<!--*-nxml-*-->
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
-<!-- SPDX-License-Identifier: LGPL-2.1+ -->
-<refentry id="systemd-fstab-generator">
+<!-- SPDX-License-Identifier: LGPL-2.1-or-later -->
+<refentry id="systemd-fstab-generator" xmlns:xi="http://www.w3.org/2001/XInclude">
<refentryinfo>
<title>systemd-fstab-generator</title>
for more information about special <filename>/etc/fstab</filename>
mount options this generator understands.</para>
- <para>One special topic is handling of symbolic links. Historical init
+ <para>One special topic is handling of symbolic links. Historical init
implementations supported symlinks in <filename>/etc/fstab</filename>.
Because mount units will refuse mounts where the target is a symbolic link,
this generator will resolve any symlinks as far as possible when processing
<term><varname>fstab=</varname></term>
<term><varname>rd.fstab=</varname></term>
- <listitem><para>Takes a boolean argument. Defaults to
- <literal>yes</literal>. If <literal>no</literal>, causes the
- generator to ignore any mounts or swap devices configured in
- <filename>/etc/fstab</filename>. <varname>rd.fstab=</varname>
- is honored only by the initial RAM disk (initrd) while
- <varname>fstab=</varname> is honored by both the main system
- and the initrd.</para></listitem>
+ <listitem><para>Takes a boolean argument. Defaults to <literal>yes</literal>. If
+ <literal>no</literal>, causes the generator to ignore any mounts or swap devices configured in
+ <filename>/etc/fstab</filename>. <varname>rd.fstab=</varname> is honored only in the initrd, while
+ <varname>fstab=</varname> is honored by both the main system and the initrd.</para></listitem>
</varlistentry>
<varlistentry>
<term><varname>root=</varname></term>
- <listitem><para>Takes the root filesystem to mount in the
- initrd. <varname>root=</varname> is honored by the
- initrd.</para></listitem>
+ <listitem><para>Configures the operating system's root filesystem to mount when running in the
+ initrd. This accepts a device node path (usually <filename>/dev/disk/by-uuid/…</filename> or
+ <filename>/dev/disk/by-label/…</filename> or similar), or the special values <literal>gpt-auto</literal>,
+ <literal>fstab</literal>, and <literal>tmpfs</literal>.</para>
+
+ <para>Use <literal>gpt-auto</literal> to explicitly request automatic root file system discovery via
+ <citerefentry><refentrytitle>systemd-gpt-auto-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
+
+ <para>Use <literal>fstab</literal> to explicitly request automatic root file system discovery via
+ the initrd <filename>/etc/fstab</filename> rather than via kernel command line.</para>
+
+ <para>Use <literal>tmpfs</literal> in order to mount a <citerefentry
+ project='man-pages'><refentrytitle>tmpfs</refentrytitle><manvolnum>5</manvolnum></citerefentry> file
+ system as root file system of the OS. This is useful in combination with
+ <varname>mount.usr=</varname> (see below) in order to combine a volatile root file system with a
+ separate, immutable <filename>/usr/</filename> file system. Also see
+ <varname>systemd.volatile=</varname> below.</para></listitem>
</varlistentry>
<varlistentry>
<varlistentry>
<term><varname>mount.usr=</varname></term>
- <listitem><para>Takes the <filename>/usr</filename> filesystem
+ <listitem><para>Takes the <filename>/usr/</filename> filesystem
to be mounted by the initrd. If
<varname>mount.usrfstype=</varname> or
<varname>mount.usrflags=</varname> is set, then
<varname>root=</varname>.</para>
<para>Otherwise, this parameter defaults to the
- <filename>/usr</filename> entry found in
+ <filename>/usr/</filename> entry found in
<filename>/etc/fstab</filename> on the root filesystem.</para>
<para><varname>mount.usr=</varname> is honored by the initrd.
<varlistentry>
<term><varname>mount.usrfstype=</varname></term>
- <listitem><para>Takes the <filename>/usr</filename> filesystem
+ <listitem><para>Takes the <filename>/usr/</filename> filesystem
type that will be passed to the mount command. If
<varname>mount.usr=</varname> or
<varname>mount.usrflags=</varname> is set, then
set in <varname>rootfstype=</varname>.</para>
<para>Otherwise, this value will be read from the
- <filename>/usr</filename> entry in
+ <filename>/usr/</filename> entry in
<filename>/etc/fstab</filename> on the root filesystem.</para>
<para><varname>mount.usrfstype=</varname> is honored by the
<varlistentry>
<term><varname>mount.usrflags=</varname></term>
- <listitem><para>Takes the <filename>/usr</filename> filesystem
+ <listitem><para>Takes the <filename>/usr/</filename> filesystem
mount options to use. If <varname>mount.usr=</varname> or
<varname>mount.usrfstype=</varname> is set, then
<varname>mount.usrflags=</varname> will default to the value
set in <varname>rootflags=</varname>.</para>
<para>Otherwise, this value will be read from the
- <filename>/usr</filename> entry in
+ <filename>/usr/</filename> entry in
<filename>/etc/fstab</filename> on the root filesystem.</para>
<para><varname>mount.usrflags=</varname> is honored by the
initrd.</para></listitem>
</varlistentry>
+ <varlistentry>
+ <term><varname>roothash=</varname></term>
+ <term><varname>usrhash=</varname></term>
+
+ <listitem><para>These options are primarily read by
+ <citerefentry><refentrytitle>systemd-veritysetup-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>. When
+ set this indicates that the root file system (or <filename>/usr/</filename>) shall be mounted from
+ Verity volumes with the specified hashes. If these kernel command line options are set the root (or
+ <filename>/usr/</filename>) file system is thus mounted from a device mapper volume
+ <filename>/dev/mapper/root</filename> (or <filename>/dev/mapper/usr</filename>).</para></listitem>
+ </varlistentry>
+
<varlistentry>
<term><varname>systemd.volatile=</varname></term>
<para>If true the generator ensures
<citerefentry><refentrytitle>systemd-volatile-root.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
- is run as part of the initial RAM disk ("initrd"). This service changes the mount table before transitioning to
- the host system, so that a volatile memory file system (<literal>tmpfs</literal>) is used as root directory,
- with only <filename>/usr</filename> mounted into it from the configured root file system, in read-only
- mode. This way the system operates in fully stateless mode, with all configuration and state reset at boot and
- lost at shutdown, as <filename>/etc</filename> and <filename>/var</filename> will be served from the (initially
- unpopulated) volatile memory file system.</para>
+ is run in the initrd. This service changes the mount table before transitioning to the host system,
+ so that a volatile memory file system (<literal>tmpfs</literal>) is used as root directory, with only
+ <filename>/usr/</filename> mounted into it from the configured root file system, in read-only mode.
+ This way the system operates in fully stateless mode, with all configuration and state reset at boot
+ and lost at shutdown, as <filename>/etc/</filename> and <filename>/var/</filename> will be served
+ from the (initially unpopulated) volatile memory file system.</para>
<para>If set to <option>state</option> the generator will leave the root directory mount point unaltered,
- however will mount a <literal>tmpfs</literal> file system to <filename>/var</filename>. In this mode the normal
- system configuration (i.e. the contents of <literal>/etc</literal>) is in effect (and may be modified during
- system runtime), however the system state (i.e. the contents of <literal>/var</literal>) is reset at boot and
+ however will mount a <literal>tmpfs</literal> file system to <filename>/var/</filename>. In this mode the normal
+ system configuration (i.e. the contents of <literal>/etc/</literal>) is in effect (and may be modified during
+ system runtime), however the system state (i.e. the contents of <literal>/var/</literal>) is reset at boot and
lost at shutdown.</para>
<para>If this setting is set to <literal>overlay</literal> the root file system is set up as
<literal>tmpfs</literal>, so that no modifications are made to disk, but the file system may be modified
nonetheless with all changes being lost at reboot.</para>
- <para>Note that in none of these modes the root directory, <filename>/etc</filename>, <filename>/var</filename>
+ <para>Note that in none of these modes the root directory, <filename>/etc/</filename>, <filename>/var/</filename>
or any other resources stored in the root file system are physically removed. It's thus safe to boot a system
that is normally operated in non-volatile mode temporarily into volatile mode, without losing data.</para>
- <para>Note that with the exception of <literal>overlay</literal> mode, enabling this setting will only work
- correctly on operating systems that can boot up with only <filename>/usr</filename> mounted, and are able to
- automatically populate <filename>/etc</filename>, and also <filename>/var</filename> in case of
- <literal>systemd.volatile=yes</literal>.</para></listitem>
+ <para>Note that with the exception of <literal>overlay</literal> mode, enabling this setting will
+ only work correctly on operating systems that can boot up with only <filename>/usr/</filename>
+ mounted, and are able to automatically populate <filename>/etc/</filename>, and also
+ <filename>/var/</filename> in case of <literal>systemd.volatile=yes</literal>.</para>
+
+ <para>Also see <varname>root=tmpfs</varname> above, for a method to combine a
+ <literal>tmpfs</literal> file system with a regular <filename>/usr/</filename> file system (as
+ configured via <varname>mount.usr=</varname>). The main distinction between
+ <varname>systemd.volatile=yes</varname>, and <varname>root=tmpfs</varname> in combination
+ <varname>mount.usr=</varname> is that the former operates on top of a regular root file system and
+ temporarily obstructs the files and directories above its <filename>/usr/</filename> subdirectory,
+ while the latter does not hide any files, but simply mounts a unpopulated tmpfs as root file system
+ and combines it with a user picked <filename>/usr/</filename> file system.</para></listitem>
</varlistentry>
<varlistentry>
- <term><varname>systemd.swap</varname></term>
+ <term><varname>systemd.swap=</varname></term>
<listitem><para>Takes a boolean argument or enables the option if specified
without an argument. If disabled, causes the generator to ignore
any swap devices configured in <filename>/etc/fstab</filename>.
Defaults to enabled.</para></listitem>
</varlistentry>
+
+ <varlistentry>
+ <term><varname>systemd.mount-extra=<replaceable>WHAT</replaceable>:<replaceable>WHERE</replaceable>[:<replaceable>FSTYPE</replaceable>[:<replaceable>OPTIONS</replaceable>]]</varname></term>
+ <term><varname>rd.systemd.mount-extra=<replaceable>WHAT</replaceable>:<replaceable>WHERE</replaceable>[:<replaceable>FSTYPE</replaceable>[:<replaceable>OPTIONS</replaceable>]]</varname></term>
+
+ <listitem>
+ <para>Specifies the mount unit. Takes at least two and at most four fields separated with a colon
+ (<literal>:</literal>). Each field is handled as the corresponding fstab field. This option can be
+ specified multiple times. <varname>rd.systemd.mount-extra=</varname> is honored only in the initrd,
+ while <varname>systemd.mount-extra=</varname> is honored by both the main system and the initrd.
+ In the initrd, the mount point (and also source path if the mount is bind mount) specified in
+ <varname>systemd.mount-extra=</varname> is prefixed with <filename>/sysroot/</filename>.</para>
+ <para>Example:
+ <programlisting>
+systemd.mount-extra=/dev/sda1:/mount-point:ext4:rw,noatime</programlisting>
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><varname>systemd.swap-extra=<replaceable>WHAT</replaceable>[:<replaceable>OPTIONS</replaceable>]</varname></term>
+ <term><varname>rd.systemd.swap-extra=<replaceable>WHAT</replaceable>[:<replaceable>OPTIONS</replaceable>]</varname></term>
+
+ <listitem>
+ <para>Specifies the swap unit. Takes the block device to be used as a swap device, and optionally
+ takes mount options followed by a colon (<literal>:</literal>). This option can be specified
+ multiple times. <varname>rd.systemd.swap-extra=</varname> is honored only in the initrd, while
+ <varname>systemd.swap-extra=</varname> is honored by both the main system and the initrd.</para>
+ <para>Example:
+ <programlisting>
+systemd.swap=/dev/sda2:x-systemd.makefs</programlisting>
+ </para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1>
+ <title>System Credentials</title>
+
+ <variablelist class='system-credentials'>
+ <varlistentry>
+ <term><varname>fstab.extra</varname></term>
+
+ <listitem><para>This credential may contain addition mounts to establish, in the same format as
+ <citerefentry
+ project='man-pages'><refentrytitle>fstab</refentrytitle><manvolnum>5</manvolnum></citerefentry>, with
+ one mount per line. It is read in addition to <filename>/etc/fstab</filename>.</para></listitem>
+ </varlistentry>
</variablelist>
</refsect1>
<citerefentry><refentrytitle>systemd.mount</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd.swap</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd-cryptsetup-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
- <citerefentry><refentrytitle>kernel-command-line</refentrytitle><manvolnum>7</manvolnum></citerefentry>
+ <citerefentry><refentrytitle>systemd-gpt-auto-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>kernel-command-line</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
+ <ulink url="https://systemd.io/ENVIRONMENT/">Known Environment Variables</ulink>
</para>
</refsect1>
-
</refentry>