diff options
author | petres | 2016-12-12 12:12:13 +0100 |
---|---|---|
committer | petres | 2016-12-12 12:12:13 +0100 |
commit | 0a2562490f36b54b99af076525d17fd3f090b296 (patch) | |
tree | a1e0e5cada7bc966e6c1e484d39cfaf382db2c60 | |
parent | e67f5c7c37ff6858dab44682c6c9c640905737b2 (diff) | |
download | aur-0a2562490f36b54b99af076525d17fd3f090b296.tar.gz |
updated
-rw-r--r-- | .SRCINFO | 8 | ||||
-rw-r--r-- | PKGBUILD | 6 | ||||
-rw-r--r-- | gocryptfs.1 | 98 |
3 files changed, 84 insertions, 28 deletions
@@ -1,8 +1,8 @@ # Generated by mksrcinfo v8 -# Thu Oct 20 21:17:06 UTC 2016 +# Mon Dec 12 11:09:40 UTC 2016 pkgbase = gocryptfs pkgdesc = Encrypted overlay filesystem written in Go. - pkgver = 1.1 + pkgver = 1.2 pkgrel = 1 url = https://github.com/rfjakob/gocryptfs arch = i686 @@ -12,10 +12,10 @@ pkgbase = gocryptfs makedepends = go depends = gcc-libs depends = openssl - source = git+https://github.com/rfjakob/gocryptfs.git#tag=v1.1 + source = git+https://github.com/rfjakob/gocryptfs.git#tag=v1.2 source = gocryptfs.1 md5sums = SKIP - md5sums = 8673c1825e688e5ecd8f1c4bf4a63205 + md5sums = 10ea8db326108327dadc78396eabb180 pkgname = gocryptfs @@ -1,7 +1,7 @@ # Maintainer: Peter Reschenhofer <peter.reschenhofer@gmail.com> pkgname=gocryptfs -pkgver=1.1 -_tag=v1.1 +pkgver=1.2 +_tag=v1.2 pkgrel=1 pkgdesc="Encrypted overlay filesystem written in Go." arch=('i686' 'x86_64') @@ -12,7 +12,7 @@ makedepends=('git' 'go') source=("git+https://github.com/rfjakob/gocryptfs.git#tag=$_tag" "gocryptfs.1") md5sums=('SKIP' - '10ea8db326108327dadc78396eabb180') + '1136f3c706f094dbe04de83a9c216f1f') prepare() { export GOPATH="$PWD/GO" diff --git a/gocryptfs.1 b/gocryptfs.1 index 30ebd15ab857..a230415901db 100644 --- a/gocryptfs.1 +++ b/gocryptfs.1 @@ -1,6 +1,8 @@ -.\" Automatically generated by Pandoc 1.17.2 +.\" This is a man page. View it using 'man ./gocryptfs.1' .\" -.TH "GOCRYPTFS" "1" "May 2016" "" "" +.\" Automatically generated by Pandoc 1.18 +.\" +.TH "GOCRYPTFS" "1" "Oct 2016" "" "" .hy .SH NAME .PP @@ -47,6 +49,16 @@ Write cpu profile to specified file .RS .RE .TP +.B \f[B]\-ctlsock string\f[] +Create a control socket at the specified location. +The socket can be used to decrypt and encrypt paths inside the +filesystem. +When using this option, make sure that the direcory you place the socket +in is not world\-accessible. +For example, \f[C]/run/user/UID/my.socket\f[] would be suitable. +.RS +.RE +.TP .B \f[B]\-d, \-debug\f[] Enable debug output .RS @@ -61,9 +73,10 @@ filesytem without user interaction. .RS .RE .TP -.B \f[B]\-f\f[] +.B \f[B]\-fg, \-f\f[] Stay in the foreground instead of forking away. Implies "\-nosyslog". +For compatability, "\-f" is also accepted, but "\-fg" is preferred. .RS .RE .TP @@ -109,11 +122,14 @@ forgotten your password. .RS .PP Example master key: +.PD 0 +.P +.PD 6f717d8b\-6b5f8e8a\-fd0aa206\-778ec093\-62c5669b\-abd229cd\-241e00cd\-b4d6713d .RE .TP .B \f[B]\-memprofile string\f[] -Write memory profile to specified file. +Write memory profile to the specified file. This is useful when debugging memory usage of gocryptfs. .RS .RE @@ -125,6 +141,26 @@ files. .RS .RE .TP +.B \f[B]\-noprealloc\f[] +Disable preallocation before writing. +By default, gocryptfs preallocates the space the next write will take +using fallocate(2) in mode FALLOC_FL_KEEP_SIZE. +The preallocation makes sure it cannot run out of space in the middle of +the write, which would cause the last 4kB block to be corrupt and +unreadable. +.RS +.PP +On ext4, preallocation is fast and does not cause a noticeable +performance hit. +Unfortunately, on Btrfs, preallocation is very slow, especially on +rotational HDDs. +The "\-noprealloc" option gives users the choice to trade robustness +against out\-of\-space errors for a massive speedup. +.PP +For benchmarks and more details of the issue see +https://github.com/rfjakob/gocryptfs/issues/63 . +.RE +.TP .B \f[B]\-nosyslog\f[] Diagnostic messages are normally redirected to syslog once gocryptfs daemonizes. @@ -139,6 +175,13 @@ This is used internally for daemonization. .RS .RE .TP +.B \f[B]\-o COMMA\-SEPARATED\-OPTIONS\f[] +For compatibility with mount(1), options are also accepted as "\-o +COMMA\-SEPARATED\-OPTIONS" at the end of the command line. +For example, "\-o q,zerokey" is equivalent to passing "\-q \-zerokey". +.RS +.RE +.TP .B \f[B]\-openssl bool/"auto"\f[] Use OpenSSL instead of built\-in Go crypto (default "auto"). Using built\-in crypto is 4x slower unless your CPU has AES instructions @@ -179,6 +222,14 @@ Quiet \- silence informational messages .RS .RE .TP +.B \f[B]\-raw64\f[] +Use unpadded base64 encoding for file names. +This gets rid of the trailing "\\=\\=". +A filesystem created with this option can only be mounted using +gocryptfs v1.2 and higher. +.RS +.RE +.TP .B \f[B]\-reverse\f[] Reverse mode shows a read\-only encrypted view of a plaintext directory. Implies "\-aessiv". @@ -200,9 +251,10 @@ susceptible to brute\-force attacks (default 16) .B \f[B]\-version\f[] Print version and exit. The output contains three fields seperated by ";". -Example: "gocryptfs v0.12\-2; go\-fuse a4c968c; go1.6.2". +Example: "gocryptfs v1.1.1\-5\-g75b776c; go\-fuse 6b801d3; 2016\-11\-01 +go1.7.3". Field 1 is the gocryptfs version, field 2 is the version of the go\-fuse -library, field 3 is the Go version that was used to compile the binary. +library, field 3 is the compile date and the Go version that was used. .RS .RE .TP @@ -218,25 +270,29 @@ This options is only intended for automated testing as it does not provide any security. .RS .RE -.PP -Comma\-Separated\-Options: -.PP -For compatability with mount(1), options are also accepted as "\-o -COMMA\-SEPARATED\-OPTIONS" at the end of the command line. -For example, "\-o q,zerokey" is equivalent to "\-q \-zerokey". .SH EXAMPLES .PP -Create and mount an encrypted filesystem: -.PP -mkdir /tmp/g1 /tmp/g2 +Create an encrypted filesystem in directory "g1" and mount it on "g2": +.IP +.nf +\f[C] +mkdir\ g1\ g2 +gocryptfs\ \-init\ g1 +gocryptfs\ g1\ g2 +\f[] +.fi .PP -gocryptfs \-init /tmp/g1 -.PD 0 -.P -.PD -gocryptfs /tmp/g1 /tmp/g2 +Mount an ecrypted view of joe\[aq]s home directory using reverse mode: +.IP +.nf +\f[C] +mkdir\ /home/joe.crypt +gocryptfs\ \-init\ \-reverse\ /home/joe +gocryptfs\ \-reverse\ /home/joe\ /home/joe.crypt +\f[] +.fi .SH SEE ALSO .PP -fuse(8) +fuse(8) fallocate(2) .SH AUTHORS github.com/rfjakob. |