pcrlock: document the env vars we honour to find measurement logs

author Lennart Poettering <lennart@poettering.net>

Wed, 21 Feb 2024 13:42:50 +0000 (14:42 +0100)

committer Lennart Poettering <lennart@poettering.net>

Wed, 21 Feb 2024 13:45:19 +0000 (14:45 +0100)
author Lennart Poettering <lennart@poettering.net>
Wed, 21 Feb 2024 13:42:50 +0000 (14:42 +0100)
committer Lennart Poettering <lennart@poettering.net>
Wed, 21 Feb 2024 13:45:19 +0000 (14:45 +0100)
diff --git a/docs/ENVIRONMENT.md b/docs/ENVIRONMENT.md

index 6fa82d7177a7b2447e91f4992b34fb5093ae1763..eab1ce23e46a2f692b82dc3ade2a877794748817 100644 (file)
--- a/docs/ENVIRONMENT.md
+++ b/docs/ENVIRONMENT.md
@@ -622,6 +622,16 @@ SYSTEMD_HOME_DEBUG_SUFFIX=foo \
    to expose a single device only, since those identifiers better should be kept
    unique.
  
+`systemd-pcrlock`, `systemd-pcrextend`:
+
+* `$SYSTEMD_MEASURE_LOG_USERSPACE` – the path to the `tpm2-measure.log` file
+  (containing userspace measurement data) to read. This allows overriding the
+  default of `/run/log/systemd/tpm2-measure.log`.
+
+* `$SYSTEMD_MEASURE_LOG_FIRMWARE` – the path to the `binary_bios_measurements`
+  file (containing firmware measurement data) to read. This allows overriding
+  the default of `/sys/kernel/security/tpm0/binary_bios_measurements`.
+
  Tools using the Varlink protocol (such as `varlinkctl`) or sd-bus (such as
  `busctl`):
author	Lennart Poettering <lennart@poettering.net>
	Wed, 21 Feb 2024 13:42:50 +0000 (14:42 +0100)
committer	Lennart Poettering <lennart@poettering.net>
	Wed, 21 Feb 2024 13:45:19 +0000 (14:45 +0100)