Features:
+* homed: permit multiple private keys to be used locally, and pick the right
+ one for signing records automatically depending on a pre-existing signature
+
+* homed: add a way to "adopt" a home directory, i.e. strip foreign signatures
+ and insert a local signature instead.
+
+* busctl: maybe expose a verb "ping" for pinging a dbus service to see if it
+ exists and responds.
+
* homed: add homed.conf setting DefaultStorage= or so
* homed: maybe pre-create ~/.cache as subvol so that it can have separate quota
thus allows defining OS images which can be A/B updated and we default to the
newest version automatically, both in nspawn and in sd-boot
-* drop sd_bus_message_set_priority() from sd-bus API and documentation as much
- as we can, it's a kdbus left-over and unlikely to come back on AF_UNIX, since
- it's not really implementable there.
-
* cryptsetup/homed: also support FIDO2 HMAC password logic for unlocking
devices. (see: https://github.com/mjec/fido2-hmac-secret)
* by default, in systemd --user service bump the OOMAdjust to 100, as privs
allow so that systemd survives
-* honour specifiers in unit files that resolve to some very basic
- /etc/os-release data, such as ID, VERSION_ID, BUILD_ID, VARIANT_ID.
-
* cryptsetup: allow encoding key directly in /etc/crypttab, maybe with a
"base64:" prefix. Useful in particular for pkcs11 mode.
* userdb: allow username prefix searches in varlink API, allow realname and
realname substr searches in varlink API
+* userdb: allow uid/gid range checks
+
* userdb: allow existence checks
* pid: activation by journal search expression
- rollback when resize fails mid-operation
- GNOME's side for forget key on suspend (requires rework so that lock screen runs outside of uid)
- resize on login?
- - fstrim on logout?
- shrink fs on logout?
- update LUKS password on login if we find there's a password that unlocks the JSON record but not the LUKS device.
- create on activate?