mirror of
https://github.com/systemd/systemd.git
synced 2025-01-25 10:04:04 +03:00
29920c5b1f
It's useful being able to easily detect if a disk-based clock bump was done, let's make it a structure message, the same way as acquiring an NTP fix already is. Also, set the clock to 1 µs further than the timestamp from the disk, after all we know that that timestamp was current when it was written, hence it can't be the right one right now anymore.
552 lines
19 KiB
Plaintext
552 lines
19 KiB
Plaintext
# SPDX-License-Identifier: LGPL-2.1-or-later
|
||
|
||
# Message catalog for systemd's own messages
|
||
|
||
# The catalog format is documented on
|
||
# https://www.freedesktop.org/wiki/Software/systemd/catalog
|
||
|
||
# For an explanation why we do all this, see https://xkcd.com/1024/
|
||
|
||
-- f77379a8490b408bbe5f6940505a777b
|
||
Subject: The journal has been started
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
|
||
The system journal process has started up, opened the journal
|
||
files for writing and is now ready to process requests.
|
||
|
||
-- d93fb3c9c24d451a97cea615ce59c00b
|
||
Subject: The journal has been stopped
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
|
||
The system journal process has shut down and closed all currently
|
||
active journal files.
|
||
|
||
-- ec387f577b844b8fa948f33cad9a75e6
|
||
Subject: Disk space used by the journal
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
|
||
@JOURNAL_NAME@ (@JOURNAL_PATH@) is currently using @CURRENT_USE_PRETTY@.
|
||
Maximum allowed usage is set to @MAX_USE_PRETTY@.
|
||
Leaving at least @DISK_KEEP_FREE_PRETTY@ free (of currently available @DISK_AVAILABLE_PRETTY@ of disk space).
|
||
Enforced usage limit is thus @LIMIT_PRETTY@, of which @AVAILABLE_PRETTY@ are still available.
|
||
|
||
The limits controlling how much disk space is used by the journal may
|
||
be configured with SystemMaxUse=, SystemKeepFree=, SystemMaxFileSize=,
|
||
RuntimeMaxUse=, RuntimeKeepFree=, RuntimeMaxFileSize= settings in
|
||
/etc/systemd/journald.conf. See journald.conf(5) for details.
|
||
|
||
-- a596d6fe7bfa4994828e72309e95d61e
|
||
Subject: Messages from a service have been suppressed
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
Documentation: man:journald.conf(5)
|
||
|
||
A service has logged too many messages within a time period. Messages
|
||
from the service have been dropped.
|
||
|
||
Note that only messages from the service in question have been
|
||
dropped, other services' messages are unaffected.
|
||
|
||
The limits controlling when messages are dropped may be configured
|
||
with RateLimitIntervalSec= and RateLimitBurst= in
|
||
/etc/systemd/journald.conf or LogRateLimitIntervalSec= and LogRateLimitBurst=
|
||
in the unit file. See journald.conf(5) and systemd.exec(5) for details.
|
||
|
||
-- e9bf28e6e834481bb6f48f548ad13606
|
||
Subject: Journal messages have been missed
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
|
||
Kernel messages have been lost as the journal system has been unable
|
||
to process them quickly enough.
|
||
|
||
-- fc2e22bc6ee647b6b90729ab34a250b1
|
||
Subject: Process @COREDUMP_PID@ (@COREDUMP_COMM@) dumped core
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
Documentation: man:core(5)
|
||
|
||
Process @COREDUMP_PID@ (@COREDUMP_COMM@) crashed and dumped core.
|
||
|
||
This usually indicates a programming error in the crashing program and
|
||
should be reported to its vendor as a bug.
|
||
|
||
-- 5aadd8e954dc4b1a8c954d63fd9e1137
|
||
Subject: Core file was truncated to @SIZE_LIMIT@ bytes.
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
Documentation: man:coredump.conf(5)
|
||
|
||
The process had more memory mapped than the configured maximum for processing
|
||
and storage by systemd-coredump(8). Only the first @SIZE_LIMIT@ bytes were
|
||
saved. This core might still be usable, but various tools like gdb(1) will warn
|
||
about the file being truncated.
|
||
|
||
-- 8d45620c1a4348dbb17410da57c60c66
|
||
Subject: A new session @SESSION_ID@ has been created for user @USER_ID@
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
Documentation: sd-login(3)
|
||
|
||
A new session with the ID @SESSION_ID@ has been created for the user @USER_ID@.
|
||
|
||
The leading process of the session is @LEADER@.
|
||
|
||
-- 3354939424b4456d9802ca8333ed424a
|
||
Subject: Session @SESSION_ID@ has been terminated
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
Documentation: sd-login(3)
|
||
|
||
A session with the ID @SESSION_ID@ has been terminated.
|
||
|
||
-- fcbefc5da23d428093f97c82a9290f7b
|
||
Subject: A new seat @SEAT_ID@ is now available
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
Documentation: sd-login(3)
|
||
|
||
A new seat @SEAT_ID@ has been configured and is now available.
|
||
|
||
-- e7852bfe46784ed0accde04bc864c2d5
|
||
Subject: Seat @SEAT_ID@ has now been removed
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
Documentation: sd-login(3)
|
||
|
||
A seat @SEAT_ID@ has been removed and is no longer available.
|
||
|
||
-- c7a787079b354eaaa9e77b371893cd27
|
||
Subject: Time change
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
|
||
The system clock has been changed to @REALTIME@ microseconds after January 1st, 1970.
|
||
|
||
-- 45f82f4aef7a4bbf942ce861d1f20990
|
||
Subject: Time zone change to @TIMEZONE@
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
|
||
The system timezone has been changed to @TIMEZONE@.
|
||
|
||
-- b07a249cd024414a82dd00cd181378ff
|
||
Subject: System start-up is now complete
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
|
||
All system services necessary queued for starting at boot have been
|
||
started. Note that this does not mean that the machine is now idle as services
|
||
might still be busy with completing start-up.
|
||
|
||
Kernel start-up required @KERNEL_USEC@ microseconds.
|
||
|
||
Initrd start-up required @INITRD_USEC@ microseconds.
|
||
|
||
Userspace start-up required @USERSPACE_USEC@ microseconds.
|
||
|
||
-- eed00a68ffd84e31882105fd973abdd1
|
||
Subject: User manager start-up is now complete
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
|
||
The user manager instance for user @_UID@ has been started. All services queued
|
||
for starting have been started. Note that other services might still be starting
|
||
up or be started at any later time.
|
||
|
||
Startup of the manager took @USERSPACE_USEC@ microseconds.
|
||
|
||
-- 6bbd95ee977941e497c48be27c254128
|
||
Subject: System sleep state @SLEEP@ entered
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
|
||
The system has now entered the @SLEEP@ sleep state.
|
||
|
||
-- 8811e6df2a8e40f58a94cea26f8ebf14
|
||
Subject: System sleep state @SLEEP@ left
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
|
||
The system has now left the @SLEEP@ sleep state.
|
||
|
||
-- 98268866d1d54a499c4e98921d93bc40
|
||
Subject: System shutdown initiated
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
|
||
System shutdown has been initiated. The shutdown has now begun and
|
||
all system services are terminated and all file systems unmounted.
|
||
|
||
-- c14aaf76ec284a5fa1f105f88dfb061c
|
||
Subject: System factory reset initiated
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
|
||
System factory reset has been initiated. The precise operation this
|
||
executes is implementation-defined, but typically has the effect of
|
||
reverting the system's state and configuration to vendor defaults.
|
||
|
||
-- 7d4958e842da4a758f6c1cdc7b36dcc5
|
||
Subject: A start job for unit @UNIT@ has begun execution
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
|
||
A start job for unit @UNIT@ has begun execution.
|
||
|
||
The job identifier is @JOB_ID@.
|
||
|
||
-- 39f53479d3a045ac8e11786248231fbf
|
||
Subject: A start job for unit @UNIT@ has finished successfully
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
|
||
A start job for unit @UNIT@ has finished successfully.
|
||
|
||
The job identifier is @JOB_ID@.
|
||
|
||
-- be02cf6855d2428ba40df7e9d022f03d
|
||
Subject: A start job for unit @UNIT@ has failed
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
|
||
A start job for unit @UNIT@ has finished with a failure.
|
||
|
||
The job identifier is @JOB_ID@ and the job result is @JOB_RESULT@.
|
||
|
||
-- de5b426a63be47a7b6ac3eaac82e2f6f
|
||
Subject: A stop job for unit @UNIT@ has begun execution
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
|
||
A stop job for unit @UNIT@ has begun execution.
|
||
|
||
The job identifier is @JOB_ID@.
|
||
|
||
-- 9d1aaa27d60140bd96365438aad20286
|
||
Subject: A stop job for unit @UNIT@ has finished
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
|
||
A stop job for unit @UNIT@ has finished.
|
||
|
||
The job identifier is @JOB_ID@ and the job result is @JOB_RESULT@.
|
||
|
||
-- d34d037fff1847e6ae669a370e694725
|
||
Subject: A reload job for unit @UNIT@ has begun execution
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
|
||
A reload job for unit @UNIT@ has begun execution.
|
||
|
||
The job identifier is @JOB_ID@.
|
||
|
||
-- 7b05ebc668384222baa8881179cfda54
|
||
Subject: A reload job for unit @UNIT@ has finished
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
|
||
A reload job for unit @UNIT@ has finished.
|
||
|
||
The job identifier is @JOB_ID@ and the job result is @JOB_RESULT@.
|
||
|
||
-- 641257651c1b4ec9a8624d7a40a9e1e7
|
||
Subject: Process @EXECUTABLE@ could not be executed
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
|
||
The process @EXECUTABLE@ could not be executed and failed.
|
||
|
||
The error number returned by this process is @ERRNO@.
|
||
|
||
-- 0027229ca0644181a76c4e92458afa2e
|
||
Subject: One or more messages could not be forwarded to syslog
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
|
||
One or more messages could not be forwarded to the syslog service
|
||
running side-by-side with journald. This usually indicates that the
|
||
syslog implementation has not been able to keep up with the speed of
|
||
messages queued.
|
||
|
||
-- 1dee0369c7fc4736b7099b38ecb46ee7
|
||
Subject: Mount point is not empty
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
|
||
The directory @WHERE@ is specified as the mount point (second field in
|
||
/etc/fstab or Where= field in systemd unit file) and is not empty.
|
||
This does not interfere with mounting, but the pre-exisiting files in
|
||
this directory become inaccessible. To see those over-mounted files,
|
||
please manually mount the underlying file system to a secondary
|
||
location.
|
||
|
||
-- 24d8d4452573402496068381a6312df2
|
||
Subject: A virtual machine or container has been started
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
|
||
The virtual machine @NAME@ with its leader PID @LEADER@ has been
|
||
started is now ready to use.
|
||
|
||
-- 58432bd3bace477cb514b56381b8a758
|
||
Subject: A virtual machine or container has been terminated
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
|
||
The virtual machine @NAME@ with its leader PID @LEADER@ has been
|
||
shut down.
|
||
|
||
-- 36db2dfa5a9045e1bd4af5f93e1cf057
|
||
Subject: DNSSEC mode has been turned off, as server doesn't support it
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
Documentation: man:systemd-resolved.service(8)
|
||
Documentation: man:resolved.conf(5)
|
||
|
||
The resolver service (systemd-resolved.service) has detected that the
|
||
configured DNS server does not support DNSSEC, and DNSSEC validation has been
|
||
turned off as result.
|
||
|
||
This event will take place if DNSSEC=allow-downgrade is configured in
|
||
resolved.conf and the configured DNS server is incompatible with DNSSEC. Note
|
||
that using this mode permits DNSSEC downgrade attacks, as an attacker might be
|
||
able turn off DNSSEC validation on the system by inserting DNS replies in the
|
||
communication channel that result in a downgrade like this.
|
||
|
||
This event might be indication that the DNS server is indeed incompatible with
|
||
DNSSEC or that an attacker has successfully managed to stage such a downgrade
|
||
attack.
|
||
|
||
-- 1675d7f172174098b1108bf8c7dc8f5d
|
||
Subject: DNSSEC validation failed
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
Documentation: man:systemd-resolved.service(8)
|
||
|
||
A DNS query or resource record set failed DNSSEC validation. This is usually
|
||
indication that the communication channel used was tampered with.
|
||
|
||
-- 4d4408cfd0d144859184d1e65d7c8a65
|
||
Subject: A DNSSEC trust anchor has been revoked
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
Documentation: man:systemd-resolved.service(8)
|
||
|
||
A DNSSEC trust anchor has been revoked. A new trust anchor has to be
|
||
configured, or the operating system needs to be updated, to provide an updated
|
||
DNSSEC trust anchor.
|
||
|
||
-- 5eb03494b6584870a536b337290809b3
|
||
Subject: Automatic restarting of a unit has been scheduled
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
|
||
Automatic restarting of the unit @UNIT@ has been scheduled, as the result for
|
||
the configured Restart= setting for the unit.
|
||
|
||
-- ae8f7b866b0347b9af31fe1c80b127c0
|
||
Subject: Resources consumed by unit runtime
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
|
||
The unit @UNIT@ completed and consumed the indicated resources.
|
||
|
||
-- 7ad2d189f7e94e70a38c781354912448
|
||
Subject: Unit succeeded
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
|
||
The unit @UNIT@ has successfully entered the 'dead' state.
|
||
|
||
-- 0e4284a0caca4bfc81c0bb6786972673
|
||
Subject: Unit skipped
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
|
||
The unit @UNIT@ was skipped due to an ExecCondition= command failure, and has
|
||
entered the 'dead' state with result '@UNIT_RESULT@'.
|
||
|
||
-- d9b373ed55a64feb8242e02dbe79a49c
|
||
Subject: Unit failed
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
|
||
The unit @UNIT@ has entered the 'failed' state with result '@UNIT_RESULT@'.
|
||
|
||
-- 98e322203f7a4ed290d09fe03c09fe15
|
||
Subject: Unit process exited
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
|
||
An @COMMAND@= process belonging to unit @UNIT@ has exited.
|
||
|
||
The process' exit code is '@EXIT_CODE@' and its exit status is @EXIT_STATUS@.
|
||
|
||
-- 50876a9db00f4c40bde1a2ad381c3a1b
|
||
Subject: The system is configured in a way that might cause problems
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
|
||
The following "tags" are possible:
|
||
- "split-usr" — /usr is a separate file system and was not mounted when systemd
|
||
was booted
|
||
- "cgroups-missing" — the kernel was compiled without cgroup support or access
|
||
to expected interface files is restricted
|
||
- "var-run-bad" — /var/run is not a symlink to /run
|
||
- "overflowuid-not-65534" — the kernel user ID used for "unknown" users (with
|
||
NFS or user namespaces) is not 65534
|
||
- "overflowgid-not-65534" — the kernel group ID used for "unknown" users (with
|
||
NFS or user namespaces) is not 65534
|
||
Current system is tagged as @TAINT@.
|
||
|
||
-- fe6faa94e7774663a0da52717891d8ef
|
||
Subject: A process of @UNIT@ unit has been killed by the OOM killer.
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
|
||
A process of unit @UNIT has been killed by the Linux kernel out-of-memory (OOM)
|
||
killer logic. This usually indicates that the system is low on memory and that
|
||
memory needed to be freed. A process associated with @UNIT@ has been determined
|
||
as the best process to terminate and has been forcibly terminated by the
|
||
kernel.
|
||
|
||
Note that the memory pressure might or might not have been caused by @UNIT@.
|
||
|
||
-- b61fdac612e94b9182285b998843061f
|
||
Subject: Accepting user/group name @USER_GROUP_NAME@, which does not match strict user/group name rules.
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
Documentation: https://systemd.io/USER_NAMES
|
||
|
||
The user/group name @USER_GROUP_NAME@ has been specified, which is accepted
|
||
according the relaxed user/group name rules, but does not qualify under the
|
||
strict rules.
|
||
|
||
The strict user/group name rules written as regular expression are:
|
||
|
||
^[a-zA-Z_][a-zA-Z0-9_-]{0,30}$
|
||
|
||
The relaxed user/group name rules accept all names, except for the empty
|
||
string; names containing NUL bytes, control characters, colon or slash
|
||
characters; names not valid UTF-8; names with leading or trailing whitespace;
|
||
the strings "." or ".."; fully numeric strings, or strings beginning in a
|
||
hyphen and otherwise fully numeric.
|
||
|
||
-- 1b3bb94037f04bbf81028e135a12d293
|
||
Subject: Failed to generate valid unit name from path '@MOUNT_POINT@'.
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
|
||
The following mount point path could not be converted into a valid .mount
|
||
unit name:
|
||
|
||
@MOUNT_POINT@
|
||
|
||
Typically this means that the path to the mount point is longer than allowed
|
||
for valid unit names.
|
||
|
||
systemd dynamically synthesizes .mount units for all mount points appearing on
|
||
the system. For that a simple escaping algorithm is applied: the absolute path
|
||
name is used, with all "/" characters replaced by "-" (the leading one is
|
||
removed). Moreover, any non-alphanumeric characters (as well as any of ":",
|
||
"-", "_", ".", "\") are replaced by "\xNN" where "NN" is the hexadecimal code
|
||
of the character. Finally, ".mount" is suffixed. The resulting string must be
|
||
under 256 characters in length to be a valid unit name. This restriction is
|
||
made in order for all unit names to also be suitable as file names. If a mount
|
||
point appears that — after escaping — is longer than this limit it cannot be
|
||
mapped to a unit. In this case systemd will refrain from synthesizing a unit
|
||
and cannot be used to manage the mount point. It will not appear in the service
|
||
manager's unit table and thus also not be torn down safely and automatically at
|
||
system shutdown.
|
||
|
||
It is generally recommended to avoid such overly long mount point paths, or —
|
||
if used anyway – manage them independently of systemd, i.e. establish them as
|
||
well as tear them down automatically at system shutdown by other software.
|
||
|
||
-- b480325f9c394a7b802c231e51a2752c
|
||
Subject: Special user @OFFENDING_USER@ configured, this is not safe!
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
Documentation: https://systemd.io/UIDS-GIDS
|
||
|
||
The unit @UNIT@ is configured to use User=@OFFENDING_USER@.
|
||
|
||
This is not safe. The @OFFENDING_USER@ user's main purpose on Linux-based
|
||
operating systems is to be the owner of files that otherwise cannot be mapped
|
||
to any local user. It's used by the NFS client and Linux user namespacing,
|
||
among others. By running a unit's processes under the identity of this user
|
||
they might possibly get read and even write access to such files that cannot
|
||
otherwise be mapped.
|
||
|
||
It is strongly recommended to avoid running services under this user identity,
|
||
in particular on systems using NFS or running containers. Allocate a user ID
|
||
specific to this service, either statically via systemd-sysusers or dynamically
|
||
via the DynamicUser= service setting.
|
||
|
||
-- 1c0454c1bd2241e0ac6fefb4bc631433
|
||
Subject: systemd-udev-settle.service is deprecated.
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
|
||
Usage of the systemd service unit systemd-udev-settle.service is deprecated. It
|
||
inserts artificial delays into the boot process without providing the
|
||
guarantees other subsystems traditionally assumed it provides. Relying on this
|
||
service is racy, and it is generally a bug to make use of it and depend on it.
|
||
|
||
Traditionally, this service's job was to wait until all devices a system
|
||
possesses have been fully probed and initialized, delaying boot until this
|
||
phase is completed. However, today's systems and hardware generally don't work
|
||
this way anymore, hardware today may show up any time and take any time to be
|
||
probed and initialized. Thus, in the general case, it's no longer possible to
|
||
correctly delay boot until "all devices" have been processed, as it is not
|
||
clear what "all devices" means and when they have been found. This is in
|
||
particular the case if USB hardware or network-attached hardware is used.
|
||
|
||
Modern software that requires some specific hardware (such as a network device
|
||
or block device) to operate should only wait for the specific devices it needs
|
||
to show up, and otherwise operate asynchronously initializing devices as they
|
||
appear during boot and during runtime without delaying the boot process.
|
||
|
||
It is a defect of the software in question if it doesn't work this way, and
|
||
still pulls systemd-udev-settle.service into the boot process.
|
||
|
||
Please file a bug report against the following units, with a request for it to
|
||
be updated to operate in a hotplug fashion without depending on
|
||
systemd-udev-settle.service:
|
||
|
||
@OFFENDING_UNITS@
|
||
|
||
-- 7c8a41f37b764941a0e1780b1be2f037
|
||
Subject: Initial clock synchronization
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
|
||
For the first time during the current boot an NTP synchronization has been
|
||
acquired and the local system clock adjustment has been initiated.
|
||
|
||
-- 7db73c8af0d94eeb822ae04323fe6ab6
|
||
Subject: Initial clock bump
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
|
||
The system clock has been advanced based on a timestamp file on disk, in order
|
||
to ensure it remains roughly monotonic – even across reboots – if an RTC is not
|
||
available or is unreliable.
|
||
|
||
-- 3f7d5ef3e54f4302b4f0b143bb270cab
|
||
Subject: TPM PCR Extended
|
||
Defined-By: systemd
|
||
Support: %SUPPORT_URL%
|
||
|
||
The Trusted Platform Module's (TPM) Platform Configuration Register (PCR)
|
||
@PCR@, on banks @BANKS@, has been extended with the string '@MEASURING@'.
|
||
|
||
Whenever the system transitions to a new runtime phase, the specified PCR is
|
||
extended with a different string, to ensure that security policies for
|
||
TPM-bound secrets and other resources are limited to specific phases of the
|
||
runtime.
|