From 18098d7dec0e488ba78ebde1be840f7a31185ef7 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Mon, 4 Dec 2023 17:57:06 +0100 Subject: [PATCH] update TODO --- TODO | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/TODO b/TODO index 29a1a8e7c40..7bff6441095 100644 --- a/TODO +++ b/TODO @@ -268,6 +268,18 @@ Features: * use udev rule networkd ownership property to take ownership of network interfaces nspawn creates +* mountfsd/nsresourced + - userdb: maybe allow callers to map one uid to their own uid + - bpflsm: allow writes if resulting UID on disk would be userns' owner UID + - make encrypted DDIs work (password…) + - add API for creating a new file system from scratch (together with some + dm-integrity/HMAC key). Should probably work using systemd-repart (access + via varlink). + - add api to make an existing file "trusted" via dm-integry/HMAC key + - port: portabled + - port: tmpfiles, sysusers and similar + - lets see if we can make runtime bind mounts into unpriv nspawn work + * add a kernel cmdline switch (and cred?) for marking a system to be "headless", in which case we never open /dev/console for reading, only for writing. This would then mean: systemd-firstboot would process creds but not -- 2.47.3