.\" Automatically generated by Pod::Man version 1.15 .\" Fri Dec 20 09:52:45 2002 .\" .\" Standard preamble: .\" ====================================================================== .de Sh \" Subsection heading .br .if t .Sp .ne 5 .PP \fB\\$1\fR .PP .. .de Sp \" Vertical space (when we can't use .PP) .if t .sp .5v .if n .sp .. .de Ip \" List item .br .ie \\n(.$>=3 .ne \\$3 .el .ne 3 .IP "\\$1" \\$2 .. .de Vb \" Begin verbatim text .ft CW .nf .ne \\$1 .. .de Ve \" End verbatim text .ft R .fi .. .\" Set up some character translations and predefined strings. \*(-- will .\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left .\" double quote, and \*(R" will give a right double quote. | will give a .\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used .\" to do unbreakable dashes and therefore won't be available. \*(C` and .\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> .tr \(*W-|\(bv\*(Tr .ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' .ie n \{\ . ds -- \(*W- . ds PI pi . if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch . if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch . ds L" "" . ds R" "" . ds C` "" . ds C' "" 'br\} .el\{\ . ds -- \|\(em\| . ds PI \(*p . ds L" `` . ds R" '' 'br\} .\" .\" If the F register is turned on, we'll generate index entries on stderr .\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and .\" index entries marked with X<> in POD. Of course, you'll have to process .\" the output yourself in some meaningful fashion. .if \nF \{\ . de IX . tm Index:\\$1\t\\n%\t"\\$2" .. . nr % 0 . rr F .\} .\" .\" For nroff, turn off justification. Always turn off hyphenation; it .\" makes way too many mistakes in technical documents. .hy 0 .if n .na .\" .\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). .\" Fear. Run. Save yourself. No user-serviceable parts. .bd B 3 . \" fudge factors for nroff and troff .if n \{\ . ds #H 0 . ds #V .8m . ds #F .3m . ds #[ \f1 . ds #] \fP .\} .if t \{\ . ds #H ((1u-(\\\\n(.fu%2u))*.13m) . ds #V .6m . ds #F 0 . ds #[ \& . ds #] \& .\} . \" simple accents for nroff and troff .if n \{\ . ds ' \& . ds ` \& . ds ^ \& . ds , \& . ds ~ ~ . ds / .\} .if t \{\ . ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" . ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' . ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' . ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' . ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' . ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' .\} . \" troff and (daisy-wheel) nroff accents .ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' .ds 8 \h'\*(#H'\(*b\h'-\*(#H' .ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] .ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' .ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' .ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] .ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] .ds ae a\h'-(\w'a'u*4/10)'e .ds Ae A\h'-(\w'A'u*4/10)'E . \" corrections for vroff .if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' .if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' . \" for low resolution devices (crt and lpr) .if \n(.H>23 .if \n(.V>19 \ \{\ . ds : e . ds 8 ss . ds o a . ds d- d\h'-1'\(ga . ds D- D\h'-1'\(hy . ds th \o'bp' . ds Th \o'LP' . ds ae ae . ds Ae AE .\} .rm #[ #] #H #V #F C .\" ====================================================================== .\" .IX Title "sfsagent 1" .TH sfsagent 1 "SFS 0.7.2" "2002-12-20" "SFS 0.7.2" .UC .SH "NAME" sfsagent \- \s-1SFS\s0 authentication agent .SH "SYNOPSIS" .IX Header "SYNOPSIS" sfsagent [\-dnkF] \-S \fIsock\fR [\-c [\fIprog\fR [\fIarg\fR ...]] | \fIkeyname\fR] .SH "DESCRIPTION" .IX Header "DESCRIPTION" \&\fBsfsagent\fR is the program users run to authenticate themselves to remote file servers, to create symbolic links in \fI/sfs\fR on the fly, and to look for revocation certificates. Many of the features in \&\fBsfsagent\fR are controlled by the \fBsfskey\fR program and described in the \fBsfskey\fR documentation. .PP Ordinarily, a user runs \fBsfsagent\fR at the start of a session. \&\fBsfsagent\fR runs \fBsfskey add\fR to obtain a private key. As the user touches each \s-1SFS\s0 file server for the first time, the agent authenticates the user to the file server transparently using the private key it has. At the end of the session, the user should run \&\fBsfskey kill\fR to kill the agent. .SH "OPTIONS" .IX Header "OPTIONS" .Ip "\-d" 4 .IX Item "-d" Stay in the foreground rather than forking and going into the background .Ip "\-n" 4 .IX Item "-n" Do not attempt to communicate with the \s-1SFS\s0 file system. This can be useful for debugging, or for running an agent on a machine that is not running an \s-1SFS\s0 client. If you specify \fB\-n\fR, you must also use the \fB\-S\fR option, otherwise your agent will be useless as there will be no way to communicate with it. .Ip "\-k" 4 .IX Item "-k" Atomically kill and replace any existing agent. Otherwise, if your agent is already running, \fBsfsagent\fR will refuse to run again. .Ip "\-F" 4 .IX Item "-F" Turn off forwarding. By default programs other than the file system can ask the agent to authenticate the user. Specifying this option disables this functionality. .Ip "\-S \fIsock\fR" 4 .IX Item "-S sock" Listen for connections from programs like \fBsfskey\fR on the Unix domain socket \fIsock\fR. Ordinarily \fBsfskey\fR connects to the agent through the client file system software, but it can use a named Unix domain socket as well. .Ip "\-c [\fIprog\fR [\fIarg\fR ...]]" 4 .IX Item "-c [prog [arg ...]]" By default, \fBsfsagent\fR on startup runs the command \fBsfskey add\fR giving it whatever \fB\-t\fR option and \fIkeyname\fR you specified. This allows you to fetch your first key as you start or restart the agent. If you wish to run a different program, you can specify it using \fB\-c\fR. You might, for instance, wish to run a shell-script that executes a \fBsfskey add\fR followed by several \&\fBsfskey certprog\fR commands. .Sp \&\fBsfsagent\fR runs the program with the environment variable \&\fB\s-1SFS_AGENTSOCK\s0\fR set to \fB\-0\fR and a Unix domain socket on standard input. Thus, when atomically killing and restarting the agent using \fB\-k\fR, the commands run by \fBsfsagent\fR talk to the new agent and not the old. .Sp If you don't wish to run any program at all when starting \&\fBsfsagent\fR, simply supply the \fB\-c\fR option with no \&\fIprog\fR. This will start an new agent that has no private keys. .SH "SEE ALSO" .IX Header "SEE ALSO" \&\fIdirsearch\fR\|(1), \fInewaid\fR\|(1), \fIrex\fR\|(1), \fIsfskey\fR\|(1), \fIssu\fR\|(1), \fIsfs_config\fR\|(5), \fIsfs_srp_params\fR\|(5), \fIsfs_users\fR\|(5), \fIsfsauthd_config\fR\|(5), \fIsfscd_config\fR\|(5), \fIsfsrwsd_config\fR\|(5), \fIsfssd_config\fR\|(5), \fIfunmount\fR\|(8), \fIsfsauthd\fR\|(8), \fIsfscd\fR\|(8), \fIsfsrwsd\fR\|(8), \fIsfssd\fR\|(8), \fIvidb\fR\|(8) .PP The full documentation for \fB\s-1SFS\s0\fR is maintained as a Texinfo manual. If the \fBinfo\fR and \fB\s-1SFS\s0\fR programs are properly installed at your site, the command \fBinfo \s-1SFS\s0\fR should give you access to the complete manual. .PP For updates, documentation, and software distribution, please see the \fB\s-1SFS\s0\fR website at \fIhttp://www.fs.net\fR. .SH "AUTHOR" .IX Header "AUTHOR" sfsdev@redlab.lcs.mit.edu