diff --git a/docs/formatsecret.html.in b/docs/formatsecret.html.in
index 50c9533648..3e306b5566 100644
--- a/docs/formatsecret.html.in
+++ b/docs/formatsecret.html.in
@@ -64,8 +64,9 @@
a single name element that specifies a usage name
for the secret. The Ceph secret can then be used by UUID or by
this usage name via the <auth> element of
- a disk
- device. Since 0.9.7.
+ a disk device or
+ a storage pool (rbd).
+ Since 0.9.7.
Usage type "iscsi"
@@ -76,8 +77,9 @@
a single target element that specifies a usage name
for the secret. The iSCSI secret can then be used by UUID or by
this usage name via the <auth> element of
- a disk
- device. Since 1.0.4.
+ a disk device or
+ a storage pool (iscsi).
+ Since 1.0.4.
...
- <source>
<source>
<adapter type='fc_host' parent='scsi_host5' wwnn='20000000c9831b4b' wwpn='10000000c9831b4b'/>
</source>
@@ -123,6 +125,27 @@
which is the hostname or IP address of the server. May optionally
contain a port attribute for the protocol specific
port number. Since 0.4.1
+
auth
+
If present, the auth element provides the
+ authentication credentials needed to access the source by the
+ setting of the type attribute. The type
+ must be either "chap" or "ceph". Additionally a mandatory attribute
+ username identifies the username to use during
+ authentication as well as a sub-element secret with
+ a mandatory attribute type, to tie back to a
+ libvirt secret object that
+ holds the actual password or other credentials. The domain XML
+ intentionally does not expose the password, only the reference
+ to the object that manages the password. The secret element
+ type must be either "ceph" or "iscsi". Use "ceph" for
+ Ceph RBD (Rados Block Device) network sources and use "iscsi" for CHAP
+ (Challenge-Handshake Authentication Protocol) iSCSI targets.
+ The secret element requires either a uuid
+ attribute with the UUID of the secret object or a usage
+ attribute matching the key that was specified in the
+ secret object. Since 0.9.7 for "ceph" and
+ 1.1.1 for "chap"
+