X-Git-Url: http://git.ipfire.org/?p=thirdparty%2Fsystemd.git;a=blobdiff_plain;f=man%2Fsystemd.exec.xml;h=c339f3b88582737c0eb25bdc58ff884b64934ec2;hp=8afcbd246f7c04ce11b74b1018a158bfa51d4c4b;hb=a6991726f80c299ac7275f4570e310e1dd5bce96;hpb=82ff544160aa2aa04cdd5c3f158135f7d61b8542
diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml
index 8afcbd246f7..c339f3b8858 100644
--- a/man/systemd.exec.xml
+++ b/man/systemd.exec.xml
@@ -145,6 +145,19 @@
+
+ RootImageOptions=
+
+ Takes a comma-separated list of mount options that will be used on disk images specified by
+ RootImage=. Optionally a partition number can be prefixed, followed by colon, in
+ case the image has multiple partitions, otherwise partition number 0 is implied.
+ Options for multiple partitions can be specified in a single line with space separators. Assigning an empty
+ string removes previous assignments. For a list of valid mount options, please refer to
+ mount8.
+
+
+
+
RootHash=
@@ -188,10 +201,10 @@
the same name (except if the image has the .raw suffix, in which case the verity data file must
not have it in its name), the verity data is read from it and automatically used.
- This option is supported only for disk images that contain a single file system, without an enveloping partition
- table. Images that contain a GPT partition table should instead include both root file system and matching Verity
- data in the same image, implementing the
- [Discoverable Partition Specification](https://systemd.io/DISCOVERABLE_PARTITIONS)
+ This option is supported only for disk images that contain a single file system, without an
+ enveloping partition table. Images that contain a GPT partition table should instead include both
+ root file system and matching Verity data in the same image, implementing the Discoverable Partition Specification.
@@ -248,6 +261,42 @@
+
+ MountImages=
+
+ This setting is similar to RootImage= in that it mounts a file
+ system hierarchy from a block device node or loopback file, but the destination directory can be
+ specified as well as mount options. This option expects a whitespace separated list of mount
+ definitions. Each definition consists of a colon-separated tuple of source path and destination
+ directory. Each mount definition may be prefixed with -, in which case it will be
+ ignored when its source path does not exist. The source argument is a path to a block device node or
+ regular file. If source or destination contain a :, it needs to be escaped as
+ \:.
+ The device node or file system image file needs to follow the same rules as specified
+ for RootImage=. Any mounts created with this option are specific to the unit, and
+ are not visible in the host's mount table.
+
+ These settings may be used more than once, each usage appends to the unit's list of mount
+ paths. If the empty string is assigned, the entire list of mount paths defined prior to this is
+ reset.
+
+ Note that the destination directory must exist or systemd must be able to create it. Thus, it
+ is not possible to use those options for mount points nested underneath paths specified in
+ InaccessiblePaths=, or under /home/ and other protected
+ directories if ProtectHome=yes is specified.
+
+ When DevicePolicy= is set to closed or
+ strict, or set to auto and DeviceAllow= is
+ set, then this setting adds /dev/loop-control with rw mode,
+ block-loop and block-blkext with rwm mode
+ to DeviceAllow=. See
+ systemd.resource-control5
+ for the details about DevicePolicy= or DeviceAllow=. Also, see
+ PrivateDevices= below, as it may change the setting of
+ DevicePolicy=.
+
+
+
@@ -2378,7 +2427,9 @@ StandardInputData=SWNrIHNpdHplIGRhIHVuJyBlc3NlIEtsb3BzLAp1ZmYgZWVtYWwga2xvcHAncy
so that they are automatically established prior to the unit starting up. Note that when this option
is used log output of this service does not appear in the regular
journalctl1
- output, unless the option is used.
+ output, unless the option is used.
+
+