jmarya/knowledge
jmarya/knowledge
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
knowledge/technology/linux/systemd/systemd-firstboot.md
JMARyA f86008079d
update systemd-firstboot
2024-12-23 14:46:40 +01:00

11 KiB
Raw Blame History

obj
application

systemd-firstboot

systemd-firstboot allows for setting of basic system settings before or during the first boot of a newly created system. The tool is able of initialize the following system settings: timezone, locale, hostname, the root password, as well as automated generation of a machine ID.

As systemd-firstboot interacts with the filesystem directly and does not make use of the related systemd services (such as timedatectl, hostnamectl or localectl), it should not be executed on an already running system.

Settings can be specified non-interactively when externally used on filesystem images, or interactively if executed during the early boot process.

Usage: systemd-firstboot [OPTIONS...]

Options

Option Description
--root=root Takes a directory path as an argument. All paths will be prefixed with the given alternate root path, including config search paths. This is useful to operate on a system image mounted to the specified directory instead of the host system itself.
--image=path Takes a path to a disk image file or block device node. If specified all operations are applied to file system in the indicated disk image. This is similar to --root= but operates on file systems stored in disk images or block devices. The disk image should either contain just a file system or a set of file systems within a GPT partition table.
--locale=LOCALE, --locale-messages=LOCALE Sets the system locale, more specifically the LANG= and LC_MESSAGES settings. The argument should be a valid locale identifier, such as de_DE.UTF-8. This controls the locale.conf configuration file.
--keymap=KEYMAP Sets the system keyboard layout. The argument should be a valid keyboard map, such as de-latin1. This controls the KEYMAP entry in the vconsole.conf configuration file.
--timezone=TIMEZONE Sets the system time zone. The argument should be a valid time zone identifier, such as Europe/Berlin. This controls the localtime symlink.
--hostname=HOSTNAME Sets the system hostname. The argument should be a hostname, compatible with DNS. This controls the hostname configuration file.
--setup-machine-id Initialize the system's machine ID to a random ID. This controls the machine-id file. This option only works in combination with --root= or --image=. On a running system, machine-id is written by the manager with help from systemd-machine-id-commit.service.
--machine-id=ID Set the system's machine ID to the specified value. The same restrictions apply as to --setup-machine-id.
--root-password=PASSWORD, --root-password-file=PATH, --root-password-hashed=HASHED_PASSWORD Sets the password of the system's root user. This creates/modifies the passwd and shadow files. This setting exists in three forms: --root-password= accepts the password to set directly on the command line, --root-password-file= reads it from a file and --root-password-hashed= accepts an already hashed password on the command line.
--root-shell=SHELL Sets the shell of the system's root user. This creates/modifies the passwd file.
--kernel-command-line=CMDLINE Sets the system's kernel command line. This controls the /etc/kernel/cmdline file which is used by kernel-install.
--prompt-locale, --prompt-keymap, --prompt-timezone, --prompt-hostname, --prompt-root-password, --prompt-root-shell Prompt the user interactively for a specific basic setting. Note that any explicit configuration settings specified on the command line take precedence, and the user is not prompted for it.
--prompt Query the user for locale, keymap, timezone, hostname, root's password, and root's shell.
--copy-locale, --copy-keymap, --copy-timezone, --copy-root-password, --copy-root-shell Copy a specific basic setting from the host. This only works in combination with --root= or --image=.
--copy Copy locale, keymap, time zone, root password and shell from the host.
--force Write configuration even if the relevant files already exist. Without this option, systemd-firstboot doesn't modify or replace existing files. Note that when configuring the root account, even with this option, systemd-firstboot only modifies the entry of the "root" user, leaving other entries in /etc/passwd and /etc/shadow intact.
--reset If specified, all existing files that are configured by systemd-firstboot are removed. Note that the files are removed regardless of whether they'll be configured with a new value or not. This operation ensures that the next boot of the image will be considered a first boot, and systemd-firstboot will prompt again to configure each of the removed files.
--delete-root-password Removes the password of the system's root user, enabling login as root without a password unless the root account is locked. Note that this is extremely insecure and hence this option should not be used lightly.
--welcome= Takes a boolean argument. By default when prompting the user for configuration options a brief welcome text is shown before the first question is asked. Pass false to this option to turn off the welcome text.

Delete existing settings

If the following files are present, systemd-firstboot will not prompt for the setting they relate to.

rm /etc/{machine-id,localtime,hostname,shadow,locale.conf}

Edit /etc/passwd and remove the root account from it, otherwise the root will be treating as configured and systemd-firstboot will not prompt for the root password.