- natively watch for dbus-*.service symlinks (PENDING)
- teach dbus to activate all services it finds in /etc/systemd/services/org-*.service
-* kernel: add device_type = "fb", "fbcon" to class "graphics"
-
-* /usr/bin/service should actually show the new command line
-
* fedora: suggest auto-restart on failure, but not on success and not on coredump. also, ask people to think about changing the start limit logic. Also point people to RestartPreventExitStatus=, SuccessExitStatus=
* neither pkexec nor sudo initialize environ[] from the PAM environment?
this up, and should probably always apply both, i.e. introduce
unit_file_escape() or so, which applies both.
+* xopenat() should pin the parent dir of the inode it creates before doing its
+ thing, so that it can create, open, label somewhat atomically.
+
Deprecations and removals:
* Remove any support for booting without /usr pre-mounted in the initrd entirely.
Features:
+* add a new ExecStart= flag that inserts the configured user's shell as first
+ word in the command line. (maybe use character '.'). Usecase: tool such as
+ uid0 can use that to spawn the target user's default shell.
+
+* varlink: figure out how to do docs for our varlink interfaces. Idea: install
+ interface files augmented with docs in /usr/share/ somewhere. And have
+ functionality in varlinkctl to merge interface info extracted from binaries
+ with interface info on disk. And store the doc strings only in the latter.
+
+* introduce mntid_t, and make it 64bit, as apparently the kernel switched to
+ 64bit mount ids
+
+* use udev rule networkd ownership property to take ownership of network
+ interfaces nspawn creates
+
+* add a kernel cmdline switch (and cred?) for marking a system to be
+ "headless", in which case we never open /dev/console for reading, only for
+ writing. This would then mean: systemd-firstboot would process creds but not
+ ask interactively, getty would not be started and so on.
+
+* extend mime database with mime types for:
+ - journal files
+ - credential files
+ - hwdb files
+ - catalog files
+
+* cryptsetup: new crypttab option to auto-grow a luks device to its backing
+ partition size. new crypttab option to reencrypt a luks device with a new
+ volume key.
+
+* we probably should have some infrastructure to acquire sysexts with
+ drivers/firmware for local hardware automatically. Idea: reuse the modalias
+ logic of the kernel for this: make the main OS image install a hwdb file
+ that matches against local modalias strings, and adds properties to relevant
+ devices listing names of sysexts needed to support the hw. Then provide some
+ tool that goes through all devices and tries to acquire/download the
+ specified images.
+
+* repart + cryptsetup: support file systems that are encrypted and use verity
+ on top. Usecase: confexts that shall be signed by the admin but also be
+ confidential. Then, add a new --make-ddi=confext-encrypted for this.
+
+* tmpfiles: add new line type for moving files from some source dir to some
+ target dir. then use that to move sysexts/confexts and stuff from initrd
+ tmpfs to /run/, so that host can pick things up.
+
+* tiny varlink service that takes a fd passed in and serves it via http. Then
+ make use of that in networkd, and expose some EFI binary of choice for
+ DHCP/HTTP base EFI boot.
+
+* bootctl: add reboot-to-disk which takes a block device name, and
+ automatically sets things up so that system reboots into that device next.
+
+* maybe: in PID1, when we detect we run in an initrd, make superblock read-only
+ early on, but provide opt-out via kernel cmdline.
+
* systemd-pcrextend:
- support measuring to nvindex with PCR update semantics ("fake PCRs")
- add api for "allocating" such an nvindex
- once we have that start measuring every sysext we apply, every confext,
- every RootImage= we apply, evey nspawn and so on. All in separate fake
+ every RootImage= we apply, every nspawn and so on. All in separate fake
PCRs.
* vmspawn:
as mass storage devices on systems that have a USB controller that can
operate in device mode
- add NVMe authentication
- - show login details also via plymouth
* add support for activating nvme-oF devices at boot automatically via kernel
cmdline, and maybe even support a syntax such as
dir. Similar for $XDG_RUNTIME_DIR. Start project@%i.target. Use LogField= to
add a field identifying the project.
-* logind: add a new dbus call Sleep() which automatically redirects to one of
- Suspend(), Hibernate(), SuspendThenHibernate() depending on what is
- available, and also subject to some local configuration in
- logind.conf. Should default to SuspendThenHibernate() if available, and then
- fallback to Suspend() and finally Hibernate() if not. Then expose this as
- "systemctl sleep", and tell DEs to default to this.
-
* in sd-boot and sd-stub measure the SMBIOS vendor strings to some PCR (at
least some subset of them that look like systemd stuff), because apparently
some firmware does not, but systemd honours it. avoid duplicate measurement
- systemd-dissect
- systemd-sysupdate
- systemd-analyze
+ - systemd-pcrlock (to allow fwupd to relax policy)
- kernel-install
* Varlink: add glue code to allow varlink clients to be authenticated via
file system paths to enable on start.
• make systemd-fstab-generator look for a system credential encoding root= or
usr=
- • systemd-homed: when initializing, look for a credential
- systemd.homed.register or so with JSON user records to automatically
- register if not registered yet. Use case: deploy a system, and add an
- account one can directly log into.
• in gpt-auto-generator: check partition uuids against such uuids supplied via
sd-stub credentials. That way, we can support parallel OS installations with
pre-built kernels.
file to move there, since it is managed by privileged code (i.e. homed) and
not unprivileged code.
-* given that /etc/ssh/ssh_config.d/ is a thing now, ship a drop-in for that
- that hooks up userdbctl ssh-key stuff.
-
* maybe add support for binding and connecting AF_UNIX sockets in the file
system outside of the 108ch limit. When connecting, open O_PATH fd to socket
inode first, then connect to /proc/self/fd/XYZ. When binding, create symlink
* teach parse_timestamp() timezones like the calendar spec already knows it
-* beef up s2h to implement a battery watch loop: instead of entering
- hibernation unconditionally after coming back from resume make a decision
- based on the battery load level: if battery level is above a specific
- threshold, go to suspend again, only hibernate if below it. This means we'd
- stick to suspend usually, but fall back to hibernation only when battery runs
- empty (well, subject to our sampling interval). Related to this, check if we
- can make ACPI _BTP (i.e. /sys/class/power_supply/*/alarm) work for us too,
- i.e. see if it can wake up machines from suspend, so that we could resume
- automatically when the system is low on power and move automatically to
- hibernation mode. (see
- https://uefi.org/sites/default/files/resources/ACPI%206_2_A_Sept29.pdf
- section 10.2.2.8 and
- https://docs.microsoft.com/en-us/windows-hardware/design/device-experiences/modern-standby-wake-sources
- at the end).
-
* We should probably replace /etc/rc.d/README with a symlink to doc
content. After all it is constant vendor data.
- generate better errors when people try to set transient properties
that are not supported...
https://lists.freedesktop.org/archives/systemd-devel/2015-February/028076.html
- - maybe introduce WantsMountsFor=? Use case:
- https://lists.freedesktop.org/archives/systemd-devel/2015-January/027729.html
- recreate systemd's D-Bus private socket file on SIGUSR2
- move PAM code into its own binary
- when we automatically restart a service, ensure we restart its rdeps, too.
- support new FS_IOC_ADD_ENCRYPTION_KEY ioctl for setting up fscrypt
- maybe pre-create ~/.cache as subvol so that it can have separate quota
easily?
- - add a switch to homectl (maybe called --first-boot) where it will check if
- any non-system users exist, and if not prompts interactively for basic user
- info, mimicking systemd-firstboot. Then, place this in a service that runs
- after systemd-homed, but before gdm and friends, as a simple, barebones
- fallback logic to get a regular user created on uninitialized systems.
- store PKCS#11 + FIDO2 token info in LUKS2 header, compatible with
systemd-cryptsetup, so that it can unlock homed volumes
- maybe make all *.home files owned by `systemd-home` user or so, so that we
projects / thirdparty / systemd.git / blobdiff