mirror of
https://github.com/systemd/systemd-stable.git
synced 2024-12-22 13:33:56 +03:00
update TODO
This commit is contained in:
parent
a174da59c2
commit
0361cee428
18
TODO
18
TODO
@ -22,8 +22,24 @@ Janitorial Clean-ups:
|
||||
|
||||
Features:
|
||||
|
||||
* nspawn: default to 1:1 userns
|
||||
|
||||
* Provide a reasonably bespoke solution for mounting host $HOME directories
|
||||
into containers:
|
||||
• add new option --mount-user=$USER for mounting $HOME of the user into the
|
||||
container at the same place
|
||||
• check /etc/passwd for UID or user name clashes. If UID clash pick a different
|
||||
UID in container, and map via userns. If user name clash, refuse. If
|
||||
matching user already exists use that.
|
||||
• otherwise: write user record of specified user into /run/host/passwd or so
|
||||
• in nss-systemd pick up user record from there and make available to system
|
||||
With all that in place if nspawn host and container payload are up-to-date
|
||||
enough we have a very simple way to make host users available in containers.
|
||||
|
||||
* systemd-sysusers: pick up passwords from credentials logic, so that users can
|
||||
easily set root user pw
|
||||
easily set root user pw. enable cred inheriting for root user from PID 1, so
|
||||
that for containers we can configure the root pw automatically via nspawn's
|
||||
--set-credential= switch. (Also do this for systemd-firstboot)
|
||||
|
||||
* whenever we receive fds via SCM_RIGHTS make sure none got dropped due to the
|
||||
reception limit the kernel silently enforces.
|
||||
|
Loading…
Reference in New Issue
Block a user