mount: fix roothash signature extension in manpage

author Luca Boccassi <bluca@debian.org>

Sat, 3 Jul 2021 11:15:53 +0000 (12:15 +0100)

committer Luca Boccassi <bluca@debian.org>

Sat, 3 Jul 2021 11:16:34 +0000 (12:16 +0100)
author Luca Boccassi <bluca@debian.org>
Sat, 3 Jul 2021 11:15:53 +0000 (12:15 +0100)
committer Luca Boccassi <bluca@debian.org>
Sat, 3 Jul 2021 11:16:34 +0000 (12:16 +0100)
diff --git a/sys-utils/mount.8.adoc b/sys-utils/mount.8.adoc

index a534586a71cbf844ac1e343413c28ea592176bdb..9630d564dc8c23c046cdb442d9d9a5869ea898d8 100644 (file)
--- a/sys-utils/mount.8.adoc
+++ b/sys-utils/mount.8.adoc
@@ -1414,9 +1414,9 @@ mksquashfs /etc /tmp/etc.squashfs
  dd if=/dev/zero of=/tmp/etc.hash bs=1M count=10
  veritysetup format /tmp/etc.squashfs /tmp/etc.hash
  openssl smime -sign -in <hash> -nocerts -inkey private.key \
--signer private.crt -noattr -binary -outform der -out /tmp/etc.p7
+-signer private.crt -noattr -binary -outform der -out /tmp/etc.roothash.p7s
  mount -o verity.hashdevice=/tmp/etc.hash,verity.roothash=<hash>,\
-verity.roothashsig=/tmp/etc.p7 /tmp/etc.squashfs /mnt
+verity.roothashsig=/tmp/etc.roothash.p7s /tmp/etc.squashfs /mnt
  ....
  
  create squashfs image from _/etc_ directory, verity hash device and mount verified filesystem image to _/mnt_. The kernel will verify that the root hash is signed by a key from the kernel keyring if roothashsig is used.
author	Luca Boccassi <bluca@debian.org>
	Sat, 3 Jul 2021 11:15:53 +0000 (12:15 +0100)
committer	Luca Boccassi <bluca@debian.org>
	Sat, 3 Jul 2021 11:16:34 +0000 (12:16 +0100)