From: Sebastien Buisson Date: Fri, 18 Dec 2020 08:16:24 +0000 (+0100) Subject: LUDOC-477 sec: fix kernel version for client encryption X-Git-Url: https://git.whamcloud.com/?a=commitdiff_plain;h=51def5972dada6a4a7d5b9ecdbacb5247a7c868f;p=doc%2Fmanual.git LUDOC-477 sec: fix kernel version for client encryption For distros explicitly listed in the doc, we use the embedded fscrypt lib that we have copied and included in the Lustre source tree, because these distros have not backported fscrypt v2. Fixes: 1791cdb ("LUDOC-477 sec: doc for client-side encryption") Signed-off-by: Sebastien Buisson Change-Id: I325438d29b765120aa58187730c33e08f8a8e340 Reviewed-on: https://review.whamcloud.com/41046 Tested-by: jenkins Reviewed-by: Andreas Dilger --- diff --git a/ManagingSecurity.xml b/ManagingSecurity.xml index ae4ce51..99e8401 100644 --- a/ManagingSecurity.xml +++ b/ManagingSecurity.xml @@ -548,9 +548,11 @@ mgs# lctl set_param -P nodemap.restricted.sepol=1:mls:31:40afb76d077c441b69af58c Lustre sources, under the Documentation/client_side_encryption directory. - The client-side encryption feature is available on Lustre - clients running a Linux distribution with at least kernel 5.4, or have - backported the fscrypt v2 support, including: + The client-side encryption feature is available natively on + Lustre clients running a Linux distribution with at least kernel 5.4. It + is also available thanks to an additional kernel library provided by + Lustre, on clients that run a Linux distribution with basic support for + encryption, including: CentOS/RHEL 8.1 and later; Ubuntu 18.04 and later;