1
0
mirror of https://github.com/systemd/systemd.git synced 2025-01-09 01:18:19 +03:00

update TODO

This commit is contained in:
Lennart Poettering 2024-09-12 16:17:42 +02:00
parent 9045f88d72
commit dd4114317a

33
TODO
View File

@ -943,9 +943,6 @@ Features:
* systemd-tmpfiles: add concept for conditionalizing lines on factory reset * systemd-tmpfiles: add concept for conditionalizing lines on factory reset
boot, or on first boot. boot, or on first boot.
* in UKIs: add way to define allowlist of additional words that can be added to
the kernel cmdline even in SecureBoot mode
* we probably needs .pcrpkeyrd or so as additional PE section in UKIs, * we probably needs .pcrpkeyrd or so as additional PE section in UKIs,
which contains a separate public key for PCR values that only apply in the which contains a separate public key for PCR values that only apply in the
initrd, i.e. in the boot phase "enter-initrd". Then, consumers in userspace initrd, i.e. in the boot phase "enter-initrd". Then, consumers in userspace
@ -1253,9 +1250,6 @@ Features:
appropriate qemu cmdline. That way qemu payloads could talk sd_notify() appropriate qemu cmdline. That way qemu payloads could talk sd_notify()
directly to host service manager. directly to host service manager.
* sd-device has an API to create an sd_device object from a device id, but has
no api to query the device id
* sd-device should return the devnum type (i.e. 'b' or 'c') via some API for an * sd-device should return the devnum type (i.e. 'b' or 'c') via some API for an
sd_device object, so that data passed into sd_device_new_from_devnum() can sd_device object, so that data passed into sd_device_new_from_devnum() can
also be queried. also be queried.
@ -1300,14 +1294,6 @@ Features:
multiple versions are around of the same resource, show which ones. (in other multiple versions are around of the same resource, show which ones. (in other
words: show partition labels). words: show partition labels).
* maybe add a generator that reads /proc/cmdline, looks for
systemd.pull-raw-portable=, systemd-pull-raw-sysext= and similar switches
that take a URL as parameter. It then generates service units for
systemd-pull calls that download these URLs if not installed yet. Use case:
invoke a VM or nspawn container in a way it automatically deploys/runs these
images as OS payloads. i.e. have a generic OS image you can point to any
payload you like, which is then downloaded, securely verified and run.
* systemd-dissect: add --cat switch for dumping files such as /etc/os-release * systemd-dissect: add --cat switch for dumping files such as /etc/os-release
* per-service sandboxing option: ProtectIds=. If used, will overmount * per-service sandboxing option: ProtectIds=. If used, will overmount
@ -1702,7 +1688,8 @@ Features:
zero and is not open anymore, while the latter happens when a file is zero and is not open anymore, while the latter happens when a file is
unlinked from any dir. unlinked from any dir.
* port systemctl, busctl, … over to format-table.[ch]'s table formatters * systemctl, machinectl, loginctl: port "status" commands over to
format-table.c's vertical output logic.
* pid1: lock image configured with RootDirectory=/RootImage= using the usual nspawn semantics while the unit is up * pid1: lock image configured with RootDirectory=/RootImage= using the usual nspawn semantics while the unit is up
@ -1728,9 +1715,6 @@ Features:
the entire system, with the exception of one specific service. See: the entire system, with the exception of one specific service. See:
https://lists.freedesktop.org/archives/systemd-devel/2018-February/040369.html https://lists.freedesktop.org/archives/systemd-devel/2018-February/040369.html
* maybe rework get_user_creds() to query the user database if $SHELL is used
for root, but only then.
* calenderspec: add support for week numbers and day numbers within a * calenderspec: add support for week numbers and day numbers within a
year. This would allow us to define "bi-weekly" triggers safely. year. This would allow us to define "bi-weekly" triggers safely.
@ -2177,16 +2161,9 @@ Features:
- follow PropertiesChanged state more closely, to deal with quick logouts and - follow PropertiesChanged state more closely, to deal with quick logouts and
relogins relogins
- (optionally?) spawn seat-manager@$SEAT.service whenever a seat shows up that as CanGraphical set - (optionally?) spawn seat-manager@$SEAT.service whenever a seat shows up that as CanGraphical set
- expose details of boot entries on the bus. In particular, it should be possible
to query the list of boot entry titles that bootctl / sd-boot would show.
Currently we only expose their identifiers.
* move multiseat vid/pid matches from logind udev rule to hwdb * move multiseat vid/pid matches from logind udev rule to hwdb
* logind: rework pam_logind to also do a bus call in case of invocation from
user@.service, which returns the XDG_RUNTIME_DIR value, and make this
behaviour selectable via pam module option.
* delay activation of logind until somebody logs in, or when /dev/tty0 pulls it * delay activation of logind until somebody logs in, or when /dev/tty0 pulls it
in or lingering is on (so that containers don't bother with it until PAM is used). also exit-on-idle in or lingering is on (so that containers don't bother with it until PAM is used). also exit-on-idle
@ -2300,9 +2277,7 @@ Features:
should probably honour that same limit (JOURNAL_FILES_MAX) when vacuuming to should probably honour that same limit (JOURNAL_FILES_MAX) when vacuuming to
ensure we never generate more files than we can actually view. ensure we never generate more files than we can actually view.
* maybe add a tool that displays most recent journal logs as QR code to scan * bsod: maybe use graphical mode. Use DRM APIs directly, see
off screen and run it automatically on boot failures, emergency logs and
such. Use DRM APIs directly, see
https://github.com/dvdhrm/docs/blob/master/drm-howto/modeset.c for an example https://github.com/dvdhrm/docs/blob/master/drm-howto/modeset.c for an example
for doing that. for doing that.
@ -2356,7 +2331,7 @@ Features:
- GNOME's side for forget key on suspend (requires rework so that lock screen runs outside of uid) - GNOME's side for forget key on suspend (requires rework so that lock screen runs outside of uid)
- update LUKS password on login if we find there's a password that unlocks the JSON record but not the LUKS device. - update LUKS password on login if we find there's a password that unlocks the JSON record but not the LUKS device.
- create on activate? - create on activate?
- properties: icon url?, preferred session type?, administrator bool (which translates to 'wheel' membership)?, address?, telephone?, vcard?, samba stuff?, parental controls? - properties: icon url?, administrator bool (which translates to 'wheel' membership)?, address?, telephone?, vcard?, samba stuff?, parental controls?
- communicate clearly when usb stick is safe to remove. probably involves - communicate clearly when usb stick is safe to remove. probably involves
beefing up logind to make pam session close hook synchronous and wait until beefing up logind to make pam session close hook synchronous and wait until
systemd --user is shut down. systemd --user is shut down.