SYSTEMD-IMPORT-GENERATOR(8) systemd-import-generatorSYSTEMD-IMPORT-GENERATOR(8)
NAME
systemd-import-generator - Generator for automatically downloading disk
images at boot
SYNOPSIS
/usr/lib/systemd/system-generators/systemd-import-generator
DESCRIPTION
systemd-import-generator may be used to automatically download disk
images (tarballs or DDIs) via systemd-importd.service(8) at boot, based
on parameters on the kernel command line or via system credentials. This
is useful for automatically deploying an systemd-confext(8), systemd-
sysext(8), systemd-nspawn(1)/ systemd-vmspawn(1) or systemd-
portabled.service(8) image at boot. This provides functionality
equivalent to importctl(1), but accessible via the kernel command line
and system credentials.
systemd-import-generator implements systemd.generator(7).
KERNEL COMMAND LINE
systemd-import-generator understands the following kernel-command-
line(7) parameters:
systemd.pull=
This option takes a colon separate triplet of option string, local
target image name and remote URL. The local target image name can be
specified as an empty string, in which case the name is derived from
the specified remote URL. The remote URL must using the "http://",
"https://", "file://" schemes. The option string itself is a comma
separated list of options:
rw, ro
Controls whether to mark the local image as read-only. If not
specified read-only defaults to off.
Added in version 257.
verify=
Controls whether to cryptographically validate the download
before installing it in place. Takes one of "no", "checksum", or
"signature" (the default if not specified). For details see the
--verify= of importctl(1).
Added in version 257.
sysext, confext, machine, portable
Controls the image class to download, and thus ultimately the
target directory for the image, depending on this choice the
target directory /var/lib/extensions/, /var/lib/confexts/,
/var/lib/machines/ or /var/lib/portables/ is selected.
Specification of exactly one of these options is mandatory.
Added in version 257.
tar, raw
Controls the type of resource to download, i.e. a (possibly
compressed) tarball that needs to be unpacked into a file system
tree, or (possibly compressed) raw disk image (DDI).
Specification of exactly one of these options is mandatory.
Added in version 257.
Added in version 257.
systemd.pull.success_action=, systemd.pull.failure_action=
Controls whether to execute an action such as reboot, power-off and
similar after completing the download successfully, or
unsuccessfully. See SuccessAction=/FailureAction= on systemd.unit(5)
for details about the available actions. If not specified, no action
is taken, and the system will continue to boot normally.
Added in version 257.
CREDENTIALS
systemd-import-generator supports the system credentials logic. The
following credentials are used when passed in:
import.pull
This credential should be a text file, with each line referencing
one download operation. Each line should follow the same format as
the value of the systemd.pull= kernel command line option described
above.
Added in version 257.
EXAMPLES
Example 1. Download Configuration Extension
systemd.pull=raw,confext::https://example.com/myconfext.raw.gz
With a kernel command line option like the above a configuration
extension DDI is downloaded automatically at boot from the specified
URL, validated cryptographically, uncompressed and installed.
Example 2. Download System Extension (Without Validation)
systemd.pull=tar,sysext,verify=no::https://example.com/mysysext.tar.gz
With a kernel command line option like the above a system extension
tarball is downloaded automatically at boot from the specified URL,
uncompressed and installed – without any cryptographic validation. This
is useful for development purposes in virtual machines and containers.
Warning: do not deploy a system with validation disabled like this!
SEE ALSO
systemd(1), systemd-importd.service(8), kernel-command-line(7),
systemd.system-credentials(7), importctl(1)
systemd 257.9 SYSTEMD-IMPORT-GENERATOR(8)
Generated by dwww version 1.16 on Tue Dec 16 04:35:37 CET 2025.