]>
Commit | Line | Data |
---|---|---|
2f3dfc6f LP |
1 | <?xml version="1.0"?> |
2 | <!--*-nxml-*--> | |
3a54a157 | 3 | <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" |
eea10b26 | 4 | "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd"> |
db9ecf05 | 5 | <!-- SPDX-License-Identifier: LGPL-2.1-or-later --> |
c101b656 | 6 | <refentry id="systemd-veritysetup_.service" conditional='HAVE_LIBCRYPTSETUP' |
4623eecb | 7 | xmlns:xi="http://www.w3.org/2001/XInclude"> |
2f3dfc6f LP |
8 | |
9 | <refentryinfo> | |
10 | <title>systemd-veritysetup@.service</title> | |
11 | <productname>systemd</productname> | |
2f3dfc6f LP |
12 | </refentryinfo> |
13 | ||
14 | <refmeta> | |
15 | <refentrytitle>systemd-veritysetup@.service</refentrytitle> | |
16 | <manvolnum>8</manvolnum> | |
17 | </refmeta> | |
18 | ||
19 | <refnamediv> | |
20 | <refname>systemd-veritysetup@.service</refname> | |
21 | <refname>systemd-veritysetup</refname> | |
9a2a6ec4 | 22 | <refpurpose>Disk verity protection logic</refpurpose> |
2f3dfc6f LP |
23 | </refnamediv> |
24 | ||
25 | <refsynopsisdiv> | |
26 | <para><filename>systemd-veritysetup@.service</filename></para> | |
27 | <para><filename>/usr/lib/systemd/systemd-veritysetup</filename></para> | |
28 | </refsynopsisdiv> | |
29 | ||
30 | <refsect1> | |
31 | <title>Description</title> | |
32 | ||
9a2a6ec4 TA |
33 | <para><filename>systemd-veritysetup@.service</filename> is a service responsible for setting up verity |
34 | protection block devices. It should be instantiated for each device that requires verity | |
2f3dfc6f LP |
35 | protection.</para> |
36 | ||
37 | <para>At early boot and when the system manager configuration is reloaded kernel command line configuration for | |
9a2a6ec4 | 38 | verity protected block devices is translated into <filename>systemd-veritysetup@.service</filename> units by |
2f3dfc6f | 39 | <citerefentry><refentrytitle>systemd-veritysetup-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para> |
d53285d5 ZJS |
40 | |
41 | <para><filename>systemd-veritysetup@.service</filename> calls <command>systemd-veritysetup</command>.</para> | |
42 | </refsect1> | |
43 | ||
44 | <refsect1> | |
45 | <title>Commands</title> | |
46 | ||
47 | <para>The following commands are understood by <command>systemd-veritysetup</command>:</para> | |
48 | ||
49 | <variablelist> | |
50 | <varlistentry> | |
51 | <term> | |
52 | <option>attach</option> | |
53 | <replaceable>volume</replaceable> | |
54 | <replaceable>datadevice</replaceable> | |
55 | <replaceable>hashdevice</replaceable> | |
56 | <replaceable>roothash</replaceable> | |
57 | [<replaceable>option</replaceable>...] | |
58 | </term> | |
59 | ||
60 | <listitem><para>Create a block device <replaceable>volume</replaceable> using | |
61 | <replaceable>datadevice</replaceable> and <replaceable>hashdevice</replaceable> as the backing | |
62 | devices. <replaceable>roothash</replaceable> forms the root of the tree of hashes stored on | |
63 | <replaceable>hashdevice</replaceable>. See | |
0e685823 | 64 | <ulink url="https://docs.kernel.org/admin-guide/device-mapper/verity.html"> |
d53285d5 | 65 | Kernel dm-verity</ulink> documentation for details. |
ec07c3c8 AK |
66 | </para> |
67 | ||
68 | <xi:include href="version-info.xml" xpointer="v250"/></listitem> | |
d53285d5 ZJS |
69 | </varlistentry> |
70 | ||
71 | <varlistentry> | |
72 | <term> | |
73 | <option>detach</option> | |
74 | <replaceable>volume</replaceable> | |
75 | </term> | |
76 | ||
77 | <listitem><para>Detach (destroy) the block device | |
ec07c3c8 AK |
78 | <replaceable>volume</replaceable>.</para> |
79 | ||
80 | <xi:include href="version-info.xml" xpointer="v250"/></listitem> | |
d53285d5 ZJS |
81 | </varlistentry> |
82 | ||
83 | <varlistentry> | |
84 | <term> | |
85 | <option>help</option> | |
86 | </term> | |
87 | ||
ec07c3c8 AK |
88 | <listitem><para>Print short information about command syntax.</para> |
89 | ||
90 | <xi:include href="version-info.xml" xpointer="v250"/></listitem> | |
d53285d5 ZJS |
91 | </varlistentry> |
92 | </variablelist> | |
2f3dfc6f LP |
93 | </refsect1> |
94 | ||
95 | <refsect1> | |
96 | <title>See Also</title> | |
13a69c12 DT |
97 | <para><simplelist type="inline"> |
98 | <member><citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry></member> | |
99 | <member><citerefentry><refentrytitle>systemd-veritysetup-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry></member> | |
100 | <member><citerefentry project='die-net'><refentrytitle>veritysetup</refentrytitle><manvolnum>8</manvolnum></citerefentry></member> | |
101 | </simplelist></para> | |
2f3dfc6f LP |
102 | </refsect1> |
103 | ||
104 | </refentry> |