1
0
mirror of https://github.com/systemd/systemd.git synced 2024-11-01 00:51:24 +03:00
Commit Graph

31 Commits

Author SHA1 Message Date
Martin Pitt
4eac277367 cryptsetup: Implement offset and skip options
These are useful for plain devices as they don't have any metadata by
themselves. Instead of using an unreliable hardcoded device name in crypttab
you can then put static metadata at the start of the partition for a stable
UUID or label.

https://bugs.freedesktop.org/show_bug.cgi?id=87717
https://bugs.debian.org/751707
https://launchpad.net/bugs/953875
2015-04-17 10:53:01 -05:00
Zbigniew Jędrzejewski-Szmek
3ba3a79df4 man: fix a bunch of links
All hail linkchecker!
2015-03-13 23:42:18 -04:00
Zbigniew Jędrzejewski-Szmek
798d3a524e Reindent man pages to 2ch 2015-02-03 23:11:35 -05:00
Torstein Husebø
cc98b3025e treewide: fix multiple typos 2015-01-26 10:39:47 -05:00
Andrey Chaser
7376e83528 cryptsetup: support header= option
https://bugs.freedesktop.org/show_bug.cgi?id=66396
2015-01-08 16:33:59 -05:00
Zbigniew Jędrzejewski-Szmek
dc5cd2b772 man: document x-systemd.device-timeout for crypttab
https://bugs.freedesktop.org/show_bug.cgi?id=54210
2014-07-10 22:52:23 -04:00
Zbigniew Jędrzejewski-Szmek
5aded36978 man: add a mapping for external manpages
It is annoying when we have dead links on fd.o.

Add project='man-pages|die-net|archlinux' to <citerefentry>-ies.

In generated html, add external links to
http://man7.org/linux/man-pages/man, http://linux.die.net/man/,
https://www.archlinux.org/.

By default, pages in sections 2 and 4 go to man7, since Michael
Kerrisk is the autorative source on kernel related stuff.

The rest of links goes to linux.die.net, because they have the
manpages.

Except for the pacman stuff, since it seems to be only available from
archlinux.org.

Poor gummiboot gets no link, because gummitboot(8) ain't to be found
on the net. According to common wisdom, that would mean that it does
not exist. But I have seen Kay using it, so I know it does, and
deserves to be found. Can somebody be nice and put it up somewhere?
2014-07-07 18:36:55 -04:00
Zbigniew Jędrzejewski-Szmek
63b03c0b28 man: mention that x-systemd.device-timeout is only for fstab
Reformat fstab options description. Now they are easier to read and
show up in systemd.directives(7).

Use a single sublist for both /etc/fstab and /etc/crypttab options.
Many of them can be used in both places. crypttab(5) is updated to use
the same docbook elements, so formatting is uniform.
2014-06-30 18:41:17 -04:00
Zbigniew Jędrzejewski-Szmek
9fcdf32294 man: fix path in crypttab(5)
https://bugs.freedesktop.org/show_bug.cgi?id=75816
2014-06-23 23:14:54 -04:00
Jan Engelhardt
dc968941bf doc: choose different words to improve clarity
I suggest the following changes to improve the way the text reads
("flows").
2014-02-17 19:03:07 -05:00
Jason St. John
b200a92cdc man: use spaces instead of tabs
Several sections of the man pages included intermixed tabs and spaces;
this commit replaces all tabs with spaces.
2014-02-14 22:08:10 -05:00
Jan Janssen
0452ffebbb man: cryptsetup-1.6.3 now allows partition device file in system mode 2014-02-07 15:51:58 +01:00
Christian Seiler
b4a11878f2 cryptsetup: Support key-slot option
Debian recently introduced the option key-slot to /etc/crypttab to
specify the LUKS key slot to be used for decrypting the device. On
systems where a keyfile is used and the key is not in the first slot,
this can speed up the boot process quite a bit, since cryptsetup does
not need to try all of the slots sequentially. (Unsuccessfully testing
a key slot typically takes up to about 1 second.)

This patch makes systemd aware of this option.

Debian bug that introduced the feature:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=704470
2014-01-26 13:24:01 +01:00
Lukas Nykryn
517dcac840 Revert "man: suggest using hash= atribut for swap in example"
This reverts commit fa7abba232.
2013-11-25 09:31:09 +01:00
Václav Pavlín
fa7abba232 man: suggest using hash= atribut for swap in example
(#883941)
2013-11-21 15:34:01 +01:00
Thomas Bächler
404dac4d96 cryptsetup: Retry indefinitely if tries=0 option has been set.
When running from initrd, entering a wrong passphrase usually means that
you cannot boot. Therefore, we allow trying indefinitely.
2013-09-11 17:44:33 +02:00
Ondrej Balaz
1acbb95c2b systemd-cryptsetup: makes “discard” a synonym for “allow-discards”
systemd-cryptsetup recognizes option 'allow-discards' in /etc/crypttab
to enable TRIM passthrough to underlying encrypted device. In Debian
this option was changed to 'discard' to avoid hyphen in option name.
(see: #648868 and `man crypttab`).

[zj: update crypttab(5) too, making "discard" the default.]
2013-08-14 22:54:07 -04:00
Jan Engelhardt
fbce11397f man: wording and grammar updates
This includes regularly-submitted corrections to comma setting and
orthographical mishaps that appeared in man/ in recent commits.
2013-07-21 11:23:58 -04:00
Jan Janssen
8cf3ca8068 cryptsetup: Add tcrypt support
Tcrypt uses a different approach to passphrases/key files. The
passphrase and all key files are incorporated into the "password"
to open the volume. So, the idea of slots that provide a way to
open the volume with different passphrases/key files that are
independent from each other like with LUKS does not apply.

Therefore, we use the key file from /etc/crypttab as the source
for the passphrase. The actual key files that are combined with
the passphrase into a password are provided as a new option in
/etc/crypttab and can be given multiple times if more than one
key file is used by a volume.
2013-07-16 01:24:31 +02:00
Jan Engelhardt
409dee2e44 man: more grammar improvements
- place commas
- expand contractions (this is written prose :)
- add some missing words
2013-07-03 08:19:20 -04:00
Zbigniew Jędrzejewski-Szmek
909f413d3c man: always supply quotes around literals
When manpages are displayed on a terminal, <literal>s are indistinguishable
from surrounding text. Add quotes everywhere, remove duplicate quotes,
and tweak a few lists for consistent formatting.

https://bugzilla.redhat.com/show_bug.cgi?id=874631
2013-06-26 08:05:14 -04:00
Lennart Poettering
8b95c91638 man: document that timeout=0 is the default for entries in crypttab 2013-04-18 02:21:01 +02:00
Zbigniew Jędrzejewski-Szmek
56ba3c78ae build-sys: create Makefile-man.am automatically
man rules were repeating the same information in too many places,
which was error prone. Those rules can be easily generated from .xml
files. For efficiency and because python is not a required dependency,
Makefile-man.am is only regenerated when requested with

  make update-man-list

If no metadata in man/*.xml changed, this file should not change. So
only when a new man page or a new alias is added, this file should
show up in 'git diff'. The change should then be committed.

If the support for building from git without python was dropped, we
could drop Makefile-man.am from version control. This would also
increase the partial build time (since more stuff would be rebuild
whenever sources in man/*.xml would be modified), so it would probably
wouldn't be worth it.
2013-02-06 23:16:16 -05:00
Michal Schmidt
18cf1a1be5 cryptsetup: accept both "read-only" and "readonly" spellings
Mukund Sivaraman pointed out that cryptsetup(5) mentions the "read-only"
option, while the code understands "readonly".

We could just fix the manpage, but for consistency in naming of
multi-word options it would be prettier to have "read-only". So let's
accept both spellings.

BZ: https://bugzilla.redhat.com/show_bug.cgi?id=903463
2013-01-31 19:57:56 +01:00
Zbigniew Jędrzejewski-Szmek
ccc9a4f9ff man: extend systemd.directives(7) to all manual pages
New sections are added: PAM options, crypttab options, commandline
options, miscellaneous. The last category will be used for all
untagged <varname> elements.

Commandline options sections is meant to be a developer tool: when
adding an option it is sometimes useful to be able to check if
similarly named options exist elsewhere.
2013-01-26 11:36:53 -05:00
Tom Gundersen
c93350728e man: clearify the meaning of timeout=0 for password agents
The fact that timeout=0 makes password agents wait indefinitely is documented
in http://www.freedesktop.org/wiki/Software/systemd/PasswordAgents. Document
it also in the relevant man pages.
2013-01-23 01:08:48 +01:00
Thomas Hindoe Paaboel Andersen
c53158818d man: fix a bunch of typos in docs
https://bugs.freedesktop.org/show_bug.cgi?id=54501
2012-09-13 19:34:24 +02:00
Tom Gundersen
4271d8235f cryptsetup: add keyfile-size= support
This is useful e.g. if the keyfile is a raw device, where only parts of it
should be read. It is typically used whenever the keyfile-offset= option is
specified.

Tested-by: Erik Westrup <erik.westrup@gmail.com>
2012-08-03 20:49:55 +02:00
Tom Gundersen
880a599e26 cryptsetup: add keyfile-offset= support
This is useful if your keyfile is a block device, and you want to
use a specific part of it, such as an area between the MBR and the
first partition.

This feature is documented in the Arch wiki[0], and has been supported
by the Arch initscripts, so would be nice to get this into systemd.

This requires libcryptsetup >= 1.4.2 (released 12.4.2012).

Acked-by: Paul Menzel <paulepanter@users.sourceforge.net>

[0]:
<https://wiki.archlinux.org/index.php/System_Encryption_with_LUKS#
Storing_the_key_between_MBR_and_1st_partition>
2012-07-09 22:07:52 +02:00
Lennart Poettering
8e129f5156 man: document systemd-cryptsetup-generator 2012-06-27 14:51:47 +02:00
Lennart Poettering
45ae1a05f9 man: document /etc/crypttab 2012-06-27 13:23:12 +02:00