Features:
+* when dissecting images, warn about unrecognized partition flags
+
+* honour specifiers in unit files that resolve to some very basic
+ /etc/os-release data, such as ID, VERSION_ID, BUILD_ID, VARIANT_ID.
+
+* socket units: allow creating a udev monitor socket with ListenDevices= or so,
+ with matches, then actviate app thorugh that passing socket oveer
+
+* kill zenata, all hail weblate?
+
+* move discoverable partitions spec into markdown and our tree
+
+* sd-event: add native support for P_ALL waitid() watching, then move PID 1 to
+ it fo reaping assigned but unknown children. This needs to some special care
+ to operate somewhat sensibly in light of priorities: P_ALL will return
+ arbitrary processes, regardless of the priority we want to watch them with,
+ hence on each event loop iteration check all processes which we shall watch
+ with higher prio explicitly, and then watch the entire rest with P_ALL.
+
+* tweak sd-event's child watching: keep a prioq of children to watch and use
+ waitid() only on the children with the highest priority until one is waitable
+ and ignore all lower-prio ones from that point on
+
+* maybe introduce xattrs that can be set on the root dir of the root fs
+ partition that declare the volatility mode to use the image in. Previously I
+ thought marking this via GPT partition flags but that's not ideal since
+ that's outside of the LUKS encryption/verity verification, and we probably
+ shouldn't operate in a volatile mode unless we got told so from a trusted
+ source.
+
+* figure out automatic partition discovery when combining writable root dir
+ with immutable /usr
+
* coredump: maybe when coredumping read a new xattr from /proc/$PID/exe that
may be used to mark a whole binary as non-coredumpable. Would fix:
https://bugs.freedesktop.org/show_bug.cgi?id=69447
+* teach parse_timestamp() timezones like the calendar spec already knows it
+
* beef up hibernation to optionally do swapon/swapoff immediately before/after
the hibernation
* sd-boot: optionally, show boot menu when previous default boot item has
non-zero "tries done" count
-* maybe set a special xattr on cgroups that have delegate=yes set, to make it
- easy to mark cut points, then use this information in "systemd-cgls" to show
- them (e.g. color delegated subtrees in a different color)
-
* introduce an option (or replacement) for "systemctl show" that outputs all
properties as JSON, similar to busctl's new JSON output. In contrast to that
it should skip the variant type string though.
1. add resume_offset support to the resume code (i.e. support swap files
properly)
2. check if swap is on weird storage and refuse if so
- 3. add autodetection of hibernation images
+ 3. add auto-detection of hibernation images
* cgroups: use inotify to get notified when somebody else modifies cgroups
owned by us, then log a friendly warning.
* bypass SIGTERM state in unit files if KillSignal is SIGKILL
-* tree-wide: ensure we always block the signals we hook into with
- sd_event_add_signal() first
-
* add proper dbus APIs for the various sd_notify() commands, such as MAINPID=1
and so on, which would mean we could report errors and such.
* show whether a service has out-of-date configuration in "systemctl status" by
using mtime data of ConfigurationDirectory=.
-* replace all remaining uses of fgets() + LINE_MAX by read_line()
-
* Add AddUser= setting to unit files, similar to DynamicUser=1 which however
creates a static, persistent user rather than a dynamic, transient user. We
can leverage code from sysusers.d for this.
"systemd-gdb" for attaching to the start-up of any system service in its
natural habitat.
-* maybe introduce gpt auto discovery for /var/tmp?
-
* maybe add gpt-partition-based user management: each user gets his own
LUKS-encrypted GPT partition with a new GPT type. A small nss module
enumerates users via udev partition enumeration. UIDs are assigned in a fixed
with stateless/read-only/verity-enabled root. (other idea: do this based on
loopback files in /home, without GPT involvement)
-* gpt-auto logic: introduce support for discovering /var matching an image. For
- that, use a partition type UUID that is hashed from the OS name (as encoded
- in /etc/os-release), the architecture, and 4 new bits from the gpt flags
- field of the root partition. This way can easily support multiple OS
- installations on the same GPT partition table, without problems with
- unmatched /var partitions.
-
* gpt-auto logic: related to the above, maybe support a "secondary" root
partition, that is mounted to / and is writable, and where the actual root's
/usr is mounted into.
* define gpt header bits to select volatility mode
-* ProtectKernelLogs= (drops CAP_SYSLOG, add seccomp for syslog() syscall, and DeviceAllow to /dev/kmsg) in service files
-
* ProtectClock= (drops CAP_SYS_TIMES, adds seecomp filters for settimeofday, adjtimex), sets DeviceAllow o /dev/rtc
* ProtectTracing= (drops CAP_SYS_PTRACE, blocks ptrace syscall, makes /sys/kernel/tracing go away)
* cache sd_event_now() result from before the first iteration...
-* add systemctl stop --job-mode=triggering that follows TRIGGERED_BY deps and adds them to the same transaction
-
* PID1: find a way how we can reload unit file configuration for
specific units only, without reloading the whole of systemd
* when we detect that there are waiting jobs but no running jobs, do something
-* push CPUAffinity= also into the "cpuset" cgroup controller (only after the cpuset controller got ported to the unified hierarchy)
+* push CPUAffinity= also into the "cpuset" cgroup controller
* PID 1 should send out sd_notify("WATCHDOG=1") messages (for usage in the --user mode, and when run via nspawn)
* as soon as we have sender timestamps, revisit coalescing multiple parallel daemon reloads:
http://lists.freedesktop.org/archives/systemd-devel/2014-December/025862.html
-* in systemctl list-unit-files: show the install value the presets would suggest for a service in a third column
-
* figure out when we can use the coarse timers
* add "systemctl start -v foobar.service" that shows logs of a service
* what to do about udev db binary stability for apps? (raw access is not an option)
-* man: maybe use the word "inspect" rather than "introspect"?
-
* systemctl: if some operation fails, show log output?
* systemctl edit: use equivalent of cat() to insert existing config as a comment, prepended with #.
- allow multiple signal handlers per signal?
- document chaining of signal handler for SIGCHLD and child handlers
- define more intervals where we will shift wakeup intervals around in, 1h, 6h, 24h, ...
- - generate a failure of a default event loop is executed out-of-thread
* investigate endianness issues of UUID vs. GUID
* tmpfiles:
- apply "x" on "D" too (see patch from William Douglas)
- - replace F with f+.
- instead of ignoring unknown fields, reject them.
- creating new directories/subvolumes/fifos/device nodes
should not follow symlinks. None of the other adjustment or creation
- allow Type=simple with PIDFile=
https://bugzilla.redhat.com/show_bug.cgi?id=723942
- allow writing multiple conditions in unit files on one line
- - load-fragment: when loading a unit file via a chain of symlinks
- verify that it is not masked via any of the names traversed.
- introduce Type=pid-file
- introduce mix of BindTo and Requisite
- add a concept of RemainAfterExit= to scope units
- Allow multiple ExecStart= for all Type= settings, so that we can cover rescue.service nicely
+ - add verification of [Install] section to systemd-analyze verify
* udev-link-config:
- Make sure ID_PATH is always exported and complete for
- <command> <verb> -<TAB> should complete options, but currently does not
- systemctl add-wants,add-requires
-* systemctl status foo.service should say that it is trigger by foo.timer
* systemctl status should know about 'systemd-analyze calendar ... --iterations='
* If timer has just OnInactiveSec=..., it should fire after a specified time
after being started.
* link up selected blog stories from man pages and unit files Documentation= fields
String is not UTF-8 clean, ignoring assignment
- timedatex.service: Consumed 26ms CPU time.
projects / thirdparty / systemd.git / blobdiff