Skip to content

Pantavisor Configuration

This reference is for advanced users. Before manually editing these values in your config, check if what you intend to do can be achieved through one of the build options.

There are three ways to tweak with Pantavisor configuration, depending on when it can be modified: at compile time, after an update or during runtime.

At compile time

You can take a look at the configuration files we use to build our supported platforms here.


Key Value Default Description
system.init.mode embedded, standalone or appengine embedded pantavisor init mode
system.libdir path /lib set lib path
system.etcdir path /etc set etc path
system.rundir path /pv set run path
system.mediadir path /media set media path
system.confdir path /configs set config path 0 or 1 1 enable debug shell
debig.ssh 0 or 1 1 enable debug ssh server
dropbear.cache.dir path /storage/cache/dropbear set dropbear cache path
meta.cache.dir path /storage/cache/meta set metadata cache
bootloader.type uboot, uboot-pvk or grub uboot set type of bootloader
bootloader.mtd_only 0 or 1 0 enable MTD
bootloader.mtd_env path N/A set MTD path
secureboot.mode disabled, audit, lenient or strict lenient set secureboot severity level
secureboot.certdir path /certs set cert path
storage.device path N/A set storage path
storage.fstype ext4, ubifs or jffs2 N/A (mandatory) journaling file system
storage.opts N/A N/A not implemented
storage.mntpoint path N/A (mandatory) set pv mount point
storage.mnttype ext4 disabled pv mount file system
storage.logtempsize size disabled sets the size of memory dedicated for log storage. The size may have a k, m or g suffix or a % suffix for percentage of memory
storage.wait integer 5 wait for storage to be available
storage.gc.reserved integer 5 garbage collector will try to always keep this percentage of disk free
storage.gc.keep_factory 0 or 1 0 avoid deletion of revision 0 objects by the garbage collector
storage.gc.threshold integer 0 garbage collector will be triggered if there is less than this percentage of disk free. 0 means it will just be run when an update needs more space than available
storage.gc.threshold.defertime integer 600 time in seconds the garbage collector threshold will be deferred after a new object has been put from the pvctrl objects endpoint
disk.voldir path /volumes set volumes path
updater.conditions.timeout integer 120 set time in seconds before an update is considered to have failed if not all conditions have been met at that point
updater.use_tmp_objects 0 or 1 0 download objects in an on-disk temporary location. If disabled, objects will be stored in memory while downloading
revision.retries integer 10 max number of update retries before rollback
revision.retries.timeout integer 120 set time in seconds before a failed update is retired
wdt.enabled 0 or 1 1 enable kernel watchdog
wdt.timeout integer 15 set reset timeout in seconds for kernel watchdog
net.brdev string lxcbr0 container bridge name
net.braddress4 ip container bridge address
net.brmask4 ip container bridge mask address
log.dir path /storage/logs/ set log storage path
lxc.log.level integer 2 0 to 8 lxc log verbosity level
control.remote 0 or 1 1 enable all communication with Pantahub

Example of pantavisor.config:



Key Value Default Description
creds.type builtin and ext-* builtin set type of authentication ip Pantahub IP
creds.port port 12365 Pantahub port proxy host NULL Proxy Host (if enabled)
creds.proxy.port proxy port 3128 Proxy Port
creds.proxy.noproxyconnect int 0 Disable Proxyconnect protocol (basic http proxy for TLS) string unset (set after claim) device id
creds.prn string unset (set after claim) device prn
creds.secret string unset (set after claim) device secret
creds.tpm.key string disabled TMP key
creds.tpm.cert string disabled TMP certificate
factory.autotok string disabled token for auto claiming
updater.keep_factory 0 or 1 0 DEPRECATED: moved to storage.gc.keep_factory in pantavisor.config
updater.interval integer 60 time between Pantahub requests during waiting operation
updater.network_timeout integer 120 wait time in seconds before rollback if device does not get network connectivity
updater.commit.delay integer 180 testing time in seconds after an update
log.dir path /storage/logs/ DEPRECATED: moved to pantavisor.config
log.maxsize integer 2097152 B (2 MB) max size of a log file before rotating
log.level 0 (FATAL), 1 (ERROR), 2 (WARN), 3 (INFO), 4 (DEBUG) or 5 (ALL) 5 pantavisor log will only capture messages from the set loglevel to 0
log.buf_nitems integer 128 KB log buffer size
log.push 0 or 1 1 push logs to cloud. Can be overriden using metadata
log.capture 0 or 1 1 store logs. Disable will stop log push too
log.loggers 0 or 1 1 disable loggers that tail traditional log files used inside containers - often seen in system containers
log.stdout 0 or 1 0 enable pantavisor logs to go to stdout aka dmesg; remember to set ignore_loglevel and printk.devkmsg=on in /proc/cmdline to get all messages on console
libthttp.log.level 0 (FATAL), 1 (ERROR), 2 (WARN), 3 (INFO), 4 (DEBUG) or 5 (ALL) 3 libthttp log will obly capture messages from set level to 0

Example of pantahub.config:


After an update

Some of the values from the previous section can be overridden when making a new revision of your device's firmware. To do so, you must create a new file with the same format we use for pantavisor.config and reference it from bsp/run.json.

These are the keys that are accepted in this revision configuration. See the previous section for reference:

  • storage.wait
  • storage.gc.reserved
  • storage.gc.keep_factory
  • storage.gc.threshold
  • storage.gc.threshold.defertime
  • updater.conditions.timeout
  • updater.use_tmp_objects
  • revision.retries
  • revision.retries.timeout
  • updater.keep_factory
  • updater.interval
  • updater.network_timeout
  • updater.commit.delay
  • creds.proxy.port
  • creds.proxy.noproxyconnect
  • log.maxsize
  • log.level
  • log.buf_nitems
  • log.push
  • log.capture
  • libthttp.log.level
  • lxc.log.level

For example, we create this file:

$ cat bsp/trail.config 

Now, we reference it from our bsp run.json, using the key initrd_config:

$ cat bsp/run.json 
        "addons": [],
        "firmware": "firmware.squashfs",
        "initrd": "pantavisor",
        "linux": "kernel.img",
        "modules": "modules.squashfs",
        "initrd_config": "trail.config"

To finish the process, we commit and post the new revision

$ pvr commit
Committing /home/anibal/.pvr/objects/bsp/run.json
Adding bsp/trail.config
$ pvr post -m "change loglevel and storage threshold for this revision"

During runtime

Metadata can be used to override the values from the previous sections.

These are the keys that are accepted in metadata configuration. See the previous section for reference:

  • storage.gc.reserved
  • storage.gc.keep_factory
  • storage.gc.threshold
  • storage.gc.threshold.defertime
  • updater.interval
  • log.level
  • log.push
  • libthttp.log.level