in itself is not sufficient to ``drop privileges.'' In particular, newaid still does not make any changes to the process gid or grouplist, beyond manipulating aid-specific groups. Since many root-owned processes also have privileged groups in their grouplist, it is in general insecure to use -U unless you set the both the gid and the whole grouplist to something sensible (i.e., appropriately unprivileged) before invoking newaid.

This option is mostly of use for login-like programs that wish to create a session with a new aid, and do not wish to make the setuid system call themselves for fear the the operating system's ptrace system call is broken and would create s security hole.

-g gid

-G

By default newaid simply picks the first aid under which no agent is yet running. The -g option explicitly specifies that gid should be added to the start of the process's group list (and any previous reserved gid should be removed). -G says to remove any reserved gid, so that the aid of the resulting process will just be the user's uid.

-C dir

Changes directory to dir before running program.