man: change noindex="true" to index="false"

[thirdparty/systemd.git] / man / crypttab.xml

diff --git a/man/crypttab.xml b/man/crypttab.xml
index 153dc022f4c31898e9818289bfbd47554172b581..e4b1e43e4298f556af2f148bce7730d4f2d6a75a 100644 (file)
--- a/man/crypttab.xml
+++ b/man/crypttab.xml
@@ -1,39 +1,20 @@
 <?xml version="1.0"?>
 <!--*-nxml-*-->
-<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
 <!--
   SPDX-License-Identifier: LGPL-2.1+
 
-  This file is part of systemd.
-
-  Copyright 2012 Lennart Poettering
-
   This is based on crypttab(5) from Fedora's initscripts package, which in
   turn is based on Debian's version.
 
   The Red Hat version has been written by Miloslav Trmac <mitr@redhat.com>.
-
 -->
 <refentry id="crypttab" conditional='HAVE_LIBCRYPTSETUP'>
 
   <refentryinfo>
     <title>crypttab</title>
     <productname>systemd</productname>
-
-    <authorgroup>
-      <author>
-        <contrib>Documentation</contrib>
-        <firstname>Miloslav</firstname>
-        <surname>Trmac</surname>
-        <email>mitr@redhat.com</email>
-      </author>
-      <author>
-        <contrib>Documentation</contrib>
-        <firstname>Lennart</firstname>
-        <surname>Poettering</surname>
-        <email>lennart@poettering.net</email>
-      </author>
-    </authorgroup>
   </refentryinfo>
 
   <refmeta>
@@ -170,6 +151,17 @@
         sequential order.</para></listitem>
       </varlistentry>
 
+      <varlistentry>
+        <term><option>keyfile-timeout=</option></term>
+
+        <listitem><para> Specifies the timeout for the device on
+        which the key file resides and falls back to a password if
+        it could not be mounted. See
+        <citerefentry><refentrytitle>systemd-cryptsetup-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+        for key files on external devices.
+        </para></listitem>
+      </varlistentry>
+
       <varlistentry>
         <term><option>luks</option></term>
 
@@ -216,11 +208,11 @@
         <term><option>nofail</option></term>
 
         <listitem><para>This device will not be a hard dependency of
-        <filename>cryptsetup.target</filename>. It'll be still pulled in and started, but the system
+        <filename>cryptsetup.target</filename>. It'll still be pulled in and started, but the system
         will not wait for the device to show up and be unlocked, and boot will not fail if this is
         unsuccessful. Note that other units that depend on the unlocked device may still fail. In
-        particular, if the device is used for a mount point, the mount point itself is also needs to
-        have <option>noauto</option> option, or the boot will fail if the device is not unlocked
+        particular, if the device is used for a mount point, the mount point itself also needs to
+        have the <option>nofail</option> option, or the boot will fail if the device is not unlocked
         successfully.</para></listitem>
       </varlistentry>
 
@@ -244,6 +236,26 @@
         mode.</para></listitem>
       </varlistentry>
 
+      <varlistentry>
+        <term><option>same-cpu-crypt</option></term>
+
+        <listitem><para>Perform encryption using the same cpu that IO was submitted on. The default is to use
+        an unbound workqueue so that encryption work is automatically balanced between available CPUs.</para>
+        <para>This requires kernel 4.0 or newer.</para>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><option>submit-from-crypt-cpus</option></term>
+
+        <listitem><para>Disable offloading writes to a separate thread after encryption. There are some
+        situations where offloading write bios from the encryption threads to a single thread degrades
+        performance significantly. The default is to offload write bios to the same thread because it benefits
+        CFQ to have writes submitted using the same context.</para>
+        <para>This requires kernel 4.0 or newer.</para>
+        </listitem>
+      </varlistentry>
+
       <varlistentry>
         <term><option>skip=</option></term>
 
@@ -270,6 +282,15 @@
         option.</para></listitem>
       </varlistentry>
 
+      <varlistentry>
+        <term><option>sector-size=</option></term>
+
+        <listitem><para>Specifies the sector size in bytes. See
+        <citerefentry project='die-net'><refentrytitle>cryptsetup</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+        for possible values and the default value of this
+        option.</para></listitem>
+      </varlistentry>
+
       <varlistentry>
         <term><option>swap</option></term>
 
@@ -428,7 +449,8 @@
       <programlisting>luks       UUID=2505567a-9e27-4efe-a4d5-15ad146c258b
 swap       /dev/sda7       /dev/urandom       swap
 truecrypt  /dev/sda2       /etc/container_password  tcrypt
-hidden     /mnt/tc_hidden  /dev/null    tcrypt-hidden,tcrypt-keyfile=/etc/keyfile</programlisting>
+hidden     /mnt/tc_hidden  /dev/null    tcrypt-hidden,tcrypt-keyfile=/etc/keyfile
+external   /dev/sda3       keyfile:LABEL=keydev keyfile-timeout=10s</programlisting>
     </example>
   </refsect1>