man: add networkctl(1)

[elogind.git] / man / systemd-cryptsetup-generator.xml

<?xml version="1.0"?>
<!--*-nxml-*-->
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
<!--
  This file is part of systemd.

  Copyright 2012 Lennart Poettering

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or
  (at your option) any later version.

  systemd is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  Lesser General Public License for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
-->
<refentry id="systemd-cryptsetup-generator" conditional='HAVE_LIBCRYPTSETUP'>

        <refentryinfo>
                <title>systemd-cryptsetup-generator</title>
                <productname>systemd</productname>

                <authorgroup>
                        <author>
                                <contrib>Developer</contrib>
                                <firstname>Lennart</firstname>
                                <surname>Poettering</surname>
                                <email>lennart@poettering.net</email>
                        </author>
                </authorgroup>
        </refentryinfo>

        <refmeta>
                <refentrytitle>systemd-cryptsetup-generator</refentrytitle>
                <manvolnum>8</manvolnum>
        </refmeta>

        <refnamediv>
                <refname>systemd-cryptsetup-generator</refname>
                <refpurpose>Unit generator for <filename>/etc/crypttab</filename></refpurpose>
        </refnamediv>

        <refsynopsisdiv>
                <para><filename>/usr/lib/systemd/system-generators/systemd-cryptsetup-generator</filename></para>
        </refsynopsisdiv>

        <refsect1>
                <title>Description</title>

                <para><filename>systemd-cryptsetup-generator</filename>
                is a generator that translates
                <filename>/etc/crypttab</filename> into native systemd
                units early at boot and when configuration of the
                system manager is reloaded. This will create
                <citerefentry><refentrytitle>systemd-cryptsetup@.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
                units as necessary.</para>

                <para><filename>systemd-cryptsetup-generator</filename>
                implements the <ulink
                url="http://www.freedesktop.org/wiki/Software/systemd/Generators">generator
                specification</ulink>.</para>
        </refsect1>

        <refsect1>
                <title>Kernel Command Line</title>

                <para><filename>systemd-cryptsetup-generator</filename> understands
                the following kernel command line parameters:</para>

                <variablelist class='kernel-commandline-options'>
                        <varlistentry>
                                <term><varname>luks=</varname></term>
                                <term><varname>rd.luks=</varname></term>

                                <listitem><para>Takes a boolean
                                argument. Defaults to
                                <literal>yes</literal>. If
                                <literal>no</literal>, disables the
                                generator
                                entirely. <varname>rd.luks=</varname>
                                is honored only by initial RAM disk
                                (initrd) while
                                <varname>luks=</varname> is honored
                                by both the main system and the
                                initrd.  </para></listitem>
                        </varlistentry>

                        <varlistentry>
                                <term><varname>luks.crypttab=</varname></term>
                                <term><varname>rd.luks.crypttab=</varname></term>

                                <listitem><para>Takes a boolean
                                argument. Defaults to
                                <literal>yes</literal>. If
                                <literal>no</literal>, causes the
                                generator to ignore any devices
                                configured in
                                <filename>/etc/crypttab</filename>
                                (<varname>luks.uuid=</varname> will
                                still work
                                however). <varname>rd.luks.crypttab=</varname>
                                is honored only by initial RAM disk
                                (initrd) while
                                <varname>luks.crypttab=</varname> is
                                honored by both the main system and
                                the initrd.  </para></listitem>
                        </varlistentry>

                        <varlistentry>
                                <term><varname>luks.uuid=</varname></term>
                                <term><varname>rd.luks.uuid=</varname></term>

                                <listitem><para>Takes a LUKS superblock
                                UUID as argument. This will
                                activate the specified device as part
                                of the boot process as if it was
                                listed in
                                <filename>/etc/crypttab</filename>. This
                                option may be specified more than once
                                in order to set up multiple
                                devices. <varname>rd.luks.uuid=</varname>
                                is honored only by initial RAM disk
                                (initrd) while
                                <varname>luks.uuid=</varname> is
                                honored by both the main system and
                                the initrd.</para>
                                <para>If /etc/crypttab contains entries with
                                the same UUID, then the name, keyfile and options
                                specified there will be used. Otherwise the device
                                will have the name <literal>luks-UUID</literal>.</para>
                                <para>If /etc/crypttab exists, only those UUIDs
                                specified on the kernel command line
                                will be activated in the initrd or the real root.</para>
                                </listitem>
                        </varlistentry>

                        <varlistentry>
                                <term><varname>luks.name=</varname></term>
                                <term><varname>rd.luks.name=</varname></term>

                                <listitem><para>Takes a LUKS super
                                block UUID followed by an '=' and a name. This implies
                                <varname>rd.luks.uuid=</varname> or <varname>luks.uuid=</varname>
                                and will additionally make the LUKS device given by
                                the UUID appear under the provided name.</para>

                                <para><varname>rd.luks.name=</varname>
                                is honored only by initial RAM disk
                                (initrd) while
                                <varname>luks.name=</varname> is
                                honored by both the main system and
                                the initrd.</para>
                                </listitem>
                        </varlistentry>

                        <varlistentry>
                                <term><varname>luks.options=</varname></term>
                                <term><varname>rd.luks.options=</varname></term>

                                <listitem><para>Takes a LUKS super
                                block UUID followed by an '=' and a string
                                of options separated by commas as argument.
                                This will override the options for the given
                                UUID.</para>
                                <para>If only a list of options, without an
                                UUID, is specified, they apply to any UUIDs not
                                specified elsewhere, and without an entry in
                                /etc/crypttab.</para><para>
                                <varname>rd.luks.options=</varname>
                                is honored only by initial RAM disk
                                (initrd) while
                                <varname>luks.options=</varname> is
                                honored by both the main system and
                                the initrd.</para>
                                </listitem>
                        </varlistentry>

                        <varlistentry>
                                <term><varname>luks.key=</varname></term>
                                <term><varname>rd.luks.key=</varname></term>

                                <listitem><para>Takes a password file name as argument or
                                a LUKS super block UUID followed by a '=' and a password
                                file name.</para>

                                <para>For those entries specified with
                                <varname>rd.luks.uuid=</varname> or <varname>luks.uuid=</varname>,
                                the password file will be set to the one specified by
                                <varname>rd.luks.key=</varname> or <varname>luks.key=</varname>
                                of the corresponding UUID, or the password file that was specified
                                without a UUID.</para>
                                <para><varname>rd.luks.key=</varname>
                                is honored only by initial RAM disk
                                (initrd) while
                                <varname>luks.key=</varname> is
                                honored by both the main system and
                                the initrd.</para>
                                </listitem>
                        </varlistentry>
                </variablelist>
        </refsect1>

        <refsect1>
                <title>See Also</title>
                <para>
                        <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
                        <citerefentry><refentrytitle>crypttab</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
                        <citerefentry><refentrytitle>systemd-cryptsetup@.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
                        <citerefentry><refentrytitle>cryptsetup</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
                        <citerefentry><refentrytitle>systemd-fstab-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>
                </para>
        </refsect1>

</refentry>