|
HTML rendering created 2025-02-02 by Michael Kerrisk, author of The Linux Programming Interface. For details of in-depth Linux/UNIX system programming training courses that I teach, look here. Hosting by jambit GmbH. |
|
|
NAME | SYNOPSIS | DESCRIPTION | OPTIONS | EXIT STATUS | EXAMPLE | SEE ALSO | NOTES | COLOPHON |
|
|
|
SYSTEMD-REPART(8) systemd-repart SYSTEMD-REPART(8)
systemd-repart, systemd-repart.service - Automatically grow and
add partitions, and generate disk images (DDIs).
systemd-repart [OPTIONS...] [[BLOCKDEVICE]...]
systemd-repart.service
systemd-repart creates partition tables, and adds or grows
partitions, based on the configuration files described in
repart.d(5).
systemd-repart is used when building OS images, and also when
deploying images to automatically adjust them, during boot, to the
system they are running on. This way the image can be minimal in
size and may be augmented automatically at boot, taking possession
of the disk space available.
If invoked with no arguments, systemd-repart operates on the block
device backing the root file system partition of the running OS,
thus adding and growing partitions of the booted OS itself. When
called in the initrd, it operates on the block device backing
/sysroot/ instead, i.e. on the block device the system will soon
transition into. If --image= is used, it will operate on the
specified device or image file. The systemd-repart.service service
is generally run at boot in the initrd, in order to augment the
partition table of the OS before its partitions are mounted.
systemd-repart operations are mostly incremental: it grows
existing partitions or adds new ones, but does not shrink, delete,
or move existing partitions. The service is intended to be run on
every boot, but when it detects that the partition table already
matches the installed repart.d/*.conf configuration files, it
executes no operation.
The following use cases are among those covered:
• The root partition may be grown to cover the whole available
disk space.
• A /home/, swap, or /srv/ partition can be added.
• A second (or third, ...) root partition may be added, to cover
A/B style setups where a second version of the root file
system is alternatingly used for implementing update schemes.
The deployed image would carry only a single partition ("A")
but on first boot a second partition ("B") for this purpose is
automatically created.
The algorithm executed by systemd-repart is roughly as follows:
1. The repart.d/*.conf configuration files are loaded and parsed,
and ordered by filename (without the directory prefix). For
each configuration file, drop-in files are loaded from
directories with same name as the configuration file with the
suffix ".d" added.
2. The partition table on the block device is loaded and parsed,
if present.
3. The existing partitions in the partition table are matched
with the repart.d/*.conf files by GPT partition type UUID. The
first existing partition of a specific type is assigned the
first configuration file declaring the same type. The second
existing partition of a specific type is then assigned the
second configuration file declaring the same type, and so on.
After this iterative assigning is complete, any existing
partitions that have no matching configuration file are
considered "foreign" and left as they are. And any
configuration files for which no partition was matched are
treated as requests to create a partition.
4. Partitions that shall be created are now allocated on the
disk, taking the size constraints and weights declared in the
configuration files into account. Free space is used within
the limits set by size and padding requests. In addition,
existing partitions that should be grown are grown. New
partitions are always appended to the end of the partition
table, taking the first partition table slot whose index is
greater than the indexes of all existing partitions.
Partitions are never reordered and thus partition numbers
remain stable. When partitions are created, they are placed in
the smallest area of free space that is large enough to
satisfy the size and padding limits. This means that
partitions might have different order on disk than in the
partition table. Note that this allocation happens in memory
only, the partition table on disk is not updated yet.
5. All existing partitions for which configuration files exist
and which currently have no GPT partition label set will be
assigned a label, either explicitly configured in the
configuration or — if that's missing — derived automatically
from the partition type. The same is done for all partitions
that are newly created. These assignments are done in memory
only, too, the disk is not updated yet.
6. Similarly, all existing partitions for which configuration
files exist and which currently have an all-zero identifying
UUID will be assigned a new UUID. This UUID is
cryptographically hashed from a common seed value together
with the partition type UUID (and a counter in case multiple
partitions of the same type are defined), see below. The same
is done for all partitions that are created anew. These
assignments are done in memory only, too, the disk is not
updated yet.
7. Similarly, if the disk's volume UUID is all zeroes it is also
initialized, also cryptographically hashed from the same
common seed value. This is done in memory only too.
8. The disk space assigned to new partitions (i.e. what was
previously free space) is now erased. Specifically, all file
system signatures are removed, and if the device supports it,
the BLKDISCARD I/O control command is issued to inform the
hardware that the space is now empty. In addition any
"padding" between partitions and at the end of the device is
similarly erased.
9. The new partition table is finally written to disk. The kernel
is asked to reread the partition table.
As an exception to the normal incremental operation, when called
in a special "factory reset" mode, systemd-repart may be used to
erase existing partitions to reset an installation back to vendor
defaults. This mode of operation is used when either the
--factory-reset=yes switch is passed on the tool's command line,
or the systemd.factory_reset=yes option is specified on the kernel
command line, or the FactoryReset EFI variable (vendor UUID
8cf2644b-4b0b-428f-9387-6d876050dc67) is set to "yes". It alters
the algorithm above slightly: between the 3rd and the 4th step
above any partition marked explicitly via the FactoryReset=
boolean is deleted, and the algorithm restarted, thus immediately
re-creating these partitions anew empty.
Note that systemd-repart by default only changes partition tables,
it does not create or resize any file systems within these
partitions, unless the Format= configuration option is specified.
Also note that there are also separate mechanisms available for
this purpose, for example systemd-growfs(8) and systemd-makefs.
The UUIDs identifying the new partitions created (or assigned to
existing partitions that have no UUID yet), as well as the disk as
a whole are hashed cryptographically from a common seed value.
This seed value is usually the machine-id(5) of the system, so
that the machine ID reproducibly determines the UUIDs assigned to
all partitions. If the machine ID cannot be read (or the user
passes --seed=random, see below) the seed is generated randomly
instead, so that the partition UUIDs are also effectively random.
The seed value may also be set explicitly, formatted as UUID via
the --seed= option. By hashing these UUIDs from a common seed
images prepared with this tool become reproducible and the result
of the algorithm above deterministic.
The positional argument should specify the block device or a
regular file to operate on. If --empty=create is specified, the
specified path is created as regular file, which is useful for
generating disk images from scratch.
The following options are understood:
--dry-run=
Takes a boolean. If this switch is not specified,
--dry-run=yes is the implied default. Controls whether
systemd-repart executes the requested re-partition operations
or whether it should only show what it would do. Unless
--dry-run=no is specified systemd-repart will not actually
touch the device's partition table.
Added in version 245.
--empty=
Takes one of "refuse", "allow", "require", "force" or
"create". Controls how to operate on block devices that are
entirely empty, i.e. carry no partition table/disk label yet.
If this switch is not specified, the implied default is
"refuse".
If "refuse" systemd-repart requires that the block device it
shall operate on already carries a partition table and refuses
operation if none is found. If "allow" the command will extend
an existing partition table or create a new one if none
exists. If "require" the command will create a new partition
table if none exists so far, and refuse operation if one
already exists. If "force" it will create a fresh partition
table unconditionally, erasing the disk fully in effect. If
"force" no existing partitions will be taken into account or
survive the operation. Hence: use with care, this is a great
way to lose all your data. If "create" a new loopback file is
create under the path passed via the device node parameter, of
the size indicated with --size=, see below.
Added in version 245.
--discard=
Takes a boolean. If this switch is not specified
,--discard=yes is the implied default. Controls whether to
issue the BLKDISCARD I/O control command on the space taken up
by any added partitions or on the space in between them.
Usually, it is a good idea to issue this request since it
tells the underlying hardware that the covered blocks shall be
considered empty, improving performance. If operating on a
regular file instead of a block device node, a sparse file is
generated.
Added in version 245.
--size=
Takes a size in bytes, using the usual K, M, G, T suffixes, or
the special value "auto". If used the specified device node
path must refer to a regular file, which is then grown to the
specified size if smaller, before any change is made to the
partition table. If specified as "auto" the minimal size for
the disk image is automatically determined (i.e. the minimal
sizes of all partitions are summed up, taking space for
additional metadata into account). This switch is not
supported if the specified node is a block device. This switch
has no effect if the file is already as large as the specified
size or larger. The specified size is implicitly rounded up to
multiples of 4096. When used with --empty=create this
specifies the initial size of the loopback file to create.
The --size=auto option takes the sizes of pre-existing
partitions into account. However, it does not accommodate for
partition tables that are not tightly packed: the configured
partitions might still not fit into the backing device if
empty space exists between pre-existing partitions (or before
the first partition) that cannot be fully filled by partitions
to grow or create.
Also note that the automatic size determination does not take
files or directories specified with CopyFiles= into account:
operation might fail if the specified files or directories
require more disk space then the configured per-partition
minimal size limit.
Added in version 246.
--factory-reset=
Takes boolean. If this switch is not specified,
--factory-reset=no is the implied default. Controls whether to
operate in "factory reset" mode, see above. If set to true
this will remove all existing partitions marked with
FactoryReset= set to yes early while executing the
re-partitioning algorithm. Use with care, this is a great way
to lose all your data. Note that partition files need to
explicitly turn FactoryReset= on, as the option defaults to
off. If no partitions are marked for factory reset this switch
has no effect. Note that there are two other methods to
request factory reset operation: via the kernel command line
and via an EFI variable, see above.
Added in version 245.
--can-factory-reset
If this switch is specified the disk is not re-partitioned.
Instead it is determined if any existing partitions are marked
with FactoryReset=. If there are the tool will exit with exit
status zero, otherwise non-zero. This switch may be used to
quickly determine whether the running system supports a
factory reset mechanism built on systemd-repart.
Added in version 245.
--root=
Takes a path to a directory to use as root file system when
searching for repart.d/*.conf files, for the machine ID file
to use as seed and for the CopyFiles= and CopyBlocks= source
files and directories. By default when invoked on the regular
system this defaults to the host's root file system /. If
invoked from the initrd this defaults to /sysroot/, so that
the tool operates on the configuration and machine ID stored
in the root file system later transitioned into itself.
See --copy-source= for a more restricted option that only
affects CopyFiles=.
Added in version 245.
--image=
Takes a path to a disk image file or device to mount and use
in a similar fashion to --root=, see above.
Added in version 249.
--image-policy=policy
Takes an image policy string as argument, as per
systemd.image-policy(7). The policy is enforced when operating
on the disk image specified via --image=, see above. If not
specified, defaults to the "*" policy, i.e. all recognized
file systems in the image are used.
--seed=
Takes a UUID as argument or the special value random. If a
UUID is specified the UUIDs to assign to partitions and the
partition table itself are derived via cryptographic hashing
from it. If not specified, it is attempted to read the machine
ID from the host (or more precisely, the root directory
configured via --root=) and use it as seed instead, falling
back to a randomized seed otherwise. Use --seed=random to
force a randomized seed. Explicitly specifying the seed may be
used to generated strictly reproducible partition tables.
Added in version 245.
--pretty=
Takes a boolean argument. If this switch is not specified, it
defaults to on when called from an interactive terminal and
off otherwise. Controls whether to show a user friendly table
and graphic illustrating the changes applied.
Added in version 245.
--definitions=
Takes a file system path. If specified the *.conf files are
read from the specified directory instead of searching in
/usr/lib/repart.d/*.conf, /etc/repart.d/*.conf,
/run/repart.d/*.conf.
This parameter can be specified multiple times.
Added in version 245.
--key-file=
Takes a file system path. Configures the encryption key to use
when setting up LUKS2 volumes configured with the
Encrypt=key-file setting in partition files. Should refer to a
regular file containing the key, or an AF_UNIX stream socket
in the file system. In the latter case, a connection is made
to it and the key read from it. If this switch is not
specified, the empty key (i.e. zero length key) is used. This
behaviour is useful for setting up encrypted partitions during
early first boot that receive their user-supplied password
only in a later setup step.
Added in version 247.
--private-key=
Takes a file system path or an engine or provider specific
designation. Configures the signing key to use when creating
verity signature partitions with the Verity=signature setting
in partition files.
Added in version 252.
--private-key-source=
Takes one of "file", "engine" or "provider". In the latter two
cases, it is followed by the name of a provider or engine,
separated by colon, that will be passed to OpenSSL's "engine"
or "provider" logic. Configures how to load the private key to
use when creating verity signature partitions with the
Verity=signature setting in partition files.
Added in version 256.
--certificate=
Takes a file system path or a provider specific designation.
Configures the PEM encoded X.509 certificate to use when
creating verity signature partitions with the Verity=signature
setting in partition files.
Added in version 252.
--certificate-source=
Takes one of "file", or "provider". In the latter case, it is
followed by the name of a provider, separated by colon, that
will be passed to OpenSSL's "provider" logic. Configures how
to load the X.509 certificate to use when creating verity
signature partitions with the Verity=signature setting in
partition files.
Added in version 257.
--tpm2-device=, --tpm2-pcrs=
Configures the TPM2 device and list of PCRs to use for LUKS2
volumes configured with the Encrypt=tpm2 option. These options
take the same parameters as the identically named options to
systemd-cryptenroll(1) and have the same effect on partitions
where TPM2 enrollment is requested.
Added in version 248.
--tpm2-device-key=PATH, --tpm2-seal-key-handle=HANDLE
Configures a TPM2 SRK key to bind encryption to. See
systemd-cryptenroll(1) for details on this option.
Added in version 255.
--tpm2-public-key=PATH, --tpm2-public-key-pcrs=PCR[+PCR...]
Configures a TPM2 signed PCR policy to bind encryption to. See
systemd-cryptenroll(1) for details on these two options.
Added in version 252.
--tpm2-pcrlock=PATH
Configures a TPM2 pcrlock policy to bind encryption to. See
systemd-cryptenroll(1) for details on this option.
Added in version 255.
--split=BOOL
Enables generation of split artifacts from partitions
configured with SplitName=. If enabled, for each partition
with SplitName= set, a separate output file containing just
the contents of that partition is generated. The output
filename consists of the loopback filename suffixed with the
name configured with SplitName=. If the loopback filename ends
with ".raw", the suffix is inserted before the ".raw"
extension instead.
Note that --split is independent from --dry-run. Even if
--dry-run is enabled, split artifacts will still be generated
from an existing image if --split is enabled.
Added in version 252.
--include-partitions=PARTITIONS, --exclude-partitions=PARTITIONS
These options specify which partition types systemd-repart
should operate on. If --include-partitions= is used, all
partitions that are not specified are excluded. If
--exclude-partitions= is used, all partitions that are
specified are excluded. Both options take a comma separated
list of GPT partition type UUIDs or identifiers (see Type= in
repart.d(5)).
Added in version 253.
--defer-partitions=PARTITIONS
This option specifies for which partition types systemd-repart
should defer. All partitions that are deferred using this
option are still taken into account when calculating the sizes
and offsets of other partitions, but are not actually written
to the disk image. The net effect of this option is that if
you run systemd-repart again without this option, the missing
partitions will be added as if they had not been deferred the
first time systemd-repart was executed.
Added in version 253.
--sector-size=BYTES
This option allows configuring the sector size of the image
produced by systemd-repart. It takes a value that is a power
of "2" between "512" and "4096". This option is useful when
building images for disks that use a different sector size as
the disk on which the image is produced.
Added in version 253.
--architecture=ARCH
This option allows overriding the architecture used for
architecture specific partition types. For example, if set to
"arm64" a partition type of "root-x86-64" referenced in
repart.d/ drop-ins will be patched dynamically to refer to
"root-arm64" instead. Takes one of "alpha", "arc", "arm",
"arm64", "ia64", "loongarch64", "mips-le", "mips64-le",
"parisc", "ppc", "ppc64", "ppc64-le", "riscv32", "riscv64",
"s390", "s390x", "tilegx", "x86" or "x86-64".
Added in version 254.
--offline=BOOL
Instructs systemd-repart to build the image offline. Takes a
boolean or "auto". Defaults to "auto". If enabled, the image
is built without using loop devices. This is useful to build
images unprivileged or when loop devices are not available. If
disabled, the image is always built using loop devices. If
"auto", systemd-repart will build the image online if possible
and fall back to building the image offline if loop devices
are not available or cannot be accessed due to missing
permissions.
Added in version 254.
--copy-from=IMAGE
Instructs systemd-repart to synthesize partition definitions
from the partition table in the given image. This option can
be specified multiple times to synthesize definitions from
each of the given images. The generated definitions will copy
the partitions into the destination partition table. The
copied partitions will have the same size, metadata and
contents but might have a different partition number and might
be located at a different offset in the destination partition
table. These definitions can be combined with partition
definitions read from regular partition definition files. The
synthesized definitions take precedence over the definitions
read from partition definition files.
Added in version 255.
--copy-source=PATH, -s PATH
Specifies a source directory all CopyFiles= source paths shall
be considered relative to. This is similar to --root=, but
exclusively applies to the CopyFiles= setting. If --root= and
--copy-source= are used in combination the former applies as
usual, except for CopyFiles= where the latter takes
precedence.
Added in version 255.
--make-ddi=TYPE
Takes one of "sysext", "confext" or "portable". Generates a
Discoverable Disk Image (DDI) for a system extension (sysext,
see systemd-sysext(8) for details), configuration extension
(confext) or Portable Services[1]. The generated image will
consist of a signed Verity "erofs" file system as root
partition. In this mode of operation the partition definitions
in /usr/lib/repart.d/*.conf and related directories are not
read, and --definitions= is not supported, as appropriate
definitions for the selected DDI class will be chosen
automatically.
Must be used in conjunction with --copy-source= to specify the
file hierarchy to populate the DDI with. The specified
directory should contain an etc/ subdirectory if "confext" is
selected. If "sysext" is selected it should contain either a
usr/ or opt/ directory, or both. If "portable" is used a full
OS file hierarchy can be provided.
This option implies --empty=create, --size=auto and
--seed=random (the latter two can be overridden).
The private key and certificate for signing the DDI must be
specified via the --private-key= and --certificate= switches.
Added in version 255.
-S, -C, -P
Shortcuts for --make-ddi=sysext, --make-ddi=confext,
--make-ddi=portable, respectively.
Added in version 255.
--generate-fstab=PATH
Specifies a path where to write fstab(5) entries for the
mountpoints configured with MountPoint= in the root directory
specified with --copy-source= or --root= or in the host's root
directory if neither is specified. Disabled by default.
Added in version 256.
--generate-crypttab=PATH
Specifies a path where to write crypttab entries for the
encrypted volumes configured with EncryptedVolume= in the root
directory specified with --copy-source= or --root= or in the
host's root directory if neither is specified. Disabled by
default.
Added in version 256.
--list-devices
Show a list of candidate block devices this command may
operate on. Specifically, this enumerates block devices
currently present that support partition tables, and shows
their device node paths along with any of their symlinks.
Added in version 257.
-h, --help
Print a short help text and exit.
--version
Print a short version string and exit.
--no-pager
Do not pipe output into a pager.
--no-legend
Do not print the legend, i.e. column headers and the footer
with hints.
--json=MODE
Shows output formatted as JSON. Expects one of "short" (for
the shortest possible output without any redundant whitespace
or line breaks), "pretty" (for a pretty version of the same,
with indentation and line breaks) or "off" (to turn off JSON
output, the default).
On success, 0 is returned, and a non-zero failure code otherwise.
Example 1. Generate a configuration extension image
The following creates a configuration extension DDI (confext) for
an /etc/motd update:
mkdir -p tree/etc/extension-release.d
echo "Hello World" >tree/etc/motd
cat >tree/etc/extension-release.d/extension-release.my-motd <<EOF
ID=fedora
VERSION_ID=38
IMAGE_ID=my-motd
IMAGE_VERSION=7
EOF
systemd-repart -C \
--private-key=privkey.pem \
--certificate=cert.crt \
-s tree/ \
/var/lib/confexts/my-motd.confext.raw
systemd-confext refresh
The DDI generated that way may be applied to the system with
systemd-confext(1).
Example 2. Generate a system extension image and sign it via
PKCS11
The following creates a system extension DDI (sysext) for an
/usr/foo update and signs it with a hardware token via PKCS11:
mkdir -p tree/usr/lib/extension-release.d
echo "Hello World" >tree/usr/foo
cat >tree/usr/lib/extension-release.d/extension-release.my-foo <<EOF
ID=fedora
VERSION_ID=38
IMAGE_ID=my-foo
IMAGE_VERSION=7
EOF
systemd-repart --make-ddi=sysext \
--private-key-source=engine:pkcs11 \
--private-key="pkcs11:model=PKCS%2315%20emulated;manufacturer=piv_II;serial=0123456789abcdef;token=Some%20Cert" \
--certificate=cert.crt \
-s tree/ \
/var/lib/extensions/my-foo.sysext.raw
systemd-sysext refresh
The DDI generated that way may be applied to the system with
systemd-sysext(8).
systemd(1), repart.d(5), machine-id(5), systemd-cryptenroll(1),
portablectl(1), systemd-sysext(8)
1. Portable Services
https://systemd.io/PORTABLE_SERVICES
This page is part of the systemd (systemd system and service
manager) project. Information about the project can be found at
⟨http://www.freedesktop.org/wiki/Software/systemd⟩. If you have a
bug report for this manual page, see
⟨http://www.freedesktop.org/wiki/Software/systemd/#bugreports⟩.
This page was obtained from the project's upstream Git repository
⟨https://github.com/systemd/systemd.git⟩ on 2025-02-02. (At that
time, the date of the most recent commit that was found in the
repository was 2025-02-02.) If you discover any rendering
problems in this HTML version of the page, or you believe there is
a better or more up-to-date source for the page, or you have
corrections or improvements to the information in this COLOPHON
(which is not part of the original manual page), send a mail to
man-pages@man7.org
systemd 258~devel SYSTEMD-REPART(8)
Pages that refer to this page: repart.d(5), sysupdate.d(5), systemd.directives(7), systemd.index(7), systemd-makefs@.service(8), systemd-pcrlock(8), systemd-sysupdate(8)
|
HTML rendering created 2025-02-02 by Michael Kerrisk, author of The Linux Programming Interface. For details of in-depth Linux/UNIX system programming training courses that I teach, look here. Hosting by jambit GmbH. |
|