From: Lennart Poettering <lennart@poettering.net>
Date: Wed, 3 Aug 2016 16:40:48 +0000 (+0200)
Subject: update TODO
X-Git-Tag: v232~317^2
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F3884%2Fhead;p=thirdparty%2Fsystemd.git

update TODO
---

diff --git a/TODO b/TODO
index bb36522bf92..0199d9d509e 100644
--- a/TODO
+++ b/TODO
@@ -66,11 +66,10 @@ Features:
 
 * ProtectKeyRing= to take keyring calls away
 
-* PrivateUsers= which maps the all user ids except root and the one specified
-  in User= to nobody
-
 * ProtectControlGroups= which mounts all of /sys/fs/cgroup read-only
 
+* RemoveKeyRing= to remove all keyring entries of the specified user
+
 * Add DataDirectory=, CacheDirectory= and LogDirectory= to match
   RuntimeDirectory=, and create it as necessary when starting a service, owned by the right user.
 
@@ -90,6 +89,11 @@ Features:
 * expose the "privileged" flag of ExecCommand on the bus, and open it up to
   transient units
 
+* in nss-systemd, if we run inside of RootDirectory= with PrivateUsers= set,
+  find a way to map the User=/Group= of the service to the right name. This way
+  a user/group for a service only has to exist on the host for the right
+  mapping to work.
+
 * allow attaching additional journald log fields to cgroups
 
 * rework fopen_temporary() to make use of open_tmpfile_linkable() (problem: the