systemd-cryptsetup-generator - Unit generator for /etc/crypttab
systemd-cryptsetup-generator is a generator that translates /etc/crypttab into native systemd units early at boot and when configuration of the system manager is reloaded. This will create systemd-cryptsetup@.service(8) units as necessary. systemd-cryptsetup-generator implements systemd.generator(7).
systemd-cryptsetup-generator understands the following kernel command line parameters: luks=, rd.luks= Takes a boolean argument. Defaults to "yes". If "no", disables the generator entirely. rd.luks= is honored only by initial RAM disk (initrd) while luks= is honored by both the main system and the initrd. luks.crypttab=, rd.luks.crypttab= Takes a boolean argument. Defaults to "yes". If "no", causes the generator to ignore any devices configured in /etc/crypttab (luks.uuid= will still work however). rd.luks.crypttab= is honored only by initial RAM disk (initrd) while luks.crypttab= is honored by both the main system and the initrd. luks.uuid=, rd.luks.uuid= Takes a LUKS superblock UUID as argument. This will activate the specified device as part of the boot process as if it was listed in /etc/crypttab. This option may be specified more than once in order to set up multiple devices. rd.luks.uuid= is honored only by initial RAM disk (initrd) while luks.uuid= is honored by both the main system and the initrd. If /etc/crypttab contains entries with the same UUID, then the name, keyfile and options specified there will be used. Otherwise, the device will have the name "luks-UUID". If /etc/crypttab exists, only those UUIDs specified on the kernel command line will be activated in the initrd or the real root. luks.name=, rd.luks.name= Takes a LUKS super block UUID followed by an "=" and a name. This implies rd.luks.uuid= or luks.uuid= and will additionally make the LUKS device given by the UUID appear under the provided name. rd.luks.name= is honored only by initial RAM disk (initrd) while luks.name= is honored by both the main system and the initrd. luks.options=, rd.luks.options= Takes a LUKS super block UUID followed by an "=" and a string of options separated by commas as argument. This will override the options for the given UUID. If only a list of options, without an UUID, is specified, they apply to any UUIDs not specified elsewhere, and without an entry in /etc/crypttab. rd.luks.options= is honored only by initial RAM disk (initrd) while luks.options= is honored by both the main system and the initrd. luks.key=, rd.luks.key= Takes a password file name as argument or a LUKS super block UUID followed by a "=" and a password file name. For those entries specified with rd.luks.uuid= or luks.uuid=, the password file will be set to the one specified by rd.luks.key= or luks.key= of the corresponding UUID, or the password file that was specified without a UUID. It is also possible to specify an external device which should be mounted before we attempt to unlock the LUKS device. systemd-cryptsetup will use password file stored on that device. Device containing password file is specified by appending colon and a device identifier to the password file path. For example, rd.luks.uuid=b40f1abf-2a53-400a-889a-2eccc27eaa40 rd.luks.key=b40f1abf-2a53-400a-889a-2eccc27eaa40=/keyfile:LABEL=keydev. Hence, in this case, we will attempt to mount file system residing on the block device with label "keydev". This syntax is for now only supported on a per-device basis, i.e. you have to specify LUKS device UUID. rd.luks.key= is honored only by initial RAM disk (initrd) while luks.key= is honored by both the main system and the initrd.
systemd(1), crypttab(5), systemd-cryptsetup@.service(8), cryptsetup(8), systemd-fstab-generator(8)
This page is part of the systemd (systemd system and service manager) project. Information about the project can be found at ⟨http://www.freedesktop.org/wiki/Software/systemd⟩. If you have a bug report for this manual page, see ⟨http://www.freedesktop.org/wiki/Software/systemd/#bugreports⟩. This page was obtained from the project's upstream Git repository ⟨https://github.com/systemd/systemd.git⟩ on 2020-06-09. (At that time, the date of the most recent commit that was found in the repos‐ itory was 2020-06-09.) If you discover any rendering problems in this HTML version of the page, or you believe there is a better or more up-to-date source for the page, or you have corrections or improvements to the information in this COLOPHON (which is not part of the original manual page), send a mail to email@example.com systemd 245 SYSTEMD-CRYPTSETUP-GENERATOR(8)
Pages that refer to this page: crypttab(5), 30-systemd-environment-d-generator(7), kernel-command-line(7), systemd.directives(7), systemd.generator(7), systemd.index(7), systemd-cryptsetup(8), systemd-cryptsetup.service(8), systemd-cryptsetup@.service(8), systemd-fstab-generator(8)