Update main userdocs

apptainer · Mar 12, 2024 · 2e879cf · 2e879cf
1 parent b72d33d
commit 2e879cf
Show file tree

Hide file tree

Showing 5 changed files with 10 additions and 16 deletions.
diff --git a/public/docs/user/main/_sources/index.rst.txt b/public/docs/user/main/_sources/index.rst.txt
@@ -44,11 +44,9 @@ Container Signing & Encryption
 
 {Project} allows containers to be signed using a PGP key. The
 signature travels with the container image, allowing you to verify that
-the image is unmodified at any time. Encryption of containers using
-LUKS2 is also supported. Encrypted containers can be run without
+the image is unmodified at any time. Encryption of containers
+is also supported. Encrypted containers can be run without
 decrypting them to disk first.
-Using encrypted containers currently requires a setuid installation of
-{Project}.
 
 .. toctree::
    :maxdepth: 1

diff --git a/public/docs/user/main/_sources/security_options.rst.txt b/public/docs/user/main/_sources/security_options.rst.txt
@@ -107,9 +107,8 @@ this keyword.
 Building encrypted containers
 *****************************
 
-With {aProject} setuid installation it is possible to build and run
-encrypted containers.
-The containers are decrypted at runtime entirely in kernel space, meaning
+{Project} can build and run encrypted containers.
+The containers are decrypted at runtime entirely in memory, meaning
 that no intermediate decrypted data is ever present on disk. See
 :ref:`encrypted containers <encryption>` for more details.
 

diff --git a/public/docs/user/main/index.html b/public/docs/user/main/index.html
@@ -183,11 +183,9 @@ <h2>Building Containers<a class="headerlink" href="#building-containers" title="
 <h2>Container Signing &amp; Encryption<a class="headerlink" href="#container-signing-encryption" title="Permalink to this heading"></a></h2>
 <p>Apptainer allows containers to be signed using a PGP key. The
 signature travels with the container image, allowing you to verify that
-the image is unmodified at any time. Encryption of containers using
-LUKS2 is also supported. Encrypted containers can be run without
-decrypting them to disk first.
-Using encrypted containers currently requires a setuid installation of
-Apptainer.</p>
+the image is unmodified at any time. Encryption of containers
+is also supported. Encrypted containers can be run without
+decrypting them to disk first.</p>
 <div class="toctree-wrapper compound">
 <ul>
 <li class="toctree-l1"><a class="reference internal" href="signNverify.html">Sign and Verify</a></li>

diff --git a/public/docs/user/main/searchindex.js b/public/docs/user/main/searchindex.js
diff --git a/public/docs/user/main/security_options.html b/public/docs/user/main/security_options.html
@@ -222,9 +222,8 @@ <h2>Linux Capabilities<a class="headerlink" href="#linux-capabilities" title="Pe
 </div>
 <div class="section" id="building-encrypted-containers">
 <h2>Building encrypted containers<a class="headerlink" href="#building-encrypted-containers" title="Permalink to this heading"></a></h2>
-<p>With an Apptainer setuid installation it is possible to build and run
-encrypted containers.
-The containers are decrypted at runtime entirely in kernel space, meaning
+<p>Apptainer can build and run encrypted containers.
+The containers are decrypted at runtime entirely in memory, meaning
 that no intermediate decrypted data is ever present on disk. See
 <a class="reference internal" href="encryption.html#encryption"><span class="std std-ref">encrypted containers</span></a> for more details.</p>
 </div>