|
HTML rendering created 2026-05-25 by Michael Kerrisk, author of The Linux Programming Interface. For details of in-depth Linux/UNIX system programming training courses that I teach, look here. Hosting by jambit GmbH. |
|
|
NAME | SYNOPSIS | DESCRIPTION | KERNEL COMMAND LINE | SEE ALSO | COLOPHON |
|
|
|
SYSTEMD-IMDS-GENERATOR(8) systemd-imds-generatorSYSTEMD-IMDS-GENERATOR(8)
systemd-imds-generator - Generator to automatically enable IMDS on
supporting environments
/usr/lib/systemd/system-generators/systemd-imds-generator
systemd-imds-generator is a generator that enables IMDS (Instance
Metadata Service) functionality at boot on systems that support
it. Specifically it does three things:
• It pulls the systemd-imdsd.socket unit (which activates
systemd-imdsd@.service(8)) into the initial transaction, which
provides IMDS access to local applications via Varlink IPC.
• It pulls the systemd-imds-early-network.service unit into the
initial transaction, which generates a suitable
systemd.network(5) network configuration file that allows
early-boot network access to the IMDS functionality.
• It pulls the systemd-imds-import.service unit into the initial
transaction, which automatically imports various credentials
from IMDS into the local system, storing them in
/run/credstore/.
By default, whether to pull in these services or not is decided
based on hwdb(7) information, that detects various IMDS
environments automatically. However, this logic may be overridden
via systemd.imds=, see below.
systemd-imds-generator implements systemd.generator(7).
systemd-imds-generator understands the following kernel command
line parameters:
systemd.imds=
Takes a boolean argument or the special value "auto", and may
be used to enable or disable the IMDS logic. Note that this
controls only whether the relevant services (as listed above)
are automatically pulled into the initial transaction, it has
no effect if some other unit or the user explicitly activates
the relevant units. If this option is not used (or set to
"auto") automatic detection of IMDS is used, see above.
Added in version 261.
systemd.imds.network=
Takes one of "off", "locked", "unlocked". Controls whether and
how to set up networking for IMDS endpoint access. Unless set
to "off" early boot networking is enabled, ensuring that the
IMDS endpoint can be reached. If set to "locked" (the default)
direct access to the IMDS endpoint by regular unprivileged
processes is disabled via a "prohibit" route, so that any
access must be done through systemd-imdsd@.service or its
associated tools. If set to "unlocked" this "prohibit" route
is not created, and regular unprivileged processes can
directly contact IMDS.
Added in version 261.
systemd.imds.import=
Takes a boolean argument. If false the
systemd-imds-import.service (see above) is not pulled into the
initial transaction, i.e. no credentials are imported from
IMDS. Defaults to true.
Added in version 261.
systemd(1), systemd-imds(1), systemd-imdsd@.service(8),
systemd.system-credentials(7)
This page is part of the systemd (systemd system and service
manager) project. Information about the project can be found at
⟨http://www.freedesktop.org/wiki/Software/systemd⟩. If you have a
bug report for this manual page, see
⟨http://www.freedesktop.org/wiki/Software/systemd/#bugreports⟩.
This page was obtained from the project's upstream Git repository
⟨https://github.com/systemd/systemd.git⟩ on 2026-05-24. (At that
time, the date of the most recent commit that was found in the
repository was 2026-05-24.) If you discover any rendering
problems in this HTML version of the page, or you believe there is
a better or more up-to-date source for the page, or you have
corrections or improvements to the information in this COLOPHON
(which is not part of the original manual page), send a mail to
man-pages@man7.org
systemd 261~rc1 SYSTEMD-IMDS-GENERATOR(8)
Pages that refer to this page: systemd-imds(1), kernel-command-line(7), systemd.directives(7), systemd.index(7), systemd-imdsd@.service(8)
|
HTML rendering created 2026-05-25 by Michael Kerrisk, author of The Linux Programming Interface. For details of in-depth Linux/UNIX system programming training courses that I teach, look here. Hosting by jambit GmbH. |
|