summaryrefslogtreecommitdiff
path: root/man/systemd-integritysetup@.service.xml
diff options
context:
space:
mode:
authorTony Asleson <tasleson@redhat.com>2021-09-26 11:53:42 -0500
committerTony Asleson <tasleson@redhat.com>2021-10-15 10:19:54 -0500
commit1f1a2243c0920bed1ba0ffd8e94e1de0172259ac (patch)
tree88a345aa7a9d6a92bfaf4765c4e36f7f8471d959 /man/systemd-integritysetup@.service.xml
parent9a2a6ec4e31abe4b58b140767a82200f79c8645f (diff)
downloadsystemd-1f1a2243c0920bed1ba0ffd8e94e1de0172259ac.tar.gz
Add stand-alone dm-integrity support
This adds support for dm integrity targets and an associated /etc/integritytab file which is required as the dm integrity device super block doesn't include all of the required metadata to bring up the device correctly. See integritytab man page for details.
Diffstat (limited to 'man/systemd-integritysetup@.service.xml')
-rw-r--r--man/systemd-integritysetup@.service.xml95
1 files changed, 95 insertions, 0 deletions
diff --git a/man/systemd-integritysetup@.service.xml b/man/systemd-integritysetup@.service.xml
new file mode 100644
index 0000000000..24336c262d
--- /dev/null
+++ b/man/systemd-integritysetup@.service.xml
@@ -0,0 +1,95 @@
+<?xml version="1.0"?>
+<!--*-nxml-*-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
+<!-- SPDX-License-Identifier: LGPL-2.1-or-later -->
+<refentry id="systemd-integritysetup@.service" conditional='HAVE_LIBCRYPTSETUP'>
+
+ <refentryinfo>
+ <title>systemd-integritysetup@.service</title>
+ <productname>systemd</productname>
+ </refentryinfo>
+
+ <refmeta>
+ <refentrytitle>systemd-integritysetup@.service</refentrytitle>
+ <manvolnum>8</manvolnum>
+ </refmeta>
+
+ <refnamediv>
+ <refname>systemd-integritysetup@.service</refname>
+ <refname>systemd-integritysetup</refname>
+ <refpurpose>Disk integrity protection logic</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv>
+ <para><filename>systemd-integritysetup@.service</filename></para>
+ <para><filename>/usr/lib/systemd/systemd-integritysetup</filename></para>
+ </refsynopsisdiv>
+
+ <refsect1>
+ <title>Description</title>
+
+ <para><filename>systemd-integritysetup@.service</filename> is a service responsible for setting up integrity
+ protected block devices. It should be instantiated for each device that requires integrity
+ protection.</para>
+
+ <para>At early boot and when the system manager configuration is reloaded, entries from /etc/integritytab are converted into
+ <filename>systemd-integritysetup@.service</filename> units by
+ <citerefentry><refentrytitle>systemd-integritysetup-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
+
+ <para><filename>systemd-integritysetup@.service</filename> calls <command>systemd-integritysetup</command>.</para>
+ </refsect1>
+
+ <refsect1>
+ <title>Commands</title>
+
+ <para>The following commands are understood by <command>systemd-integritysetup</command>:</para>
+
+ <variablelist>
+ <varlistentry>
+ <term>
+ <option>attach</option>
+ <replaceable>volume</replaceable>
+ <replaceable>device</replaceable>
+ [<replaceable>key-file|-</replaceable>]
+ [<replaceable>option(s)|-</replaceable>]
+ </term>
+
+ <listitem><para>Create a block device <replaceable>volume</replaceable> using
+ <replaceable>device</replaceable>. See integritytab man page and
+ <ulink url="https://www.kernel.org/doc/html/latest/admin-guide/device-mapper/dm-integrity.html">
+ Kernel dm-integrity</ulink> documentation for details.
+ </para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>detach</option>
+ <replaceable>volume</replaceable>
+ </term>
+
+ <listitem><para>Detach (destroy) the block device
+ <replaceable>volume</replaceable>.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>
+ <option>help</option>
+ </term>
+
+ <listitem><para>Print short information about command syntax.</para></listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1>
+ <title>See Also</title>
+ <para>
+ <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>integritytab</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>systemd-integritysetup-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+ <citerefentry project='die-net'><refentrytitle>integritysetup</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+ </para>
+ </refsect1>
+
+</refentry>
View Lorry Controller Status