1<?xml version='1.0'?> <!--*-nxml-*-->
2<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3  "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
4<!-- SPDX-License-Identifier: LGPL-2.1-or-later -->
5
6<refentry id="systemd-repart" conditional='ENABLE_REPART'
7    xmlns:xi="http://www.w3.org/2001/XInclude">
8
9  <refentryinfo>
10    <title>systemd-repart</title>
11    <productname>systemd</productname>
12  </refentryinfo>
13
14  <refmeta>
15    <refentrytitle>systemd-repart</refentrytitle>
16    <manvolnum>8</manvolnum>
17  </refmeta>
18
19  <refnamediv>
20    <refname>systemd-repart</refname>
21    <refname>systemd-repart.service</refname>
22    <refpurpose>Automatically grow and add partitions</refpurpose>
23  </refnamediv>
24
25  <refsynopsisdiv>
26    <cmdsynopsis>
27      <command>systemd-repart</command>
28      <arg choice="opt" rep="repeat">OPTIONS</arg>
29      <arg choice="opt" rep="repeat"><replaceable><optional>BLOCKDEVICE</optional></replaceable></arg>
30    </cmdsynopsis>
31
32    <para><filename>systemd-repart.service</filename></para>
33  </refsynopsisdiv>
34
35  <refsect1>
36    <title>Description</title>
37
38    <para><command>systemd-repart</command> grows and adds partitions to a partition table, based on the
39    configuration files described in
40    <citerefentry><refentrytitle>repart.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
41    </para>
42
43    <para>If invoked with no arguments, it operates on the block device backing the root file system
44    partition of the running OS, thus growing and adding partitions of the booted OS image itself. If
45    <varname>--image=</varname> is used it will operate on the specified image file. When called in the
46    <literal>initrd</literal> it operates on the block device backing <filename>/sysroot/</filename> instead,
47    i.e. on the block device the system will soon transition into. The
48    <filename>systemd-repart.service</filename> service is generally run at boot in the initial RAM disk, in
49    order to augment the partition table of the OS before its partitions are
50    mounted. <command>systemd-repart</command> (mostly) operates in a purely incremental mode: it only grows
51    existing and adds new partitions; it does not shrink, delete or move existing partitions. The service is
52    intended to be run on every boot, but when it detects that the partition table already matches the
53    installed <filename>repart.d/*.conf</filename> configuration files, it executes no operation.</para>
54
55    <para><command>systemd-repart</command> is intended to be used when deploying OS images, to automatically
56    adjust them to the system they are running on, during first boot. This way the deployed image can be
57    minimal in size and may be augmented automatically at boot when needed, taking possession of disk space
58    available but not yet used. Specifically the following use cases are among those covered:</para>
59
60    <itemizedlist>
61      <listitem><para>The root partition may be grown to cover the whole available disk space.</para></listitem>
62      <listitem><para>A <filename>/home/</filename>, swap or <filename>/srv/</filename> partition can be
63      added.</para></listitem>
64      <listitem><para>A second (or third, …) root partition may be added, to cover A/B style setups
65      where a second version of the root file system is alternatingly used for implementing update
66      schemes. The deployed image would carry only a single partition ("A") but on first boot a second
67      partition ("B") for this purpose is automatically created.</para></listitem>
68    </itemizedlist>
69
70    <para>The algorithm executed by <command>systemd-repart</command> is roughly as follows:</para>
71
72    <orderedlist>
73      <listitem><para>The <filename>repart.d/*.conf</filename> configuration files are loaded and parsed,
74      and ordered by filename (without the directory prefix).</para></listitem>
75
76      <listitem><para>The partition table already existing on the block device is loaded and
77      parsed.</para></listitem>
78
79      <listitem><para>The existing partitions in the partition table are matched up with the
80      <filename>repart.d/*.conf</filename> files by GPT partition type UUID. The first existing partition
81      of a specific type is assigned the first configuration file declaring the same type. The second
82      existing partition of a specific type is then assigned the second configuration file declaring the same
83      type, and so on. After this iterative assigning is complete any left-over existing partitions that have
84      no matching configuration file are considered "foreign" and left as they are. And any configuration
85      files for which no partition currently exists are understood as a request to create such a
86      partition.</para></listitem>
87
88      <listitem><para>Taking the size constraints and weights declared in the configuration files into
89      account, all partitions that shall be created are now allocated to the disk, taking up all free space,
90      always respecting the size and padding requests. Similar, existing partitions that are determined to
91      grow are grown. New partitions are always appended to the end of the existing partition table, taking
92      the first partition table slot whose index is greater than the indexes of all existing
93      partitions. Partition table slots are never reordered and thus partition numbers are ensured to remain
94      stable. Note that this allocation happens in RAM only, the partition table on disk is not updated
95      yet.</para></listitem>
96
97      <listitem><para>All existing partitions for which configuration files exist and which currently have no
98      GPT partition label set will be assigned a label, either explicitly configured in the configuration or
99      (if that's missing) derived automatically from the partition type. The same is done for all partitions
100      that are newly created. These assignments are done in RAM only, too, the disk is not updated
101      yet.</para></listitem>
102
103      <listitem><para>Similarly, all existing partitions for which configuration files exist and which
104      currently have an all-zero identifying UUID will be assigned a new UUID. This UUID is cryptographically
105      hashed from a common seed value together with the partition type UUID (and a counter in case multiple
106      partitions of the same type are defined), see below. The same is done for all partitions that are
107      created anew. These assignments are done in RAM only, too, the disk is not updated
108      yet.</para></listitem>
109
110      <listitem><para>Similarly, if the disk's volume UUID is all zeroes it is also initialized, also
111      cryptographically hashed from the same common seed value. Also, in RAM only, too.</para></listitem>
112
113      <listitem><para>The disk space assigned to new partitions (i.e. what was previously considered free
114      space but is no longer) is now erased. Specifically, all file system signatures are removed, and if the
115      device supports it the <constant>BLKDISCARD</constant> I/O control command is issued to inform the
116      hardware that the space is empty now. In addition any "padding" between partitions and at the end of
117      the device is similarly erased.</para></listitem>
118
119      <listitem><para>The new partition table is finally written to disk. The kernel is asked to reread the
120      partition table.</para></listitem>
121    </orderedlist>
122
123    <para>As exception to the normally strictly incremental operation, when called in a special "factory
124    reset" mode, <command>systemd-repart</command> may also be used to erase existing partitions to
125    reset an installation back to vendor defaults. This mode of operation is used when either the
126    <option>--factory-reset=yes</option> switch is passed on the tool's command line, or the
127    <option>systemd.factory_reset=yes</option> option specified on the kernel command line, or the
128    <varname>FactoryReset</varname> EFI variable (vendor UUID
129    <constant>8cf2644b-4b0b-428f-9387-6d876050dc67</constant>) is set to "yes". It alters the algorithm above
130    slightly: between the 3rd and the 4th step above any partition marked explicitly via the
131    <varname>FactoryReset=</varname> boolean is deleted, and the algorithm restarted, thus immediately
132    re-creating these partitions anew empty.</para>
133
134    <para>Note that <command>systemd-repart</command> only changes partition tables, it does not create or
135    resize any file systems within these partitions. A separate mechanism should be used for that, for
136    example
137    <citerefentry><refentrytitle>systemd-growfs</refentrytitle><manvolnum>8</manvolnum></citerefentry> and
138    <command>systemd-makefs</command>.</para>
139
140    <para>The UUIDs identifying the new partitions created (or assigned to existing partitions that have no
141    UUID yet), as well as the disk as a whole are hashed cryptographically from a common seed value. This
142    seed value is usually the
143    <citerefentry><refentrytitle>machine-id</refentrytitle><manvolnum>5</manvolnum></citerefentry> of the
144    system, so that the machine ID reproducibly determines the UUIDs assigned to all partitions. If the
145    machine ID cannot be read (or the user passes <option>--seed=random</option>, see below) the seed is
146    generated randomly instead, so that the partition UUIDs are also effectively random. The seed value may
147    also be set explicitly, formatted as UUID via the <option>--seed=</option> option. By hashing these UUIDs
148    from a common seed images prepared with this tool become reproducible and the result of the algorithm
149    above deterministic.</para>
150
151    <para>The positional argument should specify the block device to operate on. Instead of a block device
152    node path a regular file may be specified too, in which case the command operates on it like it would if
153    a loopback block device node was specified with the file attached. If <option>--empty=create</option> is
154    specified the specified path is created as regular file, which is useful for generating disk images from
155    scratch.</para>
156  </refsect1>
157
158  <refsect1>
159    <title>Options</title>
160
161    <para>The following options are understood:</para>
162
163    <variablelist>
164      <varlistentry>
165        <term><option>--dry-run=</option></term>
166        <listitem><para>Takes a boolean. If this switch is not specified <option>--dry-run=yes</option> is
167        the implied default. Controls whether <filename>systemd-repart</filename> executes the requested
168        re-partition operations or whether it should only show what it would do. Unless
169        <option>--dry-run=no</option> is specified <filename>systemd-repart</filename> will not actually
170        touch the device's partition table.</para></listitem>
171      </varlistentry>
172
173      <varlistentry>
174        <term><option>--empty=</option></term>
175        <listitem><para>Takes one of <literal>refuse</literal>, <literal>allow</literal>,
176        <literal>require</literal>, <literal>force</literal> or <literal>create</literal>. Controls how to
177        operate on block devices that are entirely empty, i.e. carry no partition table/disk label yet. If
178        this switch is not specified the implied default is <literal>refuse</literal>.</para>
179
180        <para>If <literal>refuse</literal> <command>systemd-repart</command> requires that the block device
181        it shall operate on already carries a partition table and refuses operation if none is found. If
182        <literal>allow</literal> the command will extend an existing partition table or create a new one if
183        none exists. If <literal>require</literal> the command will create a new partition table if none
184        exists so far, and refuse operation if one already exists. If <literal>force</literal> it will create
185        a fresh partition table unconditionally, erasing the disk fully in effect. If
186        <literal>force</literal> no existing partitions will be taken into account or survive the
187        operation. Hence: use with care, this is a great way to lose all your data. If
188        <literal>create</literal> a new loopback file is create under the path passed via the device node
189        parameter, of the size indicated with <option>--size=</option>, see below.</para></listitem>
190      </varlistentry>
191
192      <varlistentry>
193        <term><option>--discard=</option></term>
194
195        <listitem><para>Takes a boolean. If this switch is not specified <option>--discard=yes</option> is
196        the implied default. Controls whether to issue the <constant>BLKDISCARD</constant> I/O control
197        command on the space taken up by any added partitions or on the space in between them. Usually, it's
198        a good idea to issue this request since it tells the underlying hardware that the covered blocks
199        shall be considered empty, improving performance. If operating on a regular file instead of a block
200        device node, a sparse file is generated.</para></listitem>
201      </varlistentry>
202
203      <varlistentry>
204        <term><option>--size=</option></term>
205
206        <listitem><para>Takes a size in bytes, using the usual K, M, G, T suffixes, or the special value
207        <literal>auto</literal>. If used the specified device node path must refer to a regular file, which
208        is then grown to the specified size if smaller, before any change is made to the partition table. If
209        specified as <literal>auto</literal> the minimal size for the disk image is automatically determined
210        (i.e. the minimal sizes of all partitions are summed up, taking space for additional metadata into
211        account). This switch is not supported if the specified node is a block device. This switch has no
212        effect if the file is already as large as the specified size or larger. The specified size is
213        implicitly rounded up to multiples of 4096. When used with <option>--empty=create</option> this
214        specifies the initial size of the loopback file to create.</para>
215
216        <para>The <option>--size=auto</option> option takes the sizes of pre-existing partitions into
217        account. However, it does not accommodate for partition tables that are not tightly packed: the
218        configured partitions might still not fit into the backing device if empty space exists between
219        pre-existing partitions (or before the first partition) that cannot be fully filled by partitions to
220        grow or create.</para>
221
222        <para>Also note that the automatic size determination does not take files or directories specified
223        with <option>CopyFiles=</option> into account: operation might fail if the specified files or
224        directories require more disk space then the configured per-partition minimal size
225        limit.</para></listitem>
226      </varlistentry>
227
228      <varlistentry>
229        <term><option>--factory-reset=</option></term>
230
231        <listitem><para>Takes boolean. If this switch is not specified <option>--factory=reset=no</option> is
232        the implied default. Controls whether to operate in "factory reset" mode, see above. If set to true
233        this will remove all existing partitions marked with <varname>FactoryReset=</varname> set to yes
234        early while executing the re-partitioning algorithm. Use with care, this is a great way to lose all
235        your data. Note that partition files need to explicitly turn <varname>FactoryReset=</varname> on, as
236        the option defaults to off. If no partitions are marked for factory reset this switch has no
237        effect. Note that there are two other methods to request factory reset operation: via the kernel
238        command line and via an EFI variable, see above.</para></listitem>
239      </varlistentry>
240
241      <varlistentry>
242        <term><option>--can-factory-reset</option></term>
243
244        <listitem><para>If this switch is specified the disk is not re-partitioned. Instead it is determined
245        if any existing partitions are marked with <varname>FactoryReset=</varname>. If there are the tool
246        will exit with exit status zero, otherwise non-zero. This switch may be used to quickly determine
247        whether the running system supports a factory reset mechanism built on
248        <command>systemd-repart</command>.</para></listitem>
249      </varlistentry>
250
251      <varlistentry>
252        <term><option>--root=</option></term>
253
254        <listitem><para>Takes a path to a directory to use as root file system when searching for
255        <filename>repart.d/*.conf</filename> files, for the machine ID file to use as seed and for the
256        <varname>CopyFiles=</varname> and <varname>CopyBlocks=</varname> source files and directories. By
257        default when invoked on the regular system this defaults to the host's root file system
258        <filename>/</filename>. If invoked from the initial RAM disk this defaults to
259        <filename>/sysroot/</filename>, so that the tool operates on the configuration and machine ID stored
260        in the root file system later transitioned into itself.</para></listitem>
261      </varlistentry>
262
263      <varlistentry>
264        <term><option>--image=</option></term>
265
266        <listitem><para>Takes a path to a disk image file or device to mount and use in a similar fashion to
267        <option>--root=</option>, see above.</para></listitem>
268      </varlistentry>
269
270      <varlistentry>
271        <term><option>--seed=</option></term>
272
273        <listitem><para>Takes a UUID as argument or the special value <constant>random</constant>. If a UUID
274        is specified the UUIDs to assign to partitions and the partition table itself are derived via
275        cryptographic hashing from it. If not specified it is attempted to read the machine ID from the host
276        (or more precisely, the root directory configured via <option>--root=</option>) and use it as seed
277        instead, falling back to a randomized seed otherwise. Use <option>--seed=random</option> to force a
278        randomized seed. Explicitly specifying the seed may be used to generated strictly reproducible
279        partition tables.</para></listitem>
280      </varlistentry>
281
282      <varlistentry>
283        <term><option>--pretty=</option></term>
284
285        <listitem><para>Takes a boolean argument. If this switch is not specified, it defaults to on when
286        called from an interactive terminal and off otherwise. Controls whether to show a user friendly table
287        and graphic illustrating the changes applied.</para></listitem>
288      </varlistentry>
289
290      <varlistentry>
291        <term><option>--definitions=</option></term>
292
293        <listitem><para>Takes a file system path. If specified the <filename>*.conf</filename> files are read
294        from the specified directory instead of searching in <filename>/usr/lib/repart.d/*.conf</filename>,
295        <filename>/etc/repart.d/*.conf</filename>,
296        <filename>/run/repart.d/*.conf</filename>.</para></listitem>
297      </varlistentry>
298
299      <varlistentry>
300        <term><option>--key-file=</option></term>
301
302        <listitem><para>Takes a file system path. Configures the encryption key to use when setting up LUKS2
303        volumes configured with the <varname>Encrypt=key-file</varname> setting in partition files. Should
304        refer to a regular file containing the key, or an <constant>AF_UNIX</constant> stream socket in the
305        file system. In the latter case a connection is made to it and the key read from it. If this switch
306        is not specified the empty key (i.e. zero length key) is used. This behaviour is useful for setting
307        up encrypted partitions during early first boot that receive their user-supplied password only in a
308        later setup step.</para></listitem>
309      </varlistentry>
310
311      <varlistentry>
312        <term><option>--tpm2-device=</option></term>
313        <term><option>--tpm2-pcrs=</option></term>
314
315        <listitem><para>Configures the TPM2 device and list of PCRs to use for LUKS2 volumes configured with
316        the <varname>Encrypt=tpm2</varname> option. These options take the same parameters as the identically
317        named options to
318        <citerefentry><refentrytitle>systemd-cryptenroll</refentrytitle><manvolnum>1</manvolnum></citerefentry>
319        and have the same effect on partitions where TPM2 enrollment is requested.</para></listitem>
320      </varlistentry>
321
322      <xi:include href="standard-options.xml" xpointer="help" />
323      <xi:include href="standard-options.xml" xpointer="version" />
324      <xi:include href="standard-options.xml" xpointer="no-pager" />
325      <xi:include href="standard-options.xml" xpointer="no-legend" />
326      <xi:include href="standard-options.xml" xpointer="json" />
327    </variablelist>
328  </refsect1>
329
330  <refsect1>
331    <title>Exit status</title>
332
333    <para>On success, 0 is returned, a non-zero failure code otherwise.</para>
334  </refsect1>
335
336  <refsect1>
337    <title>See Also</title>
338    <para>
339      <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
340      <citerefentry><refentrytitle>repart.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
341      <citerefentry><refentrytitle>machine-id</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
342      <citerefentry><refentrytitle>systemd-cryptenroll</refentrytitle><manvolnum>1</manvolnum></citerefentry>
343    </para>
344  </refsect1>
345
346</refentry>
347