Bugfixes:
-* copy.c: set the right chattrs before copying files and others after
-
* Many manager configuration settings that are only applicable to user
manager or system manager can be always set. It would be better to reject
them when parsing config.
-* Clarify what IPAddress* matches (source, destination, both?)
-
External:
* Fedora: add an rpmlint check that verifies that all unit files in the RPM are listed in %systemd_post macros.
Features:
-* maybe add a seccomp-based high-level filter that blocks creation of suid/sgid
- files.
+* tweak journald context caching. In addition to caching per-process attributes
+ keyed by PID, cache per-cgroup attributes (i.e. the various xattrs we read)
+ keyed by cgroup path, and guarded by ctime changes. This should provide us
+ with a nice speed-up on services that have many processes running in the same
+ cgroup.
+
+* clean up sleep.c:
+ - Use CLOCK_BOOTTIME_ALARM for waking up s2h instead of RTC ioctls
+ - Parse sleep.conf only once, and parse its whole contents so that we don't
+ have to parse it again and again in s2h
+ - Make sure resume= and resume_offset= on the kernel cmdline always take
+ precedence
* make MAINPID= message reception checks even stricter: if service uses User=,
then check sending UID and ignore message if it doesn't match the user or
* bootctl,sd-boot: actually honour the "architecture" key
-* when a socket unit is spawned with an AF_UNIX path in /var/run, complain and
- patch it to use /run instead
-
-* set memory.oom.group in cgroup v2 for all leaf cgroups (kernel v4.19+)
-
* add a new syscall group "@esoteric" for more esoteric stuff such as bpf() and
usefaultd() and make systemd-analyze check for it.
first. i.e. look for all places we use string_erase()/string_free_erase() and
augment them with mlock(). Also use MADV_DONTDUMP
-* whenever oom_kill memory.event event is triggered print a nice log message
-
* Move RestrictAddressFamily= to the new cgroup create socket
* support the bind/connect/sendmsg cgroup stuff for sandboxing, and possibly
* maybe implicitly attach monotonic+realtime timestamps to outgoing messages in
log.c and sd-journal-send
-* chown() tty a service is attached to after the service goes down
-
* optionally: turn on cgroup delegation for per-session scope units
* introduce per-unit (i.e. per-slice, per-service) journal log size limits.
* When reloading configuration PID 1 should reset all its properties to the
original defaults before calling parse_config()
-* Add OnTimezoneChange= and OnTimeChange= stanzas to .timer units in order to
- schedule events based on time and timezone changes.
-
* nspawn: greater control over selinux label?
* hibernate/s2h: make this robust and safe to enable in Fedora by default.
* support projid-based quota in machinectl for containers
-* Add NetworkNamespacePath= to specify a path to a network namespace
-
* maybe use SOURCE_DATE_EPOCH (i.e. the env var the reproducible builds folks
introduced) as the RTC epoch, instead of the mtime of NEWS.
* optionally, also require WATCHDOG=1 notifications during service start-up and shutdown
-* resolved: when routing queries, make sure only look for the *longest* suffix...
-
* delay activation of logind until somebody logs in, or when /dev/tty0 pulls it
in or lingering is on (so that containers don't bother with it until PAM is used). also exit-on-idle
service instances processing the listening socket, and open this up
for ReusePort=
-* socket units: support creating sockets in different namespace,
- opening it up for JoinsNamespaceOf=. This would require to fork off
- a tiny process that joins the namespace and creates/binds the socket
- and passes this back to PID1 via SCM_RIGHTS. This also could be used
- to allow Chown/chgrp on sockets without requiring NSS in PID 1.
-
* introduce bus call FreezeUnit(s, b), as well as "systemctl freeze
$UNIT" and "systemctl thaw $UNIT" as wrappers around this. The calls
should SIGSTOP all unit processes in a loop until all processes of
* load .d/*.conf dropins for device units
-* allow implementation of InaccessibleDirectories=/ plus
- ReadOnlyDirectories=... for whitelisting files for a service.
-
* sd-bus:
- EBADSLT handling
- GetAllProperties() on a non-existing object does not result in a failure currently
- honor language efi variables for default language selection (if there are any?)
- honor timezone efi variables for default timezone selection (if there are any?)
- change bootctl to be backed by systemd-bootd to control temporary and persistent default boot goal plus efi variables
+* bootctl
+ - recognize the case when not booted on EFI
* maybe do not install getty@tty1.service symlink in /etc but in /usr?
- follow PropertiesChanged state more closely, to deal with quick logouts and
relogins
-* exec: when deinitializating a tty device fix the perms and group, too, not only when initializing. Set access mode/gid to 0620/tty.
-
* journal:
- consider introducing implicit _TTY= + _PPID= + _EUID= + _EGID= + _FSUID= + _FSGID= fields
- import and delete pstore filesystem content at startup
* timer units:
- timer units should get the ability to trigger when:
- o CLOCK_REALTIME makes jumps (TFD_TIMER_CANCEL_ON_SET)
o DST changes
- o timezone changes
- Modulate timer frequency based on battery state
* add libsystemd-password or so to query passwords during boot using the password agent logic
* support crash reporting operation modes (https://live.gnome.org/GnomeOS/Design/Whiteboards/ProblemReporting)
-* default to actual 32-bit PIDs, via /proc/sys/kernel/pid_max
-
* be able to specify a forced restart of service A where service B depends on, in case B
needs to be auto-respawned?
projects / thirdparty / systemd.git / blobdiff