Commit Graph

105 Commits

Author SHA1 Message Date
Evgeny
6dc8c26100 MANPAGE: add a note on enabling Trash on macOS 2023-02-01 08:38:33 +01:00
Jakob Unterwurzacher
88bc0aa607 MANPAGE: scryptn: list how much memory is needed
Calculated acc. to https://words.filippo.io/the-scrypt-parameters/ ,
and add benchmarks to double-check the numbers. They match.
2023-01-08 22:17:14 +01:00
Gisi0
0b5b864a06 Update MANPAGE.md
added which package on linux is needed to use fido2 stick
2023-01-07 10:04:08 +01:00
a1346054
3c1ac3b06b MANPAGE.md: use correct indefinite article a->an 2023-01-01 22:06:29 +01:00
Jakob Unterwurzacher
ad2904f9ed MANPAGE: document that -scryptn also applies to -passwd
Closes https://github.com/rfjakob/gocryptfs/issues/646
2022-03-19 15:18:39 +01:00
Jakob Unterwurzacher
b636f79f89 MANPAGE: add missing -acl section
Looks like 86d8336b43
forgot to add the option to the manpage.
2022-01-22 16:19:33 +01:00
Jakob Unterwurzacher
a1f01419e2 tlog: respect NO_COLOR
Fixes https://github.com/rfjakob/gocryptfs/issues/617
2021-12-11 15:35:01 +01:00
Jakob Unterwurzacher
39e736c099 MANPAGE: fix typo 2021-12-04 12:37:12 +01:00
Jakob Unterwurzacher
8722b894a6 MANPAGE: -extpass: document dash duplication bug
Closes https://github.com/rfjakob/gocryptfs/issues/621
2021-12-04 12:34:29 +01:00
Jakob Unterwurzacher
d530fbd400 docs: names longer than 175 bytes (not 176) are stored in longnames
Quoting fusefrontend_reverse/node_helpers.go :

	// File names are padded to 16-byte multiples, encrypted and
	// base64-encoded. We can encode at most 176 bytes to stay below the 255
	// bytes limit:
	// * base64(176 bytes) = 235 bytes
	// * base64(192 bytes) = 256 bytes (over 255!)
	// But the PKCS#7 padding is at least one byte. This means we can only use
	// 175 bytes for the file name.

Noticed by @bailey27 at https://github.com/rfjakob/gocryptfs/issues/499#issuecomment-955790427
2021-11-01 14:44:32 +01:00
Jakob Unterwurzacher
d14c9340d6 cli: add -longnamemax
Fixes https://github.com/rfjakob/gocryptfs/issues/499
2021-10-21 15:58:19 +02:00
Jakob Unterwurzacher
a85e39f682 Update README & MANPAGE 2021-09-10 12:17:22 +02:00
Jakob Unterwurzacher
d023cd6c95 cli: drop -forcedecode flag
The rewritten openssl backend does not support this flag anymore,
and it was inherently dangerour. Drop it (ignored for compatibility)
2021-09-10 12:14:19 +02:00
a1346054
7c2255be90 *: trim trailing whitespace 2021-09-01 10:22:01 +02:00
a1346054
6cb03b54fe *: fix spelling 2021-09-01 10:22:01 +02:00
Jakob Unterwurzacher
61ef6b00a6 -devrandom: make flag a no-op
Commit f3c777d5ea added the `-devrandom` option:

    commit f3c777d5ea
    Author: @slackner
    Date:   Sun Nov 19 13:30:04 2017 +0100

    main: Add '-devrandom' commandline option

    Allows to use /dev/random for generating the master key instead of the
    default Go implementation. When the kernel random generator has been
    properly initialized both are considered equally secure, however:

    * Versions of Go prior to 1.9 just fall back to /dev/urandom if the
      getrandom() syscall would be blocking (Go Bug #19274)

    * Kernel versions prior to 3.17 do not support getrandom(), and there
      is no check if the random generator has been properly initialized
      before reading from /dev/urandom

    This is especially useful for embedded hardware with low-entroy. Please
    note that generation of the master key might block indefinitely if the
    kernel cannot harvest enough entropy.

We now require Go v1.13 and Kernel versions should have also moved on.
Make the flag a no-op.

https://github.com/rfjakob/gocryptfs/issues/596
2021-08-25 12:39:17 +02:00
Jakob Unterwurzacher
24bb28a517 MANPAGE: add -xchacha 2021-08-24 14:05:52 +02:00
Jakob Unterwurzacher
14bf80301b MANPAGE: move nosyslog to MOUNT OPTIONS section
It was in INIT OPTIONS by mistake.
2021-08-20 16:01:53 +02:00
Jakob Unterwurzacher
2a9dea2973 -deterministic-names: accept flag on -init
And store it in gocryptfs.conf (=remove DirIV feature flag).
2021-08-20 15:57:40 +02:00
Jose M Perez
8f94083a21 Flag -zerodiriv to create all diriv as all zero byte files 2021-08-19 18:05:54 +02:00
Jakob Unterwurzacher
dc52e32151 MANPAGE: add "exclude all but" example
Fixes https://github.com/rfjakob/gocryptfs/issues/588
2021-08-18 11:39:01 +02:00
Jakob Unterwurzacher
022c169c39 MANPAGE: -ew: make gitignore syntax more prominent
https://github.com/rfjakob/gocryptfs/issues/588
2021-08-18 10:37:53 +02:00
Jakob Unterwurzacher
b2724070d9 reverse mode: implement -one-file-system
Fixes https://github.com/rfjakob/gocryptfs/issues/475
2021-08-16 19:23:58 +02:00
Jakob Unterwurzacher
cdddd1d711 MANPAGE: describe -badname 2021-06-20 18:09:21 +02:00
Jakob Unterwurzacher
6b492fdcb8 MANPAGE: add sub-headers to EXAMPLES
Makes linking to them easier.
2021-01-10 08:01:08 +01:00
Jakob Unterwurzacher
de108d3fc0 -idle: don't lazy-unmount
When a process has its working dir inside the mount,
the only way we notice is that we get EBUSY when trying
to unmount.

We used to lazy-unmount in this case, but this means
pulling the rug from under the process.

For example, bash will start throwing

  cd: error retrieving current directory: getcwd: cannot access parent directories: No such file or directory

messages.

Fixes https://github.com/rfjakob/gocryptfs/issues/533
2021-01-02 18:19:41 +01:00
gmd20
c20c7992a0 main: add "-kernel_cache" flag
This option is similar to fuse(8) kernel_cache

Verified using vmtouch.

Without -kernel_cache:

$ dd if=/dev/zero of=foo bs=1M count=10 ; vmtouch -t foo ; vmtouch foo
10+0 records in
10+0 records out
10485760 bytes (10 MB, 10 MiB) copied, 0,0242321 s, 433 MB/s
           Files: 1
     Directories: 0
   Touched Pages: 2560 (10M)
         Elapsed: 0.011159 seconds
           Files: 1
     Directories: 0
  Resident Pages: 0/2560  0/10M  0%
         Elapsed: 0.000993 seconds

With -kernel_cache:

$ dd if=/dev/zero of=foo bs=1M count=10 ; vmtouch -t foo ; vmtouch foo
10+0 records in
10+0 records out
10485760 bytes (10 MB, 10 MiB) copied, 0,0244015 s, 430 MB/s
           Files: 1
     Directories: 0
   Touched Pages: 2560 (10M)
         Elapsed: 0.011564 seconds
           Files: 1
     Directories: 0
  Resident Pages: 2560/2560  10M/10M  100%
         Elapsed: 0.000369 seconds
2020-12-20 09:55:04 +01:00
Jakob Unterwurzacher
14dac373c2 MANPAGE: add fstab example
https://github.com/rfjakob/gocryptfs/issues/497
2020-11-14 15:27:40 +01:00
Jakob Unterwurzacher
8470cc38df MANPAGE: add -info example output 2020-11-14 15:08:57 +01:00
Jakob Unterwurzacher
6bb42f79fd MANPAGE: split up OPTIONS into action flags, init, mount, common
Fixes https://github.com/rfjakob/gocryptfs/issues/517
2020-11-14 15:00:47 +01:00
Jakob Unterwurzacher
0b2562fdba MANPAGE: clarify -fg and syslog interaction
The flag -fg does NOT imply -nosyslog. Syslog redirection is
active when -notifypid is passed.
2020-11-14 14:29:04 +01:00
Pavol Rusnak
1e624a4cc3 Add support for FIDO2 tokens 2020-09-12 18:06:54 +02:00
Jakob Unterwurzacher
570e9baadf manpage: link to exitcodes.go 2020-09-06 11:38:13 +02:00
Jakob Unterwurzacher
416080203b main: accept multiple -passfile options
Each file will be read and then concatenated
for the effictive password. This can be used as a
kind of multi-factor authenticiton.

Fixes https://github.com/rfjakob/gocryptfs/issues/288
2020-05-17 19:31:04 +02:00
Oscar
75f16771ff Update manpage examples 2020-04-07 22:04:40 +02:00
Pavol Rusnak
1364b44ae3 remove Trezor support 2019-12-28 19:50:49 +01:00
Jakob Unterwurzacher
9178aa1534 MANPAGE: describe how to unmount, and that default options are fine
Feedback received during the recent Go user group. If you haven't
used FUSE before, you don't know how to unmount, and it was not
described in the man page!

As for the options, there are many, and new users are intimidated
by it. State clearly that defaults are fine.
2019-11-17 11:04:41 +01:00
Felix Lechner
372e0333b3 Fix 'cannot adjust line' warning from man in gocryptfs manpage.
When generating man pages, pandoc marks indented code blocks with the
roff macro '.nf'. That avoids a warning from man related to the long
line about the master key.
2019-09-07 14:20:55 +02:00
Felix Lechner
76969e5992 Fix a typo in gocryptfs manpage. 2019-09-07 14:13:29 +02:00
Jakob Unterwurzacher
8f2723b387 Allow "nofail" for /etc/fstab use 2019-03-31 14:33:02 +02:00
Eduardo M KALINOWSKI
3bc100aeb3 reverse mode: support wildcard exclude (--exclude-wildcard)
This adds support for gitignore-like wildcards and exclude patters in
reverse mode. It (somewhat) fixes #273: no regexp support, but the
syntax should be powerful enough to satisfy most needs.

Also, since adding a lot of --exclude options can be tedious, it adds
the --exclude-from option to read patterns from a file (or files).
2019-03-26 20:56:37 +01:00
Jakob Unterwurzacher
cf27037f20 Allow multiple -extpass arguments
To support arguments containing spaces, -extpass can now
be passed multiple times.

https://github.com/rfjakob/gocryptfs/issues/289
2019-03-03 13:25:30 +01:00
Jakob Unterwurzacher
295d432175 passfile: directly read file instead of invoking cat
Allows better error handling, gets rid of the call to an
external program, and fixes https://github.com/rfjakob/gocryptfs/issues/278 .
2018-12-15 17:09:38 +01:00
Jesse Dunietz
0751b4e00a Updated manpage for -idle flag 2018-10-11 22:31:45 +02:00
Jakob Unterwurzacher
7e111ea94c trezor: document -trezor in man page
Also fix "--", which was shown as just "-" in the man pager.
2018-08-15 23:34:23 +02:00
Jakob Unterwurzacher
5acfbc1b2f main: add -e as an alias for -exclude 2018-08-15 13:12:13 +02:00
Jakob Unterwurzacher
ec2fdc19cf reverse mode: add --exclude option
https://github.com/rfjakob/gocryptfs/issues/235
2018-08-11 23:26:49 +02:00
Jakob Unterwurzacher
7f5a97e843 MANPAGE: add proper description text
We only had an "options" section which was
mislabeled as "description". Add a proper description text.
2018-07-07 23:51:16 +02:00
Jakob Unterwurzacher
009cc0ae8b Update README and MANPAGE for v1.5
Also update the performance numbers. I see some slowdown, reason
is not yet clear, but nothing to block the release.
2018-06-12 23:07:42 +02:00
Jakob Unterwurzacher
4e5783591f fsck: report skipped corrupt files
OpenDir and ListXAttr skip over corrupt entries,
readFileID treats files the are too small as empty.
This improves usability in the face of corruption,
but hides the problem in a log message instead of
putting it in the return code.

Create a channel to report these corruptions to fsck
so it can report them to the user.

Also update the manpage and the changelog with the -fsck option.

Closes https://github.com/rfjakob/gocryptfs/issues/191
2018-04-03 21:24:48 +02:00