From e60d01bdbf0d31d32d4bf1e36d5c40e16c84fafb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Sun, 14 Jul 2024 14:25:59 +0200 Subject: [PATCH] man/systemd-repart: extend description and reword some sentences The page was written when systemd-repart was primarily intended to be used on a running system. But nowadays it's more often used to create images, so extend that part of the description. While at it, fix some whitespace issues and trim some overly complicated sentences. (cherry picked from commit d202ea57549248c4246c8f453a2ff88a4c2a7e1e) --- man/systemd-repart.xml | 116 ++++++++++++++++++++++------------------- 1 file changed, 63 insertions(+), 53 deletions(-) diff --git a/man/systemd-repart.xml b/man/systemd-repart.xml index 8f48081097b..471eddd779a 100644 --- a/man/systemd-repart.xml +++ b/man/systemd-repart.xml @@ -35,31 +35,34 @@ Description - systemd-repart grows and adds partitions to a partition table, based on the - configuration files described in + systemd-repart creates partition tables, and adds or grows partitions, + based on the configuration files described in repart.d5. - If invoked with no arguments, it operates on the block device backing the root file system - partition of the running OS, thus growing and adding partitions of the booted OS image itself. If - --image= is used it will operate on the specified image file. When called in the - initrd it operates on the block device backing /sysroot/ instead, i.e. on the block - device the system will soon transition into. The systemd-repart.service service is - generally run at boot in the initrd, in order to augment the partition table of the OS before its - partitions are mounted. systemd-repart (mostly) operates in a purely incremental mode: - it only grows existing and adds new partitions; it does not shrink, delete or move existing partitions. - The service is intended to be run on every boot, but when it detects that the partition table already - matches the installed repart.d/*.conf configuration files, it executes no - operation. + systemd-repart is used when building OS images, and also + when deploying images to automatically adjust them, during boot, to the system they + are running on. This way the image can be minimal in size and may be augmented automatically at boot, + taking possession of the disk space available. - systemd-repart is intended to be used when deploying OS images, to automatically - adjust them to the system they are running on, during first boot. This way the deployed image can be - minimal in size and may be augmented automatically at boot when needed, taking possession of disk space - available but not yet used. Specifically the following use cases are among those covered: + If invoked with no arguments, systemd-repart operates on the block device + backing the root file system partition of the running OS, thus adding and growing partitions of the + booted OS itself. When called in the initrd, it operates on the block device backing + /sysroot/ instead, i.e. on the block device the system will soon transition into. If + --image= is used, it will operate on the specified device or image file. The + systemd-repart.service service is generally run at boot in the initrd, in order to + augment the partition table of the OS before its partitions are mounted. + + systemd-repart operations are mostly incremental: it grows existing partitions + or adds new ones, but does not shrink, delete, or move existing partitions. The service is intended to be + run on every boot, but when it detects that the partition table already matches the installed + repart.d/*.conf configuration files, it executes no operation. + + The following use cases are among those covered: The root partition may be grown to cover the whole available disk space. - A /home/, swap or /srv/ partition can be + A /home/, swap, or /srv/ partition can be added. A second (or third, …) root partition may be added, to cover A/B style setups where a second version of the root file system is alternatingly used for implementing update @@ -70,23 +73,22 @@ The algorithm executed by systemd-repart is roughly as follows: - The repart.d/*.conf configuration files are loaded and parsed, - and ordered by filename (without the directory prefix). For each configuration file, - drop-in files are looked for in directories with same name as the configuration file - with a suffix ".d" added. - - The partition table already existing on the block device is loaded and - parsed. - - The existing partitions in the partition table are matched up with the - repart.d/*.conf files by GPT partition type UUID. The first existing partition - of a specific type is assigned the first configuration file declaring the same type. The second - existing partition of a specific type is then assigned the second configuration file declaring the same - type, and so on. After this iterative assigning is complete any left-over existing partitions that have - no matching configuration file are considered "foreign" and left as they are. And any configuration - files for which no partition currently exists are understood as a request to create such a partition. + The repart.d/*.conf configuration files are loaded and parsed, and + ordered by filename (without the directory prefix). For each configuration file, drop-in files are + loaded from directories with same name as the configuration file with the suffix ".d" added. + The partition table on the block device is loaded and parsed, if present. + + + The existing partitions in the partition table are matched with the + repart.d/*.conf files by GPT partition type UUID. The first existing partition of + a specific type is assigned the first configuration file declaring the same type. The second existing + partition of a specific type is then assigned the second configuration file declaring the same type, + and so on. After this iterative assigning is complete, any existing partitions that have no matching + configuration file are considered "foreign" and left as they are. And any configuration files for which + no partition was matched are treated as requests to create a partition. + Partitions that shall be created are now allocated on the disk, taking the size constraints and weights declared in the configuration files into account. Free space is used within the limits set by size and padding requests. In addition, existing partitions that should be grown are @@ -124,12 +126,11 @@ partition table. - As exception to the normally strictly incremental operation, when called in a special "factory - reset" mode, systemd-repart may also be used to erase existing partitions to - reset an installation back to vendor defaults. This mode of operation is used when either the - switch is passed on the tool's command line, or the - option specified on the kernel command line, or the - FactoryReset EFI variable (vendor UUID + As an exception to the normal incremental operation, when called in a special "factory reset" mode, + systemd-repart may be used to erase existing partitions to reset an installation back + to vendor defaults. This mode of operation is used when either the + switch is passed on the tool's command line, or the option is + specified on the kernel command line, or the FactoryReset EFI variable (vendor UUID 8cf2644b-4b0b-428f-9387-6d876050dc67) is set to "yes". It alters the algorithm above slightly: between the 3rd and the 4th step above any partition marked explicitly via the FactoryReset= boolean is deleted, and the algorithm restarted, thus immediately @@ -153,11 +154,9 @@ from a common seed images prepared with this tool become reproducible and the result of the algorithm above deterministic. - The positional argument should specify the block device to operate on. Instead of a block device - node path a regular file may be specified too, in which case the command operates on it like it would if - a loopback block device node was specified with the file attached. If is - specified the specified path is created as regular file, which is useful for generating disk images from - scratch. + The positional argument should specify the block device or a regular file to operate on. If + is specified, the specified path is created as regular file, which is + useful for generating disk images from scratch. @@ -168,6 +167,7 @@ + Takes a boolean. If this switch is not specified is the implied default. Controls whether systemd-repart executes the requested re-partition operations or whether it should only show what it would do. Unless @@ -179,6 +179,7 @@ + Takes one of refuse, allow, require, force or create. Controls how to operate on block devices that are entirely empty, i.e. carry no partition table/disk label yet. If @@ -623,7 +624,7 @@ Exit status - On success, 0 is returned, a non-zero failure code otherwise. + On success, 0 is returned, and a non-zero failure code otherwise. @@ -635,15 +636,19 @@ The following creates a configuration extension DDI (confext) for an /etc/motd update: - mkdir tree tree/etc tree/etc/extension-release.d -echo "Hello World" > tree/etc/motd -cat > tree/etc/extension-release.d/extension-release.my-motd <<EOF + mkdir -p tree/etc/extension-release.d +echo "Hello World" >tree/etc/motd +cat >tree/etc/extension-release.d/extension-release.my-motd <<EOF ID=fedora VERSION_ID=38 IMAGE_ID=my-motd IMAGE_VERSION=7 EOF -systemd-repart -C --private-key=privkey.pem --certificate=cert.crt -s tree/ /var/lib/confexts/my-motd.confext.raw +systemd-repart -C \ + --private-key=privkey.pem \ + --certificate=cert.crt \ + -s tree/ \ + /var/lib/confexts/my-motd.confext.raw systemd-confext refresh The DDI generated that way may be applied to the system with @@ -656,15 +661,20 @@ systemd-confext refresh The following creates a system extension DDI (sysext) for an /usr/foo update and signs it with a hardware token via PKCS11. - mkdir tree tree/usr tree/usr/lib/extension-release.d -echo "Hello World" > tree/usr/foo -cat > tree/usr/lib/extension-release.d/extension-release.my-foo <<EOF + mkdir -p tree/usr/lib/extension-release.d +echo "Hello World" >tree/usr/foo +cat >tree/usr/lib/extension-release.d/extension-release.my-foo <<EOF ID=fedora VERSION_ID=38 IMAGE_ID=my-foo IMAGE_VERSION=7 EOF -systemd-repart --make-ddi=sysext --private-key-source=engine:pkcs11 --private-key="pkcs11:model=PKCS%2315%20emulated;manufacturer=piv_II;serial=0123456789abcdef;token=Some%20Cert" --certificate=cert.crt -s tree/ /var/lib/extensions/my-foo.sysext.raw +systemd-repart --make-ddi=sysext \ + --private-key-source=engine:pkcs11 \ + --private-key="pkcs11:model=PKCS%2315%20emulated;manufacturer=piv_II;serial=0123456789abcdef;token=Some%20Cert" \ + --certificate=cert.crt \ + -s tree/ \ + /var/lib/extensions/my-foo.sysext.raw systemd-sysext refresh The DDI generated that way may be applied to the system with