picnoir
/
Systemd
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Systemd/man/kernel-command-line.xml

539 lines
27 KiB
XML
Raw Blame History

<?xml version='1.0'?> <!--*-nxml-*-->
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
<!-- SPDX-License-Identifier: LGPL-2.1-or-later -->
<refentry id="kernel-command-line">
<refentryinfo>
<title>kernel-command-line</title>
<productname>systemd</productname>
</refentryinfo>
<refmeta>
<refentrytitle>kernel-command-line</refentrytitle>
<manvolnum>7</manvolnum>
</refmeta>
<refnamediv>
<refname>kernel-command-line</refname>
<refpurpose>Kernel command line parameters</refpurpose>
</refnamediv>
<refsynopsisdiv>
<para><filename>/proc/cmdline</filename></para>
</refsynopsisdiv>
<refsect1>
<title>Description</title>
<para>The kernel, the initial RAM disk (initrd) and basic userspace functionality may be configured at
boot via kernel command line arguments. In addition, various systemd tools look at the EFI variable
<literal>SystemdOptions</literal> (if available). Both sources are combined, but the kernel command line
has higher priority. Please note that <emphasis>the EFI variable is only used by systemd tools, and is
ignored by the kernel and other user space tools</emphasis>, so it is not a replacement for the kernel
command line.</para>
<para>For command line parameters understood by the kernel, please
see
<ulink url="https://www.kernel.org/doc/html/latest/admin-guide/kernel-parameters.html"><filename>kernel-parameters.html</filename></ulink>
and
<citerefentry project='man-pages'><refentrytitle>bootparam</refentrytitle><manvolnum>7</manvolnum></citerefentry>.</para>
<para>For command line parameters understood by the initial RAM
disk, please see
<citerefentry project='man-pages'><refentrytitle>dracut.cmdline</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
or the documentation of the specific initrd implementation of your
installation.</para>
</refsect1>
<refsect1>
<title>Core OS Command Line Arguments</title>
<variablelist class='kernel-commandline-options'>
<varlistentry>
<term><varname>systemd.unit=</varname></term>
<term><varname>rd.systemd.unit=</varname></term>
<term><varname>systemd.dump_core</varname></term>
<term><varname>systemd.early_core_pattern=</varname></term>
<term><varname>systemd.crash_chvt</varname></term>
<term><varname>systemd.crash_shell</varname></term>
<term><varname>systemd.crash_reboot</varname></term>
<term><varname>systemd.confirm_spawn</varname></term>
<term><varname>systemd.service_watchdogs</varname></term>
<term><varname>systemd.show_status</varname></term>
<term><varname>systemd.status_unit_format=</varname></term>
<term><varname>systemd.log_target=</varname></term>
<term><varname>systemd.log_level=</varname></term>
<term><varname>systemd.log_location=</varname></term>
<term><varname>systemd.log_color</varname></term>
<term><varname>systemd.default_standard_output=</varname></term>
<term><varname>systemd.default_standard_error=</varname></term>
<term><varname>systemd.setenv=</varname></term>
<term><varname>systemd.machine_id=</varname></term>
<term><varname>systemd.unified_cgroup_hierarchy</varname></term>
<term><varname>systemd.legacy_systemd_cgroup_controller</varname></term>
<listitem>
<para>Parameters understood by the system and service
manager to control system behavior. For details, see
<citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>systemd.mask=</varname></term>
<term><varname>systemd.wants=</varname></term>
<term><varname>systemd.debug_shell</varname></term>
<listitem>
<para>Additional parameters understood by
<citerefentry><refentrytitle>systemd-debug-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
to mask or start specific units at boot, or invoke a debug
shell on tty9.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>systemd.run=</varname></term>
<term><varname>systemd.run_success_action=</varname></term>
<term><varname>systemd.run_failure_action=</varname></term>
<listitem>
<para>Additional parameters understood by
<citerefentry><refentrytitle>systemd-run-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>, to
run a command line specified on the kernel command line as system service after booting up.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>systemd.early_core_pattern=</varname></term>
<listitem>
<para>During early boot, the generation of core dump files is disabled until a core dump handler (if any)
takes over. This parameter allows specifying an absolute path where core dump files should be stored until
a handler is installed. The path should be absolute and may contain specifiers, see
<citerefentry project='man-pages'><refentrytitle>core</refentrytitle><manvolnum>5</manvolnum></citerefentry> for details.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>systemd.restore_state=</varname></term>
<listitem>
<para>This parameter is understood by several system tools
to control whether or not they should restore system state
from the previous boot. For details, see
<citerefentry><refentrytitle>systemd-backlight@.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
and
<citerefentry><refentrytitle>systemd-rfkill.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>systemd.volatile=</varname></term>
<listitem>
<para>This parameter controls whether the system shall boot up in volatile mode. Takes a boolean argument, or
the special value <literal>state</literal>. If false (the default), normal boot mode is selected, the root
directory and <filename>/var/</filename> are mounted as specified on the kernel command line or
<filename>/etc/fstab</filename>, or otherwise configured. If true, full state-less boot mode is selected. In
this case the root directory is mounted as volatile memory file system (<literal>tmpfs</literal>), and only
<filename>/usr/</filename> is mounted from the file system configured as root device, in read-only mode. This
enables fully state-less boots were the vendor-supplied OS is used as shipped, with only default
configuration and no stored state in effect, as <filename>/etc/</filename> and <filename>/var/</filename> (as
well as all other resources shipped in the root file system) are reset at boot and lost on shutdown. If this
setting is set to <literal>state</literal> the root file system is mounted read-only, however
<filename>/var/</filename> is mounted as a volatile memory file system (<literal>tmpfs</literal>), so that the
system boots up with the normal configuration applied, but all state reset at boot and lost at shutdown. If
this setting is set to <literal>overlay</literal> the root file system is set up as
<literal>overlayfs</literal> mount combining the read-only root directory with a writable
<literal>tmpfs</literal>, so that no modifications are made to disk, but the file system may be modified
nonetheless with all changes being lost at reboot. For details, see
<citerefentry><refentrytitle>systemd-volatile-root.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
and
<citerefentry><refentrytitle>systemd-fstab-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>quiet</varname></term>
<listitem>
<para>Parameter understood by both the kernel and the system
and service manager to control console log verbosity. For
details, see
<citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>debug</varname></term>
<listitem>
<para>Parameter understood by both the kernel and the system
and service manager to control console log verbosity. For
details, see
<citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>-b</varname></term>
<term><varname>rd.emergency</varname></term>
<term><varname>emergency</varname></term>
<term><varname>rd.rescue</varname></term>
<term><varname>rescue</varname></term>
<term><varname>single</varname></term>
<term><varname>s</varname></term>
<term><varname>S</varname></term>
<term><varname>1</varname></term>
<term><varname>2</varname></term>
<term><varname>3</varname></term>
<term><varname>4</varname></term>
<term><varname>5</varname></term>
<listitem>
<para>Parameters understood by the system and service
manager, as compatibility and convenience options. For details, see
<citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>locale.LANG=</varname></term>
<term><varname>locale.LANGUAGE=</varname></term>
<term><varname>locale.LC_CTYPE=</varname></term>
<term><varname>locale.LC_NUMERIC=</varname></term>
<term><varname>locale.LC_TIME=</varname></term>
<term><varname>locale.LC_COLLATE=</varname></term>
<term><varname>locale.LC_MONETARY=</varname></term>
<term><varname>locale.LC_MESSAGES=</varname></term>
<term><varname>locale.LC_PAPER=</varname></term>
<term><varname>locale.LC_NAME=</varname></term>
<term><varname>locale.LC_ADDRESS=</varname></term>
<term><varname>locale.LC_TELEPHONE=</varname></term>
<term><varname>locale.LC_MEASUREMENT=</varname></term>
<term><varname>locale.LC_IDENTIFICATION=</varname></term>
<listitem>
<para>Parameters understood by the system and service
manager to control locale and language settings. For
details, see
<citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>fsck.mode=</varname></term>
<term><varname>fsck.repair=</varname></term>
<listitem>
<para>Parameters understood by the file system checker
services. For details, see
<citerefentry><refentrytitle>systemd-fsck@.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>quotacheck.mode=</varname></term>
<listitem>
<para>Parameter understood by the file quota checker
service. For details, see
<citerefentry><refentrytitle>systemd-quotacheck.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>systemd.journald.forward_to_syslog=</varname></term>
<term><varname>systemd.journald.forward_to_kmsg=</varname></term>
<term><varname>systemd.journald.forward_to_console=</varname></term>
<term><varname>systemd.journald.forward_to_wall=</varname></term>
<listitem>
<para>Parameters understood by the journal service. For
details, see
<citerefentry><refentrytitle>systemd-journald.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>vconsole.keymap=</varname></term>
<term><varname>vconsole.keymap_toggle=</varname></term>
<term><varname>vconsole.font=</varname></term>
<term><varname>vconsole.font_map=</varname></term>
<term><varname>vconsole.font_unimap=</varname></term>
<listitem>
<para>Parameters understood by the virtual console setup logic. For details, see
<citerefentry><refentrytitle>vconsole.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>udev.log_level=</varname></term>
<term><varname>rd.udev.log_level=</varname></term>
<term><varname>udev.children_max=</varname></term>
<term><varname>rd.udev.children_max=</varname></term>
<term><varname>udev.exec_delay=</varname></term>
<term><varname>rd.udev.exec_delay=</varname></term>
<term><varname>udev.event_timeout=</varname></term>
<term><varname>rd.udev.event_timeout=</varname></term>
<term><varname>udev.timeout_signal=</varname></term>
<term><varname>rd.udev.timeout_signal=</varname></term>
<term><varname>udev.blockdev_read_only</varname></term>
<term><varname>rd.udev.blockdev_read_only</varname></term>
<term><varname>net.ifnames=</varname></term>
<term><varname>net.naming-scheme=</varname></term>
<listitem>
<para>Parameters understood by the device event managing
daemon. For details, see
<citerefentry><refentrytitle>systemd-udevd.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>plymouth.enable=</varname></term>
<listitem>
<para>May be used to disable the Plymouth boot splash. For
details, see
<citerefentry project='die-net'><refentrytitle>plymouth</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>luks=</varname></term>
<term><varname>rd.luks=</varname></term>
<term><varname>luks.crypttab=</varname></term>
<term><varname>rd.luks.crypttab=</varname></term>
<term><varname>luks.name=</varname></term>
<term><varname>rd.luks.name=</varname></term>
<term><varname>luks.uuid=</varname></term>
<term><varname>rd.luks.uuid=</varname></term>
<term><varname>luks.options=</varname></term>
<term><varname>rd.luks.options=</varname></term>
<term><varname>luks.key=</varname></term>
<term><varname>rd.luks.key=</varname></term>
<listitem>
<para>Configures the LUKS full-disk encryption logic at
boot. For details, see
<citerefentry><refentrytitle>systemd-cryptsetup-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>fstab=</varname></term>
<term><varname>rd.fstab=</varname></term>
<listitem>
<para>Configures the <filename>/etc/fstab</filename> logic
at boot. For details, see
<citerefentry><refentrytitle>systemd-fstab-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>root=</varname></term>
<term><varname>rootfstype=</varname></term>
<term><varname>rootflags=</varname></term>
<term><varname>ro</varname></term>
<term><varname>rw</varname></term>
<listitem>
<para>Configures the root file system and its file system
type and mount options, as well as whether it shall be
mounted read-only or read-write initially. For details,
see
<citerefentry><refentrytitle>systemd-fstab-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>mount.usr=</varname></term>
<term><varname>mount.usrfstype=</varname></term>
<term><varname>mount.usrflags=</varname></term>
<listitem>
<para>Configures the /usr file system (if required) and
its file system type and mount options. For details, see
<citerefentry><refentrytitle>systemd-fstab-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>roothash=</varname></term>
<term><varname>systemd.verity=</varname></term>
<term><varname>rd.systemd.verity=</varname></term>
<term><varname>systemd.verity_root_data=</varname></term>
<term><varname>systemd.verity_root_hash=</varname></term>
<listitem>
<para>Configures the integrity protection root hash for the root file system, and other related
parameters. For details, see
<citerefentry><refentrytitle>systemd-veritysetup-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>systemd.gpt_auto=</varname></term>
<term><varname>rd.systemd.gpt_auto=</varname></term>
<listitem>
<para>Configures whether GPT based partition auto-discovery
shall be attempted. For details, see
<citerefentry><refentrytitle>systemd-gpt-auto-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>systemd.default_timeout_start_sec=</varname></term>
<listitem>
<para>Overwrites the default start job timeout <varname>DefaultTimeoutStartSec=</varname> at boot. For details,
see <citerefentry><refentrytitle>systemd-system.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>systemd.watchdog_device=</varname></term>
<listitem>
<para>Overwrites the watchdog device path <varname>WatchdogDevice=</varname>. For details, see
<citerefentry><refentrytitle>systemd-system.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>systemd.cpu_affinity=</varname></term>
<listitem>
<para>Overrides the CPU affinity mask for the service manager and the default for all child
processes it forks. This takes precedence over <varname>CPUAffinity=</varname>, see
<citerefentry><refentrytitle>systemd-system.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for details.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>modules_load=</varname></term>
<term><varname>rd.modules_load=</varname></term>
<listitem>
<para>Load a specific kernel module early at boot. For
details, see
<citerefentry><refentrytitle>systemd-modules-load.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>resume=</varname></term>
<term><varname>resumeflags=</varname></term>
<listitem>
<para>Enables resume from hibernation using the specified
device and mount options. All
<citerefentry project='man-pages'><refentrytitle>fstab</refentrytitle><manvolnum>5</manvolnum></citerefentry>-like
paths are supported. For details, see
<citerefentry><refentrytitle>systemd-hibernate-resume-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>systemd.firstboot=</varname></term>
<listitem><para>Takes a boolean argument, defaults to on. If off,
<citerefentry><refentrytitle>systemd-firstboot.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
will not query the user for basic system settings, even if the system boots up for the first time and
the relevant settings are not initialized yet. Not to be confused with
<varname>systemd.condition-first-boot=</varname> (see below), which overrides the result of the
<varname>ConditionFirstBoot=</varname> unit file condition, and thus controls more than just
<filename>systemd-firstboot.service</filename> behaviour.</para></listitem>
</varlistentry>
<varlistentry>
<term><varname>systemd.condition-needs-update=</varname></term>
<listitem><para>Takes a boolean argument. If specified, overrides the result of
<varname>ConditionNeedsUpdate=</varname> unit condition checks. See
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry> for
details.</para></listitem>
</varlistentry>
<varlistentry>
<term><varname>systemd.condition-first-boot=</varname></term>
<listitem><para>Takes a boolean argument. If specified, overrides the result of
<varname>ConditionFirstBoot=</varname> unit condition checks. See
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry> for
details. Not to be confused with <varname>systemd.firstboot=</varname> which only controls behaviour
of the <filename>systemd-firstboot.service</filename> system service but has no effect on the
condition check (see above).</para></listitem>
</varlistentry>
<varlistentry>
<term><varname>systemd.clock-usec=</varname></term>
<listitem><para>Takes a decimal, numeric timestamp in µs since January 1st 1970, 00:00am, to set the
system clock to. The system time is set to the specified timestamp early during boot. It is not
propagated to the hardware clock (RTC).</para></listitem>
</varlistentry>
<varlistentry>
<term><varname>systemd.random-seed=</varname></term>
<listitem><para>Takes a base64 encoded random seed value to credit with full entropy to the kernel's
random pool during early service manager initialization. This option is useful in testing
environments where delays due to random pool initialization in entropy starved virtual machines shall
be avoided.</para>
<para>Note that if this option is used the seed is accessible to unprivileged programs from
<filename>/proc/cmdline</filename>. This option is hence a security risk when used outside of test
systems, since the (possibly) only seed used for initialization of the kernel's entropy pool might be
easily acquired by unprivileged programs.</para>
<para>It is recommended to pass 512 bytes of randomized data (as that matches the Linux kernel pool
size), which may be generated with a command like the following:</para>
<programlisting>dd if=/dev/urandom bs=512 count=1 status=none | base64 -w 0</programlisting>
<para>Again: do not use this option outside of testing environments, it's a security risk elsewhere,
as secret key material derived from the entropy pool can possibly be reconstructed by unprivileged
programs.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>systemd.hostname=</varname></term>
<listitem><para>Accepts a hostname to set during early boot. If specified takes precedence over what
is set in <filename>/etc/hostname</filename>. Note that this does not bar later runtime changes to
the hostname, it simply controls the initial hostname set during early boot.</para></listitem>
</varlistentry>
</variablelist>
</refsect1>
<refsect1>
<title>See Also</title>
<para>
<citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd-system.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
<citerefentry project='man-pages'><refentrytitle>bootparam</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
<citerefentry project='man-pages'><refentrytitle>dracut.cmdline</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd-debug-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd-fsck@.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd-quotacheck.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd-journald.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd-vconsole-setup.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd-udevd.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry project='die-net'><refentrytitle>plymouth</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd-cryptsetup-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd-veritysetup-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd-fstab-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd-gpt-auto-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd-volatile-root.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd-modules-load.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd-backlight@.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd-rfkill.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd-hibernate-resume-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd-firstboot.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry><refentrytitle>bootctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>
</para>
</refsect1>
</refentry>
Reference in New Issue View Git Blame Copy Permalink