Imported Upstream version 2.3.3

[platform/upstream/cryptsetup.git] / misc / dracut_90reencrypt / README

diff --git a/misc/dracut_90reencrypt/README b/misc/dracut_90reencrypt/README
index 43b1146..0672949 100644 (file)
--- a/misc/dracut_90reencrypt/README
+++ b/misc/dracut_90reencrypt/README
@@ -2,18 +2,20 @@ Example of simple dracut module for reencryption of system
 LUKS drive on-the-fly.
 
 Install in /usr/[share|lib]/dracut/modules.d/90reencrypt, then
-build special intramfs "with dracut -a reencrypt -o crypt".
+build special initramfs "with dracut -a reencrypt -o crypt".
 Reencrypt module doesn't work (has a conflict) with crypt module as
-of now. After successfull reencryption reboot using original initramfs.
+of now. After successful reencryption reboot using original initramfs.
 
 Dracut then recognize argument rd.luks.reencrypt=name:size,
 e.g. rd.luks.reencrypt=sda2:52G means only 52G of device
 will be reencrypted (default is whole device).
 (Name is kernel name of device.)
 
-Also, you may specify keyslot which you want to use for reencryption,
-rd.luks.reencrypt_keyslot=<keyslot_number>. Bear in mind that if you
-use this option, all other keyslots will be deactivated.
+If there's more than single active keyslot in the target luks device
+you're required to select one keyslot explicitly for reencryption via
+rd.luks.reencrypt_keyslot=<keyslot_number> option. Bear in mind that
+if you use this option, all other keyslots will get deactivated in the
+process.
 
 Another argument, rd.luks.reencrypt_key=/dev/sda:/path/to/keyfile
 can be used to read password for specific keyslot from device containing