]>
Commit | Line | Data |
---|---|---|
917cc808 LP |
1 | <?xml version='1.0'?> <!--*-nxml-*--> |
2 | <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" | |
3 | "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"> | |
db9ecf05 | 4 | <!-- SPDX-License-Identifier: LGPL-2.1-or-later --> |
917cc808 | 5 | |
2d37ea5c | 6 | <refentry id="systemd-repart" conditional='ENABLE_REPART' |
917cc808 LP |
7 | xmlns:xi="http://www.w3.org/2001/XInclude"> |
8 | ||
9 | <refentryinfo> | |
10 | <title>systemd-repart</title> | |
11 | <productname>systemd</productname> | |
12 | </refentryinfo> | |
13 | ||
14 | <refmeta> | |
15 | <refentrytitle>systemd-repart</refentrytitle> | |
16 | <manvolnum>8</manvolnum> | |
17 | </refmeta> | |
18 | ||
19 | <refnamediv> | |
20 | <refname>systemd-repart</refname> | |
21 | <refname>systemd-repart.service</refname> | |
22 | <refpurpose>Automatically grow and add partitions</refpurpose> | |
23 | </refnamediv> | |
24 | ||
25 | <refsynopsisdiv> | |
26 | <cmdsynopsis> | |
27 | <command>systemd-repart</command> | |
28 | <arg choice="opt" rep="repeat">OPTIONS</arg> | |
29 | <arg choice="opt" rep="repeat"><replaceable><optional>BLOCKDEVICE</optional></replaceable></arg> | |
30 | </cmdsynopsis> | |
31 | ||
32 | <para><filename>systemd-repart.service</filename></para> | |
33 | </refsynopsisdiv> | |
34 | ||
35 | <refsect1> | |
36 | <title>Description</title> | |
37 | ||
38 | <para><command>systemd-repart</command> grows and adds partitions to a partition table, based on the | |
39 | configuration files described in | |
40 | <citerefentry><refentrytitle>repart.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>. | |
41 | </para> | |
42 | ||
43 | <para>If invoked with no arguments, it operates on the block device backing the root file system partition | |
44 | of the OS, thus growing and adding partitions of the booted OS image itself. When called in the initial | |
45 | RAM disk it operates on the block device backing <filename>/sysroot/</filename> instead, i.e. on the | |
46 | block device the system will soon transition into. The <filename>systemd-repart.service</filename> | |
47 | service is generally run at boot in the initial RAM disk, in order to augment the partition table of the | |
48 | OS before its partitions are mounted. <command>systemd-repart</command> (mostly) operates in a purely | |
49 | incremental mode: it only grows existing and adds new partitions; it does not shrink, delete or move | |
50 | existing partitions. The service is intended to be run on every boot, but when it detects that the | |
51 | partition table already matches the installed <filename>repart.d/*.conf</filename> configuration | |
52 | files, it executes no operation.</para> | |
53 | ||
54 | <para><command>systemd-repart</command> is intended to be used when deploying OS images, to automatically | |
55 | adjust them to the system they are running on, during first boot. This way the deployed image can be | |
56 | minimal in size and may be augmented automatically at boot when needed, taking possession of disk space | |
57 | available but not yet used. Specifically the following use cases are among those covered:</para> | |
58 | ||
59 | <itemizedlist> | |
e9dd6984 ZJS |
60 | <listitem><para>The root partition may be grown to cover the whole available disk space.</para></listitem> |
61 | <listitem><para>A <filename>/home/</filename>, swap or <filename>/srv/</filename> partition can be | |
62 | added.</para></listitem> | |
63 | <listitem><para>A second (or third, …) root partition may be added, to cover A/B style setups | |
917cc808 LP |
64 | where a second version of the root file system is alternatingly used for implementing update |
65 | schemes. The deployed image would carry only a single partition ("A") but on first boot a second | |
66 | partition ("B") for this purpose is automatically created.</para></listitem> | |
67 | </itemizedlist> | |
68 | ||
69 | <para>The algorithm executed by <command>systemd-repart</command> is roughly as follows:</para> | |
70 | ||
71 | <orderedlist> | |
72 | <listitem><para>The <filename>repart.d/*.conf</filename> configuration files are loaded and parsed, | |
e9dd6984 | 73 | and ordered by filename (without the directory prefix).</para></listitem> |
917cc808 LP |
74 | |
75 | <listitem><para>The partition table already existing on the block device is loaded and | |
76 | parsed.</para></listitem> | |
77 | ||
78 | <listitem><para>The existing partitions in the partition table are matched up with the | |
79 | <filename>repart.d/*.conf</filename> files by GPT partition type UUID. The first existing partition | |
80 | of a specific type is assigned the first configuration file declaring the same type. The second | |
81 | existing partition of a specific type is then assigned the second configuration file declaring the same | |
82 | type, and so on. After this iterative assigning is complete any left-over existing partitions that have | |
83 | no matching configuration file are considered "foreign" and left as they are. And any configuration | |
84 | files for which no partition currently exists are understood as a request to create such a | |
85 | partition.</para></listitem> | |
86 | ||
87 | <listitem><para>Taking the size constraints and weights declared in the configuration files into | |
88 | account, all partitions that shall be created are now allocated to the disk, taking up all free space, | |
89 | always respecting the size and padding requests. Similar, existing partitions that are determined to | |
90 | grow are grown. New partitions are always appended to the end of the existing partition table, taking | |
91 | the first partition table slot whose index is greater than the indexes of all existing | |
92 | partitions. Partition table slots are never reordered and thus partition numbers are ensured to remain | |
93 | stable. Note that this allocation happens in RAM only, the partition table on disk is not updated | |
94 | yet.</para></listitem> | |
95 | ||
96 | <listitem><para>All existing partitions for which configuration files exist and which currently have no | |
97 | GPT partition label set will be assigned a label, either explicitly configured in the configuration or | |
98 | (if that's missing) derived automatically from the partition type. The same is done for all partitions | |
99 | that are newly created. These assignments are done in RAM only, too, the disk is not updated | |
100 | yet.</para></listitem> | |
101 | ||
102 | <listitem><para>Similarly, all existing partitions for which configuration files exist and which | |
103 | currently have an all-zero identifying UUID will be assigned a new UUID. This UUID is cryptographically | |
104 | hashed from a common seed value together with the partition type UUID (and a counter in case multiple | |
105 | partitions of the same type are defined), see below. The same is done for all partitions that are | |
106 | created anew. These assignments are done in RAM only, too, the disk is not updated | |
107 | yet.</para></listitem> | |
108 | ||
109 | <listitem><para>Similarly, if the disk's volume UUID is all zeroes it is also initialized, also | |
110 | cryptographically hashed from the same common seed value. Also, in RAM only, too.</para></listitem> | |
111 | ||
112 | <listitem><para>The disk space assigned to new partitions (i.e. what was previously considered free | |
113 | space but is no longer) is now erased. Specifically, all file system signatures are removed, and if the | |
114 | device supports it the <constant>BLKDISCARD</constant> I/O control command is issued to inform the | |
115 | hardware that the space is empty now. In addition any "padding" between partitions and at the end of | |
116 | the device is similarly erased.</para></listitem> | |
117 | ||
118 | <listitem><para>The new partition table is finally written to disk. The kernel is asked to reread the | |
119 | partition table.</para></listitem> | |
120 | </orderedlist> | |
121 | ||
122 | <para>As exception to the normally strictly incremental operation, when called in a special "factory | |
e9dd6984 | 123 | reset" mode, <command>systemd-repart</command> may also be used to erase existing partitions to |
917cc808 LP |
124 | reset an installation back to vendor defaults. This mode of operation is used when either the |
125 | <option>--factory-reset=yes</option> switch is passed on the tool's command line, or the | |
126 | <option>systemd.factory_reset=yes</option> option specified on the kernel command line, or the | |
127 | <varname>FactoryReset</varname> EFI variable (vendor UUID | |
128 | <constant>8cf2644b-4b0b-428f-9387-6d876050dc67</constant>) is set to "yes". It alters the algorithm above | |
e9dd6984 | 129 | slightly: between the 3rd and the 4th step above any partition marked explicitly via the |
917cc808 LP |
130 | <varname>FactoryReset=</varname> boolean is deleted, and the algorithm restarted, thus immediately |
131 | re-creating these partitions anew empty.</para> | |
132 | ||
133 | <para>Note that <command>systemd-repart</command> only changes partition tables, it does not create or | |
134 | resize any file systems within these partitions. A separate mechanism should be used for that, for | |
135 | example | |
136 | <citerefentry><refentrytitle>systemd-growfs</refentrytitle><manvolnum>8</manvolnum></citerefentry> and | |
137 | <command>systemd-makefs</command>.</para> | |
138 | ||
139 | <para>The UUIDs identifying the new partitions created (or assigned to existing partitions that have no | |
140 | UUID yet), as well as the disk as a whole are hashed cryptographically from a common seed value. This | |
141 | seed value is usually the | |
142 | <citerefentry><refentrytitle>machine-id</refentrytitle><manvolnum>5</manvolnum></citerefentry> of the | |
143 | system, so that the machine ID reproducibly determines the UUIDs assigned to all partitions. If the | |
144 | machine ID cannot be read (or the user passes <option>--seed=random</option>, see below) the seed is | |
145 | generated randomly instead, so that the partition UUIDs are also effectively random. The seed value may | |
146 | also be set explicitly, formatted as UUID via the <option>--seed=</option> option. By hashing these UUIDs | |
147 | from a common seed images prepared with this tool become reproducible and the result of the algorithm | |
148 | above deterministic.</para> | |
96deebbc LP |
149 | |
150 | <para>The positional argument should specify the block device to operate on. Instead of a block device | |
151 | node path a regular file may be specified too, in which case the command operates on it like it would if | |
152 | a loopback block device node was specified with the file attached. If <option>--empty=create</option> is | |
153 | specified the specified path is created as regular file, which is useful for generating disk images from | |
154 | scratch.</para> | |
917cc808 LP |
155 | </refsect1> |
156 | ||
157 | <refsect1> | |
158 | <title>Options</title> | |
159 | ||
160 | <para>The following options are understood:</para> | |
161 | ||
162 | <variablelist> | |
163 | <varlistentry> | |
164 | <term><option>--dry-run=</option></term> | |
165 | <listitem><para>Takes a boolean. If this switch is not specified <option>--dry-run=yes</option> is | |
166 | the implied default. Controls whether <filename>systemd-repart</filename> executes the requested | |
167 | re-partition operations or whether it should only show what it would do. Unless | |
168 | <option>--dry-run=no</option> is specified <filename>systemd-repart</filename> will not actually | |
169 | touch the device's partition table.</para></listitem> | |
170 | </varlistentry> | |
171 | ||
172 | <varlistentry> | |
173 | <term><option>--empty=</option></term> | |
174 | <listitem><para>Takes one of <literal>refuse</literal>, <literal>allow</literal>, | |
96deebbc LP |
175 | <literal>require</literal>, <literal>force</literal> or <literal>create</literal>. Controls how to |
176 | operate on block devices that are entirely empty, i.e. carry no partition table/disk label yet. If | |
177 | this switch is not specified the implied default is <literal>refuse</literal>.</para> | |
917cc808 LP |
178 | |
179 | <para>If <literal>refuse</literal> <command>systemd-repart</command> requires that the block device | |
180 | it shall operate on already carries a partition table and refuses operation if none is found. If | |
181 | <literal>allow</literal> the command will extend an existing partition table or create a new one if | |
182 | none exists. If <literal>require</literal> the command will create a new partition table if none | |
183 | exists so far, and refuse operation if one already exists. If <literal>force</literal> it will create | |
184 | a fresh partition table unconditionally, erasing the disk fully in effect. If | |
185 | <literal>force</literal> no existing partitions will be taken into account or survive the | |
96deebbc LP |
186 | operation. Hence: use with care, this is a great way to lose all your data. If |
187 | <literal>create</literal> a new loopback file is create under the path passed via the device node | |
188 | parameter, of the size indicated with <option>--size=</option>, see below.</para></listitem> | |
917cc808 LP |
189 | </varlistentry> |
190 | ||
191 | <varlistentry> | |
192 | <term><option>--discard=</option></term> | |
193 | ||
194 | <listitem><para>Takes a boolean. If this switch is not specified <option>--discard=yes</option> is | |
195 | the implied default. Controls whether to issue the <constant>BLKDISCARD</constant> I/O control | |
196 | command on the space taken up by any added partitions or on the space in between them. Usually, it's | |
197 | a good idea to issue this request since it tells the underlying hardware that the covered blocks | |
96deebbc LP |
198 | shall be considered empty, improving performance. If operating on a regular file instead of a block |
199 | device node, a sparse file is generated.</para></listitem> | |
200 | </varlistentry> | |
201 | ||
202 | <varlistentry> | |
203 | <term><option>--size=</option></term> | |
204 | ||
dfb4d0ae LP |
205 | <listitem><para>Takes a size in bytes, using the usual K, M, G, T suffixes, or the special value |
206 | <literal>auto</literal>. If used the specified device node path must refer to a regular file, which | |
207 | is then grown to the specified size if smaller, before any change is made to the partition table. If | |
208 | specified as <literal>auto</literal> the minimal size for the disk image is automatically determined | |
209 | (i.e. the minimal sizes of all partitions are summed up, taking space for additional metadata into | |
210 | account). This switch is not supported if the specified node is a block device. This switch has no | |
211 | effect if the file is already as large as the specified size or larger. The specified size is | |
212 | implicitly rounded up to multiples of 4096. When used with <option>--empty=create</option> this | |
213 | specifies the initial size of the loopback file to create.</para> | |
214 | ||
215 | <para>The <option>--size=auto</option> option takes the sizes of pre-existing partitions into | |
69e3234d | 216 | account. However, it does not accommodate for partition tables that are not tightly packed: the |
dfb4d0ae LP |
217 | configured partitions might still not fit into the backing device if empty space exists between |
218 | pre-existing partitions (or before the first partition) that cannot be fully filled by partitions to | |
219 | grow or create.</para> | |
220 | ||
221 | <para>Also note that the automatic size determination does not take files or directories specified | |
222 | with <option>CopyFiles=</option> into account: operation might fail if the specified files or | |
223 | directories require more disk space then the configured per-partition minimal size | |
224 | limit.</para></listitem> | |
917cc808 LP |
225 | </varlistentry> |
226 | ||
227 | <varlistentry> | |
228 | <term><option>--factory-reset=</option></term> | |
229 | ||
230 | <listitem><para>Takes boolean. If this switch is not specified <option>--factory=reset=no</option> is | |
231 | the implied default. Controls whether to operate in "factory reset" mode, see above. If set to true | |
232 | this will remove all existing partitions marked with <varname>FactoryReset=</varname> set to yes | |
233 | early while executing the re-partitioning algorithm. Use with care, this is a great way to lose all | |
234 | your data. Note that partition files need to explicitly turn <varname>FactoryReset=</varname> on, as | |
235 | the option defaults to off. If no partitions are marked for factory reset this switch has no | |
236 | effect. Note that there are two other methods to request factory reset operation: via the kernel | |
237 | command line and via an EFI variable, see above.</para></listitem> | |
238 | </varlistentry> | |
239 | ||
240 | <varlistentry> | |
241 | <term><option>--can-factory-reset</option></term> | |
242 | ||
243 | <listitem><para>If this switch is specified the disk is not re-partitioned. Instead it is determined | |
244 | if any existing partitions are marked with <varname>FactoryReset=</varname>. If there are the tool | |
245 | will exit with exit status zero, otherwise non-zero. This switch may be used to quickly determine | |
246 | whether the running system supports a factory reset mechanism built on | |
247 | <command>systemd-repart</command>.</para></listitem> | |
248 | </varlistentry> | |
249 | ||
250 | <varlistentry> | |
251 | <term><option>--root=</option></term> | |
252 | ||
253 | <listitem><para>Takes a path to a directory to use as root file system when searching for | |
254 | <filename>repart.d/*.conf</filename> files and for the machine ID file to use as seed. By default | |
255 | when invoked on the regular system this defaults to the host's root file system | |
256 | <filename>/</filename>. If invoked from the initial RAM disk this defaults to | |
257 | <filename>/sysroot/</filename>, so that the tool operates on the configuration and machine ID stored | |
258 | in the root file system later transitioned into itself.</para></listitem> | |
259 | </varlistentry> | |
260 | ||
261 | <varlistentry> | |
262 | <term><option>--seed=</option></term> | |
263 | ||
264 | <listitem><para>Takes a UUID as argument or the special value <constant>random</constant>. If a UUID | |
265 | is specified the UUIDs to assign to partitions and the partition table itself are derived via | |
266 | cryptographic hashing from it. If not specified it is attempted to read the machine ID from the host | |
267 | (or more precisely, the root directory configured via <option>--root=</option>) and use it as seed | |
268 | instead, falling back to a randomized seed otherwise. Use <option>--seed=random</option> to force a | |
269 | randomized seed. Explicitly specifying the seed may be used to generated strictly reproducible | |
270 | partition tables.</para></listitem> | |
271 | </varlistentry> | |
272 | ||
273 | <varlistentry> | |
274 | <term><option>--pretty=</option></term> | |
275 | ||
276 | <listitem><para>Takes a boolean argument. If this switch is not specified, it defaults to on when | |
277 | called from an interactive terminal and off otherwise. Controls whether to show a user friendly table | |
278 | and graphic illustrating the changes applied.</para></listitem> | |
a015fbe7 TH |
279 | </varlistentry> |
280 | ||
281 | <varlistentry> | |
282 | <term><option>--json=</option><replaceable>MODE</replaceable></term> | |
283 | ||
284 | <listitem><para>Shows output formatted as JSON. Expects one of <literal>short</literal> (for the | |
285 | shortest possible output without any redundant whitespace or line breaks), <literal>pretty</literal> | |
286 | (for a pretty version of the same, with indentation and line breaks) or <literal>off</literal> (to turn | |
287 | off json output).</para></listitem> | |
917cc808 LP |
288 | </varlistentry> |
289 | ||
290 | <varlistentry> | |
291 | <term><option>--definitions=</option></term> | |
292 | ||
e9dd6984 ZJS |
293 | <listitem><para>Takes a file system path. If specified the <filename>*.conf</filename> files are read |
294 | from the specified directory instead of searching in <filename>/usr/lib/repart.d/*.conf</filename>, | |
295 | <filename>/etc/repart.d/*.conf</filename>, | |
917cc808 LP |
296 | <filename>/run/repart.d/*.conf</filename>.</para></listitem> |
297 | </varlistentry> | |
298 | ||
dfb4d0ae LP |
299 | <varlistentry> |
300 | <term><option>--key-file=</option></term> | |
301 | ||
302 | <listitem><para>Takes a file system path. Configures the encryption key to use when setting up LUKS2 | |
303 | volumes configured with the <varname>Encrypt=</varname> setting in partition files. Should refer to a | |
304 | regular file containing the key, or an <constant>AF_UNIX</constant> stream socket in the file | |
305 | system. In the latter case a connection is made to it and the key read from it. If this switch is not | |
306 | specified the empty key (i.e. zero length key) is used. This behaviour is useful for setting up encrypted | |
307 | partitions during early first boot that receive their user-supplied password only in a later setup | |
308 | step.</para></listitem> | |
309 | </varlistentry> | |
310 | ||
917cc808 LP |
311 | <xi:include href="standard-options.xml" xpointer="help" /> |
312 | <xi:include href="standard-options.xml" xpointer="version" /> | |
313 | </variablelist> | |
314 | </refsect1> | |
315 | ||
316 | <refsect1> | |
317 | <title>See Also</title> | |
318 | <para> | |
319 | <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, | |
320 | <citerefentry><refentrytitle>repart.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>, | |
321 | <citerefentry><refentrytitle>machine-id</refentrytitle><manvolnum>5</manvolnum></citerefentry> | |
322 | </para> | |
323 | </refsect1> | |
324 | ||
325 | </refentry> |