mirror of
https://github.com/systemd/systemd.git
synced 2024-12-22 17:35:35 +03:00
update TODO
This commit is contained in:
parent
e20bfa5005
commit
c16167ea10
11
TODO
11
TODO
@ -147,6 +147,12 @@ Features:
|
|||||||
* use udev rule networkd ownership property to take ownership of network
|
* use udev rule networkd ownership property to take ownership of network
|
||||||
interfaces nspawn creates
|
interfaces nspawn creates
|
||||||
|
|
||||||
|
* support encrypted credentials in user context too. This is complicated by the
|
||||||
|
fact that the user does not have access to the TPM nor the system
|
||||||
|
credential. Implementation idea: extend the systemd-creds Varlink interface
|
||||||
|
to allow this: user must supply some per-user secret, that we'll include in
|
||||||
|
the encryption key.
|
||||||
|
|
||||||
* add a kernel cmdline switch (and cred?) for marking a system to be
|
* add a kernel cmdline switch (and cred?) for marking a system to be
|
||||||
"headless", in which case we never open /dev/console for reading, only for
|
"headless", in which case we never open /dev/console for reading, only for
|
||||||
writing. This would then mean: systemd-firstboot would process creds but not
|
writing. This would then mean: systemd-firstboot would process creds but not
|
||||||
@ -306,7 +312,6 @@ Features:
|
|||||||
- coredumpcl
|
- coredumpcl
|
||||||
- systemd-bless-boot
|
- systemd-bless-boot
|
||||||
- systemd-measure
|
- systemd-measure
|
||||||
- systemd-creds (allowing clients to encrypt credentials locally)
|
|
||||||
- systemd-cryptenroll (to allow UIs to enroll FIDO2 keys and such)
|
- systemd-cryptenroll (to allow UIs to enroll FIDO2 keys and such)
|
||||||
- systemd-dissect
|
- systemd-dissect
|
||||||
- systemd-sysupdate
|
- systemd-sysupdate
|
||||||
@ -314,9 +319,6 @@ Features:
|
|||||||
- systemd-pcrlock (to allow fwupd to relax policy)
|
- systemd-pcrlock (to allow fwupd to relax policy)
|
||||||
- kernel-install
|
- kernel-install
|
||||||
|
|
||||||
* Varlink: add glue code to allow varlink clients to be authenticated via
|
|
||||||
Polkit by passing client pidfd over.
|
|
||||||
|
|
||||||
* in the service manager, pick up ERRNO= + BUSERROR= + VARLINKERROR= error
|
* in the service manager, pick up ERRNO= + BUSERROR= + VARLINKERROR= error
|
||||||
identifiers, and store them along with the exit status of a server and report
|
identifiers, and store them along with the exit status of a server and report
|
||||||
via "systemctl status".
|
via "systemctl status".
|
||||||
@ -367,7 +369,6 @@ Features:
|
|||||||
- sd_bus_creds
|
- sd_bus_creds
|
||||||
- unit_attach_pid_to_cgroup_via_bus()
|
- unit_attach_pid_to_cgroup_via_bus()
|
||||||
- cg_attach() – requires new kernel feature
|
- cg_attach() – requires new kernel feature
|
||||||
- varlink_get_peer_pid()
|
|
||||||
|
|
||||||
* ddi must be listed as block device fstype
|
* ddi must be listed as block device fstype
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user