3 <!DOCTYPE refentry PUBLIC
"-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
5 This file is part of systemd.
7 Copyright 2012 Lennart Poettering
9 systemd is free software; you can redistribute it and/or modify it
10 under the terms of the GNU Lesser General Public License as published by
11 the Free Software Foundation; either version 2.1 of the License, or
12 (at your option) any later version.
14 systemd is distributed in the hope that it will be useful, but
15 WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 Lesser General Public License for more details.
19 You should have received a copy of the GNU Lesser General Public License
20 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 <refentry id=
"systemd-cryptsetup-generator" conditional='HAVE_LIBCRYPTSETUP'
>
25 <title>systemd-cryptsetup-generator
</title>
26 <productname>systemd
</productname>
30 <contrib>Developer
</contrib>
31 <firstname>Lennart
</firstname>
32 <surname>Poettering
</surname>
33 <email>lennart@poettering.net
</email>
39 <refentrytitle>systemd-cryptsetup-generator
</refentrytitle>
40 <manvolnum>8</manvolnum>
44 <refname>systemd-cryptsetup-generator
</refname>
45 <refpurpose>Unit generator for
<filename>/etc/crypttab
</filename></refpurpose>
49 <para><filename>/usr/lib/systemd/system-generators/systemd-cryptsetup-generator
</filename></para>
53 <title>Description
</title>
55 <para><filename>systemd-cryptsetup-generator
</filename>
56 is a generator that translates
57 <filename>/etc/crypttab
</filename> into native systemd
58 units early at boot and when configuration of the
59 system manager is reloaded. This will create
60 <citerefentry><refentrytitle>systemd-cryptsetup@.service
</refentrytitle><manvolnum>8</manvolnum></citerefentry>
61 units as necessary.
</para>
63 <para><filename>systemd-cryptsetup-generator
</filename>
65 url=
"http://www.freedesktop.org/wiki/Software/systemd/Generators">generator
66 specification
</ulink>.
</para>
70 <title>Kernel Command Line
</title>
72 <para><filename>systemd-cryptsetup-generator
</filename> understands
73 the following kernel command line parameters:
</para>
75 <variablelist class='kernel-commandline-options'
>
77 <term><varname>luks=
</varname></term>
78 <term><varname>rd.luks=
</varname></term>
80 <listitem><para>Takes a boolean
82 <literal>yes
</literal>. If
83 <literal>no
</literal>, disables the
85 entirely.
<varname>rd.luks=
</varname>
86 is honored only by initial RAM disk
88 <varname>luks=
</varname> is honored
89 by both the main system and the
90 initrd.
</para></listitem>
94 <term><varname>luks.crypttab=
</varname></term>
95 <term><varname>rd.luks.crypttab=
</varname></term>
97 <listitem><para>Takes a boolean
99 <literal>yes
</literal>. If
100 <literal>no
</literal>, causes the
101 generator to ignore any devices
103 <filename>/etc/crypttab
</filename>
104 (
<varname>luks.uuid=
</varname> will
106 however).
<varname>rd.luks.crypttab=
</varname>
107 is honored only by initial RAM disk
109 <varname>luks.crypttab=
</varname> is
110 honored by both the main system and
111 the initrd.
</para></listitem>
115 <term><varname>luks.uuid=
</varname></term>
116 <term><varname>rd.luks.uuid=
</varname></term>
118 <listitem><para>Takes a LUKS superblock
119 UUID as argument. This will
120 activate the specified device as part
121 of the boot process as if it was
123 <filename>/etc/crypttab
</filename>. This
124 option may be specified more than once
125 in order to set up multiple
126 devices.
<varname>rd.luks.uuid=
</varname>
127 is honored only by initial RAM disk
129 <varname>luks.uuid=
</varname> is
130 honored by both the main system and
132 <para>If /etc/crypttab contains entries with
133 the same UUID, then the name, keyfile and options
134 specified there will be used. Otherwise the device
135 will have the name
<literal>luks-UUID
</literal>.
</para>
136 <para>If /etc/crypttab exists, only those UUIDs
137 specified on the kernel command line
138 will be activated in the initrd or the real root.
</para>
143 <term><varname>luks.name=
</varname></term>
144 <term><varname>rd.luks.name=
</varname></term>
146 <listitem><para>Takes a LUKS super
147 block UUID followed by an '=' and a name. This implies
148 <varname>rd.luks.uuid=
</varname> or
<varname>luks.uuid=
</varname>
149 and will additionally make the LUKS device given by
150 the UUID appear under the provided name.
</para>
152 <para><varname>rd.luks.name=
</varname>
153 is honored only by initial RAM disk
155 <varname>luks.name=
</varname> is
156 honored by both the main system and
162 <term><varname>luks.options=
</varname></term>
163 <term><varname>rd.luks.options=
</varname></term>
165 <listitem><para>Takes a LUKS super
166 block UUID followed by an '=' and a string
167 of options separated by commas as argument.
168 This will override the options for the given
170 <para>If only a list of options, without an
171 UUID, is specified, they apply to any UUIDs not
172 specified elsewhere, and without an entry in
173 /etc/crypttab.
</para><para>
174 <varname>rd.luks.options=
</varname>
175 is honored only by initial RAM disk
177 <varname>luks.options=
</varname> is
178 honored by both the main system and
184 <term><varname>luks.key=
</varname></term>
185 <term><varname>rd.luks.key=
</varname></term>
187 <listitem><para>Takes a password file name as argument or
188 a LUKS super block UUID followed by a '=' and a password
191 <para>For those entries specified with
192 <varname>rd.luks.uuid=
</varname> or
<varname>luks.uuid=
</varname>,
193 the password file will be set to the one specified by
194 <varname>rd.luks.key=
</varname> or
<varname>luks.key=
</varname>
195 of the corresponding UUID, or the password file that was specified
196 without a UUID.
</para>
197 <para><varname>rd.luks.key=
</varname>
198 is honored only by initial RAM disk
200 <varname>luks.key=
</varname> is
201 honored by both the main system and
209 <title>See Also
</title>
211 <citerefentry><refentrytitle>systemd
</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
212 <citerefentry><refentrytitle>crypttab
</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
213 <citerefentry><refentrytitle>systemd-cryptsetup@.service
</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
214 <citerefentry><refentrytitle>cryptsetup
</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
215 <citerefentry><refentrytitle>systemd-fstab-generator
</refentrytitle><manvolnum>8</manvolnum></citerefentry>