Merge pull request #4879 from poettering/systemd

14 files changed, 438 insertions, 55 deletions

diff --git a/man/kernel-command-line.xml b/man/kernel-command-line.xml
index 1fa31a14b7..415b8d3cf9 100644
--- a/man/kernel-command-line.xml
+++ b/man/kernel-command-line.xml
@@ -102,7 +102,7 @@
       <varlistentry>
         <term><varname>systemd.mask=</varname></term>
         <term><varname>systemd.wants=</varname></term>
-        <term><varname>systemd.debug-shell</varname></term>
+        <term><varname>systemd.debug_shell</varname></term>
         <listitem>
           <para>Additional parameters understood by
           <citerefentry><refentrytitle>systemd-debug-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
@@ -125,6 +125,28 @@
       </varlistentry>
 
       <varlistentry>
+        <term><varname>systemd.volatile=</varname></term>
+        <listitem>
+          <para>This parameter controls whether the system shall boot up in volatile mode. Takes a boolean argument, or
+          the special value <literal>state</literal>. If false (the default), normal boot mode is selected, the root
+          directory and <filename>/var</filename> are mounted as specified on the kernel command line or
+          <filename>/etc/fstab</filename>, or otherwise configured. If true, full state-less boot mode is selected. In
+          this case the root directory is mounted as volatile memory file system (<literal>tmpfs</literal>), and only
+          <filename>/usr</filename> is mounted from the file system configured as root device, in read-only mode. This
+          enables fully state-less boots were the vendor-supplied OS is used as shipped, with only default
+          configuration and no stored state in effect, as <filename>/etc</filename> and <filename>/var</filename> (as
+          well as all other resources shipped in the root file system) are reset at boot and lost on shutdown. If this
+          setting is set to <literal>state</literal> the root file system is mounted as usual, however
+          <filename>/var</filename> is mounted as a volatile memory file system (<literal>tmpfs</literal>), so that the
+          system boots up with the normal configuration applied, but all state reset at boot and lost at shutdown. For details,
+          see
+          <citerefentry><refentrytitle>systemd-volatile-root.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+          and
+          <citerefentry><refentrytitle>systemd-fstab-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry>
         <term><varname>quiet</varname></term>
         <listitem>
           <para>Parameter understood by both the kernel and the system
@@ -236,14 +258,14 @@
       </varlistentry>
 
       <varlistentry>
-        <term><varname>udev.log-priority=</varname></term>
-        <term><varname>rd.udev.log-priority=</varname></term>
-        <term><varname>udev.children-max=</varname></term>
-        <term><varname>rd.udev.children-max=</varname></term>
-        <term><varname>udev.exec-delay=</varname></term>
-        <term><varname>rd.udev.exec-delay=</varname></term>
-        <term><varname>udev.event-timeout=</varname></term>
-        <term><varname>rd.udev.event-timeout=</varname></term>
+        <term><varname>udev.log_priority=</varname></term>
+        <term><varname>rd.udev.log_priority=</varname></term>
+        <term><varname>udev.children_max=</varname></term>
+        <term><varname>rd.udev.children_max=</varname></term>
+        <term><varname>udev.exec_delay=</varname></term>
+        <term><varname>rd.udev.exec_delay=</varname></term>
+        <term><varname>udev.event_timeout=</varname></term>
+        <term><varname>rd.udev.event_timeout=</varname></term>
         <term><varname>net.ifnames=</varname></term>
 
         <listitem>
@@ -312,6 +334,19 @@
       </varlistentry>
 
       <varlistentry>
+        <term><varname>roothash=</varname></term>
+        <term><varname>systemd.verity=</varname></term>
+        <term><varname>rd.systemd.verity=</varname></term>
+        <term><varname>systemd.verity_root_data=</varname></term>
+        <term><varname>systemd.verity_root_hash=</varname></term>
+        <listitem>
+          <para>Configures the integrity protection root hash for the root file system, and other related
+          parameters. For details, see
+          <citerefentry><refentrytitle>systemd-veritysetup-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry>
         <term><varname>systemd.gpt_auto=</varname></term>
         <term><varname>rd.systemd.gpt_auto=</varname></term>
 
@@ -332,8 +367,8 @@
       </varlistentry>
 
       <varlistentry>
-        <term><varname>modules-load=</varname></term>
-        <term><varname>rd.modules-load=</varname></term>
+        <term><varname>modules_load=</varname></term>
+        <term><varname>rd.modules_load=</varname></term>
 
         <listitem>
           <para>Load a specific kernel module early at boot. For
@@ -353,6 +388,15 @@
           <citerefentry><refentrytitle>systemd-hibernate-resume-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
         </listitem>
       </varlistentry>
+
+      <varlistentry>
+        <term><varname>systemd.firstboot=</varname></term>
+
+        <listitem><para>Takes a boolean argument, defaults to on. If off,
+        <citerefentry><refentrytitle>systemd-firstboot.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+        will not query the user for basic system settings, even if the system boots up for the first time and the
+        relevant settings are not initialized yet.</para></listitem>
+      </varlistentry>
     </variablelist>
 
   </refsect1>
@@ -371,12 +415,15 @@
         <citerefentry><refentrytitle>systemd-udevd.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
         <citerefentry project='die-net'><refentrytitle>plymouth</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
         <citerefentry><refentrytitle>systemd-cryptsetup-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+        <citerefentry><refentrytitle>systemd-veritysetup-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
         <citerefentry><refentrytitle>systemd-fstab-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
         <citerefentry><refentrytitle>systemd-gpt-auto-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+        <citerefentry><refentrytitle>systemd-volatile-root.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
         <citerefentry><refentrytitle>systemd-modules-load.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
         <citerefentry><refentrytitle>systemd-backlight@.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
         <citerefentry><refentrytitle>systemd-rfkill.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
-        <citerefentry><refentrytitle>systemd-hibernate-resume-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+        <citerefentry><refentrytitle>systemd-hibernate-resume-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+        <citerefentry><refentrytitle>systemd-firstboot.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
       </para>
   </refsect1>
 
diff --git a/man/systemd-cryptsetup@.service.xml b/man/systemd-cryptsetup@.service.xml
index ea524851eb..fb8b06714d 100644
--- a/man/systemd-cryptsetup@.service.xml
+++ b/man/systemd-cryptsetup@.service.xml
@@ -66,9 +66,8 @@
     password using the right mechanism at boot and during
     runtime.</para>
 
-    <para>At early boot and when the system manager configuration is
-    reloaded this <filename>/etc/crypttab</filename> is translated
-    into <filename>systemd-cryptsetup@.service</filename> units by
+    <para>At early boot and when the system manager configuration is reloaded, <filename>/etc/crypttab</filename> is
+    translated into <filename>systemd-cryptsetup@.service</filename> units by
     <citerefentry><refentrytitle>systemd-cryptsetup-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
   </refsect1>
 
diff --git a/man/systemd-debug-generator.xml b/man/systemd-debug-generator.xml
index 5c5e9fc4a1..0a66b9bbf9 100644
--- a/man/systemd-debug-generator.xml
+++ b/man/systemd-debug-generator.xml
@@ -70,7 +70,7 @@
     the initial transaction. This is useful to start one or more
     additional units at boot. May be specified more than once.</para>
 
-    <para>If the <option>systemd.debug-shell</option> option is
+    <para>If the <option>systemd.debug_shell</option> option is
     specified, the debug shell service
     <literal>debug-shell.service</literal> is pulled into the boot
     transaction. It will spawn a debug shell on tty9 during early
diff --git a/man/systemd-firstboot.xml b/man/systemd-firstboot.xml
index b269e48113..8cdc297a0e 100644
--- a/man/systemd-firstboot.xml
+++ b/man/systemd-firstboot.xml
@@ -241,6 +241,20 @@
   </refsect1>
 
   <refsect1>
+    <title>Kernel Command Line</title>
+
+    <variablelist class='kernel-commandline-options'>
+      <varlistentry>
+        <term><varname>systemd.firstboot=</varname></term>
+
+        <listitem><para>Takes a boolean argument, defaults to on. If off, <filename>systemd-firstboot.service</filename>
+        won't interactively query the user for basic settings at first boot, even if those settings are not
+        initialized yet.</para></listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1>
     <title>See Also</title>
     <para>
       <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
diff --git a/man/systemd-fstab-generator.xml b/man/systemd-fstab-generator.xml
index a971cb3675..5f37e9193e 100644
--- a/man/systemd-fstab-generator.xml
+++ b/man/systemd-fstab-generator.xml
@@ -89,12 +89,13 @@
 
         <listitem><para>Takes a boolean argument. Defaults to
         <literal>yes</literal>. If <literal>no</literal>, causes the
-        generator to ignore any mounts or swaps configured in
+        generator to ignore any mounts or swap devices configured in
         <filename>/etc/fstab</filename>. <varname>rd.fstab=</varname>
-        is honored only by initial RAM disk (initrd) while
+        is honored only by the initial RAM disk (initrd) while
         <varname>fstab=</varname> is honored by both the main system
         and the initrd.</para></listitem>
       </varlistentry>
+
       <varlistentry>
         <term><varname>root=</varname></term>
 
@@ -102,6 +103,7 @@
         initrd. <varname>root=</varname> is honored by the
         initrd.</para></listitem>
       </varlistentry>
+
       <varlistentry>
         <term><varname>rootfstype=</varname></term>
 
@@ -109,6 +111,7 @@
         passed to the mount command. <varname>rootfstype=</varname> is
         honored by the initrd.</para></listitem>
       </varlistentry>
+
       <varlistentry>
         <term><varname>rootflags=</varname></term>
 
@@ -116,6 +119,7 @@
         use. <varname>rootflags=</varname> is honored by the
         initrd.</para></listitem>
       </varlistentry>
+
       <varlistentry>
         <term><varname>mount.usr=</varname></term>
 
@@ -133,6 +137,7 @@
         <para><varname>mount.usr=</varname> is honored by the initrd.
         </para></listitem>
       </varlistentry>
+
       <varlistentry>
         <term><varname>mount.usrfstype=</varname></term>
 
@@ -150,6 +155,7 @@
         <para><varname>mount.usrfstype=</varname> is honored by the
         initrd.</para></listitem>
       </varlistentry>
+
       <varlistentry>
         <term><varname>mount.usrflags=</varname></term>
 
@@ -166,6 +172,39 @@
         <para><varname>mount.usrflags=</varname> is honored by the
         initrd.</para></listitem>
       </varlistentry>
+
+      <varlistentry>
+        <term><varname>systemd.volatile=</varname></term>
+
+        <listitem><para>Controls whether the system shall boot up in volatile mode. Takes a boolean argument or the
+        special value <option>state</option>.</para>
+
+        <para>If false (the default), this generator makes no changes to the mount tree and the system is booted up in
+        normal mode.</para>
+
+        <para>If true the generator ensures
+        <citerefentry><refentrytitle>systemd-volatile-root.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+        is run as part of the initial RAM disk ("initrd"). This service changes the mount table before transitioning to
+        the host system, so that a volatile memory file system (<literal>tmpfs</literal>) is used as root directory,
+        with only <filename>/usr</filename> mounted into it from the configured root file system, in read-only
+        mode. This way the system operates in fully stateless mode, with all configuration and state reset at boot and
+        lost at shutdown, as <filename>/etc</filename> and <filename>/var</filename> will be served from the (initially
+        unpopulated) volatile memory file system.</para>
+
+        <para>If set to <option>state</option> the generator will leave the root
+        directory mount point unaltered, however will mount a <literal>tmpfs</literal> file system to
+        <filename>/var</filename>. In this mode the normal system configuration (i.e the contents of
+        <literal>/etc</literal>) is in effect (and may be modified during system runtime), however the system state
+        (i.e. the contents of <literal>/var</literal>) is reset at boot and lost at shutdown.</para>
+
+        <para>Note that in none of these modes the root directory, <filename>/etc</filename>, <filename>/var</filename>
+        or any other resources stored in the root file system are physically removed. It's thus safe to boot a system
+        that is normally operated in non-volatile mode temporarily into volatile mode, without losing data.</para>
+
+        <para>Note that enabling this setting will only work correctly on operating systems that can boot up with only
+        <filename>/usr</filename> mounted, and are able to automatically populate <filename>/etc</filename>, and also
+        <filename>/var</filename> in case of <literal>systemd.volatile=yes</literal>.</para></listitem>
+      </varlistentry>
     </variablelist>
   </refsect1>
 
@@ -176,7 +215,8 @@
       <citerefentry project='man-pages'><refentrytitle>fstab</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
       <citerefentry><refentrytitle>systemd.mount</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
       <citerefentry><refentrytitle>systemd.swap</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
-      <citerefentry><refentrytitle>systemd-cryptsetup-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+      <citerefentry><refentrytitle>systemd-cryptsetup-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+      <citerefentry><refentrytitle>kernel-command-line</refentrytitle><manvolnum>7</manvolnum></citerefentry>
     </para>
   </refsect1>
 
diff --git a/man/systemd-modules-load.service.xml b/man/systemd-modules-load.service.xml
index b25929b2e4..ee097d7f5c 100644
--- a/man/systemd-modules-load.service.xml
+++ b/man/systemd-modules-load.service.xml
@@ -73,8 +73,8 @@
     <variablelist class='kernel-commandline-options'>
 
       <varlistentry>
-        <term><varname>modules-load=</varname></term>
-        <term><varname>rd.modules-load=</varname></term>
+        <term><varname>modules_load=</varname></term>
+        <term><varname>rd.modules_load=</varname></term>
 
         <listitem><para>Takes a comma-separated list of kernel modules
         to statically load during early boot. The option prefixed with
diff --git a/man/systemd-nspawn.xml b/man/systemd-nspawn.xml
index 2bc81ea1aa..f6b3f57fc7 100644
--- a/man/systemd-nspawn.xml
+++ b/man/systemd-nspawn.xml
@@ -939,12 +939,15 @@
         <option>no</option> (the default), the whole OS tree is made
         available writable.</para>
 
-        <para>Note that setting this to <option>yes</option> or
-        <option>state</option> will only work correctly with
-        operating systems in the container that can boot up with only
-        <filename>/usr</filename> mounted, and are able to populate
-        <filename>/var</filename> automatically, as
-        needed.</para></listitem>
+        <para>This option provides similar functionality for containers as the <literal>systemd.volatile=</literal>
+        kernel command line switch provides for host systems. See
+        <citerefentry><refentrytitle>kernel-command-line</refentrytitle><manvolnum>7</manvolnum></citerefentry> for
+        details.</para>
+
+        <para>Note that enabling this setting will only work correctly with operating systems in the container that can
+        boot up with only <filename>/usr</filename> mounted, and are able to automatically populate
+        <filename>/var</filename>, and also <filename>/etc</filename> in case of
+        <literal>--volatile=yes</literal>.</para></listitem>
       </varlistentry>
 
       <varlistentry>
diff --git a/man/systemd-system.conf.xml b/man/systemd-system.conf.xml
index e4e81f7f2e..336c7a5fd1 100644
--- a/man/systemd-system.conf.xml
+++ b/man/systemd-system.conf.xml
@@ -97,12 +97,10 @@
         <term><varname>DefaultStandardOutput=journal</varname></term>
         <term><varname>DefaultStandardError=inherit</varname></term>
 
-        <listitem><para>Configures various parameters of basic manager
-        operation. These options may be overridden by the respective
-        command line arguments. See
-        <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>
-        for details about these command line
-        arguments.</para></listitem>
+        <listitem><para>Configures various parameters of basic manager operation. These options may be overridden by
+        the respective process and kernel command line arguments. See
+        <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry> for
+        details.</para></listitem>
       </varlistentry>
 
       <varlistentry>
diff --git a/man/systemd-udevd.service.xml b/man/systemd-udevd.service.xml
index 243fd06471..81b957b0c8 100644
--- a/man/systemd-udevd.service.xml
+++ b/man/systemd-udevd.service.xml
@@ -133,22 +133,22 @@
       <para>Parameters starting with "rd." will be read when
       <command>systemd-udevd</command> is used in an initrd.</para>
       <varlistentry>
-        <term><varname>udev.log-priority=</varname></term>
-        <term><varname>rd.udev.log-priority=</varname></term>
+        <term><varname>udev.log_priority=</varname></term>
+        <term><varname>rd.udev.log_priority=</varname></term>
         <listitem>
           <para>Set the log level.</para>
         </listitem>
       </varlistentry>
       <varlistentry>
-        <term><varname>udev.children-max=</varname></term>
-        <term><varname>rd.udev.children-max=</varname></term>
+        <term><varname>udev.children_max=</varname></term>
+        <term><varname>rd.udev.children_max=</varname></term>
         <listitem>
           <para>Limit the number of events executed in parallel.</para>
         </listitem>
       </varlistentry>
       <varlistentry>
-        <term><varname>udev.exec-delay=</varname></term>
-        <term><varname>rd.udev.exec-delay=</varname></term>
+        <term><varname>udev.exec_delay=</varname></term>
+        <term><varname>rd.udev.exec_delay=</varname></term>
         <listitem>
           <para>Delay the execution of <varname>RUN</varname> instructions by the given
           number of seconds. This option might be useful when
@@ -157,8 +157,8 @@
         </listitem>
       </varlistentry>
       <varlistentry>
-        <term><varname>udev.event-timeout=</varname></term>
-        <term><varname>rd.udev.event-timeout=</varname></term>
+        <term><varname>udev.event_timeout=</varname></term>
+        <term><varname>rd.udev.event_timeout=</varname></term>
         <listitem>
           <para>Wait for events to finish up to the given number
           of seconds. This option might be useful if events are
diff --git a/man/systemd-veritysetup-generator.xml b/man/systemd-veritysetup-generator.xml
new file mode 100644
index 0000000000..87d66e9ee5
--- /dev/null
+++ b/man/systemd-veritysetup-generator.xml
@@ -0,0 +1,122 @@
+<?xml version="1.0"?>
+<!--*-nxml-*-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
+<!--
+  This file is part of systemd.
+
+  Copyright 2016 Lennart Poettering
+
+  systemd is free software; you can redistribute it and/or modify it
+  under the terms of the GNU Lesser General Public License as published by
+  the Free Software Foundation; either version 2.1 of the License, or
+  (at your option) any later version.
+
+  systemd is distributed in the hope that it will be useful, but
+  WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+  Lesser General Public License for more details.
+
+  You should have received a copy of the GNU Lesser General Public License
+  along with systemd; If not, see <http://www.gnu.org/licenses/>.
+-->
+<refentry id="systemd-veritysetup-generator" conditional='HAVE_LIBCRYPTSETUP'>
+
+  <refentryinfo>
+    <title>systemd-veritysetup-generator</title>
+    <productname>systemd</productname>
+
+    <authorgroup>
+      <author>
+        <contrib>Developer</contrib>
+        <firstname>Lennart</firstname>
+        <surname>Poettering</surname>
+        <email>lennart@poettering.net</email>
+      </author>
+    </authorgroup>
+  </refentryinfo>
+
+  <refmeta>
+    <refentrytitle>systemd-veritysetup-generator</refentrytitle>
+    <manvolnum>8</manvolnum>
+  </refmeta>
+
+  <refnamediv>
+    <refname>systemd-veritysetup-generator</refname>
+    <refpurpose>Unit generator for integrity protected block devices</refpurpose>
+  </refnamediv>
+
+  <refsynopsisdiv>
+    <para><filename>/usr/lib/systemd/system-generators/systemd-veritysetup-generator</filename></para>
+  </refsynopsisdiv>
+
+  <refsect1>
+    <title>Description</title>
+
+    <para><filename>systemd-veritysetup-generator</filename> is a generator that translates kernel command line options
+    configuring integrity protected block devices (verity) into native systemd units early at boot and when
+    configuration of the system manager is reloaded. This will create
+    <citerefentry><refentrytitle>systemd-veritysetup@.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+    units as necessary.</para>
+
+    <para>Currently, only a single verity device may be se up with this generator, backing the root file system of the
+    OS.</para>
+
+    <para><filename>systemd-veritysetup-generator</filename> implements
+    <citerefentry><refentrytitle>systemd.generator</refentrytitle><manvolnum>7</manvolnum></citerefentry>.</para>
+  </refsect1>
+
+  <refsect1>
+    <title>Kernel Command Line</title>
+
+    <para><filename>systemd-veritysetup-generator</filename>
+    understands the following kernel command line parameters:</para>
+
+    <variablelist class='kernel-commandline-options'>
+      <varlistentry>
+        <term><varname>systemd.verity=</varname></term>
+        <term><varname>rd.systemd.verity=</varname></term>
+
+        <listitem><para>Takes a boolean argument. Defaults to <literal>yes</literal>. If <literal>no</literal>,
+        disables the generator entirely. <varname>rd.systemd.verity=</varname> is honored only by the initial RAM disk
+        (initrd) while <varname>systemd.verity=</varname> is honored by both the host system and the
+        initrd. </para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><varname>roothash=</varname></term>
+
+        <listitem><para>Takes a root hash value for the root file system. Expects a hash value formatted in hexadecimal
+        characters, of the appropriate length (i.e. most likely 256 bit/64 characters, or longer). If not specified via
+        <varname>systemd.verity_root_data=</varname> and <varname>systemd.verity_root_hash=</varname>, the hash and
+        data devices to use are automatically derived from the specified hash value. Specifically, the data partition
+        device is looked for under a GPT partition UUID derived from the first 128bit of the root hash, the hash
+        partition device is looked for under a GPT partition UUID derived from the last 128bit of the root hash. Hence
+        it is usually sufficient to specify the root hash to boot from an integrity protected root file system, as
+        device paths are automatically determined from it — as long as the partition table is properly set up.</para>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><varname>systemd.verity_root_data=</varname></term>
+        <term><varname>systemd.verity_root_hash=</varname></term>
+
+        <listitem><para>These two settings take block device paths as arguments, and may be use to explicitly configure
+        the data partition and hash partition to use for setting up the integrity protection for the root file
+        system. If not specified, these paths are automatically derived from the <varname>roothash=</varname> argument
+        (see above).</para></listitem>
+      </varlistentry>
+
+    </variablelist>
+  </refsect1>
+
+  <refsect1>
+    <title>See Also</title>
+    <para>
+      <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+      <citerefentry><refentrytitle>systemd-veritysetup@.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+      <citerefentry project='die-net'><refentrytitle>veritysetup</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+      <citerefentry><refentrytitle>systemd-fstab-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+    </para>
+  </refsect1>
+
+</refentry>
diff --git a/man/systemd-veritysetup@.service.xml b/man/systemd-veritysetup@.service.xml
new file mode 100644
index 0000000000..173e5358e0
--- /dev/null
+++ b/man/systemd-veritysetup@.service.xml
@@ -0,0 +1,75 @@
+<?xml version="1.0"?>
+<!--*-nxml-*-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
+<!--
+  This file is part of systemd.
+
+  Copyright 2016 Lennart Poettering
+
+  systemd is free software; you can redistribute it and/or modify it
+  under the terms of the GNU Lesser General Public License as published by
+  the Free Software Foundation; either version 2.1 of the License, or
+  (at your option) any later version.
+
+  systemd is distributed in the hope that it will be useful, but
+  WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+  Lesser General Public License for more details.
+
+  You should have received a copy of the GNU Lesser General Public License
+  along with systemd; If not, see <http://www.gnu.org/licenses/>.
+-->
+<refentry id="systemd-veritysetup@.service" conditional='HAVE_LIBCRYPTSETUP'>
+
+  <refentryinfo>
+    <title>systemd-veritysetup@.service</title>
+    <productname>systemd</productname>
+
+    <authorgroup>
+      <author>
+        <contrib>Developer</contrib>
+        <firstname>Lennart</firstname>
+        <surname>Poettering</surname>
+        <email>lennart@poettering.net</email>
+      </author>
+    </authorgroup>
+  </refentryinfo>
+
+  <refmeta>
+    <refentrytitle>systemd-veritysetup@.service</refentrytitle>
+    <manvolnum>8</manvolnum>
+  </refmeta>
+
+  <refnamediv>
+    <refname>systemd-veritysetup@.service</refname>
+    <refname>systemd-veritysetup</refname>
+    <refpurpose>Disk integrity protection logic</refpurpose>
+  </refnamediv>
+
+  <refsynopsisdiv>
+    <para><filename>systemd-veritysetup@.service</filename></para>
+    <para><filename>/usr/lib/systemd/systemd-veritysetup</filename></para>
+  </refsynopsisdiv>
+
+  <refsect1>
+    <title>Description</title>
+
+    <para><filename>systemd-veritysetup@.service</filename> is a service responsible for setting up integrity
+    protection (verity) block devices. It should be instantiated for each device that requires integrity
+    protection.</para>
+
+    <para>At early boot and when the system manager configuration is reloaded kernel command line configuration for
+    integrity protected block devices is translated into <filename>systemd-veritysetup@.service</filename> units by
+    <citerefentry><refentrytitle>systemd-veritysetup-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
+  </refsect1>
+
+  <refsect1>
+    <title>See Also</title>
+    <para>
+      <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+      <citerefentry><refentrytitle>systemd-veritysetup-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+      <citerefentry project='die-net'><refentrytitle>veritysetup</refentrytitle><manvolnum>8</manvolnum></citerefentry>
+     </para>
+  </refsect1>
+
+</refentry>
diff --git a/man/systemd-volatile-root.service.xml b/man/systemd-volatile-root.service.xml
new file mode 100644
index 0000000000..b90a3261fa
--- /dev/null
+++ b/man/systemd-volatile-root.service.xml
@@ -0,0 +1,79 @@
+<?xml version="1.0"?>
+<!--*-nxml-*-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
+<!--
+  This file is part of systemd.
+
+  Copyright 2016 Lennart Poettering
+
+  systemd is free software; you can redistribute it and/or modify it
+  under the terms of the GNU Lesser General Public License as published by
+  the Free Software Foundation; either version 2.1 of the License, or
+  (at your option) any later version.
+
+  systemd is distributed in the hope that it will be useful, but
+  WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+  Lesser General Public License for more details.
+
+  You should have received a copy of the GNU Lesser General Public License
+  along with systemd; If not, see <http://www.gnu.org/licenses/>.
+-->
+<refentry id="systemd-volatile-root.service">
+
+  <refentryinfo>
+    <title>systemd-volatile-root.service</title>
+    <productname>systemd</productname>
+
+    <authorgroup>
+      <author>
+        <contrib>Developer</contrib>
+        <firstname>Lennart</firstname>
+        <surname>Poettering</surname>
+        <email>lennart@poettering.net</email>
+      </author>
+    </authorgroup>
+  </refentryinfo>
+
+  <refmeta>
+    <refentrytitle>systemd-volatile-root.service</refentrytitle>
+    <manvolnum>8</manvolnum>
+  </refmeta>
+
+  <refnamediv>
+    <refname>systemd-volatile-root.service</refname>
+    <refname>systemd-volatile-root</refname>
+    <refpurpose>Make the root file system volatile</refpurpose>
+  </refnamediv>
+
+  <refsynopsisdiv>
+    <para><filename>systemd-volatile-root.service</filename></para>
+    <para><filename>/usr/lib/systemd/systemd-volatile-root</filename></para>
+  </refsynopsisdiv>
+
+  <refsect1>
+    <title>Description</title>
+
+    <para><filename>systemd-volatile-root.service</filename> is a service that replaces the root directory with a
+    volatile memory file system (<literal>tmpfs</literal>), mounting the original (non-volatile)
+    <filename>/usr</filename> inside it read-only. This way, vendor data from <filename>/usr</filename> is available as
+    usual, but all configuration data in <filename>/etc</filename>, all state data in <filename>/var</filename> and all
+    other resources stored directly under the root directory are reset on boot and lost at shutdown, enabling fully
+    stateless systems.</para>
+
+    <para>This service is only enabled if full volatile mode is selected, for example by specifying
+    <literal>systemd.volatile=yes</literal> on the kernel command line. This service runs only in the initial RAM disk
+    ("initrd"), before the system transitions to the host's root directory. Note that this service is not used if
+    <literal>systemd.volatile=state</literal> is used, as in that mode the root directory is non-volatile.</para>
+  </refsect1>
+
+  <refsect1>
+    <title>See Also</title>
+    <para>
+      <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+      <citerefentry><refentrytitle>systemd-fstab-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
+      <citerefentry><refentrytitle>kernel-command-line</refentrytitle><manvolnum>7</manvolnum></citerefentry>
+    </para>
+  </refsect1>
+
+</refentry>
diff --git a/man/systemd.service.xml b/man/systemd.service.xml
index ad91817820..522ed5e61e 100644
--- a/man/systemd.service.xml
+++ b/man/systemd.service.xml
@@ -284,7 +284,9 @@
         providing multiple command lines in the same directive, or alternatively, this directive may be specified more
         than once with the same effect. If the empty string is assigned to this option, the list of commands to start
         is reset, prior assignments of this option will have no effect. If no <varname>ExecStart=</varname> is
-        specified, then the service must have <varname>RemainAfterExit=yes</varname> set.</para>
+        specified, then the service must have <varname>RemainAfterExit=yes</varname> and at least one
+        <varname>ExecStop=</varname> line set. (Services lacking both <varname>ExecStart=</varname> and
+        <varname>ExecStop=</varname> are not valid.)</para>
 
         <para>For each of the specified commands, the first argument must be an absolute path to an
         executable. Optionally, if this file name is prefixed with <literal>@</literal>, the second token will be
diff --git a/man/systemd.xml b/man/systemd.xml
index 50398e6259..2964fecd25 100644
--- a/man/systemd.xml
+++ b/man/systemd.xml
@@ -183,10 +183,14 @@
       <varlistentry>
         <term><option>--show-status=</option></term>
 
-        <listitem><para>Show terse service status information while
-        booting. This switch has no effect when run as user instance.
-        Takes a boolean argument which may be omitted which is
-        interpreted as <option>true</option>.</para></listitem>
+        <listitem><para>Takes a boolean argument or the special value <constant>auto</constant>. If on, terse unit
+        status information is shown on the console during boot-up and shutdown. If off, no such status information is
+        shown. If set to <constant>auto</constant> behavior is similar to off, except that it is automatically switched
+        to on, as soon as the first unit failure or significant boot delay is encountered. This switch has no effect
+        when invoked as user instance. If specified, overrides both the kernel command line setting
+        <varname>systemd.show_status=</varname> (see below) and the configuration file option
+        <option>ShowStatus=</option>, see
+        <citerefentry><refentrytitle>systemd-system.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para></listitem>
       </varlistentry>
       <varlistentry>
         <term><option>--log-target=</option></term>
@@ -953,15 +957,15 @@
       <varlistentry>
         <term><varname>systemd.show_status=</varname></term>
 
-        <listitem><para>Takes a boolean argument or the constant
-        <constant>auto</constant>. If <option>yes</option>, the
-        systemd manager (PID 1) shows terse service status updates on
-        the console during bootup.  <constant>auto</constant> behaves
-        like <option>false</option> until a service fails or there is
-        a significant delay in boot.  Defaults to
-        <option>yes</option>, unless <option>quiet</option> is passed
-        as kernel command line option, in which case it defaults to
-        <constant>auto</constant>.</para></listitem>
+        <listitem><para>Takes a boolean argument or the constant <constant>auto</constant>. If <option>yes</option>,
+        the systemd manager (PID 1) shows terse service status updates on the console during bootup.
+        <constant>auto</constant> behaves like <option>false</option> until a unit fails or there is a significant
+        delay in boot.  Defaults to <option>yes</option>, unless <option>quiet</option> is passed as kernel command
+        line option, in which case it defaults to <constant>auto</constant>. If specified overrides the system manager
+        configuration file option <option>ShowStatus=</option>, see
+        <citerefentry><refentrytitle>systemd-system.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>. However,
+        the process command line option <option>--show-status=</option> takes precedence over both this kernel command
+        line option and the configuration file option.</para></listitem>
       </varlistentry>
 
       <varlistentry>