cfsd.8

.TH CFSD 8 ""
.SH NAME
cfsd - cryptographic file system daemon
.SH SYNOPSIS
.B cfsd
[port]
.SH DESCRIPTION
\fBcfsd\fP is the user-level daemon for the Cryptographic File System
(CFS).  It is essentially an RPC server for the NFS protocol augmented
with the CFS_ADMIN protocol.  It listens on the CFS port (ordinarily
port 3049) on the \fBlocalhost\fP interface.
.LP
The main function of \fBcfsd\fP is to manage the keys for currently
attached encrypted directories, presenting them in clear form under
the CFS mount point (typically "/crypt").
.LP
\fBcfsd\fP should ordinarily be invoked at boot time from
/usr/local/etc/rc.d/cfsd.sh
The rc file should also start
\fBmountd\fP(8) daemon with least one file system exported to
localhost; note that cfsd itself does not handle the mount protocol.
Once a mountd is running, the mount(8) command should be invoked to
mount the exported file system from the localhost interface with
port=3049.
.SH EXAMPLES
.TP
/usr/local/etc/rc.d/cfsd.sh
starts cfsd (from /etc/rc)
.TP
/sbin/mount -o port=3049,intr,nfsv2 localhost:/ /crypt
mounts cfs on /crypt (in /etc/rc)
.SH FILES
.TP
/crypt
cfs mount point
.TP
/etc/exports
exported file systems
.SH SEE ALSO
cattach(1), cdetach(1), mountd(8), mount(8)
.SH BUGS
\fBcfsd\fP is single threaded, which means it doesn't handle lots of
simultanious operations very well.  In particular, it is not possible
to recursively attach encrypted directories, since that would lead to
a deadlock.
.SH AUTHOR
Matt Blaze; for information on cfs, email to
cfs@research.att.com.