man: tweak cryptsetup credentials docs a bit

Let's bring the credentials into a better order, in order of relevance.

Also, let's clarify what the generic LUKS PIN is about.

Finally, list the credentials in system-credentials(7) too, after all
people might want to unlock a disk with this via SMBIOS Type 11 or so.

diff --git a/man/systemd-cryptsetup.xml b/man/systemd-cryptsetup.xml
index 5f12dc4748a8b38f71a10a25788db65917f68192..72dc56390ff17372a5ebbd0f5cb358e005a19c4b 100644 (file)
--- a/man/systemd-cryptsetup.xml
+++ b/man/systemd-cryptsetup.xml
@@ -105,7 +105,7 @@
   </refsect1>
 
   <refsect1>
-    <title>System Credentials</title>
+    <title>Credentials</title>
 
     <para><command>systemd-cryptsetup</command> supports the service credentials logic as implemented by
     <varname>ImportCredential=</varname>/<varname>LoadCredential=</varname>/<varname>SetCredential=</varname>
@@ -123,33 +123,33 @@
       </varlistentry>
 
       <varlistentry>
-        <term><varname>cryptsetup.fido2-pin</varname></term>
+        <term><varname>cryptsetup.tpm2-pin</varname></term>
 
-        <listitem><para>This credential specifies the FIDO2 token pin.</para>
+        <listitem><para>This credential specifies the TPM pin.</para>
 
         <xi:include href="version-info.xml" xpointer="v256"/></listitem>
       </varlistentry>
 
       <varlistentry>
-        <term><varname>cryptsetup.tpm2-pin</varname></term>
+        <term><varname>cryptsetup.fido2-pin</varname></term>
 
-        <listitem><para>This credential specifies the TPM pin.</para>
+        <listitem><para>This credential specifies the FIDO2 token pin.</para>
 
         <xi:include href="version-info.xml" xpointer="v256"/></listitem>
       </varlistentry>
 
       <varlistentry>
-        <term><varname>cryptsetup.luks2-pin</varname></term>
+        <term><varname>cryptsetup.pkcs11-pin</varname></term>
 
-        <listitem><para>This credential specifies the LUKS2 token pin.</para>
+        <listitem><para>This credential specifies the PKCS11 token pin.</para>
 
         <xi:include href="version-info.xml" xpointer="v256"/></listitem>
       </varlistentry>
 
       <varlistentry>
-        <term><varname>cryptsetup.pkcs11-pin</varname></term>
+        <term><varname>cryptsetup.luks2-pin</varname></term>
 
-        <listitem><para>This credential specifies the PKCS11 token pin.</para>
+        <listitem><para>This credential specifies the PIN requested by generic LUKS2 token modules.</para>
 
         <xi:include href="version-info.xml" xpointer="v256"/></listitem>
       </varlistentry>

diff --git a/man/systemd.system-credentials.xml b/man/systemd.system-credentials.xml
index 749d3bfb1574b050775ef72d4519c4c6a295f6e0..2a345c47b4c26c159ba5ca916ecb53b9f57b3119 100644 (file)
--- a/man/systemd.system-credentials.xml
+++ b/man/systemd.system-credentials.xml
@@ -353,6 +353,20 @@
           <xi:include href="version-info.xml" xpointer="v256"/>
         </listitem>
       </varlistentry>
+
+      <varlistentry>
+        <term><varname>cryptsetup.passphrase</varname></term>
+        <term><varname>cryptsetup.tpm2-pin</varname></term>
+        <term><varname>cryptsetup.fido2-pin</varname></term>
+        <term><varname>cryptsetup.pkcs11-pin</varname></term>
+        <term><varname>cryptsetup.luks2-pin</varname></term>
+        <listitem>
+          <para>Specifies the passphrase/PINs to use for unlock encrypted storage volumes. For details see
+          <citerefentry><refentrytitle>systemd-cryptsetup</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
+
+          <xi:include href="version-info.xml" xpointer="v256"/>
+        </listitem>
+      </varlistentry>
     </variablelist>
   </refsect1>