mirror of
https://github.com/Llewellynvdm/Tomb.git
synced 2024-11-26 14:56:33 +00:00
Update documentation: swap, --ignore-swap, -k
This commit is contained in:
parent
a3f0c7c86b
commit
f4b8a2275e
34
doc/tomb.1
34
doc/tomb.1
@ -91,7 +91,7 @@ given. This is used to recoved buried keys from unsuspected places.
|
|||||||
.B
|
.B
|
||||||
.B
|
.B
|
||||||
.IP "-s \fI<MBytes>\fR"
|
.IP "-s \fI<MBytes>\fR"
|
||||||
When creating a tomb, this option must be used to specify the size of
|
When creating a tomb, this option MUST be used to specify the size of
|
||||||
the new \fIfile\fR to be created, in megabytes.
|
the new \fIfile\fR to be created, in megabytes.
|
||||||
.B
|
.B
|
||||||
.IP "-k \fI<keyfile>\fR"
|
.IP "-k \fI<keyfile>\fR"
|
||||||
@ -100,6 +100,13 @@ of the key to use. Keys are created with the same name of the tomb
|
|||||||
file adding a '.gpg' suffix, but can be later renamed and transported
|
file adding a '.gpg' suffix, but can be later renamed and transported
|
||||||
on other media. When a key is not found, the program asks to insert a
|
on other media. When a key is not found, the program asks to insert a
|
||||||
USB storage device and it will look for the key file inside it.
|
USB storage device and it will look for the key file inside it.
|
||||||
|
When creating a tomb, this option can be used to specify the name (and
|
||||||
|
location) of the key you are creating. For example, you could use
|
||||||
|
.EX
|
||||||
|
tomb create -s 100 tombname -k /media/usb/tombname
|
||||||
|
.EE
|
||||||
|
to put the key on a usb pendrive
|
||||||
|
|
||||||
.B
|
.B
|
||||||
.IP "-n"
|
.IP "-n"
|
||||||
Skip processing of post-hooks and bind-hooks if found inside the tomb.
|
Skip processing of post-hooks and bind-hooks if found inside the tomb.
|
||||||
@ -111,6 +118,11 @@ of the default \fIrw,noatime,nodev\fR. This option can be used to
|
|||||||
mount a tomb read-only (ro) to prevent any modification of its data,
|
mount a tomb read-only (ro) to prevent any modification of its data,
|
||||||
or to experiment with other settings (if you really know what you are
|
or to experiment with other settings (if you really know what you are
|
||||||
doing) see the mount(8) man page.
|
doing) see the mount(8) man page.
|
||||||
|
.B
|
||||||
|
.IP "--ignore-swap"
|
||||||
|
By default, Tomb will abort any create and open operation if swap is used (see
|
||||||
|
SWAP section for details). This flag will disable this behaviour. NOTE: it is
|
||||||
|
not secure to do so, unless you know that your swap is encrypted
|
||||||
|
|
||||||
.B
|
.B
|
||||||
.IP "-h"
|
.IP "-h"
|
||||||
@ -124,6 +136,7 @@ Run more quietly
|
|||||||
.IP "-D"
|
.IP "-D"
|
||||||
Print more information while running, for debugging purposes
|
Print more information while running, for debugging purposes
|
||||||
|
|
||||||
|
|
||||||
.SH HOOKS
|
.SH HOOKS
|
||||||
|
|
||||||
Hooks are special files that can be placed inside the tomb and trigger
|
Hooks are special files that can be placed inside the tomb and trigger
|
||||||
@ -161,6 +174,25 @@ pinentry(1) is adopted to collect passwords from the user.
|
|||||||
Tomb executes as super user only those commands requiring it, while it
|
Tomb executes as super user only those commands requiring it, while it
|
||||||
executes desktop applications as processes owned by the user.
|
executes desktop applications as processes owned by the user.
|
||||||
|
|
||||||
|
.SH SWAP
|
||||||
|
|
||||||
|
During "create" and "open" operation, swap will complain and \fIabort\fR if
|
||||||
|
your system has swap activated. This can be annoying, and you can disable this
|
||||||
|
behaviour using \fI--ignore-swap\fR. Before doing that, however, you may be
|
||||||
|
interested in knowing the risks of doing so:
|
||||||
|
.IP \(bu
|
||||||
|
During both creation and opening it could write your secret key on the disk
|
||||||
|
.IP \(bu
|
||||||
|
After having opened the tomb, an application you're using could swap file
|
||||||
|
contents. So you'll put file contents in clear on your disk
|
||||||
|
.P
|
||||||
|
|
||||||
|
If you don't need swap, execute \fI swapoff -a\fR. If you really need it, you
|
||||||
|
could encrypt it. Tomb doesn't detect if your swap is encrypted, and will
|
||||||
|
complain anyway. In that case, using --ignore-swap is safe. Otherwise, use
|
||||||
|
--ignore-swap at your own risk
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
.SH BUGS
|
.SH BUGS
|
||||||
Please report bugs on the tracker at http://bugs.dyne.org
|
Please report bugs on the tracker at http://bugs.dyne.org
|
||||||
|
Loading…
Reference in New Issue
Block a user