size[4] Tattach tag[2] fid[4] afid[4] uname[s] aname[s]
size[4] Rattach tag[2] qid[13]

As a result of the attach transaction, the client will have a connection to the root directory of the desired file tree, represented by fid. An error is returned if fid is already in use. The server's idea of the root of the file tree is represented by the returned qid.

If the client does not wish to authenticate the connection, or knows that authentication is not required, the afid field in the attach message should be set to NOFID, defined as (u32int)~0 in <fcall.h>. If the client does wish to authenticate, it must acquire and validate an afid using an auth message before doing the attach.

The auth message contains afid, a new fid to be established for authentication, and the uname and aname that will be those of the following attach message. If the server does not require authentication, it returns Rerror to the Tauth message.

If the server does require authentication, it returns aqid defining a file of type QTAUTH (see intro(5)) that may be read and written (using read and write messages in the usual way) to execute an authentication protocol. That protocol's definition is not part of Styx itself.

Once the protocol is complete, the same afid is presented in the attach message for the user, granting entry. The same validated afid may be used for multiple attach messages with the same uname and aname.

An auth transaction is generated by the sys-fauth(2) system call or by the first mount system call on an uninitialized connection.