X-Git-Url: http://git.ipfire.org/?p=thirdparty%2Fsystemd.git;a=blobdiff_plain;f=TODO;h=07f21fc06ec85649199da105a41f488d3f3064b3;hp=2056dcf74eb5de7977331a3e97eebddc042d9b9f;hb=d8857af4d053b6d10aea7684aad247bebec4a5e8;hpb=cbe952fe1f4e6d7e79811525276df3ee5bb53b4b diff --git a/TODO b/TODO index 2056dcf74eb..07f21fc06ec 100644 --- a/TODO +++ b/TODO @@ -17,6 +17,31 @@ Janitorial Clean-ups: Features: +* make use of the new statx mountid and rootmount fields in path_get_mnt_id() + and fd_is_mount_point() + +* nspawn: move "incoming mount" directory to /run/host, move "inaccessible" + nodes to /run/host, move notify socket (for sd_notify() between payload and + container manager) + +* make use of new glibc 2.32 APIs sigabbrev_np() and strerrorname_np(). + +* cryptsetup: if keyfile specified in crypttab is AF_UNIX socket, connect to it + and read from it (like we do elsewhere with READ_FULL_FILE_CONNECT_SOCKET) + +* when main nspawn supervisor process gets suspended due to SIGSTOP/SIGTTOU or + so, freeze the payload too. + +* repart: support setting up dm-integrity with HMAC + +* add /etc/integritytab, to support dm-integrity setups. In particular those + with HMAC as hash function, so that we can have a protected /home without + encryption (leaving encryption to the individual dirs/homed). + +* complement root=, rootflags=, rootfstype= with rootsubdir= which allows + mounting a subdir of the root fs as actual root. This can be used as + fstype-agnostic version of btrfs' rootflags=subvol=foobar. + * add --copy-from and --copy-to command to systemd-dissect which copies stuff in and out of a disk image @@ -24,9 +49,6 @@ Features: * if /usr/bin/swapoff fails due to OOM, log a friendly explanatory message about it -* add loud warning to the logs (with catalog entry) if systemd-udev-settle is - pulled into the boot process - * build short web pages out of each catalog entry, build them along with man pages, and include hyperlinks to them in the journal output @@ -49,6 +71,9 @@ Features: * nspawn: support time namespaces +* systemd-firstboot: make sure to always use chase_symlinks() before + reading/writing files + * add ConditionSecurity=tpm2 * Remove any support for booting without /usr pre-mounted in the initrd entirely. @@ -63,8 +88,6 @@ Features: * make us use dynamically fewer deps for containers in general purpose distros: o turn into dlopen() deps: - - pcre2 (always) — irrelevant on Fedora, since dep by - libselinux, but should benefit Debian - libpwquality (always) - only relevant for homed, and maybe soon firstboot - elfutils (always) @@ -94,8 +117,9 @@ Features: this, it's useful to have one that can dump contents of them, too. * All tools that support --root= should also learn --image= so that they can - operate on disk images directly. Specifically: bootctl, firstboot, tmpfiles, - sysusers, systemctl, repart, journalctl, coredumpctl. + operate on disk images directly. Specifically: bootctl, systemctl, + coredumpctl. (Already done: systemd-nspawn, systemd-firstboot, + systemd-repart, systemd-tmpfiles, systemd-sysusers, journalctl) * seccomp: by default mask x32 ABI system wide on x86-64. it's on its way out @@ -310,9 +334,6 @@ Features: right) become genuine first class citizens, and we gain automatic, sane JSON output for them. -* systemd-firstboot: teach it dissector magic, so that you can point it to some - disk image and it will just set everything in it all behind the scenes. - * We should probably replace /var/log/README, /etc/rc.d/README with symlinks that are linked to these places instead of copied. After all they are constant vendor data. @@ -331,7 +352,6 @@ Features: * homed: - when user tries to log into record signed by unrecognized key, automatically add key to our chain after polkit auth - - hook up machined/nspawn users with a varlink user query interface - rollback when resize fails mid-operation - GNOME's side for forget key on suspend (requires rework so that lock screen runs outside of uid) - resize on login? @@ -349,7 +369,6 @@ Features: - in systemd's PAMName= logic: query passwords with ssh-askpassword, so that we can make "loginctl set-linger" mode work - fingerprint authentication, pattern authentication, … - make sure "classic" user records can also be managed by homed - - description field for groups - make size of $XDG_RUNTIME_DIR configurable in user record - reuse pwquality magic in firstboot - query password from kernel keyring first @@ -916,6 +935,10 @@ Features: - allow multiple signal handlers per signal? - document chaining of signal handler for SIGCHLD and child handlers - define more intervals where we will shift wakeup intervals around in, 1h, 6h, 24h, ... + - maybe support iouring as backend, so that we allow hooking read and write + operations instead of IO ready events into event loops. See considerations + here: + http://blog.vmsplice.net/2020/07/rethinking-event-loop-integration-for.html * investigate endianness issues of UUID vs. GUID @@ -1016,7 +1039,7 @@ Features: - journal: add a setgid "systemd-journal" utility to invoke from libsystemd-journal, which passes fds via STDOUT and does PK access - journactl: support negative filtering, i.e. FOOBAR!="waldo", and !FOOBAR for events without FOOBAR. - - journal: store timestamp of journal_file_set_offline() int he header, + - journal: store timestamp of journal_file_set_offline() in the header, so it is possible to display when the file was last synced. - journal-send.c, log.c: when the log socket is clogged, and we drop, count this and write a message about this when it gets unclogged again. - journal: find a way to allow dropping history early, based on priority, other rules @@ -1058,6 +1081,7 @@ Features: them via machined, and also watch containers coming and going. Benefit: nspawn --ephemeral would start working nicely with the journal. - assign MESSAGE_ID to log messages about failed services + - check if loop in decompress_blob_xz() is necessary * add a test if all entries in the catalog are properly formatted. (Adding dashes in a catalog entry currently results in the catalog entry @@ -1073,7 +1097,8 @@ Features: - document systemd-journal-flush.service properly - documentation: recommend to connect the timer units of a service to the service via Also= in [Install] - man: document the very specific env the shutdown drop-in tools live in - - man: add more examples to man pages + - man: add more examples to man pages, + - in particular an example how to do the equivalent of switching runlevels - man: maybe sort directives in man pages, and take sections from --help and apply them to man too - document root=gpt-auto properly