diff options
author | Luca Boccassi <bluca@debian.org> | 2023-01-03 18:11:04 +0100 |
---|---|---|
committer | Luca Boccassi <bluca@debian.org> | 2023-01-05 23:07:16 +0100 |
commit | 4a91ace5bc737d552fa20444d99d1100d9c1f9f7 (patch) | |
tree | 5caac499a8e6559a41a0a9f5a8646cbc11bc2dc7 /man/systemd.system-credentials.xml | |
parent | 6c94cfcda5387bcec36867c7639c777179d6e7c2 (diff) | |
download | systemd-4a91ace5bc737d552fa20444d99d1100d9c1f9f7.tar.gz |
creds: import 'vmm.notify_socket' and use it to set
This is intended to be used with VSOCK, to notify the hypervisor/VMM, eg on the host:
qemu <...> -smbios type=11,value=io.systemd.credential:vmm.notify_socket=vsock:2:1234 -device vhost-vsock-pci,id=vhost-vsock-pci0,guest-cid=42
(vsock:2:1234 -> send to host on vsock port 1234, default is to send to 0 which is
the hypervisor itself)
Also on the host:
$ socat - VSOCK-LISTEN:1234,socktype=5
READY=1
STATUS=Ready.
Diffstat (limited to 'man/systemd.system-credentials.xml')
-rw-r--r-- | man/systemd.system-credentials.xml | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/man/systemd.system-credentials.xml b/man/systemd.system-credentials.xml index 3eadf9b985..2a87139a11 100644 --- a/man/systemd.system-credentials.xml +++ b/man/systemd.system-credentials.xml @@ -190,6 +190,24 @@ </listitem> </varlistentry> + <varlistentry> + <term><varname>vmm.notify_socket</varname></term> + <listitem> + <para>This credential is parsed looking for an <constant>AF_VSOCK</constant> or + <constant>AF_UNIX</constant> address where to send a <constant>READY=1</constant> + notification datagram when the system has finished booting. See: + <citerefentry><refentrytitle>sd_notify</refentrytitle><manvolnum>3</manvolnum></citerefentry> + This is useful for hypervisors/VMMs or other processes on the host + to receive a notification via VSOCK when a virtual machine has finished booting. + Note that in case the hypervisor does not support <constant>SOCK_DGRAM</constant> + over <constant>AF_VSOCK</constant>, <constant>SOCK_SEQPACKET</constant> will be + tried instead. The credential payload for <constant>AF_VSOCK</constant> should be + in the form: <literal>vsock:CID:PORT</literal>, where <literal>CID</literal> is + optional and if omitted will default to talking to the hypervisor + (<constant>0</constant>).</para> + </listitem> + </varlistentry> + </variablelist> </refsect1> |