X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=TODO;h=caf565ff0002ebc1bf22fb27512ba33ea4433a36;hp=5fe1a207344e3f995ef71af6c790335fd1b3d120;hb=2d2ebaf5152cfc232aec61aad5138adc950f4b5c;hpb=c221efb2de9a9d8500c0c6baf943bff0d8f87e7f diff --git a/TODO b/TODO index 5fe1a2073..caf565ff0 100644 --- a/TODO +++ b/TODO @@ -32,16 +32,12 @@ External: Features: -* ProtectedHome= turn into enum, and add "full" option that also marks /etc read-only - * generator that automatically discovers btrfs subvolumes, identifies their purpose based on some xattr on them. * support setting empty environment variables with Environment= and EnvironmentFile= * tmpfiles: figure out relation between Z and m? -* systemd-notify: fake ucred of msg to PID of parent, if that works, with fallback to our own if it doesn't. - * machined/machinectl: sort IP addresses we return by scope and protocol * machined: write NSS module for looking up IP addresses for machines @@ -70,7 +66,7 @@ Features: * Add timeout to early-boot, and shut down the system if it is hit. Solves the laptop-in-bag problem and is useful for embedded cases -* Run most system services with cgroupfs read-only and procfs with a more secure mode +* Run most system services with cgroupfs read-only and procfs with a more secure mode (doesn't work, since the hidepid= option is per-pid-namespace, not per-mount) * sd-event: generate a failure of a default event loop is executed out-of-thread @@ -159,8 +155,6 @@ Features: * Automatically configure swap partition to use for hibernation by looking for largest swap partition on the root disk? -* socket-proxyd: Use sd-resolve to resolve the server address - * rfkill,backlight: we probably should run the load tools inside of the udev rules so that the state is properly initialized by the time other software sees it * After coming back from hibernation reset hibernation swap partition using the /dev/snapshot ioctl APIs @@ -187,15 +181,13 @@ Features: ReadOnlyDirectories=... for whitelisting files for a service. * sd-bus: - - make AddMatch calls on dbus1 transports async + - make AddMatch calls on dbus1 transports async? - when kdbus does not take our message without memfds, try again with memfds - systemd-bus-proxyd needs to enforce good old XML policy - - port exit-on-idle logic to byebye ioctl - allow updating attach flags during runtime - pid1: peek into activating message when activating a service - introduce sd_bus_emit_object_added()/sd_bus_emit_object_removed() that automatically includes the build-in interfaces in the list - constructors for bus messages should probably not be OK with a NULL bus pointer - - .busname units should not use get_user_creds()/get_cgroup_creds() but instead do NSS only in temporarily forked off child - see if we can drop more message validation on the sending side - add API to clone sd_bus_message objects - kdbus: matches against source or destination pids for an "strace -p"-like feel. Problem: The PID info needs to be available in userspace too... @@ -595,8 +587,6 @@ Features: when we start a service in order to avoid confusion when a user assumes starting a service is enough to make it accessible -* support User= and Group= attributes for AF_UNIX sockets. (difficult, requires NSS from PID 1?) - * Make it possible to set the keymap independently from the font on the kernel cmdline. Right now setting one resets also the other.