pid1: add mechanism for conditionalizing units/network/netdev/link based on credentials passed in

This is useful when provisioning systems via nspawn/qemu and running specific services only if specific data is passed into the system.
author: Lennart Poettering <lennart@poettering.net> 2022-07-13 10:38:53 +0200
committer: Lennart Poettering <lennart@poettering.net> 2022-07-15 10:53:45 +0200
commit: 4f80cfca5ebf9743c13b648017b773090f57b86b (patch)
tree: 39191ff5dbbc0db324e7ed9d085f06b99f24c162 /docs/CREDENTIALS.md
parent: 5eab88a569c1bb5f79093f38e872e588d64a2b26 (diff)
download: systemd-4f80cfca5ebf9743c13b648017b773090f57b86b.tar.gz
1 files changed, 6 insertions, 0 deletions
diff --git a/docs/CREDENTIALS.md b/docs/CREDENTIALS.md
index bbd92ad3c9..4ba3784469 100644
--- a/docs/CREDENTIALS.md
+++ b/docs/CREDENTIALS.md
@@ -395,3 +395,9 @@ in `/etc/credstore/`, `/run/credstore/`,
 `/usr/lib/credstore/`. `LoadCredentialEncrypted=` will also search
 `/etc/credstore.encrypted/` and similar directories. These directories are
 hence a great place to store credentials to load on the system.
+
+## Conditionalizing Services
+
+Sometimes it makes sense to conditionalize system services and invoke them only
+if the right system credential is passed to the system. use the
+`ConditionCredential=` and `AssertCredential=` unit file settings for that.
author	Lennart Poettering <lennart@poettering.net>	2022-07-13 10:38:53 +0200
committer	Lennart Poettering <lennart@poettering.net>	2022-07-15 10:53:45 +0200
commit	4f80cfca5ebf9743c13b648017b773090f57b86b (patch)
tree	39191ff5dbbc0db324e7ed9d085f06b99f24c162 /docs/CREDENTIALS.md
parent	5eab88a569c1bb5f79093f38e872e588d64a2b26 (diff)
download	systemd-4f80cfca5ebf9743c13b648017b773090f57b86b.tar.gz