aboutsummaryrefslogtreecommitdiff
path: root/Documentation/MANPAGE.md
AgeCommit message (Collapse)Author
2021-11-01docs: names longer than 175 bytes (not 176) are stored in longnamesJakob Unterwurzacher
Quoting fusefrontend_reverse/node_helpers.go : // File names are padded to 16-byte multiples, encrypted and // base64-encoded. We can encode at most 176 bytes to stay below the 255 // bytes limit: // * base64(176 bytes) = 235 bytes // * base64(192 bytes) = 256 bytes (over 255!) // But the PKCS#7 padding is at least one byte. This means we can only use // 175 bytes for the file name. Noticed by @bailey27 at https://github.com/rfjakob/gocryptfs/issues/499#issuecomment-955790427
2021-10-21cli: add -longnamemaxJakob Unterwurzacher
Fixes https://github.com/rfjakob/gocryptfs/issues/499
2021-09-10Update README & MANPAGEJakob Unterwurzacher
2021-09-10cli: drop -forcedecode flagJakob Unterwurzacher
The rewritten openssl backend does not support this flag anymore, and it was inherently dangerour. Drop it (ignored for compatibility)
2021-09-01*: trim trailing whitespacea1346054
2021-09-01*: fix spellinga1346054
2021-08-25-devrandom: make flag a no-opJakob Unterwurzacher
Commit f3c777d5eaa682d878c638192311e52f9c204294 added the `-devrandom` option: commit f3c777d5eaa682d878c638192311e52f9c204294 Author: @slackner Date: Sun Nov 19 13:30:04 2017 +0100 main: Add '-devrandom' commandline option Allows to use /dev/random for generating the master key instead of the default Go implementation. When the kernel random generator has been properly initialized both are considered equally secure, however: * Versions of Go prior to 1.9 just fall back to /dev/urandom if the getrandom() syscall would be blocking (Go Bug #19274) * Kernel versions prior to 3.17 do not support getrandom(), and there is no check if the random generator has been properly initialized before reading from /dev/urandom This is especially useful for embedded hardware with low-entroy. Please note that generation of the master key might block indefinitely if the kernel cannot harvest enough entropy. We now require Go v1.13 and Kernel versions should have also moved on. Make the flag a no-op. https://github.com/rfjakob/gocryptfs/issues/596
2021-08-24MANPAGE: add -xchachaJakob Unterwurzacher
2021-08-20MANPAGE: move nosyslog to MOUNT OPTIONS sectionJakob Unterwurzacher
It was in INIT OPTIONS by mistake.
2021-08-20-deterministic-names: accept flag on -initJakob Unterwurzacher
And store it in gocryptfs.conf (=remove DirIV feature flag).
2021-08-19Flag -zerodiriv to create all diriv as all zero byte filesJose M Perez
2021-08-18MANPAGE: add "exclude all but" exampleJakob Unterwurzacher
Fixes https://github.com/rfjakob/gocryptfs/issues/588
2021-08-18MANPAGE: -ew: make gitignore syntax more prominentJakob Unterwurzacher
https://github.com/rfjakob/gocryptfs/issues/588
2021-08-16reverse mode: implement -one-file-systemJakob Unterwurzacher
Fixes https://github.com/rfjakob/gocryptfs/issues/475
2021-06-20MANPAGE: describe -badnameJakob Unterwurzacher
2021-01-10MANPAGE: add sub-headers to EXAMPLESJakob Unterwurzacher
Makes linking to them easier.
2021-01-02-idle: don't lazy-unmountJakob Unterwurzacher
When a process has its working dir inside the mount, the only way we notice is that we get EBUSY when trying to unmount. We used to lazy-unmount in this case, but this means pulling the rug from under the process. For example, bash will start throwing cd: error retrieving current directory: getcwd: cannot access parent directories: No such file or directory messages. Fixes https://github.com/rfjakob/gocryptfs/issues/533
2020-12-20main: add "-kernel_cache" flaggmd20
This option is similar to fuse(8) kernel_cache Verified using vmtouch. Without -kernel_cache: $ dd if=/dev/zero of=foo bs=1M count=10 ; vmtouch -t foo ; vmtouch foo 10+0 records in 10+0 records out 10485760 bytes (10 MB, 10 MiB) copied, 0,0242321 s, 433 MB/s Files: 1 Directories: 0 Touched Pages: 2560 (10M) Elapsed: 0.011159 seconds Files: 1 Directories: 0 Resident Pages: 0/2560 0/10M 0% Elapsed: 0.000993 seconds With -kernel_cache: $ dd if=/dev/zero of=foo bs=1M count=10 ; vmtouch -t foo ; vmtouch foo 10+0 records in 10+0 records out 10485760 bytes (10 MB, 10 MiB) copied, 0,0244015 s, 430 MB/s Files: 1 Directories: 0 Touched Pages: 2560 (10M) Elapsed: 0.011564 seconds Files: 1 Directories: 0 Resident Pages: 2560/2560 10M/10M 100% Elapsed: 0.000369 seconds
2020-11-14MANPAGE: add fstab exampleJakob Unterwurzacher
https://github.com/rfjakob/gocryptfs/issues/497
2020-11-14MANPAGE: add -info example outputJakob Unterwurzacher
2020-11-14MANPAGE: split up OPTIONS into action flags, init, mount, commonJakob Unterwurzacher
Fixes https://github.com/rfjakob/gocryptfs/issues/517
2020-11-14MANPAGE: clarify -fg and syslog interactionJakob Unterwurzacher
The flag -fg does NOT imply -nosyslog. Syslog redirection is active when -notifypid is passed.
2020-09-12Add support for FIDO2 tokensPavol Rusnak
2020-09-06manpage: link to exitcodes.goJakob Unterwurzacher
2020-05-17main: accept multiple -passfile optionsJakob Unterwurzacher
Each file will be read and then concatenated for the effictive password. This can be used as a kind of multi-factor authenticiton. Fixes https://github.com/rfjakob/gocryptfs/issues/288
2020-04-07Update manpage examplesOscar
2019-12-28remove Trezor supportPavol Rusnak
2019-11-17MANPAGE: describe how to unmount, and that default options are fineJakob Unterwurzacher
Feedback received during the recent Go user group. If you haven't used FUSE before, you don't know how to unmount, and it was not described in the man page! As for the options, there are many, and new users are intimidated by it. State clearly that defaults are fine.
2019-09-07Fix 'cannot adjust line' warning from man in gocryptfs manpage.Felix Lechner
When generating man pages, pandoc marks indented code blocks with the roff macro '.nf'. That avoids a warning from man related to the long line about the master key.
2019-09-07Fix a typo in gocryptfs manpage.Felix Lechner
2019-03-31Allow "nofail" for /etc/fstab useJakob Unterwurzacher
2019-03-26reverse mode: support wildcard exclude (--exclude-wildcard)Eduardo M KALINOWSKI
This adds support for gitignore-like wildcards and exclude patters in reverse mode. It (somewhat) fixes #273: no regexp support, but the syntax should be powerful enough to satisfy most needs. Also, since adding a lot of --exclude options can be tedious, it adds the --exclude-from option to read patterns from a file (or files).
2019-03-03Allow multiple -extpass argumentsJakob Unterwurzacher
To support arguments containing spaces, -extpass can now be passed multiple times. https://github.com/rfjakob/gocryptfs/issues/289
2018-12-15passfile: directly read file instead of invoking catJakob Unterwurzacher
Allows better error handling, gets rid of the call to an external program, and fixes https://github.com/rfjakob/gocryptfs/issues/278 .
2018-10-11Updated manpage for -idle flagJesse Dunietz
2018-08-15trezor: document -trezor in man pageJakob Unterwurzacher
Also fix "--", which was shown as just "-" in the man pager.
2018-08-15main: add -e as an alias for -excludeJakob Unterwurzacher
2018-08-11reverse mode: add --exclude optionJakob Unterwurzacher
https://github.com/rfjakob/gocryptfs/issues/235
2018-07-07MANPAGE: add proper description textJakob Unterwurzacher
We only had an "options" section which was mislabeled as "description". Add a proper description text.
2018-06-12Update README and MANPAGE for v1.5v1.5Jakob Unterwurzacher
Also update the performance numbers. I see some slowdown, reason is not yet clear, but nothing to block the release.
2018-04-03fsck: report skipped corrupt filesJakob Unterwurzacher
OpenDir and ListXAttr skip over corrupt entries, readFileID treats files the are too small as empty. This improves usability in the face of corruption, but hides the problem in a log message instead of putting it in the return code. Create a channel to report these corruptions to fsck so it can report them to the user. Also update the manpage and the changelog with the -fsck option. Closes https://github.com/rfjakob/gocryptfs/issues/191
2018-03-22Add `-masterkey=stdin` functionalityJakob Unterwurzacher
https://github.com/rfjakob/gocryptfs/issues/218
2018-02-03MANPAGE: improve markdown renderingJakob Unterwurzacher
The man page is rendered on github at https://github.com/rfjakob/gocryptfs/blob/master/Documentation/MANPAGE.md . Improve formatting a little.
2018-01-20MANPAGE: improve description of -o and -koJakob Unterwurzacher
Was unclear for new users - see https://github.com/rfjakob/gocryptfs/issues/194
2018-01-10Fix spellingFelix Lechner
2017-11-21main: Add '-devrandom' commandline optionSebastian Lackner
Allows to use /dev/random for generating the master key instead of the default Go implementation. When the kernel random generator has been properly initialized both are considered equally secure, however: * Versions of Go prior to 1.9 just fall back to /dev/urandom if the getrandom() syscall would be blocking (Go Bug #19274) * Kernel versions prior to 3.17 do not support getrandom(), and there is no check if the random generator has been properly initialized before reading from /dev/urandom This is especially useful for embedded hardware with low-entroy. Please note that generation of the master key might block indefinitely if the kernel cannot harvest enough entropy.
2017-11-12main: add "-sharedstorage" flagJakob Unterwurzacher
At the moment, it does two things: 1. Disable stat() caching so changes to the backing storage show up immediately. 2. Disable hard link tracking, as the inode numbers on the backing storage are not stable when files are deleted and re-created behind our back. This would otherwise produce strange "file does not exist" and other errors. Mitigates https://github.com/rfjakob/gocryptfs/issues/156
2017-10-19MANPAGE: explain that you may have to pass -aessiv with -masterkeyJakob Unterwurzacher
...if the filesystem was created with that option (or reverse mode). Mitigates https://github.com/rfjakob/gocryptfs/issues/148
2017-08-21MANPAGE: update exit codesJakob Unterwurzacher
The exit codes have been documented in CLI_ABI.md for a while, but they should also be listed in the man page. Also fix the rendering of "[-o COMMA-SEPARATED-OPTIONS]", where the square brackets where interpreted as something. Escape all square brackets to be safe.
2017-06-20MANPAGE: reorder options to match "-hh" output; add "-hkdf", "-trace"Jakob Unterwurzacher