man: tweak cryptsetup credentials docs a bit

Let's bring the credentials into a better order, in order of relevance. Also, let's clarify what the generic LUKS PIN is about. Finally, list the credentials in system-credentials(7) too, after all people might want to unlock a disk with this via SMBIOS Type 11 or so.
2024-07-21 02:05:05 +00:00 · 2024-02-19 18:21:31 +01:00 · 2024-02-19 18:21:31 +01:00 · 732285eb8c
parent 0fceb5539d
commit 732285eb8c
2 changed files with 25 additions and 11 deletions
--- a/man/systemd-cryptsetup.xml
+++ b/man/systemd-cryptsetup.xml
@ -105,7 +105,7 @@
  </refsect1>

  <refsect1>
-    <title>System Credentials</title>
+    <title>Credentials</title>

    <para><command>systemd-cryptsetup</command> supports the service credentials logic as implemented by
    <varname>ImportCredential=</varname>/<varname>LoadCredential=</varname>/<varname>SetCredential=</varname>
@ -122,14 +122,6 @@
        <xi:include href="version-info.xml" xpointer="v256"/></listitem>
      </varlistentry>

-      <varlistentry>
-        <term><varname>cryptsetup.fido2-pin</varname></term>
-
-        <listitem><para>This credential specifies the FIDO2 token pin.</para>
-
-        <xi:include href="version-info.xml" xpointer="v256"/></listitem>
-      </varlistentry>
-
      <varlistentry>
        <term><varname>cryptsetup.tpm2-pin</varname></term>

@ -139,9 +131,9 @@
      </varlistentry>

      <varlistentry>
-        <term><varname>cryptsetup.luks2-pin</varname></term>
+        <term><varname>cryptsetup.fido2-pin</varname></term>

-        <listitem><para>This credential specifies the LUKS2 token pin.</para>
+        <listitem><para>This credential specifies the FIDO2 token pin.</para>

        <xi:include href="version-info.xml" xpointer="v256"/></listitem>
      </varlistentry>
@ -153,6 +145,14 @@

        <xi:include href="version-info.xml" xpointer="v256"/></listitem>
      </varlistentry>
+
+      <varlistentry>
+        <term><varname>cryptsetup.luks2-pin</varname></term>
+
+        <listitem><para>This credential specifies the PIN requested by generic LUKS2 token modules.</para>
+
+        <xi:include href="version-info.xml" xpointer="v256"/></listitem>
+      </varlistentry>
    </variablelist>
  </refsect1>

--- a/man/systemd.system-credentials.xml
+++ b/man/systemd.system-credentials.xml
@ -353,6 +353,20 @@
          <xi:include href="version-info.xml" xpointer="v256"/>
        </listitem>
      </varlistentry>
+
+      <varlistentry>
+        <term><varname>cryptsetup.passphrase</varname></term>
+        <term><varname>cryptsetup.tpm2-pin</varname></term>
+        <term><varname>cryptsetup.fido2-pin</varname></term>
+        <term><varname>cryptsetup.pkcs11-pin</varname></term>
+        <term><varname>cryptsetup.luks2-pin</varname></term>
+        <listitem>
+          <para>Specifies the passphrase/PINs to use for unlock encrypted storage volumes. For details see
+          <citerefentry><refentrytitle>systemd-cryptsetup</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
+
+          <xi:include href="version-info.xml" xpointer="v256"/>
+        </listitem>
+      </varlistentry>
    </variablelist>
  </refsect1>