From: Lennart Poettering <lennart@poettering.net>
Date: Thu, 18 Jul 2024 09:40:10 +0000 (+0200)
Subject: update TODO
X-Git-Tag: v257-rc1~887
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1717a939bee8c26f815d93247edc3af4e0f330ca;p=thirdparty%2Fsystemd.git

update TODO
---

diff --git a/TODO b/TODO
index 443b9a554bf..54ebb69d644 100644
--- a/TODO
+++ b/TODO
@@ -130,6 +130,23 @@ Deprecations and removals:
 
 Features:
 
+* homed: allow login via username + realm on getty/login prompt. Then rewrite
+  the user name in the PAM stack
+
+* homed/userdb: add "aliases" field to user record, which can alternatively be
+  used for logging in. Rewrite user name in the PAM stack once acquired.
+
+* confext/sysext: instead of mounting the overlayfs directly on /etc/ + /usr/,
+  insert an intermediary bind mount on itself there. This has the benefit that
+  services where mount propagation from the root fs is off, an still have
+  confext/sysext propagated in.
+
+* marry pcrlock + signed pcr policies for FDE/credentials by letting each
+  unlock "half" of the volume key, so that the combination of both must be
+  XOR'ed to get the actual volume key
+
+* support F_DUDFD_QUERY for comparing fds in same_fd (requires kernel 6.10)
+
 * generic interface for varlink for setting log level and stuff that all our daemons can implement
 
 * use pty ioctl to get peer wherever possible (TIOCGPTPEER)