From: Lennart Poettering Date: Mon, 11 Oct 2021 09:15:08 +0000 (+0200) Subject: docs: document $SYSTEMD_CRYPTSETUP_USE_TOKEN_MODULE X-Git-Tag: v250-rc1~535^2 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F20970%2Fhead;p=thirdparty%2Fsystemd.git docs: document $SYSTEMD_CRYPTSETUP_USE_TOKEN_MODULE --- diff --git a/docs/ENVIRONMENT.md b/docs/ENVIRONMENT.md index 5b7c01d1490..175bb8a8193 100644 --- a/docs/ENVIRONMENT.md +++ b/docs/ENVIRONMENT.md @@ -364,3 +364,10 @@ disk images with `--image=` or similar: against any of the certificates in `/etc/verity.d/*.crt` (and similar directores in `/usr/lib/`, `/run`, …) or passed to the kernel for validation against its built-in certificates. + +`systemd-cryptsetup`: + +* `$SYSTEMD_CRYPTSETUP_USE_TOKEN_MODULE` – takes a boolean, which controls + whether to use the libcryptsetup "token" plugin module logic even when + activating via FIDO2, PKCS#11, TPM2, i.e. mechanisms natively supported by + `systemd-cryptsetup`. Defaults to enabled.