* install: include generator dirs in unit file search paths
-* invent a better systemd-run scheme for naming scopes, that works with remoting
-
* rework C11 utf8.[ch] to use char32_t instead of uint32_t when referring
to unicode chars, to make things more expressive.
* Rework systemctl's GetAll property parsing to use the generic bus_map_all_properties() API
-* core/cgroup: support net_cls modules, and support automatically allocating class ids, then add support for making firewall changes depending on it, to implement a per-service firewall
+* implement a per-service firewall based on net_cls
* Port various tools to make use of verbs.[ch], where applicable
* maybe provide an API to allow migration of foreign PIDs into existing scopes.
-* maybe support a new very "soft" reboot mode, that simply kills all processes, disassembles everything, flushes /run and sysvipc, and then reexecs systemd again
-
* man: maybe use the word "inspect" rather than "introspect"?
* systemctl: if some operation fails, show log output?
we always process them before we process client requests
- DNSSEC
- add display of private key types (http://tools.ietf.org/html/rfc4034#appendix-A.1.1)?
- - DNS
- - search paths
+ - synthesize negative cache entries from NSEC/NSEC3 and drop explicit negative caching of authenticated answers
- mDNS/DNS-SD
+ - mDNS RR resolving
+ - service registration
+ - service/domain/types browsing
- avahi compat
- DNS-SD service registration from socket units
- - edns0
- - dname: Not necessary for plain DNS as synthesized cname is handed out instead if we do not
- announce dname support. However, for DNSSEC it is necessary as the synthesized cname
- will not be signed.
- - cname on PTR (?)
- resolved should optionally register additional per-interface LLMNR
names, so that for the container case we can establish the same name
(maybe "host") for referencing the server, everywhere.
+ - add API so NM can push DNS server info into resolved
* refcounting in sd-resolve is borked
* generator that automatically discovers btrfs subvolumes, identifies their purpose based on some xattr on them.
-* timer units: actually add extra delays to timer units with high AccuracySec values, don't start them already when we are awake...
-
* a way for container managers to turn off getty starting via $container_headless= or so...
* figure out a nice way how we can let the admin know what child/sibling unit causes cgroup membership for a specific unit
removed or added to an existing machine
- "machinectl migrate" or similar to copy a container from or to a
difference host, via ssh
- - man: document how update dkr images works with machinectl
- http://lists.freedesktop.org/archives/systemd-devel/2015-February/028630.html
- introduce systemd-nspawn-ephemeral@.service, and hook it into
"machinectl start" with a new --ephemeral switch
- "machinectl status" should also show internal logs of the container in
shell in it, and marks it read-only after use
* importd:
- - dkr: support tarsum checksum verification, if it becomes reality one day...
- - dkr: convert json bits to nspawn configuration
- generate a nice warning if mkfs.btrfs is missing
* cryptsetup:
- Support --test based on current system state
- If we show an error about a unit (such as not showing up) and it has no Description string, then show a description string generated form the reverse of unit_name_mangle().
- after deserializing sockets in socket.c we should reapply sockopts and things
- - make timer units go away after they elapsed
- drop PID 1 reloading, only do reexecing (difficult: Reload()
currently is properly synchronous, Reexec() is weird, because we
cannot delay the response properly until we are back, so instead of