Features:
-* block setrlimit(RLIMIT_NOPROC) (and other per-user limits) in nspawn when userns is not on
-
-* nss-systemd: implement enumeration, that shows all dynamic users plus the
- synthesized ones if necessary, so that "getent passwd" shows useful data.
+* add proper dbus APIs for the various sd_notify() commands, such as MAINPID=1
+ and so on, which would mean we could report errors and such.
* teach tmpfiles.d q/Q logic something sensible in the context of XFS/ext4
project quota
* maybe rework get_user_creds() to query the user database if $SHELL is used
for root, but only then.
-* there should be path_hash_ops and we should use it in tmpfiles' hashmap object to deal with identical but differently spelt paths
-
* be stricter with fds we receive for the fdstore: close them asynchronously
* calenderspec: add support for week numbers and day numbers within a
year. This would allow us to define "bi-weekly" triggers safely.
-* add support for recursive bpf firewalling as supported by the newest kernel
-
-* add bpf-based implementation of devices cgroup controller logic for compat with cgroupsv2 as supported by newest kernel
+* add bpf-based implementation of devices cgroup controller logic for compat
+ with cgroupsv2 as supported by newest kernel
* introduce sd_id128_get_boot_app_specific() which is like
sd_id128_get_machine_app_specific(). After all on long-running systems both
IDs have similar properties.
-* emulate properties of the root cgroup on controllers that don't support such
- properties natively on cpu/io/memory, the way we already do it for
- "pids". Also, add the same logic to cgtop.
-
-* set TasksAccounting=1 on the root slice if we are running on the root cgroup,
- and similar for the others, as soon as we emulate them properly. After all,
- Linux keeps these system-wide stats anyway, and it costs nothing to expose
- them.
-
* sd-bus: add vtable flag, that may be used to request client creds implicitly
and asynchronously before dispatching the operation
-* implement transient socket unit.
-
* make use of ethtool veth peer info in machined, for automatically finding out
host-side interface pointing to the container.
systemd-journald writes to /var/log/journal, which could be useful when we
doing disk usage calculations and so on.
-* taint systemd if there are fewer than 65536 users assigned to the system.
+* taint systemd if there are fewer than 65536 users assigned (userns) to the system.
* deprecate PermissionsStartOnly= and RootDirectoryStartOnly= in favour of the ExecStart= prefix chars
* In DynamicUser= mode: before selecting a UID, use disk quota APIs on relevant
disks to see if the UID is already in use.
-* add dissect_image_warn() as a wrapper around dissect_image() that prints
- friendly log messages for the returned errors, so that we don't have to
- duplicate that in nspawn, systemd-dissect and PID 1.
-
* add "systemctl wait" or so, which does what "systemd-run --wait" does, but
for all units. It should be both a way to pin units into memory as well as a
wait to retrieve their exit data.
* networkd/udev: implement SR_IOV configuration in .link files:
http://lists.freedesktop.org/archives/systemd-devel/2015-January/027451.html
-* Rework systemctl's GetAll property parsing to use the generic bus_map_all_properties() API
-
-* Port various tools to make use of verbs.[ch], where applicable: busctl,
- coredumpctl, hostnamectl, localectl, timedatectl
-
* hostnamectl: show root image uuid
* sysfs set api in libudev is not const
* maybe add a generator that looks for "systemd.run=" on the kernel cmdline for container usercases...
* test/:
- - add 'set -e' to scripts in test/
- - make stuff in test/ work with separate output dir
+ - add unit tests for config_parse_device_allow()
* seems that when we follow symlinks to units we prefer the symlink
destination path over /etc and /usr. We should not do that. Instead
* hw watchdog: optionally try to use the preset watchdog timeout instead of always overriding it
https://bugs.freedesktop.org/show_bug.cgi?id=54712
-* create /sbin/init symlinks from the build system
-
* add a dependency on standard-conf.xml and other included files to man pages
* MountFlags=shared acts as MountFlags=slave right now.