summaryrefslogtreecommitdiffstats
path: root/docs/CREDENTIALS.md (follow)
Commit message (Collapse)AuthorAgeFilesLines
* docs: minor improvements to CREDENTIALS.mdAdrian Wannenmacher2024-05-071-3/+4
| | | | | This commit fixes two instances of a miscount. As the number is not important in either case, and seemingly subject to changes, it was removed entirely. Another sentence was reworded to improve readability.
* Merge pull request #32324 from mrc0mmand/more-website-fixesLuca Boccassi2024-04-181-2/+2
|\ | | | | docs: use absolute links for our pages
| * docs: use absolute links for our pagesFrantisek Sumsal2024-04-171-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Since 56b2970 has proven to be a no-go for us, as it breaks existing links, let's embrace the trailing slash and use absolute links everywhere for our pages. This way we'll get around browser cleverly appending the relative link to the current location (since it ends with a slash), and given our docs/ layout is flat it's not much of a hassle either. Converted using this beauty: $ sed -ri 's/(\[.+\]\()([A-Z_]+\))/\1\/\2/g' *.md Resolves: #32088 (again) and #32310
* | doc: fix .ssh credential examplesLennart Poettering2024-04-181-1/+1
|/ | | | | | | | Let's create the .ssh dir with the right perms first. Suggested by @gcb. Fixes: #28172
* docs/CREDENTIALS: format texthulkoba2024-03-271-35/+27
|
* Document new vsock literalsDaan De Meyer2024-03-191-1/+2
| | | | Fixes #31849
* docs: drop .md suffixes againZbigniew Jędrzejewski-Szmek2024-02-231-2/+2
|
* Revert "docs: use collections to structure the data"Zbigniew Jędrzejewski-Szmek2024-02-231-0/+504
| | | | | | | | | This reverts commit 5e8ff010a1436d33bbf3c108335af6e0b4ff7a2a. This broke all the URLs, we can't have that. (And actually, we probably don't _want_ to make the change either. It's nicer to have all the pages in one directory, so one doesn't have to figure out to which collection the page belongs.)
* docs: use collections to structure the datahulkoba2024-02-221-504/+0
|
* docs/CREDENTIALS: Don't write authorized_keys with executable bitsColin Walters2023-12-141-1/+1
| | | | No reason to make this file executable.
* credentials: document that their path is stable for system servicesJoerg Behrmann2023-10-201-1/+6
|
* docs: fix orderDavid Tardon2023-07-131-2/+2
|
* import-creds: add support for binary credentials specified on the kernel cmdlineLennart Poettering2023-07-041-4/+5
|
* doc: document inird credentials + and how to consume credentials in generatorsLennart Poettering2023-07-041-25/+73
| | | | (as well as various other fixes)
* docs/CREDENTIALS: fix confusion of i.e. and e.g.Zbigniew Jędrzejewski-Szmek2023-06-191-1/+1
|
* creds: Add ImportCredential=Daan De Meyer2023-06-081-7/+11
| | | | | | ImportCredential= takes a credential name and searches for a matching credential in all the credential stores we know about it. It supports globs which are expanded so that all matching credentials are loaded.
* docs: fix LoadCredentialEncrypted example (#27387)Lawrence Thorpe2023-04-251-1/+1
| | | | Embedded credential name 'ciphertext.cred' does not match filename 'foobar', refusing.
* treewide: fix a few typos in NEWS, docs and commentsDmitry V. Levin2023-02-151-1/+1
|
* docs: fix grammar a bitDmitry V. Levin2023-01-231-5/+5
|
* docs: fix a few typosDmitry V. Levin2023-01-231-1/+1
|
* docs/man: remove reference to default vsock CIDLuca Boccassi2023-01-151-4/+2
| | | | | | | This was dropped on reviewers' request in the revision that got merged, but reference in two documents was not updated. Fix it. Follow-up for: https://github.com/systemd/systemd/pull/25918
* creds: import 'vmm.notify_socket' and use it to setLuca Boccassi2023-01-051-1/+24
| | | | | | | | | | | | | | | This is intended to be used with VSOCK, to notify the hypervisor/VMM, eg on the host: qemu <...> -smbios type=11,value=io.systemd.credential:vmm.notify_socket=vsock:2:1234 -device vhost-vsock-pci,id=vhost-vsock-pci0,guest-cid=42 (vsock:2:1234 -> send to host on vsock port 1234, default is to send to 0 which is the hypervisor itself) Also on the host: $ socat - VSOCK-LISTEN:1234,socktype=5 READY=1 STATUS=Ready.
* tree-wide: also settle on "initrd" instead of "initial RAM disk"Lennart Poettering2022-09-231-2/+2
| | | | | With this the concept is now called the same way everywhere except where historical info is relevant or where the other names are API.
* docs: mention tmpfiles.d in CREDENTIALS.md and add exampleLuca Boccassi2022-09-081-0/+21
|
* docs: fix incorrect env var name for credentials directoryUriel Corfa2022-08-281-2/+2
| | | | | CREDENTIAL_PATH appears nowhere in the systemd source code. $CREDENTIALS_DIRECTORY is what is used instead.
* docs: mention qemu fw_cfg size limitationLudwig Nussel2022-08-111-1/+2
|
* pid1: add mechanism for conditionalizing units/network/netdev/link based on ↵Lennart Poettering2022-07-151-0/+6
| | | | | | | credentials passed in This is useful when provisioning systems via nspawn/qemu and running specific services only if specific data is passed into the system.
* pid1: import creds from SMBIOS too, not just qemu's fw_cfgLennart Poettering2022-07-151-10/+19
| | | | | | | | | | | | | | | | | | | | | | | | | This imports credentials also via SMBIOS' "OEM vendor string" section, similar to the existing import logic from fw_cfg. Functionality-wise this is very similar to the existing fw_cfg logic, both of which are easily settable on the qemu command line. Pros and cons of each: SMBIOS OEM vendor strings: - pro: fast, because memory mapped - pro: somewhat VMM independent, at least in theory - pro: qemu upstream sees this as the future - pro: no additional kernel module needed - con: strings only, thus binary data is base64 encoded fw_cfg: - pro: has been supported for longer in qemu - pro: supports binary data - con: slow, because IO port based - con: only qemu - con: requires qemu_fw_cfg.ko kernel module - con: qemu upstream sees this as legacy
* docs: use relative linksBenjamin Franzke2022-05-181-4/+4
| | | | | | | | | | | | | | | | Allows for links to work both on systemd.io (or forks) and when viewed on https://github.com/systemd/systemd/tree/main/docs Note that the markdown links are converted by jekyll-relative-links[1] to html. This plugin is enabled by default on github pages[2][3]. Due to a bug in jekyll-relative-links – see https://github.com/benbalter/jekyll-relative-links/issues/61 – we need to avoid line-wrapped links when using relative markdown links. [1] https://github.com/benbalter/jekyll-relative-links [2] https://github.blog/2016-12-05-relative-links-for-github-pages/ [3] https://docs.github.com/en/pages/setting-up-a-github-pages-site-with-jekyll/about-github-pages-and-jekyll#plugins
* fix typoStefan Seering2022-05-121-1/+1
|
* fix typoYu Watanabe2022-05-021-2/+2
|
* docs: typo fixLennart Poettering2022-05-021-1/+1
| | | | | | As per: https://github.com/systemd/systemd/pull/23170#pullrequestreview-959233817
* doc: add new markdown docs for credentialsLennart Poettering2022-04-281-0/+388
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-03 07:15:44 +0100