diff options
Diffstat (limited to '')
-rw-r--r-- | man/systemd.system-credentials.xml | 157 |
1 files changed, 151 insertions, 6 deletions
diff --git a/man/systemd.system-credentials.xml b/man/systemd.system-credentials.xml index f7f0df1..d9fbae2 100644 --- a/man/systemd.system-credentials.xml +++ b/man/systemd.system-credentials.xml @@ -1,6 +1,6 @@ <?xml version='1.0'?> <!--*-nxml-*--> <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" - "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"> + "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd"> <!-- SPDX-License-Identifier: LGPL-2.1-or-later --> <refentry id="systemd.system-credentials" xmlns:xi="http://www.w3.org/2001/XInclude"> @@ -138,6 +138,45 @@ </varlistentry> <varlistentry> + <term><varname>network.conf.*</varname></term> + <term><varname>network.link.*</varname></term> + <term><varname>network.netdev.*</varname></term> + <term><varname>network.network.*</varname></term> + <listitem> + <para>Configures network devices. Read by + <citerefentry><refentrytitle>systemd-network-generator.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>. + These credentials should contain valid + <citerefentry><refentrytitle>networkd.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>, + <citerefentry><refentrytitle>systemd.link</refentrytitle><manvolnum>5</manvolnum></citerefentry>, + <citerefentry><refentrytitle>systemd.netdev</refentrytitle><manvolnum>5</manvolnum></citerefentry>, + <citerefentry><refentrytitle>systemd.network</refentrytitle><manvolnum>5</manvolnum></citerefentry> + configuration data. From each matching credential a separate file is created. Example: the contents + of a credential <filename>network.link.50-foobar</filename> will be copied into a file + <filename>50-foobar.link</filename>.</para> + + <para>Note that the resulting files are created world-readable, it's hence recommended to not include + secrets in these credentials, but supply them via separate credentials directly to + <filename>systemd-networkd.service</filename>, e.g. <varname>network.wireguard.*</varname> + as described below.</para> + + <xi:include href="version-info.xml" xpointer="v256"/> + </listitem> + </varlistentry> + + <varlistentry> + <term><varname>network.wireguard.*</varname></term> + <listitem> + <para>Configures secrets for WireGuard netdevs. Read by + <citerefentry><refentrytitle>systemd-networkd.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>. + For more information, refer to the <option>[WireGuard]</option> section of + <citerefentry><refentrytitle>systemd.netdev</refentrytitle><manvolnum>5</manvolnum></citerefentry>. + </para> + + <xi:include href="version-info.xml" xpointer="v256"/> + </listitem> + </varlistentry> + + <varlistentry> <term><varname>passwd.hashed-password.root</varname></term> <term><varname>passwd.plaintext-password.root</varname></term> <listitem> @@ -180,6 +219,17 @@ </varlistentry> <varlistentry> + <term><varname>ssh.listen</varname></term> + <listitem> + <para>May be used to configure SSH sockets the system shall be reachable on. See + <citerefentry><refentrytitle>systemd-ssh-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry> + for details.</para> + + <xi:include href="version-info.xml" xpointer="v256"/> + </listitem> + </varlistentry> + + <varlistentry> <term><varname>sysusers.extra</varname></term> <listitem> <para>Additional @@ -248,6 +298,30 @@ </varlistentry> <varlistentry> + <term><varname>journal.forward_to_socket</varname></term> + <listitem> + <para>Used by + <citerefentry><refentrytitle>systemd-journald</refentrytitle><manvolnum>8</manvolnum></citerefentry> + to determine where to forward log messages for socket forwarding, see + <citerefentry><refentrytitle>journald.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry> for details.</para> + + <xi:include href="version-info.xml" xpointer="v256"/> + </listitem> + </varlistentry> + + <varlistentry> + <term><varname>journal.storage</varname></term> + <listitem> + <para>Used by + <citerefentry><refentrytitle>systemd-journald</refentrytitle><manvolnum>8</manvolnum></citerefentry> + to determine where to store journal files, see + <citerefentry><refentrytitle>journald.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry> for details.</para> + + <xi:include href="version-info.xml" xpointer="v256"/> + </listitem> + </varlistentry> + + <varlistentry> <term><varname>vmm.notify_socket</varname></term> <listitem> <para>Configures an @@ -270,16 +344,87 @@ <xi:include href="version-info.xml" xpointer="v254"/> </listitem> </varlistentry> + + <varlistentry> + <term><varname>system.hostname</varname></term> + <listitem> + <para>Accepts a (transient) hostname to configure during early boot. The static hostname specified + in <filename>/etc/hostname</filename>, if configured, takes precedence over this setting. + Interpreted by the service manager (PID 1). For details see + <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>.</para> + + <xi:include href="version-info.xml" xpointer="v254"/> + </listitem> + </varlistentry> + + <varlistentry> + <term><varname>home.create.*</varname></term> + <listitem> + <para>Creates a home area for the specified user with the user record data passed in. For details see + <citerefentry><refentrytitle>homectl</refentrytitle><manvolnum>1</manvolnum></citerefentry>.</para> + + <xi:include href="version-info.xml" xpointer="v256"/> + </listitem> + </varlistentry> + + <varlistentry> + <term><varname>cryptsetup.passphrase</varname></term> + <term><varname>cryptsetup.tpm2-pin</varname></term> + <term><varname>cryptsetup.fido2-pin</varname></term> + <term><varname>cryptsetup.pkcs11-pin</varname></term> + <term><varname>cryptsetup.luks2-pin</varname></term> + <listitem> + <para>Specifies the passphrase/PINs to use for unlock encrypted storage volumes. For details see + <citerefentry><refentrytitle>systemd-cryptsetup</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para> + + <xi:include href="version-info.xml" xpointer="v256"/> + </listitem> + </varlistentry> + + <varlistentry> + <term><varname>systemd.extra-unit.*</varname></term> + <term><varname>systemd.unit-dropin.*</varname></term> + + <listitem><para>These credentials specify extra units and drop-ins to add to the system. For details + see <citerefentry><refentrytitle>systemd-debug-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para> + + <xi:include href="version-info.xml" xpointer="v256"/></listitem> + </varlistentry> + + <varlistentry> + <term><varname>udev.conf.*</varname></term> + <term><varname>udev.rules.*</varname></term> + + <listitem> + <para>Configures udev configuration file and udev rules. Read by + <filename>systemd-udev-load-credentials.service</filename>, which invokes + <command>udevadm control --load-credentials</command>. These credentials directly translate to a + matching + <citerefentry><refentrytitle>udev.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry> or + <citerefentry><refentrytitle>udev</refentrytitle><manvolnum>7</manvolnum></citerefentry> rules + file. Example: the contents of a credential + <filename>udev.conf.50-foobar</filename> will be copied into a file + <filename>/run/udev/udev.conf.d/50-foobar.conf</filename>, and + <filename>udev.rules.50-foobar</filename> will be copied into a file + <filename>/run/udev/rules.d/50-foobar.rules</filename>. See + <citerefentry><refentrytitle>udev</refentrytitle><manvolnum>7</manvolnum></citerefentry>, + <citerefentry><refentrytitle>udev.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>, and + <citerefentry><refentrytitle>udevadm</refentrytitle><manvolnum>8</manvolnum></citerefentry> + for details.</para> + + <xi:include href="version-info.xml" xpointer="v256"/> + </listitem> + </varlistentry> </variablelist> </refsect1> <refsect1> <title>See Also</title> - <para> - <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, - <citerefentry><refentrytitle>kernel-command-line</refentrytitle><manvolnum>7</manvolnum></citerefentry>, - <citerefentry><refentrytitle>smbios-type-11</refentrytitle><manvolnum>7</manvolnum></citerefentry> - </para> + <para><simplelist type="inline"> + <member><citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry></member> + <member><citerefentry><refentrytitle>kernel-command-line</refentrytitle><manvolnum>7</manvolnum></citerefentry></member> + <member><citerefentry><refentrytitle>smbios-type-11</refentrytitle><manvolnum>7</manvolnum></citerefentry></member> + </simplelist></para> </refsect1> </refentry> |