[thirdparty/systemd.git] / man / systemd-veritysetup@.service.xml

<?xml version="1.0"?>
<!--*-nxml-*-->
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
  "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
<!-- SPDX-License-Identifier: LGPL-2.1-or-later -->
<refentry id="systemd-veritysetup@.service" conditional='HAVE_LIBCRYPTSETUP'
          xmlns:xi="http://www.w3.org/2001/XInclude">

  <refentryinfo>
    <title>systemd-veritysetup@.service</title>
    <productname>systemd</productname>
  </refentryinfo>

  <refmeta>
    <refentrytitle>systemd-veritysetup@.service</refentrytitle>
    <manvolnum>8</manvolnum>
  </refmeta>

  <refnamediv>
    <refname>systemd-veritysetup@.service</refname>
    <refname>systemd-veritysetup</refname>
    <refpurpose>Disk verity protection logic</refpurpose>
  </refnamediv>

  <refsynopsisdiv>
    <para><filename>systemd-veritysetup@.service</filename></para>
    <para><filename>/usr/lib/systemd/systemd-veritysetup</filename></para>
  </refsynopsisdiv>

  <refsect1>
    <title>Description</title>

    <para><filename>systemd-veritysetup@.service</filename> is a service responsible for setting up verity
    protection block devices. It should be instantiated for each device that requires verity
    protection.</para>

    <para>At early boot and when the system manager configuration is reloaded kernel command line configuration for
    verity protected block devices is translated into <filename>systemd-veritysetup@.service</filename> units by
    <citerefentry><refentrytitle>systemd-veritysetup-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>

    <para><filename>systemd-veritysetup@.service</filename> calls <command>systemd-veritysetup</command>.</para>
  </refsect1>

  <refsect1>
    <title>Commands</title>

    <para>The following commands are understood by <command>systemd-veritysetup</command>:</para>

    <variablelist>
      <varlistentry>
        <term>
          <option>attach</option>
          <replaceable>volume</replaceable>
          <replaceable>datadevice</replaceable>
          <replaceable>hashdevice</replaceable>
          <replaceable>roothash</replaceable>
          [<replaceable>option</replaceable>...]
        </term>

        <listitem><para>Create a block device <replaceable>volume</replaceable> using
        <replaceable>datadevice</replaceable> and <replaceable>hashdevice</replaceable> as the backing
        devices. <replaceable>roothash</replaceable> forms the root of the tree of hashes stored on
        <replaceable>hashdevice</replaceable>. See
        <ulink url="https://docs.kernel.org/admin-guide/device-mapper/verity.html">
          Kernel dm-verity</ulink> documentation for details.
        </para></listitem>
      </varlistentry>

      <varlistentry>
        <term>
          <option>detach</option>
          <replaceable>volume</replaceable>
        </term>

        <listitem><para>Detach (destroy) the block device
        <replaceable>volume</replaceable>.</para></listitem>
      </varlistentry>

      <varlistentry>
        <term>
          <option>help</option>
        </term>

        <listitem><para>Print short information about command syntax.</para></listitem>
      </varlistentry>
    </variablelist>
  </refsect1>

  <refsect1>
    <title>See Also</title>
    <para>
      <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
      <citerefentry><refentrytitle>systemd-veritysetup-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
      <citerefentry project='die-net'><refentrytitle>veritysetup</refentrytitle><manvolnum>8</manvolnum></citerefentry>
     </para>
  </refsect1>

</refentry>
Commit	Line	Data
2f3dfc6f LP	1	<?xml version="1.0"?>
2f3dfc6f LP	2	<!---nxml--->
3a54a157 ZJS	3	<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3a54a157 ZJS	4	"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
db9ecf05	5	<!-- SPDX-License-Identifier: LGPL-2.1-or-later -->
4623eecb AK	6	<refentry id="systemd-veritysetup@.service" conditional='HAVE_LIBCRYPTSETUP'
4623eecb AK	7	xmlns:xi="http://www.w3.org/2001/XInclude">
2f3dfc6f LP	8
	9	<refentryinfo>
	10	<title>systemd-veritysetup@.service</title>
	11	<productname>systemd</productname>
2f3dfc6f LP	12	</refentryinfo>
	13
	14	<refmeta>
	15	<refentrytitle>systemd-veritysetup@.service</refentrytitle>
	16	<manvolnum>8</manvolnum>
	17	</refmeta>
	18
	19	<refnamediv>
	20	<refname>systemd-veritysetup@.service</refname>
	21	<refname>systemd-veritysetup</refname>
9a2a6ec4	22	<refpurpose>Disk verity protection logic</refpurpose>
2f3dfc6f LP	23	</refnamediv>
	24
	25	<refsynopsisdiv>
	26	<para><filename>systemd-veritysetup@.service</filename></para>
	27	<para><filename>/usr/lib/systemd/systemd-veritysetup</filename></para>
	28	</refsynopsisdiv>
	29
	30	<refsect1>
	31	<title>Description</title>
	32
9a2a6ec4 TA	33	<para><filename>systemd-veritysetup@.service</filename> is a service responsible for setting up verity
9a2a6ec4 TA	34	protection block devices. It should be instantiated for each device that requires verity
2f3dfc6f LP	35	protection.</para>
	36
	37	<para>At early boot and when the system manager configuration is reloaded kernel command line configuration for
9a2a6ec4	38	verity protected block devices is translated into <filename>systemd-veritysetup@.service</filename> units by
2f3dfc6f	39	<citerefentry><refentrytitle>systemd-veritysetup-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
d53285d5 ZJS	40
	41	<para><filename>systemd-veritysetup@.service</filename> calls <command>systemd-veritysetup</command>.</para>
	42	</refsect1>
	43
	44	<refsect1>
	45	<title>Commands</title>
	46
	47	<para>The following commands are understood by <command>systemd-veritysetup</command>:</para>
	48
	49	<variablelist>
	50	<varlistentry>
	51	<term>
	52	<option>attach</option>
	53	<replaceable>volume</replaceable>
	54	<replaceable>datadevice</replaceable>
	55	<replaceable>hashdevice</replaceable>
	56	<replaceable>roothash</replaceable>
	57	[<replaceable>option</replaceable>...]
	58	</term>
	59
	60	<listitem><para>Create a block device <replaceable>volume</replaceable> using
	61	<replaceable>datadevice</replaceable> and <replaceable>hashdevice</replaceable> as the backing
	62	devices. <replaceable>roothash</replaceable> forms the root of the tree of hashes stored on
	63	<replaceable>hashdevice</replaceable>. See
0e685823	64	<ulink url="https://docs.kernel.org/admin-guide/device-mapper/verity.html">
d53285d5 ZJS	65	Kernel dm-verity</ulink> documentation for details.
	66	</para></listitem>
	67	</varlistentry>
	68
	69	<varlistentry>
	70	<term>
	71	<option>detach</option>
	72	<replaceable>volume</replaceable>
	73	</term>
	74
	75	<listitem><para>Detach (destroy) the block device
	76	<replaceable>volume</replaceable>.</para></listitem>
	77	</varlistentry>
	78
	79	<varlistentry>
	80	<term>
	81	<option>help</option>
	82	</term>
	83
	84	<listitem><para>Print short information about command syntax.</para></listitem>
	85	</varlistentry>
	86	</variablelist>
2f3dfc6f LP	87	</refsect1>
	88
	89	<refsect1>
	90	<title>See Also</title>
	91	<para>
	92	<citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
	93	<citerefentry><refentrytitle>systemd-veritysetup-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
	94	<citerefentry project='die-net'><refentrytitle>veritysetup</refentrytitle><manvolnum>8</manvolnum></citerefentry>
	95	</para>
	96	</refsect1>
	97
	98	</refentry>