Node:sfsagent, Next:sfskey, Previous:Command reference, Up:Command reference
sfsagent
reference guidesfsagent
is the program users run to authenticate themselves
to remote file servers, to create symbolic links in /sfs
on the
fly, and to look for revocation certificates. Many of the features in
sfsagent
are controlled by the sfskey
program and
described in the sfskey
documentation.
Ordinarily, a user runs sfsagent
at the start of a session.
sfsagent
runs sfskey add
to obtain a private key.
As the user touches each SFS file server for the first time, the agent
authenticates the user to the file server transparently using the
private key it has. At the end of the session, the user should run
sfskey kill
to kill the agent.
The usage is as follows:
sfsagent [-dnkF] -S sock [-c [prog [arg ...]] | keyname]
-d
-n
-n
, you must also use
the -S
option, otherwise your agent will be useless as there
will be no way to communicate with it.
-k
sfsagent
will refuse to run again.
-F
-S sock
sfskey
on the Unix
domain socket sock. Ordinarily sfskey
connects to the
agent through the client file system software, but it can use a named
Unix domain socket as well.
-c [prog [arg ...]]
sfsagent
on startup runs the command sfskey
add
giving it whatever -t
option and keyname you
specified. This allows you to fetch your first key as you start or
restart the agent. If you wish to run a different program, you can
specify it using -c
. You might, for instance, wish to run a
shell-script that executes a sfskey add
followed by several
sfskey certprog
commands.
sfsagent
runs the program with the environment variable
SFS_AGENTSOCK
set to -0
and a Unix domain socket on
standard input. Thus, when atomically killing and restarting the agent
using -k
, the commands run by sfsagent
talk to the
new agent and not the old.
If you don't wish to run any program at all when starting
sfsagent
, simply supply the -c
option with no
prog. This will start an new agent that has no private keys.