1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-22 17:35:35 +03:00

update TODO

This commit is contained in:
Lennart Poettering 2023-10-11 23:28:55 +02:00
parent b1b16aa977
commit 97046f2fc0

38
TODO
View File

@ -238,11 +238,8 @@ Features:
2nd key derived from volume key of the user, with which to wrap all
keys. maintain keys in kernel keyring if possible.
* use sd-event ratelimit feature optionally for .socket units to "pause" overly
busy sockets temporarily. (as a less drastic version of the trigger
ratelimit)
* similar, add the same for journal stream clients that log too much
* use sd-event ratelimit feature optionally for journal stream clients that log
too much
* systemd-mount should only consider modern file systems when mounting, similar
to systemd-dissect
@ -346,13 +343,6 @@ Features:
intended for a different OS. Take inspiration from how confext/sysext are
matched against OS.
* use different sbat for sd-boot and sd-stub (so that people can revoke one
without the other)
* in ukify merge sbat info from kernel (if it has any, upstream kernels so far
dont), of sd-stub and data supplied by user. Then measure sbat too in
sd-stub, explicitly.
* figure out what to do about credentials sealed to PCRs in kexec + soft-reboot
scenarios. Maybe insist sealing is done additionally against some keypair in
the TPM to which access is updated on each boot, for the next, or so?
@ -632,11 +622,6 @@ Features:
of the activated configuration and the image that is being activated (in case
verity is used, hash of the root hash).
* whenever we measure something into a TPM PCR from userspace, write a record in
TCG's "Canonical Event Log" format to some file, so that we can reason about
how PCR values we manage came to
be. https://trustedcomputinggroup.org/resource/canonical-event-log-format/
* bootspec: permit graceful "update" from type #2 to type #1. If both a type #1
and a type #2 entry exist under otherwise the exact same name, then use the
type #1 entry, and ignore the type #2 entry. This way, people can "upgrade"
@ -682,9 +667,6 @@ Features:
line. Benefit: works also on non-EFI systems, and can be requested on one
boot, for the next.
* figure out a sane way when building UKIs how to extract SBAT data from inner
kernel, extend it with component info, and add to outer kernel.
* systemd-sysupdate: make transport pluggable, so people can plug casync or
similar behind it, instead of http.
@ -1091,8 +1073,6 @@ Features:
images as OS payloads. i.e. have a generic OS image you can point to any
payload you like, which is then downloaded, securely verified and run.
* improve scope units to support creation by pidfd instead of by PID
* deprecate cgroupsv1 further (print log message at boot)
* systemd-dissect: add --cat switch for dumping files such as /etc/os-release
@ -1532,9 +1512,6 @@ Features:
* maybe extend .path units to expose fanotify() per-mount change events
* When reloading configuration PID 1 should reset all its properties to the
original defaults before calling parse_config()
* hibernate/s2h: if swap is on weird storage and refuse if so
* cgroups: use inotify to get notified when somebody else modifies cgroups
@ -1647,9 +1624,6 @@ Features:
* In DynamicUser= mode: before selecting a UID, use disk quota APIs on relevant
disks to see if the UID is already in use.
* expose IO accounting data on the bus, show it in systemd-run --wait and log
about it in the resource log message
* Add AddUser= setting to unit files, similar to DynamicUser=1 which however
creates a static, persistent user rather than a dynamic, transient user. We
can leverage code from sysusers.d for this.
@ -1831,8 +1805,8 @@ Features:
- when reloading configuration, apply new cgroup configuration
- when recursively showing the cgroup hierarchy, optionally also show
the hierarchies of child processes
- add settings for cgroup.max.descendants and cgroup.max.depth,
maybe use them for user@.service
- add settings for cgroup.max.descendants and cgroup.max.depth,
maybe use them for user@.service
* transient units:
- add field to transient units that indicate whether systemd or somebody else saves/restores its settings, for integration with libvirt
@ -1845,8 +1819,6 @@ Features:
* rfkill,backlight: we probably should run the load tools inside of the udev rules so that the state is properly initialized by the time other software sees it
* After coming back from hibernation reset hibernation swap partition using the /dev/snapshot ioctl APIs
* If we try to find a unit via a dangling symlink, generate a clean
error. Currently, we just ignore it and read the unit from the search
path anyway.
@ -2298,8 +2270,6 @@ Features:
if the output file exists, so a repeated invocation will usually fail if
something goes wrong on the way.
* systemd-repart: drop pager mode on normal operation?
* systemd-repart: by default generate minimized partition tables (i.e. tables
that only cover the space actually used, excluding any free space at the
end), in order to maximize dd'ability. Requires libfdisk work, see