summaryrefslogtreecommitdiffstats
path: root/man/systemd-repart.xml
blob: c6e2e306da848bfe8f05aee84a26ab6b49ed0450 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
<?xml version='1.0'?> <!--*-nxml-*-->
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd">
<!-- SPDX-License-Identifier: LGPL-2.1-or-later -->

<refentry id="systemd-repart" conditional='ENABLE_REPART'
    xmlns:xi="http://www.w3.org/2001/XInclude">

  <refentryinfo>
    <title>systemd-repart</title>
    <productname>systemd</productname>
  </refentryinfo>

  <refmeta>
    <refentrytitle>systemd-repart</refentrytitle>
    <manvolnum>8</manvolnum>
  </refmeta>

  <refnamediv>
    <refname>systemd-repart</refname>
    <refname>systemd-repart.service</refname>
    <refpurpose>Automatically grow and add partitions, and generate disk images (DDIs).</refpurpose>
  </refnamediv>

  <refsynopsisdiv>
    <cmdsynopsis>
      <command>systemd-repart</command>
      <arg choice="opt" rep="repeat">OPTIONS</arg>
      <arg choice="opt" rep="repeat"><replaceable><optional>BLOCKDEVICE</optional></replaceable></arg>
    </cmdsynopsis>

    <para><filename>systemd-repart.service</filename></para>
  </refsynopsisdiv>

  <refsect1>
    <title>Description</title>

    <para><command>systemd-repart</command> creates partition tables, and adds or grows partitions,
    based on the configuration files described in
    <citerefentry><refentrytitle>repart.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
    </para>

    <para><command>systemd-repart</command> is used when <emphasis>building</emphasis> OS images, and also
    when <emphasis>deploying</emphasis> images to automatically adjust them, during boot, to the system they
    are running on. This way the image can be minimal in size and may be augmented automatically at boot,
    taking possession of the disk space available.</para>

    <para>If invoked with no arguments, <command>systemd-repart</command> operates on the block device
    backing the root file system partition of the running OS, thus adding and growing partitions of the
    booted OS itself. When called in the initrd, it operates on the block device backing
    <filename>/sysroot/</filename> instead, i.e. on the block device the system will soon transition into. If
    <varname>--image=</varname> is used, it will operate on the specified device or image file. The
    <filename>systemd-repart.service</filename> service is generally run at boot in the initrd, in order to
    augment the partition table of the OS before its partitions are mounted.</para>

    <para><command>systemd-repart</command> operations are mostly incremental: it grows existing partitions
    or adds new ones, but does not shrink, delete, or move existing partitions. The service is intended to be
    run on every boot, but when it detects that the partition table already matches the installed
    <filename>repart.d/*.conf</filename> configuration files, it executes no operation.</para>

    <para>The following use cases are among those covered:</para>

    <itemizedlist>
      <listitem><para>The root partition may be grown to cover the whole available disk space.</para></listitem>
      <listitem><para>A <filename>/home/</filename>, swap, or <filename>/srv/</filename> partition can be
      added.</para></listitem>
      <listitem><para>A second (or third, …) root partition may be added, to cover A/B style setups
      where a second version of the root file system is alternatingly used for implementing update
      schemes. The deployed image would carry only a single partition ("A") but on first boot a second
      partition ("B") for this purpose is automatically created.</para></listitem>
    </itemizedlist>

    <para>The algorithm executed by <command>systemd-repart</command> is roughly as follows:</para>

    <orderedlist>
      <listitem><para>The <filename>repart.d/*.conf</filename> configuration files are loaded and parsed, and
      ordered by filename (without the directory prefix). For each configuration file, drop-in files are
      loaded from directories with same name as the configuration file with the suffix ".d" added.
      </para></listitem>

      <listitem><para>The partition table on the block device is loaded and parsed, if present.
      </para></listitem>

      <listitem><para>The existing partitions in the partition table are matched with the
      <filename>repart.d/*.conf</filename> files by GPT partition type UUID. The first existing partition of
      a specific type is assigned the first configuration file declaring the same type. The second existing
      partition of a specific type is then assigned the second configuration file declaring the same type,
      and so on. After this iterative assigning is complete, any existing partitions that have no matching
      configuration file are considered "foreign" and left as they are. And any configuration files for which
      no partition was matched are treated as requests to create a partition.</para></listitem>

      <listitem><para>Partitions that shall be created are now allocated on the disk, taking the size
      constraints and weights declared in the configuration files into account. Free space is used within the
      limits set by size and padding requests. In addition, existing partitions that should be grown are
      grown. New partitions are always appended to the end of the partition table, taking the first partition
      table slot whose index is greater than the indexes of all existing partitions. Partitions are never
      reordered and thus partition numbers remain stable. When partitions are created, they are placed in the
      smallest area of free space that is large enough to satisfy the size and padding limits. This means
      that partitions might have different order on disk than in the partition table. Note that this
      allocation happens in memory only, the partition table on disk is not updated yet.</para></listitem>

      <listitem><para>All existing partitions for which configuration files exist and which currently have no
      GPT partition label set will be assigned a label, either explicitly configured in the configuration or
       if that's missing  derived automatically from the partition type. The same is done for all
      partitions that are newly created. These assignments are done in memory only, too, the disk is not
      updated yet.</para></listitem>

      <listitem><para>Similarly, all existing partitions for which configuration files exist and which
      currently have an all-zero identifying UUID will be assigned a new UUID. This UUID is cryptographically
      hashed from a common seed value together with the partition type UUID (and a counter in case multiple
      partitions of the same type are defined), see below. The same is done for all partitions that are
      created anew. These assignments are done in memory only, too, the disk is not updated yet.
      </para></listitem>

      <listitem><para>Similarly, if the disk's volume UUID is all zeroes it is also initialized, also
      cryptographically hashed from the same common seed value. This is done in memory only too.
      </para></listitem>

      <listitem><para>The disk space assigned to new partitions (i.e. what was previously free space) is now
      erased. Specifically, all file system signatures are removed, and if the device supports it, the
      <constant>BLKDISCARD</constant> I/O control command is issued to inform the hardware that the space is
      now empty. In addition any "padding" between partitions and at the end of the device is similarly
      erased.</para></listitem>

      <listitem><para>The new partition table is finally written to disk. The kernel is asked to reread the
      partition table.</para></listitem>
    </orderedlist>

    <para>As an exception to the normal incremental operation, when called in a special "factory reset" mode,
    <command>systemd-repart</command> may be used to erase existing partitions to reset an installation back
    to vendor defaults. This mode of operation is used when either the <option>--factory-reset=yes</option>
    switch is passed on the tool's command line, or the <option>systemd.factory_reset=yes</option> option is
    specified on the kernel command line, or the <varname>FactoryReset</varname> EFI variable (vendor UUID
    <constant>8cf2644b-4b0b-428f-9387-6d876050dc67</constant>) is set to "yes". It alters the algorithm above
    slightly: between the 3rd and the 4th step above any partition marked explicitly via the
    <varname>FactoryReset=</varname> boolean is deleted, and the algorithm restarted, thus immediately
    re-creating these partitions anew empty.</para>

    <para>Note that <command>systemd-repart</command> by default only changes partition tables, it does not
    create or resize any file systems within these partitions, unless the <varname>Format=</varname>
    configuration option is specified. Also note that there are also separate mechanisms available for this
    purpose, for example
    <citerefentry><refentrytitle>systemd-growfs</refentrytitle><manvolnum>8</manvolnum></citerefentry> and
    <command>systemd-makefs</command>.</para>

    <para>The UUIDs identifying the new partitions created (or assigned to existing partitions that have no
    UUID yet), as well as the disk as a whole are hashed cryptographically from a common seed value. This
    seed value is usually the
    <citerefentry><refentrytitle>machine-id</refentrytitle><manvolnum>5</manvolnum></citerefentry> of the
    system, so that the machine ID reproducibly determines the UUIDs assigned to all partitions. If the
    machine ID cannot be read (or the user passes <option>--seed=random</option>, see below) the seed is
    generated randomly instead, so that the partition UUIDs are also effectively random. The seed value may
    also be set explicitly, formatted as UUID via the <option>--seed=</option> option. By hashing these UUIDs
    from a common seed images prepared with this tool become reproducible and the result of the algorithm
    above deterministic.</para>

    <para>The positional argument should specify the block device or a regular file to operate on. If
    <option>--empty=create</option> is specified, the specified path is created as regular file, which is
    useful for generating disk images from scratch.</para>
  </refsect1>

  <refsect1>
    <title>Options</title>

    <para>The following options are understood:</para>

    <variablelist>
      <varlistentry>
        <term><option>--dry-run=</option></term>

        <listitem><para>Takes a boolean. If this switch is not specified <option>--dry-run=yes</option> is
        the implied default. Controls whether <filename>systemd-repart</filename> executes the requested
        re-partition operations or whether it should only show what it would do. Unless
        <option>--dry-run=no</option> is specified <filename>systemd-repart</filename> will not actually
        touch the device's partition table.</para>

        <xi:include href="version-info.xml" xpointer="v245"/></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--empty=</option></term>

        <listitem><para>Takes one of <literal>refuse</literal>, <literal>allow</literal>,
        <literal>require</literal>, <literal>force</literal> or <literal>create</literal>. Controls how to
        operate on block devices that are entirely empty, i.e. carry no partition table/disk label yet. If
        this switch is not specified the implied default is <literal>refuse</literal>.</para>

        <para>If <literal>refuse</literal> <command>systemd-repart</command> requires that the block device
        it shall operate on already carries a partition table and refuses operation if none is found. If
        <literal>allow</literal> the command will extend an existing partition table or create a new one if
        none exists. If <literal>require</literal> the command will create a new partition table if none
        exists so far, and refuse operation if one already exists. If <literal>force</literal> it will create
        a fresh partition table unconditionally, erasing the disk fully in effect. If
        <literal>force</literal> no existing partitions will be taken into account or survive the
        operation. Hence: use with care, this is a great way to lose all your data. If
        <literal>create</literal> a new loopback file is create under the path passed via the device node
        parameter, of the size indicated with <option>--size=</option>, see below.</para>

        <xi:include href="version-info.xml" xpointer="v245"/></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--discard=</option></term>

        <listitem><para>Takes a boolean. If this switch is not specified <option>--discard=yes</option> is
        the implied default. Controls whether to issue the <constant>BLKDISCARD</constant> I/O control
        command on the space taken up by any added partitions or on the space in between them. Usually, it is
        a good idea to issue this request since it tells the underlying hardware that the covered blocks
        shall be considered empty, improving performance. If operating on a regular file instead of a block
        device node, a sparse file is generated.</para>

        <xi:include href="version-info.xml" xpointer="v245"/></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--size=</option></term>

        <listitem><para>Takes a size in bytes, using the usual K, M, G, T suffixes, or the special value
        <literal>auto</literal>. If used the specified device node path must refer to a regular file, which
        is then grown to the specified size if smaller, before any change is made to the partition table. If
        specified as <literal>auto</literal> the minimal size for the disk image is automatically determined
        (i.e. the minimal sizes of all partitions are summed up, taking space for additional metadata into
        account). This switch is not supported if the specified node is a block device. This switch has no
        effect if the file is already as large as the specified size or larger. The specified size is
        implicitly rounded up to multiples of 4096. When used with <option>--empty=create</option> this
        specifies the initial size of the loopback file to create.</para>

        <para>The <option>--size=auto</option> option takes the sizes of pre-existing partitions into
        account. However, it does not accommodate for partition tables that are not tightly packed: the
        configured partitions might still not fit into the backing device if empty space exists between
        pre-existing partitions (or before the first partition) that cannot be fully filled by partitions to
        grow or create.</para>

        <para>Also note that the automatic size determination does not take files or directories specified
        with <option>CopyFiles=</option> into account: operation might fail if the specified files or
        directories require more disk space then the configured per-partition minimal size
        limit.</para>

        <xi:include href="version-info.xml" xpointer="v246"/></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--factory-reset=</option></term>

        <listitem><para>Takes boolean. If this switch is not specified <option>--factory=reset=no</option> is
        the implied default. Controls whether to operate in "factory reset" mode, see above. If set to true
        this will remove all existing partitions marked with <varname>FactoryReset=</varname> set to yes
        early while executing the re-partitioning algorithm. Use with care, this is a great way to lose all
        your data. Note that partition files need to explicitly turn <varname>FactoryReset=</varname> on, as
        the option defaults to off. If no partitions are marked for factory reset this switch has no
        effect. Note that there are two other methods to request factory reset operation: via the kernel
        command line and via an EFI variable, see above.</para>

        <xi:include href="version-info.xml" xpointer="v245"/></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--can-factory-reset</option></term>

        <listitem><para>If this switch is specified the disk is not re-partitioned. Instead it is determined
        if any existing partitions are marked with <varname>FactoryReset=</varname>. If there are the tool
        will exit with exit status zero, otherwise non-zero. This switch may be used to quickly determine
        whether the running system supports a factory reset mechanism built on
        <command>systemd-repart</command>.</para>

        <xi:include href="version-info.xml" xpointer="v245"/></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--root=</option></term>

        <listitem><para>Takes a path to a directory to use as root file system when searching for
        <filename>repart.d/*.conf</filename> files, for the machine ID file to use as seed and for the
        <varname>CopyFiles=</varname> and <varname>CopyBlocks=</varname> source files and directories. By
        default when invoked on the regular system this defaults to the host's root file system
        <filename>/</filename>. If invoked from the initrd this defaults to <filename>/sysroot/</filename>,
        so that the tool operates on the configuration and machine ID stored in the root file system later
        transitioned into itself.</para>

        <para>See <option>--copy-source=</option> for a more restricted option that only affects
        <varname>CopyFiles=</varname>.</para>

        <xi:include href="version-info.xml" xpointer="v245"/></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--image=</option></term>

        <listitem><para>Takes a path to a disk image file or device to mount and use in a similar fashion to
        <option>--root=</option>, see above.</para>

        <xi:include href="version-info.xml" xpointer="v249"/></listitem>
      </varlistentry>

      <xi:include href="standard-options.xml" xpointer="image-policy-open" />

      <varlistentry>
        <term><option>--seed=</option></term>

        <listitem><para>Takes a UUID as argument or the special value <constant>random</constant>. If a UUID
        is specified the UUIDs to assign to partitions and the partition table itself are derived via
        cryptographic hashing from it. If not specified it is attempted to read the machine ID from the host
        (or more precisely, the root directory configured via <option>--root=</option>) and use it as seed
        instead, falling back to a randomized seed otherwise. Use <option>--seed=random</option> to force a
        randomized seed. Explicitly specifying the seed may be used to generated strictly reproducible
        partition tables.</para>

        <xi:include href="version-info.xml" xpointer="v245"/></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--pretty=</option></term>

        <listitem><para>Takes a boolean argument. If this switch is not specified, it defaults to on when
        called from an interactive terminal and off otherwise. Controls whether to show a user friendly table
        and graphic illustrating the changes applied.</para>

        <xi:include href="version-info.xml" xpointer="v245"/></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--definitions=</option></term>

        <listitem><para>Takes a file system path. If specified the <filename>*.conf</filename> files are read
        from the specified directory instead of searching in <filename>/usr/lib/repart.d/*.conf</filename>,
        <filename>/etc/repart.d/*.conf</filename>,
        <filename>/run/repart.d/*.conf</filename>.</para>

        <para>This parameter can be specified multiple times.</para>

        <xi:include href="version-info.xml" xpointer="v245"/></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--key-file=</option></term>

        <listitem><para>Takes a file system path. Configures the encryption key to use when setting up LUKS2
        volumes configured with the <varname>Encrypt=key-file</varname> setting in partition files. Should
        refer to a regular file containing the key, or an <constant>AF_UNIX</constant> stream socket in the
        file system. In the latter case a connection is made to it and the key read from it. If this switch
        is not specified the empty key (i.e. zero length key) is used. This behaviour is useful for setting
        up encrypted partitions during early first boot that receive their user-supplied password only in a
        later setup step.</para>

        <xi:include href="version-info.xml" xpointer="v247"/></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--private-key=</option></term>

        <listitem><para>Takes a file system path or an engine or provider specific designation. Configures
        the signing key to use when creating verity signature partitions with the
        <varname>Verity=signature</varname> setting in partition files.</para>

        <xi:include href="version-info.xml" xpointer="v252"/></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--private-key-source=</option></term>

        <listitem><para>Takes one of <literal>file</literal>, <literal>engine</literal> or
        <literal>provider</literal>. In the latter two cases, it is followed by the name of a provider or
        engine, separated by colon, that will be passed to OpenSSL's "engine" or "provider" logic.
        Configures how to load the private key to use when creating verity signature partitions with the
        <varname>Verity=signature</varname> setting in partition files.</para>

        <xi:include href="version-info.xml" xpointer="v256"/></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--certificate=</option></term>

        <listitem><para>Takes a file system path or a provider specific designation. Configures the PEM
        encoded X.509 certificate to use when creating verity signature partitions with the
        <varname>Verity=signature</varname> setting in partition files.</para>

        <xi:include href="version-info.xml" xpointer="v252"/></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--certificate-source=</option></term>

        <listitem><para>Takes one of <literal>file</literal>, or <literal>provider</literal>. In the latter
        case, it is followed by the name of a provider, separated by colon, that will be passed to OpenSSL's
        "provider" logic. Configures how to load the X.509 certificate to use when creating verity signature
        partitions with the <varname>Verity=signature</varname> setting in partition files.</para>

        <xi:include href="version-info.xml" xpointer="v257"/></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--tpm2-device=</option></term>
        <term><option>--tpm2-pcrs=</option></term>

        <listitem><para>Configures the TPM2 device and list of PCRs to use for LUKS2 volumes configured with
        the <varname>Encrypt=tpm2</varname> option. These options take the same parameters as the identically
        named options to
        <citerefentry><refentrytitle>systemd-cryptenroll</refentrytitle><manvolnum>1</manvolnum></citerefentry>
        and have the same effect on partitions where TPM2 enrollment is requested.</para>

        <xi:include href="version-info.xml" xpointer="v248"/></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--tpm2-device-key=<replaceable>PATH</replaceable></option></term>
        <term><option>--tpm2-seal-key-handle=<replaceable>HANDLE</replaceable></option></term>

        <listitem><para>Configures a TPM2 SRK key to bind encryption to. See
        <citerefentry><refentrytitle>systemd-cryptenroll</refentrytitle><manvolnum>1</manvolnum></citerefentry>
        for details on this option.</para>

        <xi:include href="version-info.xml" xpointer="v255"/></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--tpm2-public-key=<replaceable>PATH</replaceable></option></term>
        <term><option>--tpm2-public-key-pcrs=<replaceable>PCR<optional>+PCR...</optional></replaceable></option></term>

        <listitem><para>Configures a TPM2 signed PCR policy to bind encryption to. See
        <citerefentry><refentrytitle>systemd-cryptenroll</refentrytitle><manvolnum>1</manvolnum></citerefentry>
        for details on these two options.</para>

        <xi:include href="version-info.xml" xpointer="v252"/></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--tpm2-pcrlock=<replaceable>PATH</replaceable></option></term>

        <listitem><para>Configures a TPM2 pcrlock policy to bind encryption to. See
        <citerefentry><refentrytitle>systemd-cryptenroll</refentrytitle><manvolnum>1</manvolnum></citerefentry>
        for details on this option.</para>

        <xi:include href="version-info.xml" xpointer="v255"/></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--split=<replaceable>BOOL</replaceable></option></term>

        <listitem><para>Enables generation of split artifacts from partitions configured with
        <varname>SplitName=</varname>. If enabled, for each partition with <varname>SplitName=</varname> set,
        a separate output file containing just the contents of that partition is generated. The output
        filename consists of the loopback filename suffixed with the name configured with
        <varname>SplitName=</varname>. If the loopback filename ends with <literal>.raw</literal>, the suffix
        is inserted before the <literal>.raw</literal> extension instead.</para>

        <para>Note that <option>--split</option> is independent from <option>--dry-run</option>. Even if
        <option>--dry-run</option> is enabled, split artifacts will still be generated from an existing image
        if <option>--split</option> is enabled.</para>

        <xi:include href="version-info.xml" xpointer="v252"/></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--include-partitions=<replaceable>PARTITIONS</replaceable></option></term>
        <term><option>--exclude-partitions=<replaceable>PARTITIONS</replaceable></option></term>

        <listitem><para>These options specify which partition types <command>systemd-repart</command> should
        operate on. If <option>--include-partitions=</option> is used, all partitions that are not specified
        are excluded. If <option>--exclude-partitions=</option> is used, all partitions that are specified
        are excluded. Both options take a comma separated list of GPT partition type UUIDs or identifiers
        (see <varname>Type=</varname> in
        <citerefentry><refentrytitle>repart.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>).
        </para>

        <xi:include href="version-info.xml" xpointer="v253"/></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--defer-partitions=<replaceable>PARTITIONS</replaceable></option></term>

        <listitem><para>This option specifies for which partition types <command>systemd-repart</command>
        should defer. All partitions that are deferred using this option are still taken into account when
        calculating the sizes and offsets of other partitions, but are not actually written to the disk image.
        The net effect of this option is that if you run <command>systemd-repart</command> again without this
        option, the missing partitions will be added as if they had not been deferred the first time
        <command>systemd-repart</command> was executed.</para>

        <xi:include href="version-info.xml" xpointer="v253"/></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--sector-size=<replaceable>BYTES</replaceable></option></term>

        <listitem><para>This option allows configuring the sector size of the image produced by
        <command>systemd-repart</command>. It takes a value that is a power of <literal>2</literal> between
        <literal>512</literal> and <literal>4096</literal>. This option is useful when building images for
        disks that use a different sector size as the disk on which the image is produced.</para>

        <xi:include href="version-info.xml" xpointer="v253"/></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--architecture=<replaceable>ARCH</replaceable></option></term>

        <listitem><para>This option allows overriding the architecture used for architecture specific
        partition types. For example, if set to <literal>arm64</literal> a partition type of
        <literal>root-x86-64</literal> referenced in <filename>repart.d/</filename> drop-ins will be patched
        dynamically to refer to <literal>root-arm64</literal> instead. Takes one of
        <literal>alpha</literal>,
        <literal>arc</literal>,
        <literal>arm</literal>,
        <literal>arm64</literal>,
        <literal>ia64</literal>,
        <literal>loongarch64</literal>,
        <literal>mips-le</literal>,
        <literal>mips64-le</literal>,
        <literal>parisc</literal>,
        <literal>ppc</literal>,
        <literal>ppc64</literal>,
        <literal>ppc64-le</literal>,
        <literal>riscv32</literal>,
        <literal>riscv64</literal>,
        <literal>s390</literal>,
        <literal>s390x</literal>,
        <literal>tilegx</literal>,
        <literal>x86</literal> or
        <literal>x86-64</literal>.</para>

        <xi:include href="version-info.xml" xpointer="v254"/></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--offline=<replaceable>BOOL</replaceable></option></term>

        <listitem><para>Instructs <command>systemd-repart</command> to build the image offline. Takes a
        boolean or <literal>auto</literal>. Defaults to <literal>auto</literal>. If enabled, the image is
        built without using loop devices. This is useful to build images unprivileged or when loop devices
        are not available. If disabled, the image is always built using loop devices. If
        <literal>auto</literal>, <command>systemd-repart</command> will build the image online if possible
        and fall back to building the image offline if loop devices are not available or cannot be accessed
        due to missing permissions.</para>

        <xi:include href="version-info.xml" xpointer="v254"/></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--copy-from=<replaceable>IMAGE</replaceable></option></term>

        <listitem><para>Instructs <command>systemd-repart</command> to synthesize partition definitions from
        the partition table in the given image. This option can be specified multiple times to synthesize
        definitions from each of the given images. The generated definitions will copy the partitions into
        the destination partition table. The copied partitions will have the same size, metadata and contents
        but might have a different partition number and might be located at a different offset in the
        destination partition table. These definitions can be combined with partition definitions read from
        regular partition definition files. The synthesized definitions take precedence over the definitions
        read from partition definition files.</para>

        <xi:include href="version-info.xml" xpointer="v255"/></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--copy-source=<replaceable>PATH</replaceable></option></term>
        <term><option>-s</option> <replaceable>PATH</replaceable></term>

        <listitem><para>Specifies a source directory all <varname>CopyFiles=</varname> source paths shall be
        considered relative to. This is similar to <option>--root=</option>, but exclusively applies to the
        <varname>CopyFiles=</varname> setting. If <option>--root=</option> and
        <option>--copy-source=</option> are used in combination the former applies as usual, except for
        <varname>CopyFiles=</varname> where the latter takes precedence.</para>

        <xi:include href="version-info.xml" xpointer="v255"/></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--make-ddi=<replaceable>TYPE</replaceable></option></term>

        <listitem><para>Takes one of <literal>sysext</literal>, <literal>confext</literal> or
        <literal>portable</literal>. Generates a Discoverable Disk Image (DDI) for a system extension
        (sysext, see
        <citerefentry><refentrytitle>systemd-sysext</refentrytitle><manvolnum>8</manvolnum></citerefentry>
        for details), configuration extension (confext) or <ulink
        url="https://systemd.io/PORTABLE_SERVICES">Portable Services</ulink>. The generated image will consist
        of a signed Verity <literal>erofs</literal> file system as root partition. In this mode of operation
        the partition definitions in <filename>/usr/lib/repart.d/*.conf</filename> and related directories
        are not read, and <option>--definitions=</option> is not supported, as appropriate definitions for
        the selected DDI class will be chosen automatically.</para>

        <para>Must be used in conjunction with <option>--copy-source=</option> to specify the file hierarchy
        to populate the DDI with. The specified directory should contain an <filename>etc/</filename>
        subdirectory if <literal>confext</literal> is selected. If <literal>sysext</literal> is selected it
        should contain either a <filename>usr/</filename> or <filename>opt/</filename> directory, or both. If
        <literal>portable</literal> is used a full OS file hierarchy can be provided.</para>

        <para>This option implies <option>--empty=create</option>, <option>--size=auto</option> and
        <option>--seed=random</option> (the latter two can be overridden).</para>

        <para>The private key and certificate for signing the DDI must be specified via the
        <option>--private-key=</option> and <option>--certificate=</option> switches.</para>

        <xi:include href="version-info.xml" xpointer="v255"/></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>-S</option></term>
        <term><option>-C</option></term>
        <term><option>-P</option></term>

        <listitem><para>Shortcuts for <option>--make-ddi=sysext</option>,
        <option>--make-ddi=confext</option>, <option>--make-ddi=portable</option>,
        respectively.</para>

        <xi:include href="version-info.xml" xpointer="v255"/></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--generate-fstab=<replaceable>PATH</replaceable></option></term>

        <listitem><para>Specifies a path where to write
        <citerefentry project='man-pages'><refentrytitle>fstab</refentrytitle><manvolnum>5</manvolnum></citerefentry>
        entries for the mountpoints configured with <option>MountPoint=</option> in the root directory
        specified with <option>--copy-source=</option> or <option>--root=</option> or in the host's root
        directory if neither is specified. Disabled by default.</para>

        <xi:include href="version-info.xml" xpointer="v256"/></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--generate-crypttab=<replaceable>PATH</replaceable></option></term>

        <listitem><para>Specifies a path where to write crypttab entries for the encrypted volumes configured
        with <option>EncryptedVolume=</option> in the root directory specified with
        <option>--copy-source=</option> or <option>--root=</option> or in the host's root directory if
        neither is specified. Disabled by default.</para>

        <xi:include href="version-info.xml" xpointer="v256"/></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--list-devices</option></term>

        <listitem><para>Show a list of candidate block devices this command may operate on. Specifically,
        this enumerates block devices currently present that support partition tables, and shows their device
        node paths along with any of their symlinks.</para>

        <xi:include href="version-info.xml" xpointer="v257"/></listitem>
      </varlistentry>

      <xi:include href="standard-options.xml" xpointer="help" />
      <xi:include href="standard-options.xml" xpointer="version" />
      <xi:include href="standard-options.xml" xpointer="no-pager" />
      <xi:include href="standard-options.xml" xpointer="no-legend" />
      <xi:include href="standard-options.xml" xpointer="json" />
    </variablelist>
  </refsect1>

  <refsect1>
    <title>Exit status</title>

    <para>On success, 0 is returned, and a non-zero failure code otherwise.</para>
  </refsect1>

  <refsect1>
    <title>Example</title>

    <example>
      <title>Generate a configuration extension image</title>

      <para>The following creates a configuration extension DDI (confext) for an
      <filename>/etc/motd</filename> update:</para>

      <programlisting>mkdir -p tree/etc/extension-release.d
echo "Hello World" >tree/etc/motd
cat >tree/etc/extension-release.d/extension-release.my-motd &lt;&lt;EOF
ID=fedora
VERSION_ID=38
IMAGE_ID=my-motd
IMAGE_VERSION=7
EOF
systemd-repart -C \
  --private-key=privkey.pem \
  --certificate=cert.crt \
  -s tree/ \
  /var/lib/confexts/my-motd.confext.raw
systemd-confext refresh</programlisting>

      <para>The DDI generated that way may be applied to the system with
      <citerefentry><refentrytitle>systemd-confext</refentrytitle><manvolnum>1</manvolnum></citerefentry>.</para>
    </example>

    <example>
      <title>Generate a system extension image and sign it via PKCS11</title>

      <para>The following creates a system extension DDI (sysext) for an
      <filename>/usr/foo</filename> update and signs it with a hardware token via PKCS11:</para>

      <programlisting>mkdir -p tree/usr/lib/extension-release.d
echo "Hello World" >tree/usr/foo
cat >tree/usr/lib/extension-release.d/extension-release.my-foo &lt;&lt;EOF
ID=fedora
VERSION_ID=38
IMAGE_ID=my-foo
IMAGE_VERSION=7
EOF
systemd-repart --make-ddi=sysext \
  --private-key-source=engine:pkcs11 \
  --private-key="pkcs11:model=PKCS%2315%20emulated;manufacturer=piv_II;serial=0123456789abcdef;token=Some%20Cert" \
  --certificate=cert.crt \
  -s tree/ \
  /var/lib/extensions/my-foo.sysext.raw
systemd-sysext refresh</programlisting>

      <para>The DDI generated that way may be applied to the system with
      <citerefentry><refentrytitle>systemd-sysext</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
    </example>

  </refsect1>

  <refsect1>
    <title>See Also</title>
    <para><simplelist type="inline">
      <member><citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry></member>
      <member><citerefentry><refentrytitle>repart.d</refentrytitle><manvolnum>5</manvolnum></citerefentry></member>
      <member><citerefentry><refentrytitle>machine-id</refentrytitle><manvolnum>5</manvolnum></citerefentry></member>
      <member><citerefentry><refentrytitle>systemd-cryptenroll</refentrytitle><manvolnum>1</manvolnum></citerefentry></member>
      <member><citerefentry><refentrytitle>portablectl</refentrytitle><manvolnum>1</manvolnum></citerefentry></member>
      <member><citerefentry><refentrytitle>systemd-sysext</refentrytitle><manvolnum>8</manvolnum></citerefentry></member>
    </simplelist></para>
  </refsect1>

</refentry>