X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=TODO;h=7f5db20da4e0c313eff82c0d0dedd5dffd8e05f9;hb=a986501b9059b72e8deced262554fbdd1ab9da17;hp=a248e81c8db75467679b7b8361558697cc95f4e7;hpb=31a11e8f30449a81867e8fd081e3e76cf6664bb4;p=elogind.git

diff --git a/TODO b/TODO
index a248e81c8..7f5db20da 100644
--- a/TODO
+++ b/TODO
@@ -31,6 +31,23 @@ External:
 
 Features:
 
+* nspawn: emulate /dev/kmsg using CUSE and turn off the syslog syscall
+  with seccomp. That should provide us with a useful log buffer that
+  systemd can log to during early boot, and disconnect container logs
+  from the kernel's logs.
+
+* networkd/udev: implement SR_IOV configuration in .link files:
+  http://lists.freedesktop.org/archives/systemd-devel/2015-January/027451.html
+
+* When RLIMIT_NPROC is set from a unit file it currently always is set
+  for root, not for the user set in User=, which makes it
+  useless. After fixing this, set RLIMIT_NPROC for
+  systemd-journal-xyz, and all other of our services that run under
+  their own user ids, and use User= (but only in a world where userns
+  is ubiquitous since otherwise we cannot invoke those daemons on the
+  host AND in a container anymore). Also, if LimitNPROC= is used
+  without User= we should warn and refuse operation.
+
 * logind: maybe allow configuration of the StopTimeout for session scopes
 
 * Set NoNewPriviliges= on all of our own services, where that makes sense
@@ -59,8 +76,6 @@ Features:
 
 * Port various tools to make use of verbs.[ch], where applicable
 
-* Check all invocations of access() and consider turning them into laccess()
-
 * "machinectl history"
 
 * "machinectl diff"