Bugfixes:
+* killing nspawn with ]]] results in:
+ machine-f20.scope stopping timed out. Killing.
+ Stopped Container f20.
+ Unit machine-f20.scope entered failed state.
+ and it cannot be started again
+
* enabling an instance unit creates a pointless link, and
the unit will be started with getty@getty.service:
$ systemctl enable getty@.service
External:
-* ps should gain colums for slice
-
* Fedora: when installing fedora with yum --installroot /var/run is a directory, not a symlink
https://bugzilla.redhat.com/show_bug.cgi?id=975864
Features:
+* hookup nspawn and PrivateNetwork=yes with "ip netns"
+
+* socket units: support creating sockets in different namespace,
+ opening it up for JoinsNamespaceOf=. This would require to fork off
+ a tiny process that joins the namespace and creates/binds the socket
+ and passes this back to PID1 via SCM_RIGHTS. This also could be used
+ to allow Chown/chgrp on sockets without requiring NSS in PID 1.
+
* sd-resolve:
- make sure event loop integration works similar to event loop integration in other libs
- maybe drop _free() call, introduce _unref() instead
- - sd_resolve_freeanswer() is probably pointless, we don't define such a function for any other return values, but expect people to call free directly
- maybe simplify function calls that take a sd_resolve_query object, to not also require the matching sd_resolve?
- maybe drop the "n_proc" parameter to sd_resolve_new()?
- change all functions to return "int" and negative errno errors
- - getnext and getnqueries should be renamed to get_next() and get_n_queries(), i.e. functions that are not modelled directly after the libc counterparts don't need to be a single word...
* New service property: maximum CPU and wallclock runtime for a service
ReadOnlyDirectories=... for whitelisting files for a service.
* sd-bus:
- - let the activator peek the peer connection with KDBUS_CMD_MSG_SRC and log it
- when kdbus doesn't take our message without memfds, try again with memfds
- implement monitor logic
- see if we can drop more message validation on the sending side
- add API to clone sd_bus_message objects
- - SD_BUS_COMMENT() macro for inclusion in vtables, syntax inspired by gdbus
- systemd-bus-proxyd needs to enforce good old XML policy
- upload minimal kdbus policy into the kernel at boot
- kdbus: matches against source or destination pids for an "strace -p"-like feel. Problem: The PID info needs to be available in userspace too...
- - longer term:
- * priority queues
- * priority inheritance
+ - longer term: priority inheritance
- check sender of response messages
- dbus spec updates:
- kdbus mapping
- GVariant
- "const" properties (posted)
- port exit-on-idle logic to byebye ioctl
- - make use of "drop" ioctl in pid 1 bus activation
- bus proxy: override unique id sender for messages from driver to match the well-known name
- bus driver: GetNameOwner() for "org.freedesktop.DBus" should return "org.freedesktop.DBus"
- update systemd.special(7) to mention that dbus.socket is only about the compatibility socket now
+ - bus proxy should fake seclabel when connecting to kdbus
+ - allow updating attach flags during runtime
+ - pid1: peek into activating message when activating a service
+ - when service activation failed, drop one message from the activator queue
* sd-event
- allow multiple signal handlers per signal?
~ianmdlvl / elogind.git / blobdiff