NAME
sfsagent - SFS authentication
agent
SYNOPSIS
sfsagent [-dnkF] -S
sock [-c [prog [arg ...]] | keyname]
DESCRIPTION
sfsagent is the
program users run to authenticate themselves to remote file
servers, to create symbolic links in /sfs on the fly, and to
look for revocation certificates. Many of the features in
sfsagent are controlled by the sfskey program and
described in the sfskey documentation.
Ordinarily, a user runs sfsagent at the start of a
session. sfsagent runs sfskey add to obtain a private
key. As the user touches each SFS file
server for the first time, the agent authenticates the user to the
file server transparently using the private key it has. At the end
of the session, the user should run sfskey kill to kill the
agent.
OPTIONS
- -d
- Stay in the foreground rather than forking
and going into the background
- -n
- Do not attempt to communicate with the
SFS file system. This can be useful for
debugging, or for running an agent on a machine that is not running
an SFS client. If you specify -n, you
must also use the -S option, otherwise your agent will be
useless as there will be no way to communicate with it.
- -k
- Atomically kill and replace any existing
agent. Otherwise, if your agent is already running, sfsagent
will refuse to run again.
- -F
- Turn off forwarding. By default programs
other than the file system can ask the agent to authenticate the
user. Specifying this option disables this functionality.
- -S sock
- Listen for connections from programs like
sfskey on the Unix domain socket sock. Ordinarily
sfskey connects to the agent through the client file system
software, but it can use a named Unix domain socket as well.
- -c [prog [arg ...]]
- By default, sfsagent on startup
runs the command sfskey add giving it whatever -t
option and keyname you specified. This allows you to fetch
your first key as you start or restart the agent. If you wish to
run a different program, you can specify it using -c. You
might, for instance, wish to run a shell-script that executes a
sfskey add followed by several sfskey certprog
commands.
sfsagent runs the program with the environment variable
SFS_AGENTSOCK set to -0 and a
Unix domain socket on standard input. Thus, when atomically killing
and restarting the agent using -k, the commands run by
sfsagent talk to the new agent and not the old.
If you don't wish to run any program at all when starting
sfsagent, simply supply the -c option with no
prog. This will start an new agent that has no private
keys.
SEE ALSO
dirsearch(1),
newaid(1),
rex(1),
sfskey(1),
ssu(1),
(5),
(5),
(5),
(5),
(5),
(5),
(5),
(8),
(8),
(8),
(8),
(8),
(8)
The full documentation for SFS is
maintained as a Texinfo manual. If the info and SFS programs are properly installed at your
site, the command info SFS
should give you access to the complete manual.
For updates, documentation, and software distribution, please
see the SFS website at .
AUTHOR
sfsdev@redlab.lcs.mit.edu