-.TH IMAGEX "1" "March 2013" "@IMAGEX_PROGNAME@ @VERSION@" "User Commands"
+.TH IMAGEX "1" "April 2013" "@IMAGEX_PROGNAME@ @VERSION@" "User Commands"
.SH NAME
@IMAGEX_PROGNAME@-apply \- Extract one image, or all images, from a WIM archive
applied. See \fBSPLIT_WIMS\fR.
.TP
\fB--unix-data\fR
-This option may only be given in the normal extraction mode (not NTFS).
-By default, in the normal extraction mode, \fB@IMAGEX_PROGNAME@ apply\fR will ignore both
-Windows-style security descriptors and UNIX-specific file owners, groups, and
-modes set when using \fB@IMAGEX_PROGNAME@ capture\fR with the \fB--unix-data\fR flag. By
-passing \fB--unix-data\fR to \fB@IMAGEX_PROGNAME@ apply\fR instead, this causes this
-UNIX-specific data to be restored when available.
+This option may only be given in the normal extraction mode (not NTFS). By
+default, in the normal extraction mode on UNIX, \fB@IMAGEX_PROGNAME@ apply\fR
+will ignore both Windows-style security descriptors and UNIX-specific file
+owners, groups, and modes set when using \fB@IMAGEX_PROGNAME@ capture\fR with
+the \fB--unix-data\fR flag. By passing \fB--unix-data\fR to
+\fB@IMAGEX_PROGNAME@ apply\fR instead, this causes this UNIX-specific data to be
+restored when available.
+.TP
+\fB--no-acls\fR
+In the NTFS apply mode, do not apply security descriptors. This flag is also
+available in the native Win32 build of wimlib and may be useful when running
+\fB@IMAGEX_PROGNAME@\fR as a non-administrator.
+.TP
+\fB--strict-acls\fR
+Fail immediately if the full security descriptor of any file or directory cannot
+be set exactly as specified in the WIM file. The default behavior without this
+option is to fall back to setting a security descriptor with the SACL omitted,
+then only the default inherited security descriptor, if we do not have
+permission to set the desired one.
.SH NOTES
git://wimlib.net / wimlib / blobdiff