summaryrefslogtreecommitdiffstats
path: root/man/systemd-dissect.xml
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--man/systemd-dissect.xml263
1 files changed, 263 insertions, 0 deletions
diff --git a/man/systemd-dissect.xml b/man/systemd-dissect.xml
new file mode 100644
index 0000000..ed2153f
--- /dev/null
+++ b/man/systemd-dissect.xml
@@ -0,0 +1,263 @@
+<?xml version='1.0'?> <!--*-nxml-*-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
+<!-- SPDX-License-Identifier: LGPL-2.1-or-later -->
+
+<refentry id="systemd-dissect" conditional='HAVE_BLKID'
+ xmlns:xi="http://www.w3.org/2001/XInclude">
+
+ <refentryinfo>
+ <title>systemd-dissect</title>
+ <productname>systemd</productname>
+ </refentryinfo>
+
+ <refmeta>
+ <refentrytitle>systemd-dissect</refentrytitle>
+ <manvolnum>1</manvolnum>
+ </refmeta>
+
+ <refnamediv>
+ <refname>systemd-dissect</refname>
+ <refpurpose>Dissect file system OS images</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv>
+ <cmdsynopsis>
+ <command>systemd-dissect <arg choice="opt" rep="repeat">OPTIONS</arg> <arg choice="plain"><replaceable>IMAGE</replaceable></arg></command>
+ </cmdsynopsis>
+ <cmdsynopsis>
+ <command>systemd-dissect <arg choice="opt" rep="repeat">OPTIONS</arg> <option>--mount</option> <arg choice="plain"><replaceable>IMAGE</replaceable></arg> <arg choice="plain"><replaceable>PATH</replaceable></arg></command>
+ </cmdsynopsis>
+ <cmdsynopsis>
+ <command>systemd-dissect <arg choice="opt" rep="repeat">OPTIONS</arg> <option>--copy-from</option> <arg choice="plain"><replaceable>IMAGE</replaceable></arg> <arg choice="plain"><replaceable>PATH</replaceable></arg> <arg choice="opt"><replaceable>TARGET</replaceable></arg></command>
+ </cmdsynopsis>
+ <cmdsynopsis>
+ <command>systemd-dissect <arg choice="opt" rep="repeat">OPTIONS</arg> <option>--copy-to</option> <arg choice="plain"><replaceable>IMAGE</replaceable></arg> <arg choice="opt"><replaceable>SOURCE</replaceable></arg> <arg choice="plain"><replaceable>PATH</replaceable></arg></command>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1>
+ <title>Description</title>
+
+ <para><command>systemd-dissect</command> is a tool for introspecting and interacting with file system OS
+ disk images. It supports four different operations:</para>
+
+ <orderedlist>
+ <listitem><para>Show general OS image information, including the image's
+ <citerefentry><refentrytitle>os-release</refentrytitle><manvolnum>5</manvolnum></citerefentry> data,
+ machine ID, partition information and more.</para></listitem>
+
+ <listitem><para>Mount an OS image to a local directory. In this mode it will dissect the OS image and
+ mount the included partitions according to their designation onto a directory and possibly
+ sub-directories.</para></listitem>
+
+ <listitem><para>Copy files and directories in and out of an OS image.</para></listitem>
+ </orderedlist>
+
+ <para>The tool may operate on three types of OS images:</para>
+
+ <orderedlist>
+ <listitem><para>OS disk images containing a GPT partition table envelope, with partitions marked
+ according to the <ulink url="https://systemd.io/DISCOVERABLE_PARTITIONS">Discoverable Partitions
+ Specification</ulink>.</para></listitem>
+
+ <listitem><para>OS disk images containing just a plain file-system without an enveloping partition
+ table. (This file system is assumed to be the root file system of the OS.)</para></listitem>
+
+ <listitem><para>OS disk images containing a GPT or MBR partition table, with a single
+ partition only. (This partition is assumed to contain the root file system of the OS.)</para></listitem>
+ </orderedlist>
+
+ <para>OS images may use any kind of Linux-supported file systems. In addition they may make use of LUKS
+ disk encryption, and contain Verity integrity information. Note that qualifying OS images may be booted
+ with <citerefentry><refentrytitle>systemd-nspawn</refentrytitle><manvolnum>1</manvolnum></citerefentry>'s
+ <option>--image=</option> switch, and be used as root file system for system service using the
+ <varname>RootImage=</varname> unit file setting, see
+ <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para>
+
+ <para>Note that the partition table shown when invoked without command switch (as listed below) does not
+ necessarily show all partitions included in the image, but just the partitions that are understood and
+ considered part of an OS disk image. Specifically, partitions of unknown types are ignored, as well as
+ duplicate partitions (i.e. more than one per partition type), as are root and <filename>/usr/</filename>
+ partitions of architectures not compatible with the local system. In other words: this tool will display
+ what it operates with when mounting the image. To display the complete list of partitions use a tool such
+ as <citerefentry
+ project='man-pages'><refentrytitle>fdisk</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
+ </refsect1>
+
+ <refsect1>
+ <title>Commands</title>
+
+ <para>If neither of the command switches listed below are passed the specified disk image is opened and
+ general information about the image and the contained partitions and their use is shown.</para>
+
+ <variablelist>
+ <varlistentry>
+ <term><option>--mount</option></term>
+ <term><option>-m</option></term>
+
+ <listitem><para>Mount the specified OS image to the specified directory. This will dissect the image,
+ determine the OS root file system — as well as possibly other partitions — and mount them to the
+ specified directory. If the OS image contains multiple partitions marked with the <ulink
+ url="https://systemd.io/DISCOVERABLE_PARTITIONS">Discoverable Partitions Specification</ulink>
+ multiple nested mounts are established. This command expects two arguments: a path to an image file
+ and a path to a directory where to mount the image.</para>
+
+ <para>To unmount an OS image mounted like this use <citerefentry
+ project='man-pages'><refentrytitle>umount</refentrytitle><manvolnum>8</manvolnum></citerefentry>'s
+ <option>-R</option> switch (for recursive operation), so that the OS image and all nested partition
+ mounts are unmounted.</para>
+
+ <para>When the OS image contains LUKS encrypted or Verity integrity protected file systems
+ appropriate volumes are automatically set up and marked for automatic disassembly when the image is
+ unmounted.</para>
+
+ <para>The OS image may either be specified as path to an OS image stored in a regular file or may
+ refer to block device node (in the latter case the block device must be the "whole" device, i.e. not
+ a partition device). (The other supported commands described here support this, too.)</para>
+
+ <para>All mounted file systems are checked with the appropriate <citerefentry
+ project='man-pages'><refentrytitle>fsck</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+ implementation in automatic fixing mode, unless explicitly turned off (<option>--fsck=no</option>) or
+ read-only operation is requested (<option>--read-only</option>).</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><option>-M</option></term>
+
+ <listitem><para>This is a shortcut for <option>--mount --mkdir</option>.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><option>--copy-from</option></term>
+ <term><option>-x</option></term>
+
+ <listitem><para>Copies a file or directory from the specified OS image into the specified location on
+ the host file system. Expects three arguments: a path to an image file, a source path (relative to
+ the image's root directory) and a destination path (relative to the current working directory, or an
+ absolute path, both outside of the image). If the destination path is omitted or specified as dash
+ (<literal>-</literal>), the specified file is written to standard output. If the source path in the
+ image file system refers to a regular file it is copied to the destination path. In this case access
+ mode, extended attributes and timestamps are copied as well, but file ownership is not. If the source
+ path in the image refers to a directory, it is copied to the destination path, recursively with all
+ containing files and directories. In this case the file ownership is copied too.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><option>--copy-to</option></term>
+ <term><option>-a</option></term>
+
+ <listitem><para>Copies a file or directory from the specified location in the host file system into
+ the specified OS image. Expects three arguments: a path to an image file, a source path (relative to
+ the current working directory, or an absolute path, both outside of the image) and a destination path
+ (relative to the image's root directory). If the source path is omitted or specified as dash
+ (<literal>-</literal>), the data to write is read from standard input. If the source path in the host
+ file system refers to a regular file, it is copied to the destination path. In this case access mode,
+ extended attributes and timestamps are copied as well, but file ownership is not. If the source path
+ in the host file system refers to a directory it is copied to the destination path, recursively with
+ all containing files and directories. In this case the file ownership is copied
+ too.</para>
+
+ <para>As with <option>--mount</option> file system checks are implicitly run before the copy
+ operation begins.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><option>--json=</option><replaceable>MODE</replaceable></term>
+
+ <listitem><para>Shows output formatted as JSON. Expects one of <literal>short</literal> (for the
+ shortest possible output without any redundant whitespace or line breaks), <literal>pretty</literal>
+ (for a pretty version of the same, with indentation and line breaks) or <literal>off</literal> (to turn
+ off json output).</para></listitem>
+ </varlistentry>
+
+ <xi:include href="standard-options.xml" xpointer="help" />
+ <xi:include href="standard-options.xml" xpointer="version" />
+ </variablelist>
+
+ </refsect1>
+
+ <refsect1>
+ <title>Options</title>
+
+ <para>The following options are understood:</para>
+
+ <variablelist>
+ <varlistentry>
+ <term><option>--read-only</option></term>
+ <term><option>-r</option></term>
+
+ <listitem><para>Operate in read-only mode. By default <option>--mount</option> will establish
+ writable mount points. If this option is specified they are established in read-only mode
+ instead.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><option>--fsck=no</option></term>
+
+ <listitem><para>Turn off automatic file system checking. By default when an image is accessed for
+ writing (by <option>--mount</option> or <option>--add</option>) the file systems contained in the OS
+ image are automatically checked using the appropriate <citerefentry
+ project='man-pages'><refentrytitle>fsck</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+ command, in automatic fixing mode. This behavior may be switched off using
+ <option>--fsck=no</option>.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><option>--mkdir</option></term>
+
+ <listitem><para>If combined with <option>--mount</option> the directory to mount the OS image to is
+ created if it is missing. Note that the directory is not automatically removed when the disk image is
+ unmounted again.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><option>--discard=</option></term>
+
+ <listitem><para>Takes one of <literal>disabled</literal>, <literal>loop</literal>,
+ <literal>all</literal>, <literal>crypto</literal>. If <literal>disabled</literal> the image is
+ accessed with empty block discarding turned off. if <literal>loop</literal> discarding is enabled if
+ operating on a regular file. If <literal>crypt</literal> discarding is enabled even on encrypted file
+ systems. If <literal>all</literal> discarding is unconditionally enabled.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><option>--root-hash=</option></term>
+ <term><option>--root-hash-sig=</option></term>
+ <term><option>--verity-data=</option></term>
+
+ <listitem><para>Configure various aspects of Verity data integrity for the OS
+ image. <option>--root-hash=</option> expects a hex-encoding top-level Verity hash to use for setting
+ up the Verity integrity protection. <option>--root-hash-sig=</option> expects the path to a file
+ containing a PKCS#7 signature file for the hash. This signature is passed to the kernel during
+ activation, which will match it against signature keys available in the kernel
+ keyring. <option>--verity-data=</option> expects the path to a file with the Verity data to use for
+ the OS image, in case it is stored in a detached file. It is recommended to embed the Verity data
+ directly in the image, using the Verity mechanisms in the <ulink
+ url="https://systemd.io/DISCOVERABLE_PARTITIONS">Discoverable Partitions Specification</ulink>.</para></listitem>
+ </varlistentry>
+
+ </variablelist>
+
+ </refsect1>
+
+ <refsect1>
+ <title>Exit status</title>
+
+ <para>On success, 0 is returned, a non-zero failure code
+ otherwise.</para>
+ </refsect1>
+
+ <refsect1>
+ <title>See Also</title>
+ <para>
+ <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>systemd-nspawn</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+ <ulink url="https://systemd.io/DISCOVERABLE_PARTITIONS">Discoverable Partitions Specification</ulink>,
+ <citerefentry project='man-pages'><refentrytitle>umount</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+ <citerefentry project='man-pages'><refentrytitle>fdisk</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+ </para>
+ </refsect1>
+
+</refentry>
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-17 01:02:14 +0000