|
HTML rendering created 2025-02-02 by Michael Kerrisk, author of The Linux Programming Interface. For details of in-depth Linux/UNIX system programming training courses that I teach, look here. Hosting by jambit GmbH. |
|
|
NAME | SYNOPSIS | DESCRIPTION | KERNEL COMMAND LINE | CREDENTIALS | EXAMPLES | SEE ALSO | COLOPHON |
|
|
|
SYSTEMD-I...GENERATOR(8) systemd-import-generatorSYSTEMD-I...GENERATOR(8)
systemd-import-generator - Generator for automatically downloading
disk images at boot
/usr/lib/systemd/system-generators/systemd-import-generator
systemd-import-generator may be used to automatically download
disk images (tarballs or DDIs) via systemd-importd.service(8) at
boot, based on parameters on the kernel command line or via system
credentials. This is useful for automatically deploying an
systemd-confext(8), systemd-sysext(8), systemd-nspawn(1)/
systemd-vmspawn(1) or systemd-portabled.service(8) image at boot.
This provides functionality equivalent to importctl(1), but
accessible via the kernel command line and system credentials.
systemd-import-generator implements systemd.generator(7).
systemd-import-generator understands the following
kernel-command-line(7) parameters:
systemd.pull=
This option takes a colon separate triplet of option string,
local target image name and remote URL. The local target image
name can be specified as an empty string, in which case the
name is derived from the specified remote URL. The remote URL
must using the "http://", "https://", "file://" schemes. The
option string itself is a comma separated list of options:
rw, ro
Controls whether to mark the local image as read-only. If
not specified read-only defaults to off.
Added in version 257.
verify=
Controls whether to cryptographically validate the
download before installing it in place. Takes one of "no",
"checksum" or "signature" (the latter being the default if
not specified). For details see the --verify= of
importctl(1)
Added in version 257.
sysext, confext, machine, portable
Controls the image class to download, and thus ultimately
the target directory for the image, depending on this
choice the target directory /var/lib/extensions/,
/var/lib/confexts/, /var/lib/machines/ or
/var/lib/portables/ is selected.
Specification of exactly one of these options is
mandatory.
Added in version 257.
tar, raw
Controls the type of resource to download, i.e. a
(possibly compressed) tarball that needs to be unpacked
into a file system tree, or (possibly compressed) raw disk
image (DDI).
Specification of exactly one of these options is
mandatory.
Added in version 257.
Added in version 257.
systemd.pull.success_action=, systemd.pull.failure_action=
Controls whether to execute an action such as reboot,
power-off and similar after completing the download
successfully, or unsuccessfully. See
SuccessAction=/FailureAction= on systemd.unit(5) for details
about the available actions. If not specified, no action is
taken, and the system will continue to boot normally.
Added in version 257.
systemd-import-generator supports the system credentials logic.
The following credentials are used when passed in:
import.pull
This credential should be a text file, with each line
referencing one download operation. Each line should follow
the same format as the value of the systemd.pull= kernel
command line option described above.
Added in version 257.
Example 1. Download Configuration Extension
systemd.pull=raw,confext::https://example.com/myconfext.raw.gz
With a kernel command line option like the above a configuration
extension DDI is downloaded automatically at boot from the
specified URL, validated cryptographically, uncompressed and
installed.
Example 2. Download System Extension (Without Validation)
systemd.pull=tar,sysext,verify=no::https://example.com/mysysext.tar.gz
With a kernel command line option like the above a system
extension tarball is downloaded automatically at boot from the
specified URL, uncompressed and installed – without any
cryptographic validation. This is useful for development purposes
in virtual machines and containers. Warning: do not deploy a
system with validation disabled like this!
systemd(1), systemd-importd.service(8), kernel-command-line(7),
systemd.system-credentials(7), importctl(1)
This page is part of the systemd (systemd system and service
manager) project. Information about the project can be found at
⟨http://www.freedesktop.org/wiki/Software/systemd⟩. If you have a
bug report for this manual page, see
⟨http://www.freedesktop.org/wiki/Software/systemd/#bugreports⟩.
This page was obtained from the project's upstream Git repository
⟨https://github.com/systemd/systemd.git⟩ on 2025-02-02. (At that
time, the date of the most recent commit that was found in the
repository was 2025-02-02.) If you discover any rendering
problems in this HTML version of the page, or you believe there is
a better or more up-to-date source for the page, or you have
corrections or improvements to the information in this COLOPHON
(which is not part of the original manual page), send a mail to
man-pages@man7.org
systemd 258~devel SYSTEMD-I...GENERATOR(8)
Pages that refer to this page: systemd.directives(7), systemd.index(7), systemd.system-credentials(7)
|
HTML rendering created 2025-02-02 by Michael Kerrisk, author of The Linux Programming Interface. For details of in-depth Linux/UNIX system programming training courses that I teach, look here. Hosting by jambit GmbH. |
|