man cfsd (Administration système) - cryptographic file system daemon

NAME

cfsd - cryptographic file system daemon

SYNOPSIS

cfsd

DESCRIPTION

cfsd is the user-level daemon for the Cryptographic File System (CFS). It is essentially an RPC server for the NFS protocol augmented with the CFS_ADMIN protocol. It listens on the CFS port (ordinarily port 3049) on the localhost interface.

The main function of cfsd is to manage the keys for currently attached encrypted directories, presenting them in clear form under the CFS mount point (typically "/crypt").

cfsd should ordinarily be invoked at boot time from /etc/rc (or /etc/rc.local). The rc file should also start mountd(8) daemon with least one file system exported to localhost; note that cfsd itself does not handle the mount protocol. Once a mountd is running, the mount(8) command should be invoked to mount the exported file system from the localhost interface with port=3049.

EXAMPLES

/usr/local/etc/cfsd
invokes cfs (in /etc/rc)
/etc/mount -o port=3049,intr localhost:/ /crypt
mounts cfs on /crypt (in /etc/rc)

FILES

/crypt
cfs mount point
/etc/exports
exported file systems

SEE ALSO

BUGS

cfsd is single threaded, which means it doesn't handle lots of simultanious operations very well. In particular, it is not possible to recursively attach encrypted directories, since that would lead to a deadlock.

AUTHOR

Matt Blaze; for information on cfs, email to cfs@research.att.com.