kernel-install: introduce --entry-token= option

For consistency with bootctl.

man/kernel-install.xml

@@ -202,6 +202,48 @@
         </listitem>
       </varlistentry>
 
+      <varlistentry>
+        <term><option>--entry-token=</option></term>
+
+        <listitem>
+          <para>Controls how to name and identify boot loader entries for this kernel installation or
+          deletion. Takes one of <literal>auto</literal>, <literal>machine-id</literal>,
+          <literal>os-id</literal>, <literal>os-image-id</literal>, or an arbitrary string prefixed by
+          <literal>literal:</literal> as argument.</para>
+
+          <para>If set to <option>machine-id</option> the entries are named after the machine ID of the
+          running system (e.g. <literal>b0e793a9baf14b5fa13ecbe84ff637ac</literal>). See
+          <citerefentry><refentrytitle>machine-id</refentrytitle><manvolnum>5</manvolnum></citerefentry> for
+          details about the machine ID concept and file.</para>
+
+          <para>If set to <option>os-id</option> the entries are named after the OS ID of the running system,
+          i.e. the <varname>ID=</varname> field of
+          <citerefentry><refentrytitle>os-release</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+          (e.g. <literal>fedora</literal>). Similarly, if set to <option>os-image-id</option> the entries are
+          named after the OS image ID of the running system, i.e. the <varname>IMAGE_ID=</varname> field of
+          <filename>os-release</filename> (e.g. <literal>vendorx-cashier-system</literal>).</para>
+
+          <para>If set to <option>auto</option> (the default), the
+          <filename>/etc/kernel/entry-token</filename> (or
+          <filename>$KERNEL_INSTALL_CONF_ROOT/entry-token</filename>) file will be read if it exists, and the
+          stored value used. Otherwise if the local machine ID is initialized it is used. Otherwise
+          <varname>IMAGE_ID=</varname> from <filename>os-release</filename> will be used, if set. Otherwise,
+          <varname>ID=</varname> from <filename>os-release</filename> will be used, if set. Otherwise a
+          randomly generated machine ID is used.</para>
+
+          <para>Using the machine ID for naming the entries is generally preferable, however there are cases
+          where using the other identifiers is a good option. Specifically: if the identification data that
+          the machine ID entails shall not be stored on the (unencrypted) <varname>$BOOT_ROOT</varname>
+          partition, or if the ID shall be generated on first boot and is not known when the entries are
+          prepared. Note that using the machine ID has the benefit that multiple parallel installations of
+          the same OS can coexist on the same medium, and they can update their boot loader entries
+          independently. When using another identifier (such as the OS ID or the OS image ID), parallel
+          installations of the same OS would try to use the same entry name. To support parallel
+          installations, the installer must use a different entry token when adding a second installation.
+          </para>
+        </listitem>
+      </varlistentry>
+
       <varlistentry>
         <term><option>-v</option></term>
         <term><option>--verbose</option></term>

src/kernel-install/kernel-install.c

@@ -1120,6 +1120,8 @@ static int help(void) {
                "     --boot-path=PATH    Path to the $BOOT partition\n"
                "     --make-entry-directory=yes|no|auto\n"
                "                         Create $BOOT/ENTRY-TOKEN/ directory\n"
+               "     --entry-token=machine-id|os-id|os-image-id|auto|literal:…\n"
+               "                         Entry token to use for this installation\n"
                "\nSee the %4$s for details.\n",
                program_invocation_short_name,
                ansi_highlight(),
@@ -1129,12 +1131,13 @@ static int help(void) {
         return 0;
 }
 
-static int parse_argv(int argc, char *argv[]) {
+static int parse_argv(int argc, char *argv[], Context *c) {
         enum {
                 ARG_VERSION = 0x100,
                 ARG_ESP_PATH,
                 ARG_BOOT_PATH,
                 ARG_MAKE_ENTRY_DIRECTORY,
+                ARG_ENTRY_TOKEN,
         };
         static const struct option options[] = {
                 { "help",                 no_argument,       NULL, 'h'                      },
@@ -1143,12 +1146,14 @@ static int parse_argv(int argc, char *argv[]) {
                 { "esp-path",             required_argument, NULL, ARG_ESP_PATH             },
                 { "boot-path",            required_argument, NULL, ARG_BOOT_PATH            },
                 { "make-entry-directory", required_argument, NULL, ARG_MAKE_ENTRY_DIRECTORY },
+                { "entry-token",          required_argument, NULL, ARG_ENTRY_TOKEN          },
                 {}
         };
         int t, r;
 
         assert(argc >= 0);
         assert(argv);
+        assert(c);
 
         while ((t = getopt_long(argc, argv, "hv", options, NULL)) >= 0)
                 switch (t) {
@@ -1187,6 +1192,12 @@ static int parse_argv(int argc, char *argv[]) {
                         }
                         break;
 
+                case ARG_ENTRY_TOKEN:
+                        r = parse_boot_entry_token_type(optarg, &c->entry_token_type, &c->entry_token);
+                        if (r < 0)
+                                return r;
+                        break;
+
                 case '?':
                         return -EINVAL;
 
@@ -1218,7 +1229,7 @@ static int run(int argc, char* argv[]) {
         if (bypass())
                 return 0;
 
-        r = parse_argv(argc, argv);
+        r = parse_argv(argc, argv, &c);
         if (r <= 0)
                 return r;