summaryrefslogtreecommitdiff
path: root/docs/CREDENTIALS.md
Commit message (Collapse)AuthorAgeFilesLines
* treewide: fix a few typos in NEWS, docs and commentsDmitry V. Levin2023-02-151-1/+1
|
* docs: fix grammar a bitDmitry V. Levin2023-01-231-5/+5
|
* docs: fix a few typosDmitry V. Levin2023-01-231-1/+1
|
* docs/man: remove reference to default vsock CIDLuca Boccassi2023-01-151-4/+2
| | | | | | | This was dropped on reviewers' request in the revision that got merged, but reference in two documents was not updated. Fix it. Follow-up for: https://github.com/systemd/systemd/pull/25918
* creds: import 'vmm.notify_socket' and use it to setLuca Boccassi2023-01-051-1/+24
| | | | | | | | | | | | | | | This is intended to be used with VSOCK, to notify the hypervisor/VMM, eg on the host: qemu <...> -smbios type=11,value=io.systemd.credential:vmm.notify_socket=vsock:2:1234 -device vhost-vsock-pci,id=vhost-vsock-pci0,guest-cid=42 (vsock:2:1234 -> send to host on vsock port 1234, default is to send to 0 which is the hypervisor itself) Also on the host: $ socat - VSOCK-LISTEN:1234,socktype=5 READY=1 STATUS=Ready.
* tree-wide: also settle on "initrd" instead of "initial RAM disk"Lennart Poettering2022-09-231-2/+2
| | | | | With this the concept is now called the same way everywhere except where historical info is relevant or where the other names are API.
* docs: mention tmpfiles.d in CREDENTIALS.md and add exampleLuca Boccassi2022-09-081-0/+21
|
* docs: fix incorrect env var name for credentials directoryUriel Corfa2022-08-281-2/+2
| | | | | CREDENTIAL_PATH appears nowhere in the systemd source code. $CREDENTIALS_DIRECTORY is what is used instead.
* docs: mention qemu fw_cfg size limitationLudwig Nussel2022-08-111-1/+2
|
* pid1: add mechanism for conditionalizing units/network/netdev/link based on ↵Lennart Poettering2022-07-151-0/+6
| | | | | | | credentials passed in This is useful when provisioning systems via nspawn/qemu and running specific services only if specific data is passed into the system.
* pid1: import creds from SMBIOS too, not just qemu's fw_cfgLennart Poettering2022-07-151-10/+19
| | | | | | | | | | | | | | | | | | | | | | | | | This imports credentials also via SMBIOS' "OEM vendor string" section, similar to the existing import logic from fw_cfg. Functionality-wise this is very similar to the existing fw_cfg logic, both of which are easily settable on the qemu command line. Pros and cons of each: SMBIOS OEM vendor strings: - pro: fast, because memory mapped - pro: somewhat VMM independent, at least in theory - pro: qemu upstream sees this as the future - pro: no additional kernel module needed - con: strings only, thus binary data is base64 encoded fw_cfg: - pro: has been supported for longer in qemu - pro: supports binary data - con: slow, because IO port based - con: only qemu - con: requires qemu_fw_cfg.ko kernel module - con: qemu upstream sees this as legacy
* docs: use relative linksBenjamin Franzke2022-05-181-4/+4
| | | | | | | | | | | | | | | | Allows for links to work both on systemd.io (or forks) and when viewed on https://github.com/systemd/systemd/tree/main/docs Note that the markdown links are converted by jekyll-relative-links[1] to html. This plugin is enabled by default on github pages[2][3]. Due to a bug in jekyll-relative-links – see https://github.com/benbalter/jekyll-relative-links/issues/61 – we need to avoid line-wrapped links when using relative markdown links. [1] https://github.com/benbalter/jekyll-relative-links [2] https://github.blog/2016-12-05-relative-links-for-github-pages/ [3] https://docs.github.com/en/pages/setting-up-a-github-pages-site-with-jekyll/about-github-pages-and-jekyll#plugins
* fix typoStefan Seering2022-05-121-1/+1
|
* fix typoYu Watanabe2022-05-031-2/+2
|
* docs: typo fixLennart Poettering2022-05-021-1/+1
| | | | | | As per: https://github.com/systemd/systemd/pull/23170#pullrequestreview-959233817
* doc: add new markdown docs for credentialsLennart Poettering2022-04-281-0/+388
View Lorry Controller Status