From: Lennart Poettering Date: Fri, 19 May 2023 11:37:22 +0000 (+0200) Subject: update TODO X-Git-Tag: v254-rc1~440 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9287925a0dc4d54cf880648744aecae982e92e68;p=thirdparty%2Fsystemd.git update TODO --- diff --git a/TODO b/TODO index 54d459eaddf..ee3f65e085b 100644 --- a/TODO +++ b/TODO @@ -129,6 +129,15 @@ Deprecations and removals: Features: +* open up creds for uses in generators, and document clearly that encrypted + creds are only supported if strictly tpm bound, but not when using the host + secret (as that is only avilable if /var/ is around. + +* logind: when logging in, always take an fd to the home dir, to keep the dir + busy, so that autofs release can never happen. (this is generally a good + idea, and specifically works around the fact the autofs ignores busy by mount + namespaces) + * mount most file systems with a restrictive uidmap. e.g. mount /usr/ with a uidmap that blocks out anything outside 0…1000 (i.e. system users) and similar.