Remove support for auto-spawning VTs

[elogind.git] / TODO

diff --git a/TODO b/TODO
index c99905f0609a7cab8fe4b80ce281c6a6a68ca747..4fdecebd0fa4fbb77e78d2cc4b37242f69721fd6 100644 (file)
--- a/TODO
+++ b/TODO
@@ -6,24 +6,19 @@ Bugfixes:
   automount points even when the original .automount file did not exist
   anymore. Only the .mount unit was still around.
 
   automount points even when the original .automount file did not exist
   anymore. Only the .mount unit was still around.
 

-* ExecStart with unicode characters fails in strv_split_quoted:
+* ExecStart with unicode characters fails in strv_split_extract:

 
           [Service]
           Environment=ONE='one' "TWO='two two' too" THREE=
           ExecStart=/bin/python3 -c 'import sys;print(sys.argv)' $ONE $TWO $THREE
 
 
           [Service]
           Environment=ONE='one' "TWO='two two' too" THREE=
           ExecStart=/bin/python3 -c 'import sys;print(sys.argv)' $ONE $TWO $THREE
 

-* MEMORY return code is overloaded for syntax errors in the command line.
-  str_split_quoted() should return a real return code, so spawn_child can
-  report the failure properly.
+* When systemctl --host is used, underlying ssh connection can remain open.
+  bus_close does not kill children?

 
 External:
 
 * Fedora: add an rpmlint check that verifies that all unit files in the RPM are listed in %systemd_post macros.
 
 
 External:
 
 * Fedora: add an rpmlint check that verifies that all unit files in the RPM are listed in %systemd_post macros.
 

-* Fedora: move kernel image to /usr/lib/modules/, kernel-install will take care of populating /boot
-
-* Fedora: remove /etc/resolv.conf tmpfiles hack
-

 * wiki: update journal format documentation for lz4 additions
 
 * When lz4 gets an API for lz4 command output, make use of it to
 * wiki: update journal format documentation for lz4 additions
 
 * When lz4 gets an API for lz4 command output, make use of it to


@@ -31,6 +26,151 @@ External:
 
 Features:
 
 
 Features:
 

+* sd-event: maybe add support for inotify events
+
+* PID 1 should send out sd_notify("WATCHDOG=1") messages (for usage in the --user mode, and when run via nspawn)
+
+* nspawn should send out sd_notify("WATCHDOG=1") messages
+
+* nspawn should optionally support receiving WATCHDOG=1 messages from its payload PID 1...
+
+* consider throwing a warning if a service declares it wants to be "Before=" a .device unit.
+
+* "systemctl edit" should know a mode to create a new unit file
+
+* there's probably something wrong with having user mounts below /sys,
+  as we have for debugfs. for exmaple, src/core/mount.c handles mounts
+  prefixed with /sys generally special.
+  http://lists.freedesktop.org/archives/systemd-devel/2015-June/032962.html
+
+* Add PassEnvironment= setting to service units, to import select env vars from PID 1 into the service env block
+
+* nspawn: fix logic always print a final newline on output.
+  https://github.com/systemd/systemd/pull/272#issuecomment-113153176
+
+* make nspawn's --network-veth switch more powerful:
+  http://lists.freedesktop.org/archives/systemd-devel/2015-June/033121.html
+
+* man: document that unless you use StandardError=null the shell >/dev/stderr won't work in shell scripts in services
+
+* man: clarify that "machinectl show" shows different information than "machinectl status" (no cgroup tree, no IP addresses, ...)
+
+* "systemctl daemon-reload" should result in /etc/systemd/system.conf being reloaded by systemd
+
+* install: include generator dirs in unit file search paths
+
+* stop using off_t, it's a crazy type. Use uint64_t instead.
+
+* logind: follow PropertiesChanged state more closely, to deal with quick logouts and relogins
+
+* invent a better systemd-run scheme for naming scopes, that works with remoting
+
+* add journalctl -H that talks via ssh to a remote peer and passes through binary logs data
+
+* change journalctl -M to acquire fd to journal directory via machined, and then operate on that via openat() instead of absolute paths
+
+* add a version of --merge which also merges /var/log/journal/remote
+
+* log accumulated resource usage after each service invocation
+
+* nspawn: a nice way to boot up without machine id set, so that it is set at boot automatically for supporting --ephemeral. Maybe hash the host machine id together with the machine name to generate the machine id for the container
+
+* logind: rename session scope so that it includes the UID. THat way
+  the session scope can be arranged freely in slices and we don't have
+  make assumptions about their slice anymore.
+
+* journalctl: -m should access container journals directly by enumerating them via machined, and also watch containers coming and going. Benefit: nspawn --ephemeral would start working nicely with the journal.
+
+* nspawn: don't copy /etc/resolv.conf from host into container unless we are in shared-network mode
+
+* nspawn: optionally automatically add FORWARD rules to iptables whenever nspawn is running, remove them when shut down.
+
+* importd: generate a nice warning if mkfs.btrfs is missing
+
+* nspawn: add a logic for cleaning up read-only, hidden container images in /var/lib/machines that are not ancestors of any non-hidden containers
+
+* nspawn: Improve error message when --bind= is used on a non-existing source directory
+
+* nspawn: maybe make copying of /etc/resolv.conf optional, and skip it if --read-only is used
+
+* man: document how update dkr images works with machinectl
+  http://lists.freedesktop.org/archives/systemd-devel/2015-February/028630.html
+
+* nspawn: as soon as networkd has a bus interface, hook up --network-interface=, --network-bridge= with networkd, to trigger netdev creation should an interface be missing
+
+* rework C11 utf8.[ch] to use char32_t instead of uint32_t when referring
+  to unicode chars, to make things more expressive.
+
+* "machinectl migrate" or similar to copy a container from or to a
+  difference host, via ssh
+
+* tmpfiles: creating new directories/subvolumes/fifos/device nodes
+  should not follow symlinks. None of the other adjustment or creation
+  calls follow symlinks.
+
+* fstab-generator: default to tmpfs-as-root if only usr= is specified on the kernel cmdline
+
+* docs: bring http://www.freedesktop.org/wiki/Software/systemd/MyServiceCantGetRealtime up to date
+
+* mounting and unmounting mount points manually with different source
+  devices will result in collected collected on all devices used.
+  http://lists.freedesktop.org/archives/systemd-devel/2015-April/030225.html
+
+* add a job mode that will fail if a transaction would mean stopping
+  running units. Use this in timedated to manage the NTP service
+  state.
+  http://lists.freedesktop.org/archives/systemd-devel/2015-April/030229.html
+
+* Maybe add support for the equivalent of "ethtool advertise" to .link files?
+  http://lists.freedesktop.org/archives/systemd-devel/2015-April/030112.html
+
+* .timer units should optionally support CLOCK_BOOTTIME in addition to CLOCK_MONOTONIC
+
+* create a btrfs qgroup for /var/lib/machines, and add all container
+  subvolumes we create to it.
+
+* When logging about multiple units (stopping BoundTo units, conflicts, etc.),
+  log both units as UNIT=, so that journalctl -u triggers on both.
+
+* to allow "linking" of nspawn containers, extend --network-bridge= so
+  that it can dynamically create bridge interfaces that are refcounted
+  by the containers on them. For each group of containers to link together
+
+* journalctl --verify: don't show files that are currently being
+  written to as FAIL, but instead show that their are being written
+  to.
+
+* assign MESSAGE_ID to log messages about failed services
+
+* coredump: make the handler check /proc/$PID/rlimits for RLIMIT_CORE,
+  and supress coredump if turned off. Then change RLIMIT_CORE to
+  infinity by default for all services. This then allows per-service
+  control of coredumping.
+
+* generate better errors when people try to set transient properties
+  that are not supported...
+  http://lists.freedesktop.org/archives/systemd-devel/2015-February/028076.html
+
+* Introduce $LISTEN_NAMES to complement $LISTEN_FDS, containing a
+  colon separated list of identifiers for the fds passed.
+
+* maybe introduce WantsMountsFor=? Usecase:
+  http://lists.freedesktop.org/archives/systemd-devel/2015-January/027729.html
+
+* rework kexec logic to use new kexec_file_load() syscall, so that we
+  don't have to call kexec tool anymore.
+
+* The udev blkid built-in should expose a property that reflects
+  whether media was sensed in USB CF/SD card readers. This should then
+  be used to control SYSTEMD_READY=1/0 so that USB card readers aren't
+  picked up by systemd unless they contain a medium. This would mirror
+  the behaviour we already have for CD drives.
+
+* nspawn: emulate /dev/kmsg using CUSE and turn off the syslog syscall
+  with seccomp. That should provide us with a useful log buffer that
+  systemd can log to during early boot, and disconnect container logs
+  from the kernel's logs.
+

 * networkd/udev: implement SR_IOV configuration in .link files:
   http://lists.freedesktop.org/archives/systemd-devel/2015-January/027451.html
 
 * networkd/udev: implement SR_IOV configuration in .link files:
   http://lists.freedesktop.org/archives/systemd-devel/2015-January/027451.html
 


@@ -45,7 +185,7 @@ Features:
 
 * logind: maybe allow configuration of the StopTimeout for session scopes
 
 
 * logind: maybe allow configuration of the StopTimeout for session scopes
 

-* Set NoNewPriviliges= on all of our own services, where that makes sense
+* Set NoNewPrivileges= on all of our own services, where that makes sense

 
 * Rework systemctl's GetAll property parsing to use the generic bus_map_all_properties() API
 
 
 * Rework systemctl's GetAll property parsing to use the generic bus_map_all_properties() API
 


@@ -55,20 +195,14 @@ Features:
 
 * import-dkr: convert json bits to nspawn configuration
 
 
 * import-dkr: convert json bits to nspawn configuration
 

-* import: support import from local files, and export to local files
-

 * core/cgroup: support net_cls modules, and support automatically allocating class ids, then add support for making firewall changes depending on it, to implement a per-service firewall
 
 * introduce systemd-nspawn-ephemeral@.service, and hook it into "machinectl start" with a new --ephemeral switch
 
 * core/cgroup: support net_cls modules, and support automatically allocating class ids, then add support for making firewall changes depending on it, to implement a per-service firewall
 
 * introduce systemd-nspawn-ephemeral@.service, and hook it into "machinectl start" with a new --ephemeral switch
 

-* logind,machined: add generic catch-all polkit verbs for most privileged operations, similar to systemd itself
-

 * "machinectl status" should also show internal logs of the container in question
 
 * "machinectl list-images" should show os-release data, as well as machine-info data (including deployment level)
 
 * "machinectl status" should also show internal logs of the container in question
 
 * "machinectl list-images" should show os-release data, as well as machine-info data (including deployment level)
 

-* nspawn: when start a container "foobar" look for its configuration in a file "foobar.nspawn" in /etc/systemd/nspawn/ as well as next to the actualy directory or image to boot
-

 * Port various tools to make use of verbs.[ch], where applicable
 
 * "machinectl history"
 * Port various tools to make use of verbs.[ch], where applicable
 
 * "machinectl history"


@@ -77,14 +211,8 @@ Features:
 
 * "machinectl commit" that takes a writable snapshot of a tree, invokes a shell in it, and marks it read-only after use
 
 
 * "machinectl commit" that takes a writable snapshot of a tree, invokes a shell in it, and marks it read-only after use
 

-* "machinectl status" should show 10 most recent log lines of both the host logs of the unit of the machine, plus the logs generated in the machine
-
-* add transparent btrfs pool in a loopback file in /var if btrfs operations (such as systemd-import pull-dkr) are used and /var is not a btrfs file system
-

 * systemd-nspawn -x should support ephemeral instances of gpt images
 
 * systemd-nspawn -x should support ephemeral instances of gpt images
 

-* move machinectl's mount and copy commands into machined
-

 * hostnamectl: show root image uuid
 
 * sysfs set api in libudev is not const
 * hostnamectl: show root image uuid
 
 * sysfs set api in libudev is not const


@@ -114,21 +242,12 @@ Features:
 * as soon as we have kdbus, and sender timestamps, revisit coalescing multiple parallel daemon reloads:
   http://lists.freedesktop.org/archives/systemd-devel/2014-December/025862.html
 
 * as soon as we have kdbus, and sender timestamps, revisit coalescing multiple parallel daemon reloads:
   http://lists.freedesktop.org/archives/systemd-devel/2014-December/025862.html
 

-* set $REMOTE_IP (or $REMOTE_ADDR/$REMOTE_PORT) environment variable when doing per-connection socket activation. use format introduced by xinetd or CGI for this
-

 * the install state probably shouldn't get confused by generated units, think dbus1/kdbus compat!
 
 * in systemctl list-unit-files: show the install value the presets would suggest for a service in a third column
 
 * the install state probably shouldn't get confused by generated units, think dbus1/kdbus compat!
 
 * in systemctl list-unit-files: show the install value the presets would suggest for a service in a third column
 

-* we should try harder to collapse start jobs for swaps that end up being the same:
-  http://lists.freedesktop.org/archives/systemd-devel/2014-November/025359.html
-
-* timedated should compensate on SetTime for the time spent in polkit
-

 * figure out when we can use the coarse timers
 
 * figure out when we can use the coarse timers
 

-* sd-resolve: drop res_query wrapping, people should call via the bus to resolved instead
-

 * add "systemctl start -v foobar.service" that shows logs of a service
   while the start command runs. This is non-trivial to do without
   races though, since we should flush out all journal messages before
 * add "systemctl start -v foobar.service" that shows logs of a service
   while the start command runs. This is non-trivial to do without
   races though, since we should flush out all journal messages before


@@ -138,15 +257,13 @@ Features:
 
 * timesyncd + resolved: add ugly bus calls to set NTP and DNS servers per-interface, for usage by NM
 
 
 * timesyncd + resolved: add ugly bus calls to set NTP and DNS servers per-interface, for usage by NM
 

-* networkd-wait-online really should have a timeout by default
-

 * add infrastructure to allocate dynamic/transient users and UID ranges, for use in user-namespaced containers, per-seat gdm login screens and gdm guest sessions
 
 * machined: add an API so that libvirt-lxc can inform us about network interfaces being removed or added to an existing machine
 
 * maybe add support for specifier expansion in user.conf, specifically DefaultEnvironment=
 
 * add infrastructure to allocate dynamic/transient users and UID ranges, for use in user-namespaced containers, per-seat gdm login screens and gdm guest sessions
 
 * machined: add an API so that libvirt-lxc can inform us about network interfaces being removed or added to an existing machine
 
 * maybe add support for specifier expansion in user.conf, specifically DefaultEnvironment=
 

-* code cleanup: retire FOREACH_WORD_QUOTED, port to unquote_first_word() loops instead
+* code cleanup: retire FOREACH_WORD_QUOTED, port to extract_first_word() loops instead

 
 * introduce systemd-timesync-wait.service or so to sync on an NTP fix?
 
 
 * introduce systemd-timesync-wait.service or so to sync on an NTP fix?
 


@@ -182,9 +299,7 @@ Features:
 
 * exponential backoff in timesyncd and resolved when we cannot reach a server
 
 
 * exponential backoff in timesyncd and resolved when we cannot reach a server
 

-* tmpfiles: port to unquote_many_words(), similar to sysusers
-
-* unquote_many_words() should probably be used by a lot of code that
+* extract_many_words() should probably be used by a lot of code that

   currently uses FOREACH_WORD and friends. For example, most conf
   parsing callbacks should use it.
 
   currently uses FOREACH_WORD and friends. For example, most conf
   parsing callbacks should use it.
 


@@ -193,43 +308,42 @@ Features:
 * systemd.show_status= should probably have a mode where only failed
   units are shown.
 
 * systemd.show_status= should probably have a mode where only failed
   units are shown.
 

+* add systemd.abort_on_kill or some other such flag to send SIGABRT instead of SIGKILL
+  (throughout the codebase, not only PID1)
+

 * networkd:
   - add LLDP client side support
   - the DHCP lease data (such as NTP/DNS) is still made available when
     a carrier is lost on a link. It should be removed instantly.
 * networkd:
   - add LLDP client side support
   - the DHCP lease data (such as NTP/DNS) is still made available when
     a carrier is lost on a link. It should be removed instantly.

-  - .network setting that allows overriding of the hostname to send to the dhcp server
-    http://lists.freedesktop.org/archives/systemd-devel/2014-July/021550.html

   - expose in the API the following bits:
         - option 15, domain name and/or option 119, search list
         - option 12, host name and/or option 81, fqdn
   - expose in the API the following bits:
         - option 15, domain name and/or option 119, search list
         - option 12, host name and/or option 81, fqdn

-        - option 100, 101, timezone

         - option 123, 144, geolocation
         - option 252, configure http proxy (PAC/wpad)
         - option 123, 144, geolocation
         - option 252, configure http proxy (PAC/wpad)

-  - networkd's dhcp server should transparently pass on the DNS and
-    NTP server list it got from user configuration and its dhcp client
-    to clients. It should also pass on its own timezone information.

   - provide a way to define a per-network interface default metric value
     for all routes to it. possibly a second default for DHCP routes.
   - allow Name= to be specified repeatedly in the [Match] section. Maybe also
     support Name=foo*|bar*|baz ?
   - provide a way to define a per-network interface default metric value
     for all routes to it. possibly a second default for DHCP routes.
   - allow Name= to be specified repeatedly in the [Match] section. Maybe also
     support Name=foo*|bar*|baz ?

+  - duplicate address check for static IPs (like ARPCHECK in network-scripts)
+  - allow DUID/IAID to be customized, see issue #394.
+  - support configuration option for TSO (tcp segmentation offload)
+  - networkd: whenever uplink info changes, make DHCP server send out FORCERENEW

 
 * resolved:
   - put networkd events and rtnl events at a higher priority, so that
     we always process them before we process client requests
   - DNSSEC
 
 * resolved:
   - put networkd events and rtnl events at a higher priority, so that
     we always process them before we process client requests
   - DNSSEC

-        - use base64 for key presentation?

         - add display of private key types (http://tools.ietf.org/html/rfc4034#appendix-A.1.1)?
         - add display of private key types (http://tools.ietf.org/html/rfc4034#appendix-A.1.1)?

-        - add nice formatting of DNS timestamps

   - DNS
         - search paths
   - mDNS/DNS-SD
         - avahi compat
   - DNS-SD service registration from socket units
   - edns0
   - DNS
         - search paths
   - mDNS/DNS-SD
         - avahi compat
   - DNS-SD service registration from socket units
   - edns0

-  - dname
+  - dname: Not necessary for plain DNS as synthesized cname is handed out instead if we do not
+           announce dname support. However, for DNSSEC it is necessary as the synthesized cname
+           will not be signed.

   - cname on PTR (?)
   - cname on PTR (?)

-  - maybe randomize DNS UDP source ports
-  - maybe compare query section of DNS replies

 
 * Allow multiple ExecStart= for all Type= settings, so that we can cover rescue.service nicely
 
 
 * Allow multiple ExecStart= for all Type= settings, so that we can cover rescue.service nicely
 


@@ -307,7 +421,6 @@ Features:
     the hierarchies of child processes
 
 * transient units:
     the hierarchies of child processes
 
 * transient units:

-  - allow creating auxiliary units with the same call

   - add field to transient units that indicate whether systemd or somebody else saves/restores its settings, for integration with libvirt
   - ensure scope units may be started only a single time
 
   - add field to transient units that indicate whether systemd or somebody else saves/restores its settings, for integration with libvirt
   - ensure scope units may be started only a single time
 


@@ -345,6 +458,7 @@ Features:
   ReadOnlyDirectories=... for whitelisting files for a service.
 
 * sd-bus:
   ReadOnlyDirectories=... for whitelisting files for a service.
 
 * sd-bus:

+  - EBADSLT handling

   - GetAllProperties() on a non-existing object does not result in a failure currently
   - kdbus: process fd=-1 for incoming msgs
   - port to sd-resolve for connecting to TCP dbus servers
   - GetAllProperties() on a non-existing object does not result in a failure currently
   - kdbus: process fd=-1 for incoming msgs
   - port to sd-resolve for connecting to TCP dbus servers


@@ -438,8 +552,6 @@ Features:
 
 * maybe do not install getty@tty1.service symlink in /etc but in /usr?
 
 
 * maybe do not install getty@tty1.service symlink in /etc but in /usr?
 

-* re-enable "make check" for gtk-doc (broken for unknown reason)
-

 * fstab: add new mount option x-systemd-after=/foobar/waldo to allow manual dependencies to other mount points
   https://bugzilla.redhat.com/show_bug.cgi?id=812826
 
 * fstab: add new mount option x-systemd-after=/foobar/waldo to allow manual dependencies to other mount points
   https://bugzilla.redhat.com/show_bug.cgi?id=812826
 


@@ -467,7 +579,6 @@ Features:
   - logind: when the power button is pressed short, just popup a
     logout dialog. If it is pressed for 1s, do the usual
     shutdown. Inspiration are Macs here.
   - logind: when the power button is pressed short, just popup a
     logout dialog. If it is pressed for 1s, do the usual
     shutdown. Inspiration are Macs here.

-  - logind: allow users to kill or lock their own sessions

   - expose "Locked" property on logind sesison objects
   - given that logind now lets PID 1 do all nasty work, we can
     probably reduce the capability set it retains substantially.
   - expose "Locked" property on logind sesison objects
   - given that logind now lets PID 1 do all nasty work, we can
     probably reduce the capability set it retains substantially.


@@ -578,10 +689,6 @@ Features:
 
 * If we show an error about a unit (such as not showing up) and it has no Description string, then show a description string generated form the reverse of unit_name_mangle().
 
 
 * If we show an error about a unit (such as not showing up) and it has no Description string, then show a description string generated form the reverse of unit_name_mangle().
 

-* fedup: add --unit to systemctl switch-root somehow
-* fedup: do not delete initrd on switch-root
-* fedup: generator
-

 * clean up date formatting and parsing so that all absolute/relative timestamps we format can also be parsed
 
 * on shutdown: move utmp, wall, audit logic all into PID 1 (or logind?), get rid of systemd-update-utmp-runlevel
 * clean up date formatting and parsing so that all absolute/relative timestamps we format can also be parsed
 
 * on shutdown: move utmp, wall, audit logic all into PID 1 (or logind?), get rid of systemd-update-utmp-runlevel


@@ -639,17 +746,6 @@ Features:
 
 * when breaking cycles drop sysv services first, then services from /run, then from /etc, then from /usr
 
 
 * when breaking cycles drop sysv services first, then services from /run, then from /etc, then from /usr
 

-* automount: implement expire:
-   - set superblock timeout AUTOFS_DEV_IOCTL_TIMEOUT_CMD
-   - periodically run AUTOFS_DEV_IOCTL_EXPIRE_CMD
-     - every timeout/4 (original autofs logic)
-     - blocking, needs a thread
-     - run until -EAGAIN
-   - receive expire packet on pipe if kernel tells the timeout is over
-     - call umount
-     - answer expire packet on pipe with AUTOFS_DEV_IOCTL_{READY,FAIL}_CMD
-   - AUTOFS_DEV_IOCTL_EXPIRE_CMD returns
-

 * ExecOnFailure=/usr/bin/foo
 
 * udev:
 * ExecOnFailure=/usr/bin/foo
 
 * udev:


@@ -784,14 +880,12 @@ Features:
 
 * dhcp:
    - figure out how much we can increase Maximum Message Size
 
 * dhcp:
    - figure out how much we can increase Maximum Message Size

-   - export timezone information

    - support RFC4702 (pass FQDN)
 
 * dhcp6:
    - add functions to set previously stored IPv6 addresses on startup and get
      them at shutdown; store them in client->ia_na
    - write more test cases
    - support RFC4702 (pass FQDN)
 
 * dhcp6:
    - add functions to set previously stored IPv6 addresses on startup and get
      them at shutdown; store them in client->ia_na
    - write more test cases

-   - implement and do duplicate address detection, see rfc 4862, 5.4.

    - implement reconfigure support, see 5.3., 15.11. and 22.20.
    - implement support for temporary adressess (IA_TA)
    - implement dhcpv6 authentication
    - implement reconfigure support, see 5.3., 15.11. and 22.20.
    - implement support for temporary adressess (IA_TA)
    - implement dhcpv6 authentication