X-Git-Url: https://git.notmuchmail.org/git?p=notmuch;a=blobdiff_plain;f=doc%2Fman1%2Fnotmuch-reindex.rst;h=cd7c91a008ace0009b06b44ad4d67161d7a27bf1;hp=782b0d7be3dbb33b88fc01d7e78d48e35be4b6a9;hb=fd3c93650d976f630ba0a60341a1a695422e4969;hpb=d3964e81ac98825a025a6120c488ebd73de2a281 diff --git a/doc/man1/notmuch-reindex.rst b/doc/man1/notmuch-reindex.rst index 782b0d7b..cd7c91a0 100644 --- a/doc/man1/notmuch-reindex.rst +++ b/doc/man1/notmuch-reindex.rst @@ -21,22 +21,71 @@ messages using the supplied options. Supported options for **reindex** include - ``--decrypt=(true|false)`` +``--decrypt=(true|nostash|auto|false)`` + If ``true``, when encountering an encrypted message, try to + decrypt it while reindexing, stashing any session keys discovered. + If ``auto``, and notmuch already knows about a session key for the + message, it will try decrypting using that session key but will + not try to access the user's secret keys. If decryption is + successful, index the cleartext itself. - If true, when encountering an encrypted message, try to - decrypt it while reindexing. If decryption is successful, - index the cleartext itself. Be aware that the index is likely - sufficient to reconstruct the cleartext of the message itself, - so please ensure that the notmuch message index is adequately - protected. DO NOT USE ``--decrypt=true`` without - considering the security of your index. + ``nostash`` is the same as ``true`` except that it will not stash + newly-discovered session keys in the database. - See also ``index.decrypt`` in **notmuch-config(1)**. + If ``false``, notmuch reindex will also delete any stashed session + keys for all messages matching the search terms. + + Be aware that the index is likely sufficient (and a stashed + session key is certainly sufficient) to reconstruct the cleartext + of the message itself, so please ensure that the notmuch message + index is adequately protected. DO NOT USE ``--decrypt=true`` or + ``--decrypt=nostash`` without considering the security of your + index. + + See also ``index.decrypt`` in **notmuch-config(1)**. + +EXAMPLES +======== + +A user just received an encrypted message without indexing its +cleartext. After reading it (via ``notmuch show --decrypt=true``), +they decide that they want to index its cleartext so that they can +easily find it later and read it without having to have access to +their secret keys: + +:: + + notmuch reindex --decrypt=true id:1234567@example.com + +A user wants to change their policy going forward to start indexing +cleartext. But they also want indexed access to the cleartext of all +previously-received encrypted messages. Some messages might have +already been indexed in the clear (as in the example above). They can +ask notmuch to just reindex the not-yet-indexed messages: + +:: + + notmuch config set index.decrypt true + notmuch reindex tag:encrypted and not property:index.decryption=success + +Later, the user changes their mind, and wants to stop indexing +cleartext (perhaps their threat model has changed, or their trust in +their index store has been shaken). They also want to clear all of +their old cleartext from the index. Note that they compact the +database afterward as a workaround for +https://trac.xapian.org/ticket/742: + +:: + + notmuch config set index.decrypt false + notmuch reindex property:index.decryption=success + notmuch compact SEE ALSO ======== **notmuch(1)**, +**notmuch-compact(1)**, **notmuch-config(1)**, **notmuch-count(1)**, **notmuch-dump(1)**,