mirror of
https://github.com/systemd/systemd-stable.git
synced 2024-12-25 23:21:33 +03:00
1f1a2243c0
This adds support for dm integrity targets and an associated /etc/integritytab file which is required as the dm integrity device super block doesn't include all of the required metadata to bring up the device correctly. See integritytab man page for details.
96 lines
3.4 KiB
XML
96 lines
3.4 KiB
XML
<?xml version="1.0"?>
|
|
<!--*-nxml-*-->
|
|
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
|
|
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
|
|
<!-- SPDX-License-Identifier: LGPL-2.1-or-later -->
|
|
<refentry id="systemd-integritysetup@.service" conditional='HAVE_LIBCRYPTSETUP'>
|
|
|
|
<refentryinfo>
|
|
<title>systemd-integritysetup@.service</title>
|
|
<productname>systemd</productname>
|
|
</refentryinfo>
|
|
|
|
<refmeta>
|
|
<refentrytitle>systemd-integritysetup@.service</refentrytitle>
|
|
<manvolnum>8</manvolnum>
|
|
</refmeta>
|
|
|
|
<refnamediv>
|
|
<refname>systemd-integritysetup@.service</refname>
|
|
<refname>systemd-integritysetup</refname>
|
|
<refpurpose>Disk integrity protection logic</refpurpose>
|
|
</refnamediv>
|
|
|
|
<refsynopsisdiv>
|
|
<para><filename>systemd-integritysetup@.service</filename></para>
|
|
<para><filename>/usr/lib/systemd/systemd-integritysetup</filename></para>
|
|
</refsynopsisdiv>
|
|
|
|
<refsect1>
|
|
<title>Description</title>
|
|
|
|
<para><filename>systemd-integritysetup@.service</filename> is a service responsible for setting up integrity
|
|
protected block devices. It should be instantiated for each device that requires integrity
|
|
protection.</para>
|
|
|
|
<para>At early boot and when the system manager configuration is reloaded, entries from /etc/integritytab are converted into
|
|
<filename>systemd-integritysetup@.service</filename> units by
|
|
<citerefentry><refentrytitle>systemd-integritysetup-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
|
|
|
|
<para><filename>systemd-integritysetup@.service</filename> calls <command>systemd-integritysetup</command>.</para>
|
|
</refsect1>
|
|
|
|
<refsect1>
|
|
<title>Commands</title>
|
|
|
|
<para>The following commands are understood by <command>systemd-integritysetup</command>:</para>
|
|
|
|
<variablelist>
|
|
<varlistentry>
|
|
<term>
|
|
<option>attach</option>
|
|
<replaceable>volume</replaceable>
|
|
<replaceable>device</replaceable>
|
|
[<replaceable>key-file|-</replaceable>]
|
|
[<replaceable>option(s)|-</replaceable>]
|
|
</term>
|
|
|
|
<listitem><para>Create a block device <replaceable>volume</replaceable> using
|
|
<replaceable>device</replaceable>. See integritytab man page and
|
|
<ulink url="https://www.kernel.org/doc/html/latest/admin-guide/device-mapper/dm-integrity.html">
|
|
Kernel dm-integrity</ulink> documentation for details.
|
|
</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term>
|
|
<option>detach</option>
|
|
<replaceable>volume</replaceable>
|
|
</term>
|
|
|
|
<listitem><para>Detach (destroy) the block device
|
|
<replaceable>volume</replaceable>.</para></listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term>
|
|
<option>help</option>
|
|
</term>
|
|
|
|
<listitem><para>Print short information about command syntax.</para></listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
</refsect1>
|
|
|
|
<refsect1>
|
|
<title>See Also</title>
|
|
<para>
|
|
<citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
|
|
<citerefentry><refentrytitle>integritytab</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
|
|
<citerefentry><refentrytitle>systemd-integritysetup-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
|
|
<citerefentry project='die-net'><refentrytitle>integritysetup</refentrytitle><manvolnum>8</manvolnum></citerefentry>
|
|
</para>
|
|
</refsect1>
|
|
|
|
</refentry>
|