systemd-firstboot(1) — Linux manual page


SYSTEMD-FIRSTBOOT(1)          systemd-firstboot         SYSTEMD-FIRSTBOOT(1)

NAME         top

       systemd-firstboot, systemd-firstboot.service - Initialize basic
       system settings on or before the first boot-up of a system

SYNOPSIS         top

       systemd-firstboot [OPTIONS...]


DESCRIPTION         top

       systemd-firstboot initializes the most basic system settings
       interactively on the first boot, or optionally non-interactively when
       a system image is created. The service is started if
       ConditionFirstBoot=yes is satisfied. This essentially means that /etc
       is empty, see systemd.unit(5) for details.

       The following settings may be set up:

       ·   The system locale, more specifically the two locale variables
           LANG= and LC_MESSAGES

       ·   The system keyboard map

       ·   The system time zone

       ·   The system hostname

       ·   The machine ID of the system

       ·   The root user's password

       Each of the fields may either be queried interactively by users, set
       non-interactively on the tool's command line, or be copied from a
       host system that is used to set up the system image.

       If a setting is already initialized, it will not be overwritten and
       the user will not be prompted for the setting.

       Note that this tool operates directly on the file system and does not
       involve any running system services, unlike localectl(1),
       timedatectl(1) or hostnamectl(1). This allows systemd-firstboot to
       operate on mounted but not booted disk images and in early boot. It
       is not recommended to use systemd-firstboot on the running system
       while it is up.

OPTIONS         top

       The following options are understood:

           Takes a directory path as an argument. All paths will be prefixed
           with the given alternate root path, including config search
           paths. This is useful to operate on a system image mounted to the
           specified directory instead of the host system itself.

           Takes a path to a disk image file or block device node. If
           specified all operations are applied to file system in the
           indicated disk image. This is similar to --root= but operates on
           file systems stored in disk images or block devices. The disk
           image should either contain just a file system or a set of file
           systems within a GPT partition table, following the Discoverable
           Partitions Specification[1]. For further information on supported
           disk images, see systemd-nspawn(1)'s switch of the same name.

       --locale=LOCALE, --locale-messages=LOCALE
           Sets the system locale, more specifically the LANG= and
           LC_MESSAGES settings. The argument should be a valid locale
           identifier, such as "de_DE.UTF-8". This controls the
           locale.conf(5) configuration file.

           Sets the system keyboard layout. The argument should be a valid
           keyboard map, such as "de-latin1". This controls the "KEYMAP"
           entry in the vconsole.conf(5) configuration file.

           Sets the system time zone. The argument should be a valid time
           zone identifier, such as "Europe/Berlin". This controls the
           localtime(5) symlink.

           Sets the system hostname. The argument should be a hostname,
           compatible with DNS. This controls the hostname(5) configuration

           Sets the system's machine ID. This controls the machine-id(5)

       --root-password=PASSWORD, --root-password-file=PATH,
           Sets the password of the system's root user. This
           creates/modifies the passwd(5) and shadow(5) files. This setting
           exists in three forms: --root-password= accepts the password to
           set directly on the command line, --root-password-file= reads it
           from a file and --root-password-hashed= accepts an already hashed
           password on the command line. See shadow(5) for more information
           on the format of the hashed password. Note that it is not
           recommended to specify plaintext passwords on the command line,
           as other users might be able to see them simply by invoking

           Sets the shell of the system's root user. This creates/modifies
           the passwd(5) file.

           Sets the system's kernel command line. This controls the
           /etc/kernel/cmdline file which is used by kernel-install(8).

       --prompt-locale, --prompt-keymap, --prompt-timezone,
       --prompt-hostname, --prompt-root-password, --prompt-root-shell
           Prompt the user interactively for a specific basic setting. Note
           that any explicit configuration settings specified on the command
           line take precedence, and the user is not prompted for it.

           Query the user for locale, keymap, timezone, hostname and root
           password. This is equivalent to specifying --prompt-locale,
           --prompt-keymap, --prompt-timezone, --prompt-hostname,
           --prompt-root-password, --prompt-root-shell in combination.

       --copy-locale, --copy-keymap, --copy-timezone, --copy-root-password,
           Copy a specific basic setting from the host. This only works in
           combination with --root= (see above).

           Copy locale, keymap, time zone and root password from the host.
           This is equivalent to specifying --copy-locale, --copy-keymap,
           --copy-timezone, --copy-root-password, --copy-root-shell in

           Initialize the system's machine ID to a random ID. This only
           works in combination with --root=.

           systemd-firstboot doesn't modify existing files unless --force is
           specified. For modifications to /etc/passwd and /etc/shadow,
           systemd-firstboot only modifies the entry of the "root" user
           instead of overwriting the entire file.

           Removes the password of the system's root user, enabling login as
           root without a password unless the root account is locked. Note
           that this is extremely insecure and hence this option should not
           be used lightly.

           Takes a boolean argument. By default when prompting the user for
           configuration options a brief welcome text is shown before the
           first question is asked. Pass false to this option to turn off
           the welcome text.

       -h, --help
           Print a short help text and exit.

           Print a short version string and exit.

EXIT STATUS         top

       On success, 0 is returned, a non-zero failure code otherwise.


           Takes a boolean argument, defaults to on. If off,
           systemd-firstboot.service won't interactively query the user for
           basic settings at first boot, even if those settings are not
           initialized yet.

SEE ALSO         top

       systemd(1), locale.conf(5), vconsole.conf(5), localtime(5),
       hostname(5), machine-id(5), shadow(5), systemd-machine-id-setup(1),
       localectl(1), timedatectl(1), hostnamectl(1)

NOTES         top

        1. Discoverable Partitions Specification

COLOPHON         top

       This page is part of the systemd (systemd system and service manager)
       project.  Information about the project can be found at 
       ⟨⟩.  If you have a bug
       report for this manual page, see
       ⟨⟩.  This
       page was obtained from the project's upstream Git repository
       ⟨⟩ on 2020-09-18.  (At that
       time, the date of the most recent commit that was found in the repos‐
       itory was 2020-09-18.)  If you discover any rendering problems in
       this HTML version of the page, or you believe there is a better or
       more up-to-date source for the page, or you have corrections or
       improvements to the information in this COLOPHON (which is not part
       of the original manual page), send a mail to

systemd 246                                             SYSTEMD-FIRSTBOOT(1)

Pages that refer to this page: hostnamectl(1)localectl(1)systemd-machine-id-setup(1)timedatectl(1)hostname(5)locale.conf(5)localtime(5)machine-id(5)30-systemd-environment-d-generator(7)systemd.directives(7)systemd.index(7)systemd-machine-id-commit.service(8)