Signed-off-by: Aurelien Aptel <aaptel@xxxxxxxx> --- mount.cifs.8 | 16 ++++++++++++++++ mount.cifs.c | 2 +- 2 files changed, 17 insertions(+), 1 deletion(-) diff --git a/mount.cifs.8 b/mount.cifs.8 index 9104fae..ab35448 100644 --- a/mount.cifs.8 +++ b/mount.cifs.8 @@ -440,6 +440,11 @@ The default in mainline kernel versions prior to v3.8 was sec=ntlm. In v3.8, the If the server requires signing during protocol negotiation, then it may be enabled automatically. Packet signing may also be enabled automatically if it's enabled in /proc/fs/cifs/SecurityFlags. .RE .PP +seal +.RS 4 +Request encryption at the SMB layer. Encryption is only supported in SMBv3 and above. The encryption algorithm used is AES-128-CCM. +.RE +.PP nobrl .RS 4 Do not send byte range lock requests to the server\&. This is necessary for certain applications that break with cifs style mandatory byte range locks (and most cifs servers do not yet support requesting advisory byte range locks)\&. @@ -593,6 +598,17 @@ SMB protocol version. Allowed values are: .\} 3.0 - The SMBv3.0 protocol that was introduced in Microsoft Windows 8 and Windows Server 2012. .RE +.sp +.RS 4 +.ie n \{\ +\h'-04'\(bu\h'+03'\c +.\} +.el \{\ +.sp -1 +.IP \(bu 2.3 +.\} +3.1.1 or 3.11 - The SMBv3.1.1 protocol that was introduced in Microsoft Windows Server 2016. +.RE .PP Note too that while this option governs the protocol version used, not all features of each version are available. .RE diff --git a/mount.cifs.c b/mount.cifs.c index 2612feb..8ca848d 100644 --- a/mount.cifs.c +++ b/mount.cifs.c @@ -269,7 +269,7 @@ static int mount_usage(FILE * stream) fprintf(stream, "\n\tmapchars,nomapchars,nolock,servernetbiosname=<SRV_RFC1001NAME>"); fprintf(stream, - "\n\tdirectio,nounix,cifsacl,sec=<authentication mechanism>,sign,fsc"); + "\n\tdirectio,nounix,cifsacl,sec=<authentication mechanism>,sign,seal,fsc"); fprintf(stream, "\n\nOptions not needed for servers supporting CIFS Unix extensions"); fprintf(stream, -- 2.12.0 -- To unsubscribe from this list: send the line "unsubscribe linux-cifs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html