Features:
+* maybe rework get_user_creds() to query the user database if $SHELL is used
+ for root, but only then.
+
+* there should be path_hash_ops and we should use it in tmpfiles' hashmap object to deal with identical but differently spelt paths
+
+* be stricter with fds we receive for the fdstore: close them asynchronously
+
+* calenderspec: add support for week numbers and day numbers within a
+ year. This would allow us to define "bi-weekly" triggers safely.
+
+* add support for recursive bpf firewalling as supported by the newest kernel
+
+* add bpf-based implementation of devices cgroup controller logic for compat with cgroupsv2 as supported by newest kernel
+
+* introduce sd_id128_get_boot_app_specific() which is like
+ sd_id128_get_machine_app_specific(). After all on long-running systems both
+ IDs have similar properties.
+
+* emulate properties of the root cgroup on controllers that don't support such
+ properties natively on cpu/io/memory, the way we already do it for
+ "pids". Also, add the same logic to cgtop.
+
+* set TasksAccounting=1 on the root slice if we are running on the root cgroup,
+ and similar for the others, as soon as we emulate them properly. After all,
+ Linux keeps these system-wide stats anyway, and it costs nothing to expose
+ them.
+
+* sd-bus: add vtable flag, that may be used to request client creds implicitly
+ and asynchronously before dispatching the operation
+
+* implement transient socket unit.
+
* make use of ethtool veth peer info in machined, for automatically finding out
host-side interface pointing to the container.
systemd-journald writes to /var/log/journal, which could be useful when we
doing disk usage calculations and so on.
-* taint systemd if the overflowuid/overflowgid is not 65534, and if there are
- fewer than 65536 users assigned to the system.
+* taint systemd if there are fewer than 65536 users assigned to the system.
* deprecate PermissionsStartOnly= and RootDirectoryStartOnly= in favour of the ExecStart= prefix chars
the runtime dir as we maintain for the fdstore: i.e. keep it around as long
as the unit is running or has a job queued.
-* hook up sd-bus' creds stuff with SO_PEERGROUPS
-
-* add async version of sd_bus_add_match and make use of that
-
* support projid-based quota in machinectl for containers, and then drop
implicit btrfs loopback magic in machined
-* let's log the "tainted" string at boot
-
* Add NetworkNamespacePath= to specify a path to a network namespace
* maybe use SOURCE_DATE_EPOCH (i.e. the env var the reproducible builds folks
* expose IO accounting data on the bus, show it in systemd-run --wait and log
about it in the resource log message
-* rework unbase64 code to drop whitespace automatically, so that we don't have
- to drop it first.
-
* add "systemctl purge" for flushing out configuration, state, logs, ... of a
unit when it is stopped
O_NONBLOCK on it. That way people can control if and when to block for
logging.
-* tighten sd_notify() MAINPID= checks a bit: don't accept foreign PIDs (i.e.
- PIDs not managed by the service manager)
-
* hostnamed: populate form factor data from a new hwdb database, so that old
yogas can be recognized as "convertible" too, even if they predate the DMI
"convertible" form factor
"systemd-gdb" for attaching to the start-up of any system service in its
natural habitat.
-* replace all canonicalize_file_name() invocations by chase_symlinks(), in
- particulr those where a rootdir is relevant.
-
* maybe introduce gpt auto discovery for /var/tmp?
* maybe add gpt-partition-based user management: each user gets his own
partition, that is mounted to / and is writable, and where the actual root's
/usr is mounted into.
-* .mount and .swap units: add Format=yes|no option that formats the partition before mounting/enabling it, implicitly
-
* gpt-auto logic: support encrypted swap, add kernel cmdline option to force it, and honour a gpt bit about it, plus maybe a configuration file
* drop nss-myhostname in favour of nss-resolve?
* docs: bring http://www.freedesktop.org/wiki/Software/systemd/MyServiceCantGetRealtime up to date
-* mounting and unmounting mount points manually with different source
- devices will result in collected on all devices used.
- http://lists.freedesktop.org/archives/systemd-devel/2015-April/030225.html
-
* add a job mode that will fail if a transaction would mean stopping
running units. Use this in timedated to manage the NTP service
state.
* Rework systemctl's GetAll property parsing to use the generic bus_map_all_properties() API
* Port various tools to make use of verbs.[ch], where applicable: busctl,
- coredumpctl, hostnamectl, localectl, systemd-analyze, timedatectl
+ coredumpctl, hostnamectl, localectl, timedatectl
* hostnamectl: show root image uuid
* figure out a nice way how we can let the admin know what child/sibling unit causes cgroup membership for a specific unit
-* mount_cgroup_controllers(): symlinks need to get the label applied
-
* For timer units: add some mechanisms so that timer units that trigger immediately on boot do not have the services
they run added to the initial transaction and thus confuse Type=idle.
- see if we can introduce a new sd_bus_get_owner_machine_id() call to retrieve the machine ID of the machine of the bus itself
- see if we can drop more message validation on the sending side
- add API to clone sd_bus_message objects
- - make AddMatch calls on dbus1 transports async?
- longer term: priority inheritance
- dbus spec updates:
- NameLost/NameAcquired obsolete
- GVariant
- path escaping
- update systemd.special(7) to mention that dbus.socket is only about the compatibility socket now
- - test bloom filter generation indexes
* sd-event
- allow multiple signal handlers per signal?
* exec: when deinitializating a tty device fix the perms and group, too, not only when initializing. Set access mode/gid to 0620/tty.
-* service: watchdog logic: for testing purposes allow ping, but do not require pong
-
* journal:
- consider introducing implicit _TTY= + _PPID= + _EUID= + _EGID= + _FSUID= + _FSGID= fields
- import and delete pstore filesystem content at startup
Benefit: nspawn --ephemeral would start working nicely with the journal.
- assign MESSAGE_ID to log messages about failed services
+* add a test if all entries in the catalog are properly formatted.
+ (Adding dashes in a catalog entry currently results in the catalog entry
+ being silently skipped. journalctl --update-catalog must warn about this,
+ and we should also have a unit test to check that all our message are OK.)
+
* document:
- document that deps in [Unit] sections ignore Alias= fields in
[Install] units of other units, unless those units are disabled
https://github.com/systemd/systemd/pull/272#issuecomment-113153176
- should optionally support receiving WATCHDOG=1 messages from its payload
PID 1...
- - should send out sd_notify("WATCHDOG=1") messages
- optionally automatically add FORWARD rules to iptables whenever nspawn is
running, remove them when shut down.
- maybe make copying of /etc/resolv.conf optional, and skip it if --read-only
projects / thirdparty / systemd.git / blobdiff