Update README and MANPAGE for v1.5
Also update the performance numbers. I see some slowdown, reason is not yet clear, but nothing to block the release.
This commit is contained in:
parent
e925e1b78e
commit
009cc0ae8b
@ -54,6 +54,11 @@ be suitable.
|
||||
#### -d, -debug
|
||||
Enable debug output.
|
||||
|
||||
#### -dev, -nodev
|
||||
Enable (`-dev`) or disable (`-nodev`) device files in a gocryptfs mount
|
||||
(default: `-nodev`). If both are specified, `-nodev` takes precedence.
|
||||
You need root permissions to use `-dev`.
|
||||
|
||||
#### -devrandom
|
||||
Use /dev/random for generating the master key instead of the default Go
|
||||
implementation. This is especially useful on embedded systems with Go versions
|
||||
@ -61,6 +66,10 @@ prior to 1.9, which fall back to weak random data when the getrandom syscall
|
||||
is blocking. Using this option can block indefinitely when the kernel cannot
|
||||
harvest enough entropy.
|
||||
|
||||
#### -exec, -noexec
|
||||
Enable (`-exec`) or disable (`-noexec`) executables in a gocryptfs mount
|
||||
(default: `-exec`). If both are specified, `-noexec` takes precedence.
|
||||
|
||||
#### -extpass string
|
||||
Use an external program (like ssh-askpass) for the password prompt.
|
||||
The program should return the password on stdout, a trailing newline is
|
||||
@ -172,6 +181,12 @@ Examples:
|
||||
Write memory profile to the specified file. This is useful when debugging
|
||||
memory usage of gocryptfs.
|
||||
|
||||
#### -nodev
|
||||
See `-dev, -nodev`.
|
||||
|
||||
#### -noexec
|
||||
See `-exec, -noexec`.
|
||||
|
||||
#### -nonempty
|
||||
Allow mounting over non-empty directories. FUSE by default disallows
|
||||
this to prevent accidental shadowing of files.
|
||||
@ -197,6 +212,9 @@ Diagnostic messages are normally redirected to syslog once gocryptfs
|
||||
daemonizes. This option disables the redirection and messages will
|
||||
continue be printed to stdout and stderr.
|
||||
|
||||
#### -nosuid
|
||||
See `-suid, -nosuid`.
|
||||
|
||||
#### -notifypid int
|
||||
Send USR1 to the specified process after successful mount. This is
|
||||
used internally for daemonization.
|
||||
@ -222,7 +240,7 @@ built-in crypto is 4x slower unless your CPU has AES instructions and
|
||||
you are using Go 1.6+. In mode "auto", gocrypts chooses the faster
|
||||
option.
|
||||
|
||||
#### -passfile string/
|
||||
#### -passfile string
|
||||
Read password from the specified file. This is a shortcut for
|
||||
specifying '-extpass="/bin/cat -- FILE"'.
|
||||
|
||||
@ -253,8 +271,9 @@ mounted using gocryptfs v1.2 and higher.
|
||||
Reverse mode shows a read-only encrypted view of a plaintext
|
||||
directory. Implies "-aessiv".
|
||||
|
||||
#### -ro
|
||||
Mount the filesystem read-only.
|
||||
#### -rw, -ro
|
||||
Mount the filesystem read-write (`-rw`, default) or read-only (`-ro`).
|
||||
If both are specified, `-ro` takes precence.
|
||||
|
||||
#### -scryptn int
|
||||
scrypt cost parameter expressed as scryptn=log2(N). Possible values are
|
||||
@ -311,6 +330,11 @@ Run crypto speed test. Benchmark Go's built-in GCM against OpenSSL
|
||||
(if available). The library that will be selected on "-openssl=auto"
|
||||
(the default) is marked as such.
|
||||
|
||||
#### -suid, -nosuid
|
||||
Enable (`-suid`) or disable (`-nosuid`) suid and sgid executables in a gocryptfs
|
||||
mount (default: `-nosuid`). If both are specified, `-nosuid` takes precedence.
|
||||
You need root permissions to use `-suid`.
|
||||
|
||||
#### -trace string
|
||||
Write execution trace to file. View the trace using "go tool trace FILE".
|
||||
|
||||
@ -363,4 +387,4 @@ other: please check the error message
|
||||
|
||||
SEE ALSO
|
||||
========
|
||||
fuse(8) fallocate(2)
|
||||
mount(2) fuse(8) fallocate(2)
|
||||
|
@ -41,6 +41,7 @@ v1.4-45-gd5671b7 183 282 14.9 7.3 1.1 2.9
|
||||
v1.4-45-gd5671b7 252 285 15.5 7.2 1.1 2.9 go1.8.3, Linux 4.11
|
||||
v1.4.1 253 285 16.0 7.4 1.3 3.0 go1.9, Linux 4.12.5
|
||||
v1.4.1-6-g276567e 258 289 16.1 7.5 1.3 3.0
|
||||
v1.5 228 292 17.6 9.3 1.5 3.5 go1.10.2, Linux 4.16.8
|
||||
|
||||
Results for EncFS for comparison (benchmark.bash -encfs):
|
||||
|
||||
|
22
README.md
22
README.md
@ -153,13 +153,25 @@ RM: 4.42
|
||||
Changelog
|
||||
---------
|
||||
|
||||
vNEXT, in progress
|
||||
v1.5, 2018-06-12
|
||||
* **Support extended attributes (xattr)** in forward mode
|
||||
([#217](https://github.com/rfjakob/gocryptfs/issues/217)). Older gocryptfs versions
|
||||
will ignore the extended attributes.
|
||||
* **Add `-fsck` function**
|
||||
([#191](https://github.com/rfjakob/gocryptfs/issues/191))
|
||||
* Fix clobbered timestamps on MacOS High Sierra
|
||||
([#229](https://github.com/rfjakob/gocryptfs/issues/229))
|
||||
* Add `-masterkey=stdin` functionality
|
||||
([#218](https://github.com/rfjakob/gocryptfs/issues/218))
|
||||
* Support extended attributes (xattr) in forward mode
|
||||
([#217](https://github.com/rfjakob/gocryptfs/issues/217))
|
||||
* Add `-fsck` function
|
||||
([#191](https://github.com/rfjakob/gocryptfs/issues/191))
|
||||
* Accept `-dev`/`-nodev`, `suid`/`nosuid`, `-exec`/`-noexec`,
|
||||
`-ro`/`-rw` flags to make mounting via `/etc/fstab` possible.
|
||||
Thanks @mahkoh! ([#233](https://github.com/rfjakob/gocryptfs/pull/233),
|
||||
[commit](https://github.com/rfjakob/gocryptfs/commit/53d6a9999dd0e4c31636d16179f284fff35a35d9),
|
||||
[commit](https://github.com/rfjakob/gocryptfs/commit/10212d791a3196c2c8705a7a3cccdeb14a8efdbe))
|
||||
* Fix a `logger` path issue on SuSE
|
||||
[#225](https://github.com/rfjakob/gocryptfs/issues/225)
|
||||
* Stop printing the help text on a "flag provided but not defined"
|
||||
error ([commit](https://github.com/rfjakob/gocryptfs/commit/5ad26495fc86527bbfe75ac6b46528d49a373676))
|
||||
|
||||
v1.4.4, 2018-03-18
|
||||
* Overwrite secrets in memory with zeros as soon as possible
|
||||
|
Loading…
x
Reference in New Issue
Block a user