X-Git-Url: http://git.ipfire.org/?a=blobdiff_plain;f=TODO;h=5fb0c59d1a7a3fbac88852d7d2675b4e8cfe0683;hb=299597f8d5f06fc0faa3600f3c5181b58c25b922;hp=a6cdae84a0f44d55dd907a121a53f0183420fb34;hpb=f6c7c3989769d5e908b6db6daf363aa4a763f13c;p=thirdparty%2Fsystemd.git diff --git a/TODO b/TODO index a6cdae84a0f..5fb0c59d1a7 100644 --- a/TODO +++ b/TODO @@ -24,8 +24,22 @@ Janitorial Clean-ups: Features: -* check what setting the login shell to /bin/false vs. /sbin/nologin means and - do the right thing in get_user_creds_clean() with it. +* block setrlimit(RLIMIT_NOPROC) (and other per-user limits) in nspawn when userns is not on + +* nss-systemd: implement enumeration, that shows all dynamic users plus the + synthesized ones if necessary, so that "getent passwd" shows useful data. + +* teach tmpfiles.d q/Q logic something sensible in the context of XFS/ext4 + project quota + +* introduce DefaultSlice= or so in system.conf that allows changing where we + place our units by default, i.e. change system.slice to something + else. Similar, ManagerSlice= should exist so that PID1's own scope unit could + be moved somewhere else too. Finally machined and logind should get similar + options so that it is possible to move user session scopes and machines to a + different slice too by default. Usecase: people who want to put resources on + the entire system, with the exception of one specific service. See: + https://lists.freedesktop.org/archives/systemd-devel/2018-February/040369.html * maybe rework get_user_creds() to query the user database if $SHELL is used for root, but only then. @@ -45,15 +59,6 @@ Features: sd_id128_get_machine_app_specific(). After all on long-running systems both IDs have similar properties. -* emulate properties of the root cgroup on controllers that don't support such - properties natively on cpu/io/memory, the way we already do it for - "pids". Also, add the same logic to cgtop. - -* set TasksAccounting=1 on the root slice if we are running on the root cgroup, - and similar for the others, as soon as we emulate them properly. After all, - Linux keeps these system-wide stats anyway, and it costs nothing to expose - them. - * sd-bus: add vtable flag, that may be used to request client creds implicitly and asynchronously before dispatching the operation @@ -378,8 +383,6 @@ Features: * what to do about udev db binary stability for apps? (raw access is not an option) -* maybe provide an API to allow migration of foreign PIDs into existing scopes. - * man: maybe use the word "inspect" rather than "introspect"? * systemctl: if some operation fails, show log output?