Features:
+* move notify sockets to the file system, so that PrivateNetwork= doesn't conflict with sd_notify() usage
+
* add bus api to query unit file's X fields.
* consider adding RuntimeDirectoryUser= + RuntimeDirectoryGroup=
* maybe add DefaultTimerAccuracySec= as global config option to set AccuracySec='s default value in .timer units
-* mount /sys/fs/cgroup read-only (but leave the subdirs writable)
-
* gpt-auto-generator:
- Support LUKS for root devices
- Define new partition type for encrypted swap? Support probed LUKS for encrypted swap?
* support transient mount units
-* Imply DevicePolicy=closed and CapabilityBoundingSet=~CAP_SYS_MKNOD when PrivateDevices= is used
+* Imply DevicePolicy=closed when PrivateDevices= is used
* add an "input" group to udev logic and add all input devices to it
-* libsystemd-login: implement getpeer_unit(), get_peer_slice(), ...
-
* machined: provide calls GetMachineByAddress() on the manager
interface to get the machine for a local IP address, and
GetAddress() on the Machine interface to get the Address for a
* "busctl status" works only as root on dbus1, since we cannot read
/proc/$PID/exe
-* systemctl (and possibly related tools): support a new switch that
- allows enumerating units in local containers recursively. "systemctl
- list-units -R" or so should not only lists on the host, but also the
- services in all containers in a pretty way, to give an overview of
- the entire system.
+* systemctl: support --recursive for list-sockets, list-timers,
+ ... too, not just for list-units.
* implement Distribute= in socket units to allow running multiple
service instances processing the listening socket, and open this up
* sd-bus:
- when kdbus doesn't take our message without memfds, try again with memfds
- - implement monitor logic
+ - systemd-bus-proxyd needs to enforce good old XML policy
+ - port exit-on-idle logic to byebye ioctl
+ - allow updating attach flags during runtime
+ - pid1: peek into activating message when activating a service
+ - introduce sd_bus_emit_object_added()/sd_bus_emit_object_removed() that automatically includes the build-in interfaces in the list
+ - constructors for bus messages should probably not be OK with a NULL bus pointer
+ - .busname units should not use get_user_creds()/get_cgroup_creds() but instead do NSS only in temporarily forked off child
- see if we can drop more message validation on the sending side
- add API to clone sd_bus_message objects
- - systemd-bus-proxyd needs to enforce good old XML policy
- - upload minimal kdbus policy into the kernel at boot
- kdbus: matches against source or destination pids for an "strace -p"-like feel. Problem: The PID info needs to be available in userspace too...
- longer term: priority inheritance
- - check sender of response messages
- dbus spec updates:
- kdbus mapping
- NameLost/NameAcquired obsolete
- GVariant
- "const" properties (posted)
- path escaping
- - port exit-on-idle logic to byebye ioctl
- update systemd.special(7) to mention that dbus.socket is only about the compatibility socket now
- - allow updating attach flags during runtime
- - pid1: peek into activating message when activating a service
- test bloom filter generation indexes
- - introduce sd_bus_emit_object_added()/sd_bus_emit_object_removed() that automatically includes the build-in interfaces in the list
- port to sd-resolve for connecting to TCP dbus servers
- - constructors for bus messages should probably not be OK with a NULL bus pointer
- - .busname units should not use get_user_creds()/get_cgroup_creds() but instead do NSS only in temporarily forked off child
* sd-event
- allow multiple signal handlers per signal?