SVN: rc-scripts/trunk/man: Makefile.am crypttab.5

glen glen at pld-linux.org
Fri Nov 9 01:31:49 CET 2007 

Author: glen
Date: Fri Nov  9 01:31:48 2007
New Revision: 9021

Added:
   rc-scripts/trunk/man/crypttab.5
Modified:
   rc-scripts/trunk/man/Makefile.am
Log:
- add crypttab.5 from fc initscripts-8.54

Modified: rc-scripts/trunk/man/Makefile.am
==============================================================================
--- rc-scripts/trunk/man/Makefile.am	(original)
+++ rc-scripts/trunk/man/Makefile.am	Fri Nov  9 01:31:48 2007
@@ -14,6 +14,7 @@
 	usernetctl.8 \
 	usleep.1 \
 	fstab-decode.8 \
+	crypttab.5 \
 	start-stop-daemon.8
 
 EXTRA_DIST = $(man_MANS)

Added: rc-scripts/trunk/man/crypttab.5
==============================================================================
--- (empty file)
+++ rc-scripts/trunk/man/crypttab.5	Fri Nov  9 01:31:48 2007
@@ -0,0 +1,125 @@
+.\" A man page for /etc/crypttab.
+.\"
+.\" Copyright (C) 2006 Red Hat, Inc. All rights reserved.
+.\"
+.\" This copyrighted material is made available to anyone wishing to use,
+.\" modify, copy, or redistribute it subject to the terms and conditions of the
+.\" GNU General Public License v.2.
+.\"
+.\" This program is distributed in the hope that it will be useful, but WITHOUT
+.\" ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 
+.\" FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for 
+.\" more details.
+.\"
+.\" You should have received a copy of the GNU General Public License along
+.\" with this program; if not, write to the Free Software Foundation, Inc.,
+.\" 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+.\"
+.\" Author: Miloslav Trmac <mitr at redhat.com>
+.TH crypttab 5 "Jul 2006"
+
+.SH NAME
+/etc/crypttab - encrypted block device table
+
+.SH DESCRIPTION
+The
+.B /etc/crypptab
+file describes encrypted block devices that are set up during system boot.
+
+Empty lines and lines starting with the
+.B #
+character are ignored.
+Each of the remaining lines describes one encrypted block device,
+fields on the line are delimited by white space.
+The first two fields are mandatory, the remaining two are optional.
+
+The first field contains the
+.I name
+of the resulting encrypted block device;
+the device is set up at
+\fB/dev/mapper/\fIname\fR.
+
+The second field contains a path to the underlying block device.
+If the block device contains a LUKS signature,
+it is opened as a LUKS encrypted partition;
+otherwise it is assumed to be a raw dm-crypt partition.
+
+The third field specifies the encryption password.
+If the field is not present or the password is set to \fBnone\fR,
+the password has to be manually entered during system boot.
+Otherwise the field is interpreted as a path to a file
+containing the encryption password.
+For swap encryption
+.B /dev/urandom
+can be used as the password file;
+using
+.B /dev/random
+may prevent boot completion
+if the system does not have enough entropy
+to generate a truly random encryption key.
+
+The fourth field, if present, is a comma-delimited list of options.
+The following options are recognized:
+.TP
+\fBcipher=\fIcipher\fR
+Specifies the cipher to use; see
+.BR cryptsetup (8)
+for possible values and the default value of this option.
+A cipher with unpredictable IV values, such as
+\fBaes-cbc-essiv:sha256\fR, is recommended.
+
+.TP
+\fBsize=\fIsize\fR
+Specifies the key size in bits; see
+.BR cryptsetup (8)
+for possible values and the default value of this option.
+
+.TP
+\fBhash=\fIhash\fR
+Specifies the hash to use for password hashing; see
+.BR cryptsetup (8)
+for possible values and the default value of this option.
+
+.TP
+\fBverify\fR
+If the the encryption password is read from console,
+it has to be entered twice (to prevent typos).
+
+.TP
+\fBswap\fR
+The encrypted block device will be used as a swap partition,
+and will be formatted as a swap partition
+after setting up the encrypted block device.
+The underlying block device
+will be formatted again as an unencrypted swap partition
+after destroying the encrypted block device.
+(This allows sharing a single swap partition between operating
+system installations,
+with some of them encrypting the swap partitions and some of them not.)
+
+\fIWARNING\fR: Using the
+.B swap
+option will destroy the contents of the named partition during every boot, so
+make sure the underlying block device is specified correctly.
+
+.TP
+\fBtmp\fR
+The encrypted block device will be prepared for using it as tmp partition:
+it will be formatted using
+.B mke2fs
+and its root directory will be set to mode 01777.
+The warning about the
+.B swap
+option applies here as well.
+
+.PP
+No options can be specified for LUKS encrypted partitions.
+
+.SH COMPATIBILITY
+The
+.B /etc/crypptab
+file format is based on the Debian cryptsetup package,
+and is intended to be compatible.
+
+.SH SEE ALSO
+.BR cryptsetup (8)

More information about the pld-cvs-commit mailing list