mirror of
https://github.com/systemd/systemd.git
synced 2025-01-03 05:18:09 +03:00
update TODO
This commit is contained in:
Lennart Poettering
parent
a48c1699eb
commit
26e6986527
21
TODO
21
TODO
@ -39,7 +39,6 @@ External:
|
||||
- how to make changes to sysctl and sysfs attributes
|
||||
- remote access
|
||||
- how to pass throw-away units to systemd, or dynamically change properties of existing units
|
||||
- testing with Harald's awesome test kit
|
||||
- auto-restart
|
||||
- how to develop against journal browsing APIs
|
||||
- the journal HTTP iface
|
||||
@ -130,6 +129,24 @@ Deprecations and removals:
|
||||
|
||||
Features:
|
||||
|
||||
* define a generic "report" varlink interface, which services can implement to
|
||||
provide health/statistics data about themselves. then define a dir somewhere
|
||||
in /run/ where components can bind such sockets. Then make journald, logind,
|
||||
and pid1 itself implement this and expose various stats on things there. Then
|
||||
issue parallel calls to these interfaces from the systemd-report tool,
|
||||
combine into one json document, and include measurment logs and tpm
|
||||
quote. tpm quote should proctect the json doc via the nonce field
|
||||
studd. Allow shipping this off elsewhere for analyze.
|
||||
|
||||
* sd-varlink: maybe add flag(s) to mark methods accepti/require "more" calls in
|
||||
introspection structures already now, even if IDL doesn't know a construct to
|
||||
advertise this. But do enforce it when validating incoming method calls, so
|
||||
that we definitely have the data around and valid. For now, generate an IDL
|
||||
comment based on this info.
|
||||
|
||||
* The bind(AF_UNSPEC) construct (for resetting sockets to their initial state)
|
||||
should be blocked in many cases because it punches holes in many sandboxes.
|
||||
|
||||
* find a nice way to opt-in into auto-masking SIGCHLD on first
|
||||
sd_event_add_child(), and then get rid of many more explicit sigprocmask()
|
||||
calls.
|
||||
@ -598,6 +615,8 @@ Features:
|
||||
* measure some string via pcrphase whenever we end up booting into emergency
|
||||
mode.
|
||||
|
||||
* similar, measure some string via pcrphase whenver we resume from hibernate
|
||||
|
||||
* homed: add a basic form of secrets management to homed, that stores
|
||||
secrets in $HOME somewhere, is protected by the accounts own authentication
|
||||
mechanisms. Should implement something PKCS#11-like that can be used to
|
||||
|
||||
Loading…
Reference in New Issue
Block a user