a1c80efddc
The idea is to make it easy to generate all the signing key and certs that can be used for local signing. The verb is the modeled after 'mkosi genkey', but there are some important differences: we generate the keys to the paths where they will be read from, both pcr signing keys and the SecureBoot certificate+key. If any of the outputs exist, operation is refused. Maybe we could add a --force option in the future, but this operation should be rare, so I think it's better to refuse to overwrite anything initially. I'm only doing a token man page change here. https://github.com/systemd/systemd/pull/27621 reworks the man page, and the changes done here would conflict heavily with that work. I'll submit a follow-up patch later.
System and Service Manager
Details
Most documentation is available on systemd's web site.
Assorted, older, general information about systemd can be found in the systemd Wiki.
Information about build requirements is provided in the README file.
Consult our NEWS file for information about what's new in the most recent systemd versions.
Please see the Code Map for information about this repository's layout and content.
Please see the Hacking guide for information on how to hack on systemd and test your modifications.
Please see our Contribution Guidelines for more information about filing GitHub Issues and posting GitHub Pull Requests.
When preparing patches for systemd, please follow our Coding Style Guidelines.
If you are looking for support, please contact our mailing list or join our IRC channel.
Stable branches with backported patches are available in the stable repo.