* Fedora: add an rpmlint check that verifies that all unit files in the RPM are listed in %systemd_post macros.
-* wiki: update journal format documentation for lz4 additions
-
Janitorial Clean-ups:
* Rearrange tests so that the various test-xyz.c match a specific src/basic/xyz.c again
* add --copy-from and --copy-to command to systemd-dissect which copies stuff
in and out of a disk image
-* add systemd.random_seed= on the kernel cmdline, taking some hex or base64
- encoded data. During earliest boot, credit it to entropy. This is not useful
- for general purpose systems, but certainly for testing environments in VMs
- and such, as it allows us to boot up instantly with fully initialized entropy
- pool even if RNG pass-thru is not available.
-
* Support ProtectProc= or so, using: https://patchwork.kernel.org/cover/11310197/
* if /usr/bin/swapoff fails due to OOM, log a friendly explanatory message about it
+* add loud warning to the logs (with catalog entry) if systemd-udev-settle is
+ pulled into the boot process
+
* build short web pages out of each catalog entry, build them along with man
pages, and include hyperlinks to them in the journal output
so that the client side can remain entirely unprivileged, with SUID or
anything like that.
+* journald: do journal file writing out-of-process, with one writer process per
+ client UID, so that synthetic hash table collisions can slow down a specific
+ user's journal stream down but not the others.
+
* add "throttling" to sd-event event sources: optionally, when we wake up too
often for one, let's turn it off entirely for a while. Use that for the
/proc/self/mountinfo logic.
* nspawn: support time namespaces
+* systemd-firstboot: make sure to always use chase_symlinks() before
+ reading/writing files
+
* add ConditionSecurity=tpm2
* Remove any support for booting without /usr pre-mounted in the initrd entirely.
this, it's useful to have one that can dump contents of them, too.
* All tools that support --root= should also learn --image= so that they can
- operate on disk images directly. Specifically: bootctl, firstboot, tmpfiles,
- sysusers, systemctl, repart, journalctl, coredumpctl.
+ operate on disk images directly. Specifically: bootctl, tmpfiles, sysusers,
+ systemctl, repart, journalctl, coredumpctl. (Already done: systemd-nspawn,
+ systemd-firstboot)
* seccomp: by default mask x32 ABI system wide on x86-64. it's on its way out
* homed: support new FS_IOC_ADD_ENCRYPTION_KEY ioctl for setting up fscrypt
-* busctl: maybe expose a verb "ping" for pinging a dbus service to see if it
- exists and responds.
-
* homed: maybe pre-create ~/.cache as subvol so that it can have separate quota
easily?
+* busctl: maybe expose a verb "ping" for pinging a dbus service to see if it
+ exists and responds.
+
* when systemd-nspawn and suchlike dissect an OS image, and there are multiple
root partitions, do an strverscmp() on the partition label and boot
first. That is inspired how sd-boot figures out which kernel to boot, and
thus allows defining OS images which can be A/B updated and we default to the
newest version automatically, both in nspawn and in sd-boot
-* cryptsetup/homed: also support FIDO2 HMAC password logic for unlocking
- devices. (see: https://github.com/mjec/fido2-hmac-secret)
+* cryptsetup: support FIDO2 tokens for deriving keys (i.e. do what homed can do
+ also in plain cryptsetup)
* systemd-gpt-auto should probably set x-systemd.growfs on the mounts it
creates
- teach it to copy in unified kernel images and maybe type #1 boot loader spec entries from host
- make it operate on loopback files, dissecting enough to find ESP to operate on
+* Maybe add a separate GPT partition type to the discoverable partition spec
+ for "hibernate" partitions, that are exactly like swap partitions but only
+ activated right before hibernation and thus never used for regular swapping.
+
* by default, in systemd --user service bump the OOMAdjust to 100, as privs
allow so that systemd survives
end), in order to maximize dd'ability. Requires libfdisk work, see
https://github.com/karelzak/util-linux/issues/907
-* systemd-repart: optionally, allow specifying a path to initialize new
- partitions from, i.e. an fs image file or a source device node. This would
- then turn systemd-repart into a simple installer: with a few .repart files
- you could replicate the host system on another device. a full installer would
- then be: "systemd-repart /dev/sda && bootctl install /dev/sda &&
- systemd-firstboot --image= …"
-
* systemd-repart: MBR partition table support. Care needs to be taken regarding
Type=, so that partition definitions can sanely apply to both the GPT and the
MBR case. Idea: accept syntax "Type=gpt:home mbr:0x83" for setting the types
* systemd-repart: allow managing the gpt read-only partition flag + auto-mount flag
+* systemd-repart: allow boolean option that ensures that if existing partition
+ doesn't exist within the configured size bounds the whole command fails. This
+ is useful to implement ESP vs. XBOOTLDR schemes in installers: have one set
+ of repart files for the case where ESP is large enough and one where it isn't
+ and XBOOTLDR is added in instead. Then apply the former first, and if it
+ fails to apply use the latter.
+
+* systemd-repart: add per-partition option to never reuse existing partition
+ and always create anew even if matching partition already exists.
+
+* systemd-repart: add per-partition option to fail if partition already exist,
+ i.e. is not added new. Similar, add option to fail if partition does not exist yet.
+
+* systemd-repart: add --size=auto for generating/resizing images of minimal
+ size, i.e. where the image file is sized exactly as large as necessary taking
+ SizeMin= into account, but not a single byte larger.
+
* systemd-repart: allow disabling growing of specific partitions, or making
them (think ESP: we don't ever want to grow it, since we cannot resize vfat)
-* systemd-repart: add specifier expansion, add especifier that refers to root
- device node of current system, /usr device node, and matching verity, so that
- an installer can be made a "copy" installer of the booted OS
-
* systemd-repart: make it a static checker during early boot for existence and
absence of other partitions for trusted boot environments
-* systemd-repart: allow config of partition uuid
-
* userdb: allow username prefix searches in varlink API, allow realname and
realname substr searches in varlink API
beefing up logind to make pam session close hook synchronous and wait until
systemd --user is shut down.
- logind: maybe keep a "busy fd" as long as there's a non-released session around or the user@.service
- - maybe make automatic, read-only, time-based reflink-copies of LUKS disk images (think: time machine)
+ - maybe make automatic, read-only, time-based reflink-copies of LUKS disk
+ images (and btrfs snapshots of subvolumes) (think: time machine)
- distinguish destroy / remove (i.e. currently we can unregister a user, unregister+remove their home directory, but not just remove their home directory)
- in systemd's PAMName= logic: query passwords with ssh-askpassword, so that we can make "loginctl set-linger" mode work
- fingerprint authentication, pattern authentication, …
- make slice for users configurable (requires logind rework)
- logind: populate auto-login list bus property from PKCS#11 token
- when determining state of a LUKS home directory, check DM suspended sysfs file
+ - introduce API for "making room", that grows/shrinks home directory
+ according to elastic parameters, discards blocks, and removes additional snapshots. Call it
+ either from UI when disk space gets low
* introduce a new per-process uuid, similar to the boot id, the machine id, the
invocation id, that is derived from process creds, specifically a hashed