X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=TODO;h=17fe94a9b3ac189fc72220cedb4082e3df17a6f7;hp=0343b946f380e75e28f0f6f5d0481f51d42510ad;hb=7c83910bb92fbe54522307e5ba18568473525917;hpb=b3ae710c251d0ce5cf2cef63208e325497b5e323 diff --git a/TODO b/TODO index 0343b946f..17fe94a9b 100644 --- a/TODO +++ b/TODO @@ -32,6 +32,18 @@ External: Features: +* Add timeout to early-boot, and shut down the system if it is hit. Solves the laptop-in-bag problem and is useful for embedded cases + +* sd-resolve: add callback api + +* ImmutableSystem=yes/no or so to mount /usr, /boot read-only/invisible, and leave /var and /etc writable + +* InaccessibleHome=yes/no or so to hide /home and /run/user from a service + +* Run most system services with cgroupfs read-only and procfs with a more secure mode + +* sd-event: generate a failure of a default event loop is executed out-of-thread + * add "M" as recursive version of "m" to tmpfiles, then use it for chowning /run/log/journal (but not /var/log/journal), so that we adjust the perms of journal files created before tmpfiles ran. @@ -75,9 +87,6 @@ Features: * "busctl status" works only as root on dbus1, since we cannot read /proc/$PID/exe -* systemctl: support --recursive for list-sockets, list-timers, - ... too, not just for list-units. - * implement Distribute= in socket units to allow running multiple service instances processing the listening socket, and open this up for ReusePort= @@ -162,6 +171,7 @@ Features: ReadOnlyDirectories=... for whitelisting files for a service. * sd-bus: + - make AddMatch calls on dbus1 transports async - when kdbus doesn't take our message without memfds, try again with memfds - systemd-bus-proxyd needs to enforce good old XML policy - port exit-on-idle logic to byebye ioctl @@ -709,6 +719,8 @@ External: * fedora: update policy to declare access mode and ownership of unit files to root:root 0644, and add an rpmlint check for it +* register catalog database signature as file magic + Regularly: * look for close() vs. close_nointr() vs. close_nointr_nofail()