Features:
+* make use of the new statx mountid and rootmount fields in path_get_mnt_id()
+ and fd_is_mount_point()
+
+* nspawn: move "incoming mount" directory to /run/host, move "inaccessible"
+ nodes to /run/host, move notify socket (for sd_notify() between payload and
+ container manager)
+
+* make use of new glibc 2.32 APIs sigabbrev_np() and strerrorname_np().
+
+* cryptsetup: if keyfile specified in crypttab is AF_UNIX socket, connect to it
+ and read from it (like we do elsewhere with READ_FULL_FILE_CONNECT_SOCKET)
+
+* when main nspawn supervisor process gets suspended due to SIGSTOP/SIGTTOU or
+ so, freeze the payload too.
+
+* repart: support setting up dm-integrity with HMAC
+
+* add /etc/integritytab, to support dm-integrity setups. In particular those
+ with HMAC as hash function, so that we can have a protected /home without
+ encryption (leaving encryption to the individual dirs/homed).
+
+* complement root=, rootflags=, rootfstype= with rootsubdir= which allows
+ mounting a subdir of the root fs as actual root. This can be used as
+ fstype-agnostic version of btrfs' rootflags=subvol=foobar.
+
* add --copy-from and --copy-to command to systemd-dissect which copies stuff
in and out of a disk image
* if /usr/bin/swapoff fails due to OOM, log a friendly explanatory message about it
-* add loud warning to the logs (with catalog entry) if systemd-udev-settle is
- pulled into the boot process
-
* build short web pages out of each catalog entry, build them along with man
pages, and include hyperlinks to them in the journal output
* nspawn: support time namespaces
+* systemd-firstboot: make sure to always use chase_symlinks() before
+ reading/writing files
+
* add ConditionSecurity=tpm2
* Remove any support for booting without /usr pre-mounted in the initrd entirely.
* make us use dynamically fewer deps for containers in general purpose distros:
o turn into dlopen() deps:
- - pcre2 (always) — irrelevant on Fedora, since dep by
- libselinux, but should benefit Debian
- libpwquality (always) - only relevant for homed, and maybe soon
firstboot
- elfutils (always)
this, it's useful to have one that can dump contents of them, too.
* All tools that support --root= should also learn --image= so that they can
- operate on disk images directly. Specifically: bootctl, firstboot, tmpfiles,
- sysusers, systemctl, repart, journalctl, coredumpctl.
+ operate on disk images directly. Specifically: bootctl, systemctl,
+ coredumpctl. (Already done: systemd-nspawn, systemd-firstboot,
+ systemd-repart, systemd-tmpfiles, systemd-sysusers, journalctl)
* seccomp: by default mask x32 ABI system wide on x86-64. it's on its way out
* homed: support new FS_IOC_ADD_ENCRYPTION_KEY ioctl for setting up fscrypt
-* busctl: maybe expose a verb "ping" for pinging a dbus service to see if it
- exists and responds.
-
* homed: maybe pre-create ~/.cache as subvol so that it can have separate quota
easily?
+* busctl: maybe expose a verb "ping" for pinging a dbus service to see if it
+ exists and responds.
+
* when systemd-nspawn and suchlike dissect an OS image, and there are multiple
root partitions, do an strverscmp() on the partition label and boot
first. That is inspired how sd-boot figures out which kernel to boot, and
right) become genuine first class citizens, and we gain automatic, sane JSON
output for them.
-* systemd-firstboot: teach it dissector magic, so that you can point it to some
- disk image and it will just set everything in it all behind the scenes.
-
* We should probably replace /var/log/README, /etc/rc.d/README with symlinks
that are linked to these places instead of copied. After all they are
constant vendor data.
* homed:
- when user tries to log into record signed by unrecognized key, automatically add key to our chain after polkit auth
- - hook up machined/nspawn users with a varlink user query interface
- rollback when resize fails mid-operation
- GNOME's side for forget key on suspend (requires rework so that lock screen runs outside of uid)
- resize on login?
beefing up logind to make pam session close hook synchronous and wait until
systemd --user is shut down.
- logind: maybe keep a "busy fd" as long as there's a non-released session around or the user@.service
- - maybe make automatic, read-only, time-based reflink-copies of LUKS disk images (think: time machine)
+ - maybe make automatic, read-only, time-based reflink-copies of LUKS disk
+ images (and btrfs snapshots of subvolumes) (think: time machine)
- distinguish destroy / remove (i.e. currently we can unregister a user, unregister+remove their home directory, but not just remove their home directory)
- in systemd's PAMName= logic: query passwords with ssh-askpassword, so that we can make "loginctl set-linger" mode work
- fingerprint authentication, pattern authentication, …
- make sure "classic" user records can also be managed by homed
- - description field for groups
- make size of $XDG_RUNTIME_DIR configurable in user record
- reuse pwquality magic in firstboot
- query password from kernel keyring first
- make slice for users configurable (requires logind rework)
- logind: populate auto-login list bus property from PKCS#11 token
- when determining state of a LUKS home directory, check DM suspended sysfs file
+ - introduce API for "making room", that grows/shrinks home directory
+ according to elastic parameters, discards blocks, and removes additional snapshots. Call it
+ either from UI when disk space gets low
* introduce a new per-process uuid, similar to the boot id, the machine id, the
invocation id, that is derived from process creds, specifically a hashed
- allow multiple signal handlers per signal?
- document chaining of signal handler for SIGCHLD and child handlers
- define more intervals where we will shift wakeup intervals around in, 1h, 6h, 24h, ...
+ - maybe support iouring as backend, so that we allow hooking read and write
+ operations instead of IO ready events into event loops. See considerations
+ here:
+ http://blog.vmsplice.net/2020/07/rethinking-event-loop-integration-for.html
* investigate endianness issues of UUID vs. GUID
- journal: add a setgid "systemd-journal" utility to invoke from libsystemd-journal, which passes fds via STDOUT and does PK access
- journactl: support negative filtering, i.e. FOOBAR!="waldo",
and !FOOBAR for events without FOOBAR.
- - journal: store timestamp of journal_file_set_offline() int he header,
+ - journal: store timestamp of journal_file_set_offline() in the header,
so it is possible to display when the file was last synced.
- journal-send.c, log.c: when the log socket is clogged, and we drop, count this and write a message about this when it gets unclogged again.
- journal: find a way to allow dropping history early, based on priority, other rules
them via machined, and also watch containers coming and going.
Benefit: nspawn --ephemeral would start working nicely with the journal.
- assign MESSAGE_ID to log messages about failed services
+ - check if loop in decompress_blob_xz() is necessary
* add a test if all entries in the catalog are properly formatted.
(Adding dashes in a catalog entry currently results in the catalog entry
- document systemd-journal-flush.service properly
- documentation: recommend to connect the timer units of a service to the service via Also= in [Install]
- man: document the very specific env the shutdown drop-in tools live in
- - man: add more examples to man pages
+ - man: add more examples to man pages,
+ - in particular an example how to do the equivalent of switching runlevels
- man: maybe sort directives in man pages, and take sections from --help and apply them to man too
- document root=gpt-auto properly
projects / thirdparty / systemd.git / blobdiff