add signatures verification man entry

runcom · runcom · commit a54cf268b621 · 2017-02-15T12:23:32.000+01:00
Signed-off-by: Antonio Murdaca &lt;runcom@redhat.com&gt;
diff --git a/man/dockerd.8.md b/man/dockerd.8.md
@@ -63,6 +63,7 @@ dockerd - Enable daemon mode
 [**--seccomp-profile**[=*SECCOMP-PROFILE-PATH*]]
 [**--selinux-enabled**]
 [**--shutdown-timeout**[=*15*]]
+[**--signature-verification**]
 [**--storage-opt**[=*[]*]]
 [**--swarm-default-advertise-addr**[=*IP|INTERFACE*]]
 [**--tls**]
@@ -336,6 +337,10 @@ unix://[/path/to/socket] to use.
 **--shutdown-timeout**=*15*
   Set the shutdown timeout value in seconds. Default is `15`.
 
+**--signature-verification**=*true*|*false*
+  Enable image signature verification. Default is true. WARNING: this option doesn't work
+  with images being pulled from v1 docker registries. See SIGNATURE VERIFICATION.
+
 **--storage-opt**=[]
   Set storage driver options. See STORAGE DRIVER OPTIONS.
 
@@ -376,6 +381,15 @@ unix://[/path/to/socket] to use.
   daemon to lookup the user and group's subordinate ID ranges for use as the
   user namespace mappings for contained processes.
 
+# SIGNATURE VERIFICATION
+
+Docker supports GPG image signatures verification when **--signature-verification**
+flag is *true*.
+This functionality works only at pull time and for images being pulled from docker
+registries version 2.
+You can sign an image using skopeo(1) or atomic(1).
+See https://access.redhat.com/articles/2750891.
+
 # STORAGE DRIVER OPTIONS
 
 Docker uses storage backends (known as "graphdrivers" in the Docker
