chiark / gitweb /
namespace: include boot id in private tmp directories
[elogind.git] / man / systemd-cryptsetup-generator.xml
index c5f8d2a..3abb39d 100644 (file)
@@ -19,7 +19,7 @@
   You should have received a copy of the GNU Lesser General Public License
   along with systemd; If not, see <http://www.gnu.org/licenses/>.
 -->
   You should have received a copy of the GNU Lesser General Public License
   along with systemd; If not, see <http://www.gnu.org/licenses/>.
 -->
-<refentry id="systemd-cryptsetup-generator">
+<refentry id="systemd-cryptsetup-generator" conditional='HAVE_LIBCRYPTSETUP'>
 
         <refentryinfo>
                 <title>systemd-cryptsetup-generator</title>
 
         <refentryinfo>
                 <title>systemd-cryptsetup-generator</title>
@@ -80,7 +80,7 @@
                                 <listitem><para>Takes a boolean
                                 argument. Defaults to
                                 <literal>yes</literal>. If
                                 <listitem><para>Takes a boolean
                                 argument. Defaults to
                                 <literal>yes</literal>. If
-                                <literal>no</literal> disables the
+                                <literal>no</literal>, disables the
                                 generator
                                 entirely. <varname>rd.luks=</varname>
                                 is honored only by initial RAM disk
                                 generator
                                 entirely. <varname>rd.luks=</varname>
                                 is honored only by initial RAM disk
@@ -97,7 +97,7 @@
                                 <listitem><para>Takes a boolean
                                 argument. Defaults to
                                 <literal>yes</literal>. If
                                 <listitem><para>Takes a boolean
                                 argument. Defaults to
                                 <literal>yes</literal>. If
-                                <literal>no</literal> causes the
+                                <literal>no</literal>, causes the
                                 generator to ignore any devices
                                 configured in
                                 <filename>/etc/crypttab</filename>
                                 generator to ignore any devices
                                 configured in
                                 <filename>/etc/crypttab</filename>
                                 <term><varname>luks.uuid=</varname></term>
                                 <term><varname>rd.luks.uuid=</varname></term>
 
                                 <term><varname>luks.uuid=</varname></term>
                                 <term><varname>rd.luks.uuid=</varname></term>
 
-                                <listitem><para>Takes a LUKS super
-                                block UUID as argument. This will
+                                <listitem><para>Takes a LUKS superblock
+                                UUID as argument. This will
                                 activate the specified device as part
                                 of the boot process as if it was
                                 listed in
                                 activate the specified device as part
                                 of the boot process as if it was
                                 listed in
                                 (initrd) while
                                 <varname>luks.uuid=</varname> is
                                 honored by both the main system and
                                 (initrd) while
                                 <varname>luks.uuid=</varname> is
                                 honored by both the main system and
-                                the initrd.</para></listitem>
+                                the initrd.</para>
+                                <para>If /etc/crypttab contains entries with
+                                the same UUID, then the options for this entry
+                                will be used.</para>
+                                <para>If /etc/crypttab exists, only those UUID
+                                specified on the kernel command line
+                                will be activated in the initrd or the real root.</para>
+                                </listitem>
+                        </varlistentry>
+
+                        <varlistentry>
+                                <term><varname>luks.options=</varname></term>
+                                <term><varname>rd.luks.options=</varname></term>
+
+                                <listitem><para>Takes a LUKS super
+                                block UUID followed by an '=' and a string
+                                of options separated by commas as argument.
+                                This will override the options for the given
+                                UUID.</para>
+                                <para>If only a list of options, without an
+                                UUID, is specified, they apply to any UUIDs not
+                                specified elsewhere, and without an entry in
+                                /etc/crypttab.</para><para>
+                                <varname>rd.luks.options=</varname>
+                                is honored only by initial RAM disk
+                                (initrd) while
+                                <varname>luks.options=</varname> is
+                                honored by both the main system and
+                                the initrd.</para>
+                                </listitem>
+                        </varlistentry>
+
+                        <varlistentry>
+                                <term><varname>luks.key=</varname></term>
+                                <term><varname>rd.luks.key=</varname></term>
+
+                                <listitem><para>Takes a password file as argument.</para>
+                                <para>For those entries specified with
+                                <varname>rd.luks.uuid=</varname> or <varname>luks.uuid=</varname>,
+                                the password file will be set to the password file specified by
+                                <varname>rd.luks.key=</varname> or <varname>luks.key</varname></para>
+                                <para><varname>rd.luks.key=</varname>
+                                is honored only by initial RAM disk
+                                (initrd) while
+                                <varname>luks.key=</varname> is
+                                honored by both the main system and
+                                the initrd.</para>
+                                </listitem>
                         </varlistentry>
                 </variablelist>
         </refsect1>
                         </varlistentry>
                 </variablelist>
         </refsect1>