]>
Commit | Line | Data |
---|---|---|
71092d70 | 1 | Bugfixes: |
7c66aeba KS |
2 | * check systemd-tmpfiles for selinux context hookup for mknod(), symlink() and similar |
3 | ||
c904f64d LP |
4 | * swap units that are activated by one name but shown in the kernel under another are semi-broken |
5 | ||
f957632b KS |
6 | * Dangling symlinks of .automount unit files in .wants/ directories, set up |
7 | automount points even when the original .automount file did not exist | |
8 | anymore. Only the .mount unit was still around. | |
9 | ||
9a366075 LP |
10 | * make polkit checks async |
11 | ||
a40593a0 | 12 | * properly handle .mount unit state tracking when two mount points are stacked one on top of another on the exact same mount point. |
20ffc4c4 | 13 | |
26306aed KS |
14 | * stop importing kernel exported env variables. The utterly broken logic in |
15 | the kernel exports every kernel command line option which is not recognized | |
16 | as a built-in module option as an env variable. Systemd should not pass-on | |
17 | that nonsense, a kernel command line option is a command line option not an | |
18 | env variable: | |
19 | $ cat /proc/252/environ | |
20 | initrd=\6a9857a393724b7a981ebb5b8495b9ea\3.10.0-2.fc20.x86_64\initrd | |
21 | ||
2d19f95c | 22 | Fedora 19: |
3679d112 | 23 | |
a4cc3e5c LP |
24 | * external: maybe it is time to patch procps so that "ps" links to |
25 | libsystemd-logind to print a pretty service name, seat name, session | |
26 | name in its output. Currently it only shows cgroup membership, but | |
0028da22 | 27 | that's sometimes kinda hard to parse for a human. |
a4cc3e5c | 28 | |
7e2c2bcf | 29 | * cgroup attrs: |
f0c15f28 | 30 | - update dbus interface docs in wiki |
7b4da18c | 31 | |
81d112a8 | 32 | * localed: |
81d112a8 LP |
33 | - localectl: support new converted x11→console keymaps |
34 | ||
55d32caf LP |
35 | * when installing fedora with yum --installroot /var/run is a directory, not a symlink |
36 | ||
bafb15ba LP |
37 | CGroup Rework Completion: |
38 | ||
bafb15ba LP |
39 | * introduce "mainpid" for scopes |
40 | ||
41 | * implement system-wide DefaultCPUAccounting=1 switch (and similar for blockio, memory?) | |
42 | ||
43 | * implement per-slice CPUFairScheduling=1 switch | |
44 | ||
45 | * handle jointly mounted controllers correctly | |
46 | ||
47 | * logind: implement session kill exceptions | |
48 | ||
bafb15ba LP |
49 | * make BlockIODeviceWeight=, BlockIODeviceBandwidth= runtime settable |
50 | ||
049b4474 | 51 | * introduce high-level settings for RT budget, swappiness |
bafb15ba LP |
52 | |
53 | * man: document new bus apis | |
54 | ||
248aa28f LP |
55 | * Send SIGHUP and SIGTERM in session scopes |
56 | ||
eb124a97 | 57 | Features: |
154ff088 | 58 | |
36c0868b LP |
59 | * when parsing calendar timestamps support the UTC timezone (even if we won't support arbitrary timezone specs, support UTC itself certainly makes sense), also support syntaxes such as +0200 |
60 | ||
61 | * journalctl: add an output mode that looks like classic /var/log/messages, but also outputs the cursor of the last entry so that people can write scripts that can run iteratively and always process data that has been added since the last time. | |
fa7deadb LP |
62 | |
63 | * when a kernel driver logs in a tight loop we should ratelimit that too. | |
64 | ||
d907c208 LP |
65 | * journald: optionally, when messages with a high log prioerity are logged, sync() immeidately. |
66 | ||
67 | * introduce %v resolving to the string returned by "uname -r" | |
68 | ||
69 | * systemctl list-unit-files should list generated files (and probably with a new state "generated" for them, or so) | |
70 | ||
47a1454f LP |
71 | * Get rid of systemd-sysv: |
72 | https://fedoraproject.org/wiki/User:Toshio/Systemd_Convert_draft | |
73 | ||
049b4474 LP |
74 | * do we really need both hasprefix() and startswith()? |
75 | ||
b0adb546 LP |
76 | * when a kernel driver logs in a tight loop we should ratelimit that too. |
77 | ||
bdeeb6b5 LP |
78 | * journald: when we drop syslog messages because the syslog socket is |
79 | full, make sure to write how many messages are lost as first thing | |
80 | to syslog when it works again. | |
81 | ||
82 | * prohibit Restart= set with Type=oneshot | |
83 | ||
84 | * man: the documentation of Restart= currently is very misleading and suggests the tools from ExecStartPre= might get restarted. | |
85 | ||
86 | * load .d/*.conf dropins for device units | |
87 | ||
174da5c5 LP |
88 | * move systemctl set-log-level to systemd-analyze? |
89 | ||
fb6becb4 LP |
90 | * move "systemctl dump" to systemd-analyze |
91 | ||
fb6becb4 LP |
92 | * add a fixed dbus path for "my own unit", "my own session", ... to PID1, logind, ... |
93 | ||
6c12b52e LP |
94 | * service_coldplug() appears to reinstall the wrong stop timeout watch? |
95 | ||
11ddb6f4 LP |
96 | * transient units: allow creating auxiliary units with the same call |
97 | ||
7041efe9 LP |
98 | * how to reset dynamically changed attributes sanely? |
99 | ||
b42defe3 LP |
100 | * when reloading configuration, apply new cgroup configuration |
101 | ||
4ad49000 | 102 | * journald: make sure ratelimit is actually really per-service with the new cgroup changes |
3d3ee759 | 103 | |
9444b1f2 LP |
104 | * libsystemd-logind: sd_session_is_active() and friends: verify |
105 | validity of session name before appending it to a path | |
106 | ||
9444b1f2 LP |
107 | * gparted needs to disable auto-activation of mount units somehow, or |
108 | maybe we should stop doing auto-activiation of this after boot | |
109 | entirely. https://bugzilla.gnome.org/show_bug.cgi?id=701676 | |
110 | ||
a016b922 LP |
111 | * when a service changes state make reflect that in the |
112 | RUNNING/LISTENING states of its socket | |
113 | ||
a016b922 LP |
114 | * when recursively showing the cgroup hierarchy, optionally also show |
115 | the hierarchies of child processes | |
116 | ||
1f263d4d LP |
117 | * document logic of auto/noauto and fail/nofail in fstab in systemd.mount or systemd-fstab-generator man page |
118 | ||
9444b1f2 | 119 | * we should properly escape ssh hostnames we add into dbus server strings |
1f263d4d LP |
120 | |
121 | * something pulls in pcre as so dep into our daemons such as hostnamed. | |
122 | ||
4e09014d LP |
123 | * cgroup-agent: downgrade error messages |
124 | ||
125 | * document systemd-journal-flush.service properly | |
126 | ||
127 | * chane systemd-journal-flush into a service that stays around during | |
128 | boot, and causes the journal to be moved back to /run on shutdown, | |
129 | so that we don't keep /var busy. This needs to happen synchronously, | |
130 | hence doing this via signals is not going to work. | |
131 | ||
132 | * allow implementation of InaccessibleDirectories=/ plus | |
133 | ReadOnlyDirectories=... for whitelisting files for a service. | |
134 | ||
d5a2b9a6 LP |
135 | * libsystemd-journal: |
136 | - return ECHILD as soon as somebody tries to reuse a journal object across a fork() | |
137 | ||
eb01ba5d LP |
138 | * libsystemd-bus: |
139 | - default policy (allow uid == 0 and our own uid) | |
140 | - enforce alignment of pointers passed in | |
eb01ba5d | 141 | - when kdbus doesn't take our message without memfds, try again with memfds |
eb01ba5d LP |
142 | - implement translator service |
143 | - port systemd to new library | |
144 | - implement busname unit type in systemd | |
145 | - move to gvariant | |
eb01ba5d | 146 | - merge busctl into systemctl or so? |
e4ee6e5c | 147 | - synthesize sd_bus_message objects from kernel messages |
c7819669 | 148 | - properly implement name registry ioctls for kdbus |
86312ab8 LP |
149 | - get rid of object hash table, use decision tree everyhwere instead? |
150 | - implement monitor logic | |
151 | - object vtable logic | |
152 | - longer term: | |
153 | * priority queues | |
86312ab8 | 154 | * priority inheritance |
eb01ba5d | 155 | |
154ff088 LP |
156 | * in the final killing spree, detect processes from the root directory, and |
157 | complain loudly if they have argv[0][0] == '@' set. | |
158 | https://bugzilla.redhat.com/show_bug.cgi?id=961044 | |
159 | ||
7e853a9b LP |
160 | * add an option to nspawn that uses seccomp to make socket(AF_NETLINK, |
161 | SOCK_RAW, NETLINK_AUDIT) fail the the appropriate error code that | |
162 | makes the audit userspace to think auditing is not available in the | |
163 | kernel. | |
164 | ||
d686f034 LP |
165 | * Introduce a way how we can kill the main process of a service with KillSignal, but all processes with SIGKILL later on |
166 | https://bugzilla.redhat.com/show_bug.cgi?id=952634 | |
167 | ||
19aa7c4f LP |
168 | * maybe add a warning to the unit file parses whern the acces mode of unit files is non-sensical. |
169 | ||
aa96c6cb | 170 | * investigate endianess issues of UUID vs. GUID |
e8a7a315 | 171 | |
461bd8e4 LP |
172 | * dbus: when a unit failed to load (i.e. is in UNIT_ERROR state), we |
173 | should be able to safely try another attempt when the bus call LoadUnit() is invoked. | |
174 | ||
ab8e074c LP |
175 | * if pam_systemd is invoked by su from a process that is outside of a |
176 | any session we should probably just become a NOP, since that's | |
177 | usually not a real user session but just some system code that just | |
178 | needs setuid(). | |
179 | ||
180 | * add a pam module that passes the hdd passphrase into the PAM stack and then expires it, for usage by gdm auto-login. | |
181 | ||
182 | * add a pam module that on password changes updates any LUKS slot where the password matches | |
183 | ||
b454b112 LP |
184 | * maybe add a generator that looks for "systemd.run=" on the kernel cmdline for container usercases... |
185 | ||
186 | * timedatctl, localectl: possibly make some commands work without the daemon, for chroot situations... | |
187 | ||
4a449ed7 | 188 | * logind: add Suspend() bus calls which take timestamps to fix double suspend issues when somebody hits suspend and closes laptop quickly. |
75512303 | 189 | |
4a449ed7 LP |
190 | * we need dynamic units |
191 | ||
4ff49cb6 LP |
192 | * cgtop: make cgtop useful in a container |
193 | ||
fff87a35 ZJS |
194 | * test/: |
195 | - add 'set -e' to scripts in test/ | |
196 | - make stuff in test/ work with separate output dir | |
197 | - remove all the duplicated code in test/ | |
b8b4d3dd LP |
198 | |
199 | * suppress log output on shutdown when "quiet" is used | |
200 | ||
201 | * systemctl delete x.snapshot leaves no trace in logs (at least at default level). | |
202 | ||
3df82d5a LP |
203 | * make the coredump collector tool move itself into the user's cgroup |
204 | so that the coredump is properly written to the user's own journal | |
205 | file. | |
206 | ||
b5c03638 LP |
207 | * seems that when we follow symlinks to units we prefer the symlink |
208 | destination path over /etc and /usr. We shouldn't do that. Instead | |
209 | /etc should always override /run+/usr and also any symlink | |
210 | destination. | |
211 | ||
752beb0c LP |
212 | * remove duplicate default deps logic from fstab-generator vs. mount.c |
213 | ||
eece8c6f LP |
214 | * when isolating, try to figure out a way how we implicitly can order |
215 | all units we stop before the isolating unit... | |
216 | ||
d325d9bc KS |
217 | * teach udev + logind's uaccess to somehow handle the "dead" device nodes from: |
218 | /lib/modules/$(uname -r)/modules.devname | |
219 | and apply ACLs to them if they have TAG=="uaccess" in udev rules. | |
3679d112 | 220 | |
356ce991 LP |
221 | * add ConditionArchitecture= or so |
222 | ||
223 | * teach ConditionKernelCommandLine= globs or regexes (in order to match foobar={no,0,off}) | |
224 | ||
3b953d68 JT |
225 | * Support SO_REUSEPORT with socket activation: |
226 | - Let systemd maintain a pool of servers. | |
227 | - Use for seamless upgrades, by running the new server before stopping the | |
228 | old. | |
229 | ||
09f727ee LP |
230 | * after all byte-wise realloc() is slow, even on glibc, so i guess we |
231 | need manual exponential loops after all | |
232 | ||
795607b2 LP |
233 | * BootLoaderSpec: drop allowing ext234 for $BOOT. Clarify that the |
234 | kernel has to be in $BOOT. Clarify that the boot loader should be | |
235 | installed to the ESP. Define a way how an installer can figure out | |
236 | whether a BLS compliant boot loader is installed. | |
237 | ||
795607b2 LP |
238 | * man: remove .include documentation, and instead push people to use .d/*.conf |
239 | ||
0be8342c LP |
240 | * think about requeuing jobs when daemon-reload is issued? usecase: |
241 | the initrd issues a reload after fstab from the host is accessible | |
242 | and we might want to requeue the mounts local-fs acquired through | |
243 | that automatically. | |
244 | ||
487060c2 LP |
245 | * rework specifier logic so that we can distuingish OOM errors from other errors |
246 | ||
e5ec62c5 | 247 | * systemd-inhibit: make taking delay locks useful: support sending SIGINT or SIGTERM on PrepareForSleep() |
54c31a79 | 248 | |
826872b6 LP |
249 | * journal-or-kmsg is currently broken? See reverted commit 4a01181e460686d8b4a543b1dfa7f77c9e3c5ab8. |
250 | ||
54c31a79 | 251 | * remove any syslog support from log.c -- we probably can't do this before split-off udev is gone for good |
826872b6 | 252 | |
8973790e | 253 | * documentation: recommend to connect the timer units of a service to the service via Also= in [Install] |
3679d112 LP |
254 | |
255 | * add a tool that lists active timer units plus their next elapstion and the time the units ran last | |
256 | ||
257 | * man: document the very specific env the shutdown drop-in tools live in | |
258 | ||
259 | * shutdown logging: store to EFI var, and store to USB stick? | |
260 | ||
261 | * man: extend runlevel(8) to mention that runlevels suck, and are dead. Maybe add runlevel(7) with a note about that too | |
262 | ||
263 | * systemctl: maybe add "systemctl add-wants" or so... | |
264 | ||
3679d112 LP |
265 | * man: add more examples to man pages |
266 | ||
267 | * man: maybe sort directives in man pages, and take sections from --help and apply them to man too | |
268 | ||
3679d112 LP |
269 | * write UI tool that pops up emergency messages from the journal as notification |
270 | ||
271 | * think about window-manager-run-as-user-service problem: exit 0 → activate shutdown.target; exit != 0 → restart service | |
272 | ||
273 | * msgcatalog determine default language of entries from the catalog | |
274 | file name. i.e. foobar.de_DE.catalog would set the default entry | |
275 | name for the entries to de_DE if they aren't explicitly suffixed | |
276 | individually. | |
277 | ||
cbb77121 LP |
278 | * use "log level" rather than "log priority" everywhere |
279 | ||
d01a73b6 LP |
280 | * timedate: have global on/off switches for auto-time (NTP), and auto-timezone that connman can subscribe to. |
281 | ||
990ffbe5 | 282 | * Honour "-" prefix for InaccessibleDirectories= and ReadOnlyDirectories= to |
f8aeee1f LP |
283 | suppress errors of the specified path doesn't exist |
284 | ||
285 | * dev-setup.c: when running in a container, create a tiny stub udev | |
286 | database with the systemd tag set for all network interfaces found, | |
287 | so that libudev reports them as present, and systemd's .device units | |
288 | will be activated. | |
289 | ||
356ce991 | 290 | * merge unit_kill_common() and unit_kill_context() |
490b7e47 | 291 | |
81d112a8 | 292 | * introduce ExecCondition= in services |
490b7e47 | 293 | |
b44be3ec LP |
294 | * EFI: |
295 | - fsck hookup for the ESP mount is missing | |
296 | - write man page for efi boot generator | |
b44be3ec LP |
297 | - honor language efi variables for default language selection (if there are any?) |
298 | - honor timezone efi variables for default timezone selection (if there are any?) | |
299 | - introduce bootctl (backed by systemd-bootd) to control temporary and persistent default boot goal plus efi variables | |
e4181484 | 300 | |
c0fe5db5 | 301 | * maybe do not install getty@tty1.service symlink in /etc but in /usr? |
e9fd44b7 | 302 | |
b44be3ec | 303 | * re-enable "make check" for gtk-doc (broken for unknown reason) |
e9fd44b7 | 304 | |
b44be3ec LP |
305 | * fstab: add new mount option x-systemd-after=/foobar/waldo to allow manual dependencies to other mount points |
306 | https://bugzilla.redhat.com/show_bug.cgi?id=812826 | |
3040728b | 307 | |
b44be3ec | 308 | * print a nicer explanation if people use variable/specifier expansion in ExecStart= for the first word |
8ed20651 | 309 | |
b44be3ec | 310 | * mount: turn dependency information from /proc/self/mountinfo into dependency information between systemd units. |
e6c6e7af | 311 | |
b44be3ec LP |
312 | * logind: |
313 | - logind: optionally, ignore idle-hint logic for autosuspend, block suspend as long as a session is around | |
314 | - When we update the kernel all kind of hibernation should be prohibited until shutdown/reboot | |
315 | - logind: wakelock/opportunistic suspend support | |
316 | - Add pretty name for seats in logind | |
317 | - logind: allow showing logout dialog from system? | |
318 | - logind: spawn user@..service on login | |
319 | - logind: non-local X11 server handling | |
320 | - logind: add equivalent to sd_pid_get_owner_uid() to the D-Bus API | |
b44be3ec | 321 | - pam: when leaving a session explicitly exclude the ReleaseSession() caller process from the killing spree |
eb124a97 | 322 | - logind: GetSessionByPID() should accept 0 as PID value |
e5ec62c5 | 323 | - we should probably handle SIGTERM/SIGINT to not leave dot files around, just in case |
e673ad04 | 324 | |
b44be3ec | 325 | * exec: when deinitializating a tty device fix the perms and group, too, not only when initializing. Set access mode/gid to 0620/tty. |
e673ad04 | 326 | |
b44be3ec | 327 | * DeviceAllow/DeviceDeny: disallow everything by default, but whitelist /dev/zero, /dev/null and friends |
e673ad04 | 328 | |
b44be3ec | 329 | * service: watchdog logic: for testing purposes allow ping, but do not require pong |
e673ad04 | 330 | |
b44be3ec | 331 | * journal: |
b87b8b2b KS |
332 | - do not use magic msync() in src/journal/journal-file.c, just call fsync() |
333 | <alxchk> poettering: looks like msync just calls vfs_fsync | |
334 | http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/mm/msync.c#n18 | |
c06bf414 | 335 | - import and delete pstore filesystem content at startup |
b44be3ec LP |
336 | - journald: also get thread ID from client, plus thread name |
337 | - journal: when waiting for journal additions in the client always sleep at least 1s or so, in order to minimize wakeups | |
338 | - add API to close/reopen/get fd for journal client fd in libsystemd-journal. | |
339 | - fallback to /dev/log based logging in libsystemd-journal, if we can't log natively? | |
340 | - declare the local journal protocol stable in the wiki interface chart | |
341 | - journal: reuse XZ context | |
342 | - sd-journal: speed up sd_journal_get_data() with transparent hash table in bg | |
343 | - journald: when dropping msgs due to ratelimit make sure to write | |
344 | "dropped %u messages" not only when we are about to print the next | |
345 | message that works, but alraedy after a short tiemout | |
346 | - check if we can make journalctl by default use --follow mode inside of less if called without args? | |
347 | - maybe add API to send pairs of iovecs via sd_journal_send | |
348 | - journal: when writing journal auto-rotate if time jumps backwards | |
f47ec8eb | 349 | - journal: add a setgid "systemd-journal" utility to invoke from libsystemd-journal, which passes fds via STDOUT and does PK access |
b44be3ec LP |
350 | - journactl: support negative filtering, i.e. FOOBAR!="waldo", |
351 | and !FOOBAR for events without FOOBAR. | |
352 | - journal: when rotating, copy over old acls/access mode | |
b44be3ec | 353 | - journal: send out marker messages every now and then, and immediately sync with fdatasync() afterwards, in order to have hourly guaranteed syncs. |
b44be3ec LP |
354 | - journal-send.c, log.c: when the log socket is clogged, and we drop, count this and write a message about this when it gets unclogged again. |
355 | - journal: find a way to allow dropping history early, based on priority, other rules | |
356 | - journal: When used on NFS, check payload hashes | |
b44be3ec LP |
357 | - Introduce journalctl -b <nr> to show journal messages of a previous boot |
358 | - journald: check whether it is OK if the client can still modify delivered journal entries | |
f47ec8eb | 359 | - journal live copy, based on libneon (client) and libmicrohttpd (server) |
b44be3ec LP |
360 | - journald: add kernel cmdline option to disable ratelimiting for debug purposes |
361 | - refuse taking lower-case variable names in sd_journal_send() and friends. | |
362 | - journald: we currently rotate only after MaxUse+MaxFilesize has been reached. | |
363 | - journal: deal nicely with byte-by-byte copied files, especially regards header | |
77a9e8de | 364 | - journalctl: expand tabs |
b44be3ec LP |
365 | - journal: store euid in journal if it differs from uid |
366 | - journal: sanely deal with entries which are larger than the individual file size, but where the components would fit | |
601d9d6f JT |
367 | - Replace utmp, wtmp, btmp, and lastlog completely with journal |
368 | - Port upower to use the journal for historical power information used in future calculations | |
b44be3ec LP |
369 | |
370 | * document: | |
371 | - document unit_name_mangle() | |
372 | - document that deps in [Unit] sections ignore Alias= fileds in | |
373 | [Install] units of other units, unless those units are disabled | |
374 | - man: clarify that time-sync.target is not only sysv compat but also useful otherwise. Same for similar targets | |
375 | - Document word splitting syntax for ExecStart= and friends | |
376 | - document that units from /etc override those from /usr and /run | |
377 | - document the exit codes when services fail before they are exec()ed | |
b44be3ec | 378 | - document that service reload may be implemented as service reexec |
eb124a97 | 379 | - document in wiki how to map ical recurrence events to systemd timer unit calendar specifications |
b44be3ec LP |
380 | |
381 | * systemctl: | |
382 | - systemctl list-jobs - show dependencies | |
383 | - add systemctl switch to dump transaction without executing it | |
384 | - Add a verbose mode to "systemctl start" and friends that explains what is being done or not done | |
385 | - "systemctl disable" on a static unit prints no message and does | |
386 | nothing. "systemctl enable" does nothing, and gives a bad message | |
387 | about it. Should fix both to print nice actionable messages. | |
388 | - print nice message from systemctl --failed if there are no entries shown, and hook that into ExecStartPre of rescue.service/emergency.service | |
389 | - add new command to systemctl: "systemctl system-reexec" which reexecs as many daemons as virtually possible | |
390 | - systemctl enable: improve the success messages (i.e. more human readable, less shell-like) | |
391 | - systemctl enable: fail if target to alias into doesn't exist? maybe show how many units are enabled afterwards? | |
392 | - systemctl: "Journal has been rotated since unit was started." message is misleading | |
393 | - support "systemctl stop foobar@.service" to stop all units matching a certain template | |
394 | - Something is wrong with symlink handling of "autovt@.service" in "systemctl list-unit-files" | |
8b04b925 | 395 | |
e673ad04 LP |
396 | * introduce ntp.service (or suchlike) as symlink that is used to arbitrate between various NTP implementations |
397 | ||
b44be3ec LP |
398 | * deal with sendmail/postfix exclusivity |
399 | ||
400 | * timer units: | |
401 | - configurable jitter for timer events | |
402 | - timer events with system resume | |
403 | - timer units should get the ability to trigger when: | |
404 | o CLOCK_REALTIME makes jumps (TFD_TIMER_CANCEL_ON_SET) | |
405 | o DST changes | |
eb124a97 | 406 | - Support 2012-02~4 as syntax for specifying the fourth to last day of the month. |
d2e83c23 KS |
407 | |
408 | * update the kernel's TZ (sys_tz) when DST changes | |
409 | ||
410 | * sync down the system time to the RTC when: | |
f6113d42 KS |
411 | - CLOCK_REALTIME makes jumps (the user explicitely requested a time set) |
412 | - DST/timezone changes && ntp is active && RTC-in-localtime (never do it without ntp) | |
d2e83c23 | 413 | This takes care of syncing ntpdate updates to the RTC, and DST updates for localtime |
7a43e910 | 414 | mode, it will never touch the RTC if the no reliable time source is active or the |
d2e83c23 | 415 | user did not request anything like it. |
c55b1b59 | 416 | |
6c1703cc KS |
417 | * hwdb: |
418 | - implement conditional properties (dmi matches) | |
419 | - hwdb --filter=ID_DRIVE_* | |
08f95888 | 420 | |
59704f3e LP |
421 | * if booted in "quiet" mode, and an error happens, turn on status |
422 | output again, so that the emergency mode isn't totally | |
423 | surprising. Also, terminate plymouth. | |
9ec82de1 | 424 | |
e707c494 LP |
425 | * libunwind support for coredump pattern hook, and includes this in |
426 | the message for coredumps. After all, libunwind is now capable to | |
427 | unwind coredumps since a few weeks ago. This probably requires that | |
7f873283 LP |
428 | we have nice support for multi-line messages on display in |
429 | logs-show.c. Alternatively: use libelfutil, which seems to be the | |
430 | better supported alternative. | |
e707c494 | 431 | |
e707c494 LP |
432 | * figure out relation of --all and --full in the various tools |
433 | ||
a19554ed LP |
434 | * add libsystemd-password or so to query passwords during boot using the password agent logic |
435 | ||
1cb88f2c LP |
436 | * If we show an error about a unit (such as not showing up) and it has no Description string, then show a description string generated form the reverse of unit_name_mangle(). |
437 | ||
438 | * fedup: add --unit to systemctl switch-root somehow | |
439 | * fedup: don't delete initrd on switch-root | |
440 | * fedup: generator | |
603cd8fe | 441 | |
b44be3ec | 442 | * timedated: |
b44be3ec | 443 | - timedated: refuse time changes when NTP is on |
6d0274f1 | 444 | |
a7a3f28b LP |
445 | * clean up date formatting and parsing so that all absolute/relative timestamps we format can also be parsed |
446 | ||
9b27910b LP |
447 | * introduce generic AUGMENT_PID=, AUGMENT_DEVICE= fields |
448 | ||
b44be3ec | 449 | * on shutdown: move utmp, wall, audit logic all into PID 1 (or logind?), get rid of systemd-update-utmp-runlevel |
08f95888 | 450 | |
7d8197d1 KS |
451 | * add "provisioning" instructions to setup an empty /etc + /var |
452 | - used to setup a new container from a shared /usr | |
453 | - superset of tmpfiles model | |
454 | - instructions shipped by packages and stored in /usr/lib/ | |
455 | - compose /etc/passwd and /etc/group, copy files | |
456 | - able to create uid + gid used by packages, for file ownership | |
457 | ||
9ee58bdd KS |
458 | * make repeated alt-ctrl-del presses printing a dump, or even force a reboot without |
459 | waiting for the timeout | |
dcfc4b2e | 460 | |
71ef24d0 LP |
461 | * high level net_prio setting in execution context |
462 | ||
71ef24d0 LP |
463 | * hostnamed: before returning information from /etc/machine-info.conf check the modification data and reread. Similar for localed, ... |
464 | ||
1b89884b LP |
465 | * currently x-systemd.timeout is lost in the initrd, since crypttab is copied into dracut, but fstab isn't |
466 | ||
15abdb9a | 467 | * refuse boot if /etc/machine-id is not useful (or set taint?) |
1920e37e | 468 | |
b44be3ec LP |
469 | * nspawn: |
470 | - nspawn: consider changing users for -u with su, so that NSS resolving works correctly | |
471 | - nspawn: implement personality changes a la linux32(8) | |
472 | - nspawn: --read-only is not applied recursively to submounts | |
473 | - nspawn: make use of device cgroup controller by default | |
474 | - bind mount read-only the cgroup tree higher than nspawn | |
eb124a97 LP |
475 | - nspawn: investigate whether we can support the same as LXC's |
476 | lxc.network.type=phys mode, and pass through entire network | |
477 | interfaces to the container | |
478 | - nspawn: maybe add a way to drop additional caps, in addition to add additional caps | |
479 | - nspawn: maybe explicitly reset loginuid? | |
3679d112 | 480 | - nspawn: make it work for dwalsh and shared /usr containers -- tmpfs mounts as command line parameters, selinux exec context |
b44be3ec LP |
481 | |
482 | * cryptsetup: | |
b44be3ec LP |
483 | - cryptsetup-generator: allow specification of passwords in crypttab itself |
484 | - move cryptsetup key caching into kernel keyctl? | |
485 | https://bugs.freedesktop.org/show_bug.cgi?id=54982 | |
5f1dac6b | 486 | - support rd.luks.allow-discards= kernel cmdline params in cryptsetup generator |
f8019684 | 487 | |
de34a42b LP |
488 | * move debug shell to tty6 and make sure this doesn't break the gettys on tty6 |
489 | ||
424a19f8 | 490 | * hw watchdog: optionally try to use the preset watchdog timeout instead of always overriding it |
41f9172f | 491 | https://bugs.freedesktop.org/show_bug.cgi?id=54712 |
424a19f8 LP |
492 | |
493 | * after deserializing sockets in socket.c we should reapply sockopts and things | |
494 | ||
a1cccad1 LP |
495 | * make timer units go away after they elapsed |
496 | ||
8556879e | 497 | * http://lists.freedesktop.org/archives/systemd-devel/2012-September/006502.html |
d05c556b | 498 | (network and remote-fs on shutdown) |
8556879e | 499 | |
8556879e LP |
500 | * come up with a nice way to write queue/read_ahead_kb for a block device without interfering with readahead |
501 | ||
4a30847b LP |
502 | * move PID 1 segfaults to /var/lib/systemd/coredump? |
503 | ||
5e8b2883 LP |
504 | * create /sbin/init symlinks from the build system |
505 | ||
d87be9b0 LP |
506 | * Query Paul Moore about relabelling socket fds while they are open |
507 | ||
88f89a9b LP |
508 | * system.conf should have controls for cgroups |
509 | ||
38a60d71 LP |
510 | * allow writing multiple conditions in unit files on one line |
511 | ||
d8b78264 LP |
512 | * explore multiple service instances per listening socket idea |
513 | ||
7560fffc LP |
514 | * shutdown: don't read-only mount anything when running in container |
515 | ||
68f16003 | 516 | * MountFlags=shared acts as MountFlags=slave right now. |
0790b9fe | 517 | |
5a7e9599 LP |
518 | * ReadOnlyDirectories= is not applied recursively to submounts |
519 | ||
68f16003 LP |
520 | * drop PID 1 reloading, only do reexecing (difficult: Reload() |
521 | currently is properly synchronous, Reexec() is weird, because we | |
522 | can't delay the response properly until we are back, so instead of | |
523 | being properly synchronous we just keep open the fd and close it | |
edca2e23 | 524 | when done. That means clients don't get a successful method reply, |
68f16003 | 525 | but much rather a disconnect on success. |
0790b9fe | 526 | |
5aea932f LP |
527 | * remember which condition failed for services, not just the fact that something failed |
528 | ||
918943c7 LP |
529 | * use opterr = 0 for all getopt tools |
530 | ||
fd4d89b2 LP |
531 | * properly handle loop back mounts via fstab, especially regards to fsck/passno |
532 | ||
8230e26d LP |
533 | * allow services with no ExecStart= but with an ExecStop= |
534 | ||
4d9909c9 LP |
535 | * dracut-shutdown needs to be ordered before unmounting /boot |
536 | ||
47ae7201 LP |
537 | * initialize the hostname from the fs label of /, if /etc/hostname does not exist? |
538 | ||
88a6c589 | 539 | * rename "userspace" to "core-os" |
8351ceae | 540 | |
b44be3ec LP |
541 | * syscall filter: |
542 | - syscall filter: add knowledge about compat syscalls | |
543 | - syscall filter: don't enforce no new privs? | |
544 | - syscall filter: option to return EPERM rather than SIGSYS? | |
545 | - syscall filter: port to libseccomp | |
546 | - system-wide seccomp filter | |
c66d36e5 | 547 | |
be0aa784 LP |
548 | * .device aliases need to be implemented with the "following" logic, probably. |
549 | ||
9946996c LP |
550 | * load-fragment: when loading a unit file via a chain of symlinks |
551 | verify that it isn't masked via any of the names traversed. | |
552 | ||
3471bedc LP |
553 | * introduce Type=pid-file |
554 | ||
59cea26a | 555 | * change Requires=basic.target to RequisiteOverride=basic.target |
35eb6b12 | 556 | |
5b40d337 LP |
557 | * when breaking cycles drop sysv services first, then services from /run, then from /etc, then from /usr |
558 | ||
b86fa936 LP |
559 | * move passno parsing to fstab generator |
560 | ||
d3a3f222 KS |
561 | * automount: implement expire: |
562 | - set superblock timeout AUTOFS_DEV_IOCTL_TIMEOUT_CMD | |
563 | - periodically run AUTOFS_DEV_IOCTL_EXPIRE_CMD | |
564 | - every timeout/4 (original autofs logic) | |
565 | - blocking, needs a thread | |
566 | - run until -EAGAIN | |
567 | - receive expire packet on pipe if kernel tells the timeout is over | |
568 | - call umount | |
569 | - answer expire packet on pipe with AUTOFS_DEV_IOCTL_{READY,FAIL}_CMD | |
570 | - AUTOFS_DEV_IOCTL_EXPIRE_CMD returns | |
465349c0 | 571 | |
06dab8e1 LP |
572 | * services which create their own subcgroups break cgroup-empty notification (needs to be fixed in the kernel) |
573 | ||
e01a15b7 | 574 | * ExecOnFailure=/usr/bin/foo |
a888b352 | 575 | |
abd55b16 | 576 | * udev: |
3f60bcb5 | 577 | - remove src/udev/udev-builtin-firmware.c (CONFIG_FW_LOADER_USER_HELPER=n) |
abd55b16 KS |
578 | - move to LGPL |
579 | - unify utf8 validator code with shared/ | |
580 | - kill scsi_id | |
581 | - add trigger --subsystem-match=usb/usb_device device | |
b8217b7b | 582 | |
18b754d3 | 583 | * cleanup syslog 'priority' vs. 'level' wording |
068665b6 | 584 | |
169c4f65 LP |
585 | * when a service has the same env var set twice we actually store it twice and return that in systemctl show -p... We should only show the last setting |
586 | ||
bd08f242 LP |
587 | * support container_ttys= |
588 | ||
fb0864e7 LP |
589 | * introduce mix of BindTo and Requisite |
590 | ||
9586cdfa LP |
591 | * add DeleteSocketsOnStop=yes|no option to socket units |
592 | ||
7f110ff9 LP |
593 | * There's currently no way to cancel fsck (used to be possible via C-c or c on the console) |
594 | ||
d0e5a333 LP |
595 | * add option to sockets to avoid activation. Instead just drop packets/connections, see http://cyberelk.net/tim/2012/02/15/portreserve-systemd-solution/ |
596 | ||
d0e5a333 LP |
597 | * default unix qlen is too small (10). bump sysctl? add sockopt? |
598 | ||
87a8baa3 LP |
599 | * save coredump in Windows/Mozilla minidump format |
600 | ||
601 | * support crash reporting operation modes (https://live.gnome.org/GnomeOS/Design/Whiteboards/ProblemReporting) | |
602 | ||
5ba081b0 LP |
603 | * clean up session cgroups that remain after logout (think sshd), but eventually run empty |
604 | ||
4cbd9ecf LP |
605 | * when an instanced service exits, remove its parent cgroup too if possible. |
606 | ||
65c0cf71 LP |
607 | * default to actual 32bit PIDs, via /proc/sys/kernel/pid_max |
608 | ||
f957632b KS |
609 | * be able to specify a forced restart of service A where service B depends on, in case B |
610 | needs to be auto-respawned? | |
611 | ||
ad740100 LP |
612 | * when a bus name of a service disappears from the bus make sure to queue further activation requests |
613 | ||
de6c78f8 | 614 | * tmpfiles: apply "x" on "D" too (see patch from William Douglas) |
7d441ddb | 615 | |
b44be3ec | 616 | * for services: don't set $HOME in services unless requested |
14e639ae | 617 | |
ff01d048 LP |
618 | * hide PAM/TCPWrap options in fragment parser when compile time disabled |
619 | ||
d3c7d7dd | 620 | * when we automatically restart a service, ensure we restart its rdeps, too. |
72b9ed82 | 621 | |
1d6702e8 LP |
622 | * allow Type=simple with PIDFile= |
623 | https://bugzilla.redhat.com/show_bug.cgi?id=723942 | |
624 | ||
71092d70 LP |
625 | * move PAM code into its own binary |
626 | ||
1258097c LP |
627 | * implement Register= switch in .socket units to enable registration |
628 | in Avahi, RPC and other socket registration services. | |
629 | ||
a4c279f8 LP |
630 | * make sure systemd-ask-password-wall does not shutdown systemd-ask-password-console too early |
631 | ||
7c697168 | 632 | * support sd_notify() style notification when reload begins (RELOADING=1), reload is finished (READY=1), and add ReloadSignal= then to use in combination |
253ee27a | 633 | |
71092d70 | 634 | * support sd_notify() style notification when shutting down, to make auto-exit bus services work (STOPPING=1) |
8d0e38a2 | 635 | |
f28f1daf LP |
636 | * verify that the AF_UNIX sockets of a service in the fs still exist |
637 | when we start a service in order to avoid confusion when a user | |
638 | assumes starting a service is enough to make it accessible | |
639 | ||
88a07670 LP |
640 | * Make it possible to set the keymap independently from the font on |
641 | the kernel cmdline. Right now setting one resets also the other. | |
642 | ||
71092d70 | 643 | * and a dbus call to generate target from current state |
916abb21 | 644 | |
b44be3ec LP |
645 | * readahead: |
646 | - drop /.readahead on bigger upgrades with yum | |
647 | - move readahead files into /var (look for them with .path units?) | |
648 | - readahead: use BTRFS_IOC_DEFRAG_RANGE instead of BTRFS_IOC_DEFRAG ioctl, with START_IO | |
649 | - readahead: when bumping /sys readahead variable save mtime and compare later to detect changes | |
650 | - readahead: make use of EXT4_IOC_MOVE_EXT, as used by http://e4rat.sourceforge.net/ | |
b23de6af | 651 | |
21bdae12 LP |
652 | * add support for /bin/mount -s |
653 | ||
9534ce54 LP |
654 | * GC unreferenced jobs (such as .device jobs) |
655 | ||
68c7d001 | 656 | * write blog stories about: |
796b06c2 | 657 | - hwdb: what belongs into it, lsusb |
68c7d001 LP |
658 | - enabling dbus services |
659 | - status update | |
7a2a0b90 | 660 | - how to make changes to sysctl and sysfs attributes |
253ee27a | 661 | - remote access |
5d0fcd7c LP |
662 | - how to pass throw-away units to systemd, or dynamically change properties of existing units |
663 | - how to integrate cgconfig and suchlike with systemd | |
8bbabc44 | 664 | - testing with Harald's awesome test kit |
f530371f | 665 | - auto-restart |
e707c494 | 666 | - how to develop against journal browsing APIs |
a19554ed | 667 | - the journal HTTP iface |
a73d88fa | 668 | - non-cgroup resource management |
a74a8793 | 669 | - dynamic resource management with cgroups |
3040728b | 670 | - refreshed, longer missions statement |
3679d112 LP |
671 | - calendar time events |
672 | - init=/bin/sh vs. "emergency" mode, vs. "rescue" mode, vs. "multi-user" mode, vs. "graphical" mode, and the debug shell | |
673 | - how to create your own target | |
674 | - instantiated apache, dovecot and so on | |
675 | - hooking a script into various stages of shutdown/rearly booot | |
73090dc8 | 676 | |
44143309 | 677 | * allow port=0 in .socket units |
3d57c6ab | 678 | |
71092d70 | 679 | * support systemd.mask= on the kernel command line. |
3f7a8c4e | 680 | |
260abb78 | 681 | * recreate systemd's D-Bus private socket file on SIGUSR2 |
2791a8f8 | 682 | |
a8f11321 LP |
683 | * Support --test based on current system state |
684 | ||
21bdae12 LP |
685 | * investigate whether the gnome pty helper should be moved into systemd, to provide cgroup support. |
686 | ||
c32e0c40 LP |
687 | * maybe introduce ExecRestartPre= |
688 | ||
59fee421 LP |
689 | * dot output for --test showing the 'initial transaction' |
690 | ||
129126f3 | 691 | * port over to LISTEN_FDS/LISTEN_PID: |
7d9e57d2 KS |
692 | - rpcbind (/var/run/rpcbind.sock!) HAVEPATCH |
693 | - cups HAVEPATCH | |
a625ac1a | 694 | - postfix, saslauthd |
a625ac1a LP |
695 | - apache/samba |
696 | - libvirtd (/var/run/libvirt/libvirt-sock-ro) | |
697 | - bluetoothd (/var/run/sdp! @/org/bluez/audio!) | |
a625ac1a LP |
698 | - distccd |
699 | ||
71092d70 | 700 | * fingerprint.target, wireless.target, gps.target, netdevice.target |
246756ca | 701 | |
50f2a90d | 702 | * io priority during initialization |
8fe914ec | 703 | |
9534ce54 LP |
704 | * drop cap bounding set in readahead and other services |
705 | ||
7ba97195 | 706 | * systemd-python: |
7ba97195 ZJS |
707 | - figure out a simple way to wait for journal events in a way that |
708 | works with ^C | |
b04c8c83 | 709 | - add documentation to systemd.daemon |
7ba97195 | 710 | |
8973790e LP |
711 | * bootchart: |
712 | - plot per-process IO utilization | |
713 | - group processes based on service association (cgroups) | |
714 | - document initcall_debug | |
8973790e LP |
715 | - kernel cmdline "bootchart" option for simplicity? |
716 | ||
2f8cd170 | 717 | External: |
74fe1fe3 | 718 | |
cc9784c6 | 719 | * dbus: |
cc9784c6 | 720 | - dbus --user |
3377af3e | 721 | - natively watch for dbus-*.service symlinks (PENDING) |
cc9784c6 LP |
722 | - allow specification of socket mode/umask when allocating DBusServer |
723 | - allow disabling of fd passing when connecting a AF_UNIX connection | |
3377af3e | 724 | - allow disabling of UID passing for AUTH EXTERNAL |
b69d29ce | 725 | - always pass cred data along each message |
b44be3ec | 726 | - teach dbus to activate all services it finds in /etc/systemd/services/org-*.service |
cc9784c6 | 727 | |
71092d70 LP |
728 | * fix alsa mixer restore to not print error when no config is stored |
729 | ||
74fe1fe3 LP |
730 | * make cryptsetup lower --iter-time |
731 | ||
9096ad36 | 732 | * patch kernel for xattr support in /dev, /proc/, /sys? |
06ae4bfe | 733 | |
69b1c674 KS |
734 | * NTP: the kernel's 11-minutes-mode syncs the system time to the RTC, but only |
735 | in an ~30 minutes window. It does not adjust larger differences. Find a way | |
736 | to tell the kernel, to always do a full time sync when the RTC is in UTC and | |
737 | we are in 11-minutes-mode. When we trust the system time to NTP we also want | |
738 | the RTC to sync up. | |
739 | ||
71092d70 | 740 | * kernel: add device_type = "fb", "fbcon" to class "graphics" |
14bd37fe | 741 | |
8973790e LP |
742 | * drop accountsservice's StandardOutput=syslog and Type=dbus fields |
743 | ||
744 | * dbus upstream still refers to dbus.target and shouldn't | |
745 | ||
746 | * dbus: in fedora, make /var/lib/dbus/machine-id a symlink to /etc/machine-id | |
747 | ||
748 | * add "# export SYSTEMD_PAGER=" to bash login | |
749 | ||
750 | * /usr/bin/service should actually show the new command line | |
751 | ||
d2bbca68 | 752 | * fedora: suggest auto-restart on failure, but not on success and not on coredump. also, ask people to think about changing the start limit logic. Also point people to RestartPreventExitStatus=, SuccessExitStatus= |
8973790e LP |
753 | |
754 | * fedora: F20: go timer units all the way, leave cron.daily for cron | |
755 | ||
756 | * neither pkexec nor sudo initialize environ[] from the PAM environment? | |
b1ce67bf | 757 | |
4641a16b | 758 | * fedora: update policy to declare access mode and ownership of unit files to root:root 0644, and add an rpmlint check for it |
19aa7c4f | 759 | |
129126f3 | 760 | Regularly: |
874aa2cc | 761 | |
129126f3 | 762 | * look for close() vs. close_nointr() vs. close_nointr_nofail() |
5021be21 | 763 | |
129126f3 | 764 | * check for strerror(r) instead of strerror(-r) |
5b6319dc LP |
765 | |
766 | * Use PR_SET_PROCTITLE_AREA if it becomes available in the kernel | |
8c6db833 | 767 | |
14212119 | 768 | * %m in printf() instead of strerror(errno); |
444a79d3 LP |
769 | |
770 | * pahole | |
771 | ||
71092d70 | 772 | * set_put(), hashmap_put() return values check. i.e. == 0 doesn't free()! |
a3a3e5b6 | 773 | |
4db17f29 | 774 | * use secure_getenv() instead of getenv() where appropriate |
88fae6e0 | 775 | |
d05c556b ZJS |
776 | * link up selected blog stories from man pages and unit files Documentation= fields |
777 | ||
9e5f3dbb | 778 | Scheduled for removal or fixing: |
a3a3e5b6 | 779 | |
9e5f3dbb | 780 | * xxxOverridable dependencies (probably: fix) |