diff options
| author | Lennart Poettering <lennart@poettering.net> | 2024-02-28 22:04:58 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-02-28 22:04:58 +0100 |
| commit | 5b97957376ba647ee6c92c940c79751e87a65471 (patch) | |
| tree | d6d943815fd39f44d2f708c17f4e025c45aa455d /man | |
| parent | Merge pull request #31524 from poettering/secure-getenv-naming-fix (diff) | |
| parent | dissect: condition usespace verity keyring via kernel cmdline option + env var (diff) | |
| download | systemd-5b97957376ba647ee6c92c940c79751e87a65471.tar.xz systemd-5b97957376ba647ee6c92c940c79751e87a65471.zip | |
Merge pull request #31531 from poettering/verity-userspace-optional
dissect: make use of userspace verity keyring optional
Diffstat (limited to 'man')
| -rw-r--r-- | man/kernel-command-line.xml | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/man/kernel-command-line.xml b/man/kernel-command-line.xml index 1629ab2f2b..72003d86f2 100644 --- a/man/kernel-command-line.xml +++ b/man/kernel-command-line.xml @@ -677,6 +677,17 @@ </varlistentry> <varlistentry> + <term><varname>systemd.allow_userspace_verity=</varname></term> + + <listitem><para>Takes a boolean argument. Controls whether disk images that are Verity protected may + be authenticated in userspace signature checks via <filename>/etc/verity.d/</filename> (and related + directories) public key drop-ins, or whether in-kernel signature checking only. Defaults to + on.</para> + + <xi:include href="version-info.xml" xpointer="v256"/></listitem> + </varlistentry> + + <varlistentry> <term><varname>systemd.hostname=</varname></term> <listitem><para>Accepts a hostname to set during early boot. If specified takes precedence over what |