Features:
+* make use of the new statx mountid and rootmount fields in path_get_mnt_id()
+ and fd_is_mount_point()
+
+* make use of new loopback setup ioctl to setup loopback devices in one atomic
+ ioctl
+
+* nspawn: move "incoming mount" directory to /run/host, move "inaccessible"
+ nodes to /run/host, move notify socket (for sd_notify() between payload and
+ container manager)
+
+* cryptsetup: if keyfile specified in crypttab is AF_UNIX socket, connect to it
+ and read from it (like we do elsewhere with READ_FULL_FILE_CONNECT_SOCKET)
+
+* repart: support setting up dm-integrity with HMAC
+
+* add /etc/integritytab, to support dm-integrity setups. In particular those
+ with HMAC as hash function, so that we can have a protected /home without
+ encryption (leaving encryption to the individual dirs/homed).
+
+* complement root=, rootflags=, rootfstype= with rootsubdir= which allows
+ mounting a subdir of the root fs as actual root. This can be used as
+ fstype-agnostic version of btrfs' rootflags=subvol=foobar.
+
* add --copy-from and --copy-to command to systemd-dissect which copies stuff
in and out of a disk image
* if /usr/bin/swapoff fails due to OOM, log a friendly explanatory message about it
-* add loud warning to the logs (with catalog entry) if systemd-udev-settle is
- pulled into the boot process
-
* build short web pages out of each catalog entry, build them along with man
pages, and include hyperlinks to them in the journal output
* make us use dynamically fewer deps for containers in general purpose distros:
o turn into dlopen() deps:
- - pcre2 (always) — irrelevant on Fedora, since dep by
- libselinux, but should benefit Debian
- libpwquality (always) - only relevant for homed, and maybe soon
firstboot
- elfutils (always)
* homed:
- when user tries to log into record signed by unrecognized key, automatically add key to our chain after polkit auth
- - hook up machined/nspawn users with a varlink user query interface
- rollback when resize fails mid-operation
- GNOME's side for forget key on suspend (requires rework so that lock screen runs outside of uid)
- resize on login?
- allow multiple signal handlers per signal?
- document chaining of signal handler for SIGCHLD and child handlers
- define more intervals where we will shift wakeup intervals around in, 1h, 6h, 24h, ...
+ - maybe support iouring as backend, so that we allow hooking read and write
+ operations instead of IO ready events into event loops. See considerations
+ here:
+ http://blog.vmsplice.net/2020/07/rethinking-event-loop-integration-for.html
* investigate endianness issues of UUID vs. GUID
- journal: add a setgid "systemd-journal" utility to invoke from libsystemd-journal, which passes fds via STDOUT and does PK access
- journactl: support negative filtering, i.e. FOOBAR!="waldo",
and !FOOBAR for events without FOOBAR.
- - journal: store timestamp of journal_file_set_offline() int he header,
+ - journal: store timestamp of journal_file_set_offline() in the header,
so it is possible to display when the file was last synced.
- journal-send.c, log.c: when the log socket is clogged, and we drop, count this and write a message about this when it gets unclogged again.
- journal: find a way to allow dropping history early, based on priority, other rules
them via machined, and also watch containers coming and going.
Benefit: nspawn --ephemeral would start working nicely with the journal.
- assign MESSAGE_ID to log messages about failed services
+ - check if loop in decompress_blob_xz() is necessary
* add a test if all entries in the catalog are properly formatted.
(Adding dashes in a catalog entry currently results in the catalog entry
- document systemd-journal-flush.service properly
- documentation: recommend to connect the timer units of a service to the service via Also= in [Install]
- man: document the very specific env the shutdown drop-in tools live in
- - man: add more examples to man pages
+ - man: add more examples to man pages,
+ - in particular an example how to do the equivalent of switching runlevels
- man: maybe sort directives in man pages, and take sections from --help and apply them to man too
- document root=gpt-auto properly