diff --git a/man/kernel-install.xml b/man/kernel-install.xml
index 2ee298fc161..b3aed1b8df0 100644
--- a/man/kernel-install.xml
+++ b/man/kernel-install.xml
@@ -202,6 +202,48 @@
+
+
+
+
+ Controls how to name and identify boot loader entries for this kernel installation or
+ deletion. Takes one of auto, machine-id,
+ os-id, os-image-id, or an arbitrary string prefixed by
+ literal: as argument.
+
+ If set to the entries are named after the machine ID of the
+ running system (e.g. b0e793a9baf14b5fa13ecbe84ff637ac). See
+ machine-id5 for
+ details about the machine ID concept and file.
+
+ If set to the entries are named after the OS ID of the running system,
+ i.e. the ID= field of
+ os-release5
+ (e.g. fedora). Similarly, if set to the entries are
+ named after the OS image ID of the running system, i.e. the IMAGE_ID= field of
+ os-release (e.g. vendorx-cashier-system).
+
+ If set to (the default), the
+ /etc/kernel/entry-token (or
+ $KERNEL_INSTALL_CONF_ROOT/entry-token) file will be read if it exists, and the
+ stored value used. Otherwise if the local machine ID is initialized it is used. Otherwise
+ IMAGE_ID= from os-release will be used, if set. Otherwise,
+ ID= from os-release will be used, if set. Otherwise a
+ randomly generated machine ID is used.
+
+ Using the machine ID for naming the entries is generally preferable, however there are cases
+ where using the other identifiers is a good option. Specifically: if the identification data that
+ the machine ID entails shall not be stored on the (unencrypted) $BOOT_ROOT
+ partition, or if the ID shall be generated on first boot and is not known when the entries are
+ prepared. Note that using the machine ID has the benefit that multiple parallel installations of
+ the same OS can coexist on the same medium, and they can update their boot loader entries
+ independently. When using another identifier (such as the OS ID or the OS image ID), parallel
+ installations of the same OS would try to use the same entry name. To support parallel
+ installations, the installer must use a different entry token when adding a second installation.
+
+
+
+
diff --git a/src/kernel-install/kernel-install.c b/src/kernel-install/kernel-install.c
index 8db0fbd2f42..c0988b79c95 100644
--- a/src/kernel-install/kernel-install.c
+++ b/src/kernel-install/kernel-install.c
@@ -1120,6 +1120,8 @@ static int help(void) {
" --boot-path=PATH Path to the $BOOT partition\n"
" --make-entry-directory=yes|no|auto\n"
" Create $BOOT/ENTRY-TOKEN/ directory\n"
+ " --entry-token=machine-id|os-id|os-image-id|auto|literal:…\n"
+ " Entry token to use for this installation\n"
"\nSee the %4$s for details.\n",
program_invocation_short_name,
ansi_highlight(),
@@ -1129,12 +1131,13 @@ static int help(void) {
return 0;
}
-static int parse_argv(int argc, char *argv[]) {
+static int parse_argv(int argc, char *argv[], Context *c) {
enum {
ARG_VERSION = 0x100,
ARG_ESP_PATH,
ARG_BOOT_PATH,
ARG_MAKE_ENTRY_DIRECTORY,
+ ARG_ENTRY_TOKEN,
};
static const struct option options[] = {
{ "help", no_argument, NULL, 'h' },
@@ -1143,12 +1146,14 @@ static int parse_argv(int argc, char *argv[]) {
{ "esp-path", required_argument, NULL, ARG_ESP_PATH },
{ "boot-path", required_argument, NULL, ARG_BOOT_PATH },
{ "make-entry-directory", required_argument, NULL, ARG_MAKE_ENTRY_DIRECTORY },
+ { "entry-token", required_argument, NULL, ARG_ENTRY_TOKEN },
{}
};
int t, r;
assert(argc >= 0);
assert(argv);
+ assert(c);
while ((t = getopt_long(argc, argv, "hv", options, NULL)) >= 0)
switch (t) {
@@ -1187,6 +1192,12 @@ static int parse_argv(int argc, char *argv[]) {
}
break;
+ case ARG_ENTRY_TOKEN:
+ r = parse_boot_entry_token_type(optarg, &c->entry_token_type, &c->entry_token);
+ if (r < 0)
+ return r;
+ break;
+
case '?':
return -EINVAL;
@@ -1218,7 +1229,7 @@ static int run(int argc, char* argv[]) {
if (bypass())
return 0;
- r = parse_argv(argc, argv);
+ r = parse_argv(argc, argv, &c);
if (r <= 0)
return r;