summaryrefslogtreecommitdiffstats
path: root/man/systemd.system-credentials.xml
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--man/systemd.system-credentials.xml157
1 files changed, 151 insertions, 6 deletions
diff --git a/man/systemd.system-credentials.xml b/man/systemd.system-credentials.xml
index f7f0df1..d9fbae2 100644
--- a/man/systemd.system-credentials.xml
+++ b/man/systemd.system-credentials.xml
@@ -1,6 +1,6 @@
<?xml version='1.0'?> <!--*-nxml-*-->
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
- "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
+ "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd">
<!-- SPDX-License-Identifier: LGPL-2.1-or-later -->
<refentry id="systemd.system-credentials" xmlns:xi="http://www.w3.org/2001/XInclude">
@@ -138,6 +138,45 @@
</varlistentry>
<varlistentry>
+ <term><varname>network.conf.*</varname></term>
+ <term><varname>network.link.*</varname></term>
+ <term><varname>network.netdev.*</varname></term>
+ <term><varname>network.network.*</varname></term>
+ <listitem>
+ <para>Configures network devices. Read by
+ <citerefentry><refentrytitle>systemd-network-generator.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
+ These credentials should contain valid
+ <citerefentry><refentrytitle>networkd.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>systemd.link</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>systemd.netdev</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>systemd.network</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+ configuration data. From each matching credential a separate file is created. Example: the contents
+ of a credential <filename>network.link.50-foobar</filename> will be copied into a file
+ <filename>50-foobar.link</filename>.</para>
+
+ <para>Note that the resulting files are created world-readable, it's hence recommended to not include
+ secrets in these credentials, but supply them via separate credentials directly to
+ <filename>systemd-networkd.service</filename>, e.g. <varname>network.wireguard.*</varname>
+ as described below.</para>
+
+ <xi:include href="version-info.xml" xpointer="v256"/>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><varname>network.wireguard.*</varname></term>
+ <listitem>
+ <para>Configures secrets for WireGuard netdevs. Read by
+ <citerefentry><refentrytitle>systemd-networkd.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
+ For more information, refer to the <option>[WireGuard]</option> section of
+ <citerefentry><refentrytitle>systemd.netdev</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
+ </para>
+
+ <xi:include href="version-info.xml" xpointer="v256"/>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
<term><varname>passwd.hashed-password.root</varname></term>
<term><varname>passwd.plaintext-password.root</varname></term>
<listitem>
@@ -180,6 +219,17 @@
</varlistentry>
<varlistentry>
+ <term><varname>ssh.listen</varname></term>
+ <listitem>
+ <para>May be used to configure SSH sockets the system shall be reachable on. See
+ <citerefentry><refentrytitle>systemd-ssh-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+ for details.</para>
+
+ <xi:include href="version-info.xml" xpointer="v256"/>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
<term><varname>sysusers.extra</varname></term>
<listitem>
<para>Additional
@@ -248,6 +298,30 @@
</varlistentry>
<varlistentry>
+ <term><varname>journal.forward_to_socket</varname></term>
+ <listitem>
+ <para>Used by
+ <citerefentry><refentrytitle>systemd-journald</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+ to determine where to forward log messages for socket forwarding, see
+ <citerefentry><refentrytitle>journald.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry> for details.</para>
+
+ <xi:include href="version-info.xml" xpointer="v256"/>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><varname>journal.storage</varname></term>
+ <listitem>
+ <para>Used by
+ <citerefentry><refentrytitle>systemd-journald</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+ to determine where to store journal files, see
+ <citerefentry><refentrytitle>journald.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry> for details.</para>
+
+ <xi:include href="version-info.xml" xpointer="v256"/>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
<term><varname>vmm.notify_socket</varname></term>
<listitem>
<para>Configures an
@@ -270,16 +344,87 @@
<xi:include href="version-info.xml" xpointer="v254"/>
</listitem>
</varlistentry>
+
+ <varlistentry>
+ <term><varname>system.hostname</varname></term>
+ <listitem>
+ <para>Accepts a (transient) hostname to configure during early boot. The static hostname specified
+ in <filename>/etc/hostname</filename>, if configured, takes precedence over this setting.
+ Interpreted by the service manager (PID 1). For details see
+ <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>.</para>
+
+ <xi:include href="version-info.xml" xpointer="v254"/>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><varname>home.create.*</varname></term>
+ <listitem>
+ <para>Creates a home area for the specified user with the user record data passed in. For details see
+ <citerefentry><refentrytitle>homectl</refentrytitle><manvolnum>1</manvolnum></citerefentry>.</para>
+
+ <xi:include href="version-info.xml" xpointer="v256"/>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><varname>cryptsetup.passphrase</varname></term>
+ <term><varname>cryptsetup.tpm2-pin</varname></term>
+ <term><varname>cryptsetup.fido2-pin</varname></term>
+ <term><varname>cryptsetup.pkcs11-pin</varname></term>
+ <term><varname>cryptsetup.luks2-pin</varname></term>
+ <listitem>
+ <para>Specifies the passphrase/PINs to use for unlock encrypted storage volumes. For details see
+ <citerefentry><refentrytitle>systemd-cryptsetup</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
+
+ <xi:include href="version-info.xml" xpointer="v256"/>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><varname>systemd.extra-unit.*</varname></term>
+ <term><varname>systemd.unit-dropin.*</varname></term>
+
+ <listitem><para>These credentials specify extra units and drop-ins to add to the system. For details
+ see <citerefentry><refentrytitle>systemd-debug-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
+
+ <xi:include href="version-info.xml" xpointer="v256"/></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><varname>udev.conf.*</varname></term>
+ <term><varname>udev.rules.*</varname></term>
+
+ <listitem>
+ <para>Configures udev configuration file and udev rules. Read by
+ <filename>systemd-udev-load-credentials.service</filename>, which invokes
+ <command>udevadm control --load-credentials</command>. These credentials directly translate to a
+ matching
+ <citerefentry><refentrytitle>udev.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry> or
+ <citerefentry><refentrytitle>udev</refentrytitle><manvolnum>7</manvolnum></citerefentry> rules
+ file. Example: the contents of a credential
+ <filename>udev.conf.50-foobar</filename> will be copied into a file
+ <filename>/run/udev/udev.conf.d/50-foobar.conf</filename>, and
+ <filename>udev.rules.50-foobar</filename> will be copied into a file
+ <filename>/run/udev/rules.d/50-foobar.rules</filename>. See
+ <citerefentry><refentrytitle>udev</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>udev.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>, and
+ <citerefentry><refentrytitle>udevadm</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+ for details.</para>
+
+ <xi:include href="version-info.xml" xpointer="v256"/>
+ </listitem>
+ </varlistentry>
</variablelist>
</refsect1>
<refsect1>
<title>See Also</title>
- <para>
- <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
- <citerefentry><refentrytitle>kernel-command-line</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
- <citerefentry><refentrytitle>smbios-type-11</refentrytitle><manvolnum>7</manvolnum></citerefentry>
- </para>
+ <para><simplelist type="inline">
+ <member><citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry></member>
+ <member><citerefentry><refentrytitle>kernel-command-line</refentrytitle><manvolnum>7</manvolnum></citerefentry></member>
+ <member><citerefentry><refentrytitle>smbios-type-11</refentrytitle><manvolnum>7</manvolnum></citerefentry></member>
+ </simplelist></para>
</refsect1>
</refentry>