This is the TCFS readme file for version 2.1.0b.
last reviewed on Fri Jun 26 16:31:09 MEST 1998

WARNING: This is a developer-only release.

You must read this file before installing this release of TCFS.
If you don't we won't be responsible for loss of data.
If you do, we won't be responsible either :-)

This new version of TCFS is split into various pieces:

patch-e2fsprogs-1.06-tcfs.gz
       patch for e2fsprogs utilities.
       It may work with e2fsprogs version 1.10, but we've not tested it yet.

patch-mount-2.7g-tcfs.gz
       patch for the mount package.
       Without it you cannot mount TCFS filesystems.

patch-linux-2.0.x-tcfs.gz
       patch for the Linux kernel.
       You have to apply it to your kernel source tree before doing
       anything else.

patch-shadow-980529-tcfs.gz
       patch for the Shadow Password suite.
       We think it may work with previous versions, but who knows.
       Probably, this patch will be included into the Shadow Password suite.

admutils-1.21-tcfs.tar.gz
       Old admin utils patched for TCFS.
       It contains a version of passwd that does not support shadow passwords.
       Its use is deprecated.

tcfs-2.1.0b.tar.gz
       The core of TCFS. You have to untar it into the Linux kernel
       directory before compiling it.

tcfslib-0.1.tar.gz
       The TCFS library.
       It is intended for developers who want to build some new utilities for TCFS.
       The low version number is due to the fact that we are planning to
       rewrite it.  The TCFS utilities that we provide are based on tcfslib.

tcfsutils-1.0.tar.gz
       TCFS utilities.
       These utilities allow users to put, remove, view, and destroy their TCFS
       keys.

xattrd-2.0.tar.gz
       The server side of TCFS.
       It is used by TCFS to talk with the server for gathering TCFS information
       on the file.

contrib/
       In this directory you can find some packets needed for TCFS
       prepatched for TCFS. Instead of getting this, you can get the
       original package and our patch.

Packages/
       In this directory you can find some packets needed for TCFS but not
       yet patched (i.e. their original source code).

This version of TCFS differs from the previous releases (<2.1.0)
as it includes a complete rewrite of the utilities.
TCFS now includes a library for developing utilities and a new set
of utilities. The new set of utilities relies on some new features
of the TCFS modules which we explain below.

Each key is associated with a counter and a binary flag. The counter
keeps track of the number of times the user has logged-into TCFS.
The new utilities tcfsputkey in its basic form pushes the users key
into the TCFS module. If the key is already present then the TCFS module
increments the counter; otherwise a new entry for the key is created
in TCFS and the counter is initialized. When the user removes
his/her key using the tcfsrmkey utility, the TCFS module decrements
the counter.
Additionaly, the TCFS module maintains a flag to indicate whether
the key is permament or not.  The TCFS module removes the key when
the counter hits 0 and the permanent flag is clear.
The permanent flag can be used to logout from the system
(the counter of the key thus drops to 0) leaving the
key into the kernel so background processes may still continue to
work with encrypted files.

This new realese uses a new and more efficient format for
the key database. The old format for the key database (keys stored
in the text file /etc/tcfspasswd) is still supported but its use
is deprecated. The key database (residing at /etc/tcfspwdb) follows the
standard specified by the GDMB library.

This new release also includes suport for PAM.  The TCFS-PAM
module takes care of pushing the correct user's key into the
kernel at login and removing it at logout. Thus, TCFS becomes
even more transparent: no need to execute tcfsputkey and tcfsrmkey to
specify the key to be used and to remove the key before logging-out.

Here is a short list of changes and TODOs

- the tcfs mount does not support bg, intr
- the patch for e2fsprogs 1.06 may work also on e2fsprogs 1.10 but
 thorough testing is needed
- we patched xattrd and admin-utils (old) so that it compiles
 with glibc 2 (tested on RedHat 5.0)
- support for shadow passwords is now complete
- when you su to root (or to some other user) different tcfs utilities
 exhibit different behavior. More precisely, tcfsputkey and tcfsrmkey
 put and remove the key of the user that 'su'ed, while tcfsviewkey
 try to get info on the 'su'ed user. This will be patched in one of the upcoming
 releases.
- lack of man pages for tcfslib (but see the short html document).
- tcfslib tested with the new tcfs password file format,
 but not with the old deprecated one.
- lack of old-to-new-format converter.

We will greatly appreciate if you could mail any newly discovered bug to
the tcfs mailing list by sending mail to [email protected].
To subscribe to the list send mail to [email protected]
with body "SUBSCRIBE tcfslist".

Anidel.

You are viewing proxied material from ftp.icm.edu.pl. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.