1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-22 17:35:35 +03:00
Commit Graph

2822 Commits

Author SHA1 Message Date
Joerg Behrmann
5bc9ea070f treewide: fix "an" before consonant U sounds
The article "a" goes before consonant sounds and "an" goes before vowel
sounds. This commit changes an to a for UKI, UDP, UTF-8, URL, UUID, U-Label, UI
and USB, since they start with the sound /ˌjuː/.
2023-07-06 11:59:41 +01:00
Lennart Poettering
aafd429ca7 update TODO 2023-07-04 23:20:33 +02:00
Lennart Poettering
89ee9e59f7 update TODO 2023-07-03 11:59:45 +02:00
Lennart Poettering
1fa5f1c52b update TODO 2023-06-29 13:14:13 +02:00
Lennart Poettering
d1797c42cc update TODO 2023-06-28 19:22:57 +02:00
Lennart Poettering
5e4c66450c
Merge pull request #27830 from 1awesomeJ/initrd
PID1: Detect battery level in initrd and if low refuse continuing to …
2023-06-28 19:18:03 +02:00
Lennart Poettering
76982d8944 update NEWS 2023-06-28 16:56:53 +02:00
OMOJOLA JOSHUA
67ced44302 Remove battery level check at early boot from TODO 2023-06-28 13:32:38 +01:00
Lennart Poettering
54b8a816a3 update TODO 2023-06-23 15:23:21 +02:00
Lennart Poettering
459d84076f update TODO 2023-06-20 14:41:28 +02:00
Mike Yuan
68f8a86a46 gpt-auto: expand the loader partition UUID check to include XBOOTLDR
Before this commit, we only accept the case when LoaderDevicePartUUID
points to the ESP, while XBOOTLDR is mounted unconditionally.

After this commit, we check if LoaderDevicePartUUID points to either
ESP or XBOOTLDR. If it does, mount both, else nothing gets mounted.
2023-06-20 11:15:48 +02:00
Lennart Poettering
be76bf625c update TODO 2023-06-19 10:36:42 +02:00
Frantisek Sumsal
9a27ef092e tree-wide: fix a couple of typos
As reported by Fossies.org.
2023-06-15 20:52:45 +02:00
Lennart Poettering
c4ffb53054 update TODO 2023-06-15 13:43:54 +02:00
Lennart Poettering
c4ccb80e39 bootctl: warn if the ESP random seed is stored on a world-readable dir
This takes heavy inspiration from @zx2c4 (Jason A. Donenfeld)'s
PR #25531 but changes it considerably, but always going by fd instead of
paths, and only warning about the side file itself and the ESP mount
point, nothing else. This shuld be more than enough and should not be
brittle against concurrent path modifications.

Replaces: #25531
2023-06-14 18:00:24 +02:00
Lennart Poettering
0f85a0d38f update TODO 2023-06-12 23:00:47 +02:00
Lennart Poettering
29de4eba1c update TODO 2023-06-08 09:55:18 +02:00
Lennart Poettering
5596fd8ff7 update TODO 2023-06-02 18:43:11 +02:00
Zbigniew Jędrzejewski-Szmek
9140404a12 man/analyze: reword description of malloc and fix link 2023-05-30 10:11:02 +02:00
Lennart Poettering
9c9b9b8915 update TODO 2023-05-25 14:33:45 +02:00
Luca Boccassi
f19b627560 TODO: remove fixed item 2023-05-24 15:02:36 +01:00
Lennart Poettering
e9dbe2abc3 update TODO 2023-05-23 11:03:49 +02:00
Lennart Poettering
9287925a0d update TODO 2023-05-19 14:04:07 +02:00
Zbigniew Jędrzejewski-Szmek
9dfed0d4cc
Merge pull request #27262 from keszybz/ukify-install
Add kernel-install plugin that calls ukify
2023-05-06 13:34:08 +02:00
Zbigniew Jędrzejewski-Szmek
a4b329e6aa TODO: remove two entries
0ccfd3564b implemented one of the items, and this
pull requests handles the other one.
2023-05-05 18:42:37 +02:00
Lennart Poettering
1408912282 update TODO 2023-05-03 17:55:55 +02:00
Lennart Poettering
f351e951d3 update TODO 2023-04-26 22:21:19 +02:00
Frantisek Sumsal
94d82b5980 tree-wide: code spelling fixes
As reported by Fossies.
2023-04-20 21:54:59 +02:00
Lennart Poettering
99620f457e service: close fdstore asynchronously
The file descriptors we keep in the fdstore might be basically anything,
let's clean it up with our asynchronous closing feature, to not
deadlock on close().

(Let's also do the same for stdin/stdout/stderr fds, since they might
point to network services these days.)
2023-04-13 06:44:27 +02:00
Lennart Poettering
3af48a86d9
Merge pull request #25608 from poettering/dissect-moar
dissect: add dissection policies
2023-04-12 13:46:08 +02:00
maanyagoenka
b60e0f5777 os-util: add a new confext image type and the ability to parse their release files
Adds a new image type called IMAGE_CONFEXT which is similar to IMAGE_SYSEXT but works
for the /etc/ directory instead of /usr/ and /opt/. This commit also adds the ability to
parse the release file that is present with the confext image in /etc/confext-release.d/
directory.
2023-04-05 21:50:04 +00:00
Lennart Poettering
3bcf564530 update TODO 2023-04-05 20:56:16 +02:00
Lennart Poettering
45ed795f41 update TODO
As it turns out RuntimeDirectoryPreserve= already supports such a mode.
2023-04-04 21:29:22 +02:00
Lennart Poettering
d657a4d8b1 update TODO 2023-04-04 21:29:22 +02:00
Lennart Poettering
a23d80d322 update TODO 2023-04-04 12:36:54 +02:00
William Roberts
acbb504eaf tpm2: add support for a trusted SRK
Prevent attackers from spoofing the tpmKey portion of the AuthSession by
adding a trusted key to the LUKS header metadata. Also, use a persistent
object rather than a transient object.

This provides the following benifits:
1. No way to MITM the tpmKey portion of the session, see [1] for
details.

2. Strengthens the encrypted sessions, note that the bindKey could be
   dropped now.

3. Speed, once it's created we just use it.

4. Owner Auth is needed to call create primary, so using the SRK
   creates a scratch space for normal users.

This is a "first to set" model, in where the first person to set the key
in the LUKS header wins. Thus, setup should be done in a known good
state. If an SRK, which is a primary key at a special persistent
address, is found, it will use whatever is there. If not, it creates an
SRK. The SRK follows the convetions used through the tpm2-software
organization code on GitHub [2], however, a split has occured between
Windows and Linux with respect to SRK templates. The Linux SRK is
generated with the unique field size set to 0, in Windows, it properly
sets the size to key size in bytes and the unique data to all 0's of that
size. Note the proper templates for SRKs is covered in spec [3].
However, the most important thing, is that both SRKs are passwordless,
and thus they should be interchangable. If Windows is the first to make
the SRK, systemd will gladly accept it and vice-versa.

1. Without the bindKey being utilized, an attacker was able to intercept
this and fake a key, thus being able to decrypt and encrypt traffic as
needed. Introduction of the bindKey strengthened this, but allows for
the attacker to brute force AES128CFB using pin guesses. Introduction of
the salt increases the difficulty of this attack as well as DA attacks
on the TPM objects itself.

2. https://github.com/tpm2-software

3. https://trustedcomputinggroup.org/wp-content/uploads/TCG-TPM-v2.0-Provisioning-Guidance-Published-v1r1.pdf

Fixes: #20668
Fixes: #22637

Signed-off-by: William Roberts <william.c.roberts@intel.com>
2023-04-03 13:10:49 +02:00
Daan De Meyer
02c914efe6 Trim TODO a bit
Let's drop stuff that's already implemented.
2023-03-31 19:24:19 +01:00
Lennart Poettering
6f1fe575f0 TODO: drop items regarding swap-for-hibernate-only-use
I doubt we should bother. Swap always makes sense, and having a swap
partition for hibernate only without using it all the time just makes
the system worse overall.
2023-03-31 12:21:35 +02:00
Lennart Poettering
3739c2fdfc update TODO 2023-03-29 19:09:10 +02:00
Lennart Poettering
2d887a2638 update TODO 2023-03-27 15:55:36 +02:00
Lennart Poettering
f447b74185 update TODO 2023-03-27 13:20:11 +02:00
Daan De Meyer
f461a28da7 chase-symlinks: Rename chase_symlinks() to chase()
Chasing symlinks is a core function that's used in a lot of places
so it deservers a less verbose names so let's rename it to chase()
and chaseat().

We also slightly change the pattern used for the chaseat() helpers
so we get chase_and_openat() and similar.
2023-03-24 13:43:51 +01:00
Lennart Poettering
c1c4ecd356 update TODO 2023-03-14 23:06:32 +01:00
Lennart Poettering
aa03f49917 update TODO 2023-03-09 22:29:11 +01:00
Jan Engelhardt
3ff1721c21 doc: replace wrong á preposition by à 2023-03-07 13:06:43 +01:00
Lennart Poettering
c8170f9c39 TODO 2023-03-06 18:49:09 +01:00
Lennart Poettering
c48f13d8e1 update TODO 2023-03-02 10:18:24 +01:00
Lennart Poettering
3d092a70b2 update TODO 2023-03-01 09:43:24 +01:00
Lennart Poettering
a69a520bd4 update TODO 2023-02-27 19:07:34 +01:00
Lennart Poettering
8b098d94ae update TODO 2023-02-24 17:09:04 +01:00
Lennart Poettering
512f2da5c7 update TODO 2023-02-21 10:18:33 +01:00
Zbigniew Jędrzejewski-Szmek
beca6b6e6b TODO: add entry for time-based glob cleanup 2023-02-20 15:27:42 +01:00
Lennart Poettering
1334070157 update TODO 2023-02-16 14:07:03 +01:00
Dmitry V. Levin
30fd9a2dab treewide: fix a few typos in NEWS, docs and comments 2023-02-15 10:41:03 +00:00
Lennart Poettering
2fbfdb1edc update TODO 2023-02-07 15:12:07 +01:00
Lennart Poettering
1c904337a2 update TODO 2023-02-06 15:02:59 +01:00
Lennart Poettering
8f8d7dff54 update TODO 2023-01-26 11:51:50 +01:00
Lennart Poettering
43057bf604 update TODO 2023-01-25 11:54:02 +01:00
Lennart Poettering
aa9424cbe8 update TODO 2023-01-24 15:33:38 +01:00
Yu Watanabe
d09df6b94e tree-wide: fix typo 2023-01-20 15:32:16 +09:00
Lennart Poettering
a67a50e8f4 update TODO 2023-01-17 09:42:16 +01:00
Lennart Poettering
32284ffc12 update TODO 2023-01-16 14:29:16 +01:00
Lennart Poettering
6fee784964 update TODO 2023-01-10 18:28:38 +01:00
Jan Janssen
d84bdadb43 boot: Remove option TPM PCR compat option
It says remove in 2023; happy to oblige.
2023-01-09 09:52:55 +01:00
Lennart Poettering
46730cd632 update TODO 2023-01-06 16:15:14 +01:00
Lennart Poettering
e793038a5e update TODO 2023-01-06 15:36:58 +01:00
Lennart Poettering
7122aee5ab
Merge pull request #25918 from bluca/smbios_sd_notify
Support AF_VSOCK in sd_notify and pick up notify_socket from creds
2023-01-06 15:21:27 +01:00
Luca Boccassi
03ede612be Update TODO 2023-01-05 23:07:16 +01:00
Lennart Poettering
17eab9467d update TODO 2023-01-05 18:53:08 +01:00
Lennart Poettering
f912cdbc8d update TODO 2023-01-05 11:02:13 +01:00
Lennart Poettering
309bba96d6 update TODO 2022-12-23 12:44:57 +01:00
Luca Boccassi
e5f48108cb Update TODO 2022-12-19 14:49:01 +01:00
Lennart Poettering
a1ad873d2f TODO 2022-12-16 15:03:06 +01:00
Lennart Poettering
c0e42509da update TODO 2022-12-15 11:40:21 +01:00
Lennart Poettering
e591cd5c8a update TODO 2022-12-12 15:44:29 +01:00
Lennart Poettering
a0bccdd375 update TODO 2022-12-12 12:59:30 +01:00
Lennart Poettering
f18b0a7630 update TODO 2022-12-07 14:31:57 +01:00
Luca Boccassi
8825e90a70 Update TODO 2022-12-03 11:23:00 +00:00
Yu Watanabe
6c2d70ce9f tree-wide: fix typo 2022-12-02 13:27:08 +09:00
Lennart Poettering
b62a45d89b update TODO 2022-12-01 17:35:33 +01:00
Christian Brauner
3734fec727 TODO: add unprivileged nspawn item
Signed-off-by: Christian Brauner (Microsoft) <brauner@kernel.org>
2022-12-01 10:42:47 +01:00
Christian Brauner
3922f98212 TODO: add socket reduction entry for nspawn
Signed-off-by: Christian Brauner (Microsoft) <brauner@kernel.org>
2022-12-01 10:42:47 +01:00
Christian Brauner
fdeabf571a TODO: add CLONE_PARENT entry for nspawn
Signed-off-by: Christian Brauner (Microsoft) <brauner@kernel.org>
2022-12-01 10:42:47 +01:00
Christian Brauner
71b77f0689 TODO: consolidate nspawn items
Signed-off-by: Christian Brauner (Microsoft) <brauner@kernel.org>
2022-12-01 10:42:47 +01:00
Lennart Poettering
d25c24d493 update TODO 2022-11-30 17:26:11 +01:00
Lennart Poettering
c8d9ce4aa0 update TODO 2022-11-29 16:56:07 +01:00
Lennart Poettering
87a7084b35 update TODO 2022-11-29 10:47:51 +01:00
Lennart Poettering
4cb8a25b04 update TODO 2022-11-25 17:34:32 +01:00
Zbigniew Jędrzejewski-Szmek
ca4249847b TODO: add item about mnt_fstype_is_netfs() 2022-11-23 12:43:28 +01:00
Jason A. Donenfeld
0a1d8ac77a stub: handle random seed like sd-boot does
sd-stub has an opportunity to handle the seed the same way sd-boot does,
which would have benefits for UKIs when sd-boot is not in use. This
commit wires that up.

It refactors the XBOOTLDR partition discovery to also find the ESP
partition, so that it access the random seed there.
2022-11-23 00:56:45 +01:00
Lennart Poettering
28795f2c13 update TODO 2022-11-21 15:14:22 +01:00
Lennart Poettering
d995ccd7b5 update TODO 2022-11-18 14:58:30 +01:00
Jason A. Donenfeld
1d679b208d Update NEWS and TODO with sd-boot random seed developments 2022-11-17 18:15:04 +01:00
Jeremy Linton
bc09c2d865 acpi-fpdt: Use kernel fpdt parsing
On some kernels/distros (RHEL/aarch64) /dev/mem is
turned off. This means that the ACPI FPDT data is
missing from systemd-analyze output when /dev/mem
fails to provide the boot times.

Instead recent kernels can export that data from
/sys/firmware/acpi/fpdt/boot/ entries. Use that
information if available first.

Signed-off-by: Jeremy Linton <jeremy.linton@arm.com>
2022-11-14 20:07:57 -06:00
Lennart Poettering
0b556555c2 update TODO 2022-11-10 22:19:42 +01:00
Lennart Poettering
9df82722f6 update TODO 2022-11-10 15:59:58 +01:00
Yu Watanabe
bf18862267
Merge pull request #25291 from keszybz/util-cleanup
Split/rename util.c+h and def.h
2022-11-09 09:23:17 +09:00
Lennart Poettering
084ecae56f update TODO 2022-11-08 16:39:27 +01:00
Zbigniew Jędrzejewski-Szmek
b61b95ae9e tests: move tests for eqzero() to a new file
It's a bit silly to have a separate file that one short test, but this is the
last part of the test code that is misplaced, and here consistency beats
brevity.
2022-11-08 13:41:13 +01:00
Lennart Poettering
6d040d84f5 update TODO 2022-10-31 12:38:48 +01:00
Lennart Poettering
e8cb96ac86 update TODO 2022-10-26 11:09:18 +02:00
Yu Watanabe
bcf04e9b27 tree-wide: fix typo 2022-10-26 03:24:45 +09:00
Lennart Poettering
0cdb1a2fa3 update TODO 2022-10-25 17:46:18 +02:00
Lennart Poettering
efe7ab9652 update TODO 2022-10-20 18:28:55 +02:00
Lennart Poettering
5bc58da2bc update TODO 2022-10-19 18:55:34 +02:00
Luca Boccassi
50675bb98f
Merge pull request #25050 from keszybz/transient-drop-ins-2
TEST-15: add one more variant of the test for drop-ins on transient services
2022-10-18 19:32:36 +02:00
Zbigniew Jędrzejewski-Szmek
70f0e75ef8 TODO: drop entry
This was resolved by 028a981c00. We don't do
the reload in the normal path.
2022-10-18 12:29:09 +02:00
Lennart Poettering
9ef6330e17 update TODO 2022-10-18 12:10:02 +02:00
Daan De Meyer
f87338fa26 Update TODO 2022-10-17 16:10:42 +02:00
Lennart Poettering
c868e95ebb update TODO 2022-10-17 11:21:00 +02:00
Lennart Poettering
924a329a00 update TODO 2022-10-14 21:07:29 +02:00
Lennart Poettering
4554c178bf update TODO 2022-10-14 11:33:17 +02:00
Yu Watanabe
7ff7eadf42 TODO: fix typo 2022-10-13 17:15:50 +09:00
Lennart Poettering
fd5dead7d6 update TODO 2022-10-13 09:48:01 +02:00
Lennart Poettering
4d727f8686 update TODO with discussions from Image-based Linux summit 2022-10-12 10:04:07 +02:00
Lennart Poettering
a5a0da085a update TODO 2022-10-11 15:07:32 +02:00
Yu Watanabe
ae24e4e80e TODO: fix typo 2022-10-08 15:09:53 +09:00
Lennart Poettering
feffee70d9 update TODO 2022-10-04 11:55:33 +02:00
Luca Boccassi
a9b0d0a2d0 TODO: tmpfiles.d m/M 2022-10-03 15:28:11 +01:00
Luca Boccassi
697f082697
Merge pull request #24853 from poettering/resolved-monitor-fixes
resolved: various monitor fixes
2022-09-30 15:46:13 +01:00
Luca Boccassi
e69e3830c3
Merge pull request #24739 from keszybz/coredump-formatting
Improve formatting of package metadata in coredumps
2022-09-30 15:42:15 +01:00
Lennart Poettering
de76643b3f update TODO 2022-09-30 14:25:13 +02:00
Zbigniew Jędrzejewski-Szmek
1a0281a3eb coredump: shorten output about package metadata to one line
We would print the whole thing in extenso. Users generally don't care,
and would likely prefer to just get the compact identifier of the package
that they can use in a bug report or package manager commands.

Before:
systemd-coredump[40645]: [🡕] Process 1975 (gnome-shell) of user 1000 dumped core.

                         Module /usr/bin/gnome-shell (deleted) with build-id aafdb7d69a7efca937e490080ad9348541fc57d8
                         Metadata for module /usr/bin/gnome-shell (deleted) owned by FDO found: {
                                 "type" : "rpm",
                                 "name" : "gnome-shell",
                                 "version" : "43~rc-3.fc37",
                                 "architecture" : "x86_64",
                                 "osCpe" : "cpe:/o:fedoraproject:fedora:37"
                         }

                         Module /usr/lib64/gnome-shell/libgvc.so (deleted) with build-id 56cbb9862e1ee84ca1549b94f2b4cda03537613e
                         Metadata for module /usr/lib64/gnome-shell/libgvc.so (deleted) owned by FDO found: {
                                 "type" : "rpm",
                                 "name" : "gnome-shell",
                                 "version" : "43~rc-2.fc37",
                                 "architecture" : "x86_64",
                                 "osCpe" : "cpe:/o:fedoraproject:fedora:37"
                         }

                         Module /usr/lib64/libLLVM-14.so (deleted) with build-id ffa7e43f48eb4c189304c0241b1862710de4c3a4
                         Metadata for module /usr/lib64/libLLVM-14.so (deleted) owned by FDO found: {
                                 "type" : "rpm",
                                 "name" : "gnome-shell",
                                 "version" : "43~rc-2.fc37",
                                 "architecture" : "x86_64",
                                 "osCpe" : "cpe:/o:fedoraproject:fedora:37"
                         }

After:
systemd-coredump[235218]: [🡕] Process 235216 (bash) of user 1000 dumped core.

                          Module libtinfo.so.6 from rpm ncurses-6.3-3.20220501.fc37.x86_64, build-id=71a04d23fd572525eb6efc47026c379725e06d96
                          Module bash from rpm bash-5.1.16-3.fc37.x86_64, build-id=6c936aff95a2ccda04a3fb685a81a84a0a8d10da
                          Stack trace of thread 235216:
                          #0  0x00007fa409ec8d8b kill (libc.so.6 + 0x38d8b)
                          #1  0x0000560d35e366b1 kill_builtin (bash + 0xad6b1)
                          #2  0x0000560d35dd7227 execute_builtin.lto_priv.0 (bash + 0x4e227)
                          #3  0x0000560d35dd0459 execute_simple_command (bash + 0x47459)
                          #4  0x0000560d35dd1de0 execute_command_internal (bash + 0x48de0)
                          #5  0x0000560d35e307aa parse_and_execute (bash + 0xa77aa)
                          #6  0x0000560d35e91b08 run_one_command.isra.0 (bash + 0x108b08)
                          #7  0x0000560d35dba07c main (bash + 0x3107c)
                          #8  0x00007fa409eb3510 __libc_start_call_main (libc.so.6 + 0x23510)
                          #9  0x00007fa409eb35c9 __libc_start_main@@GLIBC_2.34 (libc.so.6 + 0x235c9)
                          #10 0x0000560d35dbad85 _start (bash + 0x31d85)
2022-09-28 10:47:42 +02:00
Topi Miettinen
75723d31a6 units: udev: partially emulate ProtectClock=
Drop CAP_SYS_TIME and CAP_WAKE_ALARM capabilities and block clock-related
system calls. Update TODO.
2022-09-26 11:40:28 +02:00
Lennart Poettering
eb8817db6e update TODO 2022-09-26 10:06:11 +02:00
Lennart Poettering
842beda4c5 TODO 2022-09-23 16:13:11 +02:00
Lennart Poettering
dd5533801b
Merge pull request #24700 from poettering/ssh-creds
support easy provisioning for SSH key of root user
2022-09-23 16:01:09 +02:00
Lennart Poettering
fdcc31b718 update TODO 2022-09-23 11:44:01 +02:00
Lennart Poettering
d1666bde9c update TODO
(let's also merge all TODO items about adding creds support to various
tools into one item)
2022-09-23 09:34:12 +02:00
Lennart Poettering
7dad781102 update TODO 2022-09-22 16:57:58 +02:00
Lennart Poettering
4d0d34b4e7
Merge pull request #24709 from keszybz/partition-table-constants
Expose various GPT UUIDs as public contants and link them up in docs
2022-09-21 20:07:21 +02:00
Zbigniew Jędrzejewski-Szmek
da7dfd8ef5 docs/DPS: use the SD_GPT_* constants here too 2022-09-21 15:30:31 +02:00
Luca Boccassi
3d4cbc3f8e TODO: drop support for unmerged-usr in H2 2023 2022-09-20 20:08:18 +01:00
Zbigniew Jędrzejewski-Szmek
92e7202812 headers: export partition uuids and flags in new sd-gpt.h file
I think those constants are generally useful. It's quite easy to make a mistake
when copying things from the docs, so let's make them easy and convenient to
access.
2022-09-20 16:48:50 +02:00
Lennart Poettering
d52e1c81b9 update TODO
Seeding RNG via SMBIOS is bad idea, since often measurement of SMBIOS
tables is used for TPM policies, under the assumption SMBIOS remains
static after a certain point.
2022-09-16 16:24:56 +01:00
Lennart Poettering
72a773775d update TODO 2022-09-16 13:57:05 +01:00
Yu Watanabe
8cfde28b61 update TODO 2022-09-16 04:18:58 +09:00
Yu Watanabe
af3d387365 tree-wide: fix typo 2022-09-15 06:03:57 +09:00
Zbigniew Jędrzejewski-Szmek
d01d9197f5 TODO: various things about partitioning 2022-09-13 15:52:33 +01:00
Lennart Poettering
1135779156 update TODO 2022-09-12 11:03:42 +01:00
Lennart Poettering
4e0ceefeb6 update TODO 2022-09-12 00:13:44 +01:00
Lennart Poettering
1d5f14ef3d update TODO 2022-09-09 11:53:06 +02:00
Lennart Poettering
be429c8ff6 update TODO 2022-09-08 13:14:04 +02:00
Daan De Meyer
0fc40a0ef6 update TODO 2022-09-08 08:43:50 +02:00
Lennart Poettering
95150f3f56 update TODO 2022-09-02 18:09:57 +02:00
Lennart Poettering
b7b7441de4 update TODO 2022-09-01 09:48:40 +02:00
Lennart Poettering
a9f1bf409f update TODO 2022-08-31 18:29:30 +02:00
Lennart Poettering
180efdb768 update TODO 2022-08-23 15:10:15 +02:00
Lennart Poettering
7484c60ec6
Merge pull request #23653 from aafeijoo-suse/ask-for-recovery-key
cryptsetup: improve password prompt text
2022-08-19 14:55:54 +02:00
Antonio Alvarez Feijoo
2b56004001
update TODO 2022-08-19 09:02:17 +02:00
Frantisek Sumsal
cd7ad0cbde
Merge pull request #24054 from keszybz/initrd-no-reload
Don't do daemon-reload in the initrd
2022-08-18 13:15:14 +00:00
Lennart Poettering
8680e40a2c update TODO 2022-08-12 15:37:36 +02:00
Lennart Poettering
80821405da update TODO 2022-08-08 13:50:20 +02:00
Lennart Poettering
dec6f61928 update TODO 2022-08-02 20:01:59 +02:00
Luca Boccassi
675a644de2
Merge pull request #24146 from poettering/efi-stub-measure-payload
stub: measure kernel/initrd/parameters into clean PCRs 11/12/13, and add "systemd-measure" tool to be able to pre-calculate values
2022-08-02 14:42:33 +01:00
Lennart Poettering
7f8258b4a3 update TODO 2022-08-02 14:01:37 +02:00
Lennart Poettering
c0a74f6286 update TODO 2022-08-02 10:29:04 +02:00
Lennart Poettering
c794e280e9 update TODO 2022-08-02 10:28:15 +02:00
Lennart Poettering
5b6e5d57d0 update TODO 2022-07-28 11:25:26 +02:00
Lennart Poettering
5a20b1aacb update TODO
(this basically just copies a coment from src/boot/efi/measure.h into
the TODO)
2022-07-26 20:47:41 +02:00
Lennart Poettering
1160267a98 update TODO 2022-07-25 16:08:10 +02:00
Lennart Poettering
9eb41aab8c update TODO 2022-07-25 15:01:37 +02:00
Lennart Poettering
812a873123 update TODO 2022-07-25 14:59:35 +02:00
Lennart Poettering
3345802cd7 TODO: add new 'deprecations and removals' section 2022-07-25 14:55:48 +02:00
Zbigniew Jędrzejewski-Szmek
45bcfcb36c units/initrd-parse-etc.service: only start units that are required
This makes use of the option switch that was added in the previous commit.
We used a pretty big hammer on a relatively small nail: we would do daemon-reload
and (in principle) allow any configuration to be changed. But in fact we only
made use of this in systemd-fstab-generator. systemd-fstab-generator filters
out all mountpoints except /usr and those marked with x-initrd.mount, i.e. on
a big majority of systems it wouldn't do anything.

Also, since systemd-fstab-generator first parses /proc/cmdline, and then
initrd's /etc/fstab, and only then /sysroot/etc/fstab, configuration in the
host would only matter if it the same mountpoint wasn't configured "earlier".
So the config in the host could be used for new mountpoints, but it couldn't
be used to amend configuration for existing mountpoints. And we wouldn't actually
remount anything, so mountpoints that were already mounted wouldn't be affected,
even if did change some config.

In the new scheme, we will parse /sysroot/etc/fstab and explicitly start
sysroot-usr.mount and other units that we just wrote. In most cases (as written
above), this will actually result in no units being created or started.

If the generator is invoked on a system with /sysroot/etc/fstab present,
behaviour is not changed and we'll create units as before. This is needed so
that if daemon-reload is later at some points, we don't "lose" those units.

There's a minor bugfix here: we honour x-initrd.mount for swaps, but we
wouldn't restart swap.target, i.e. the new swaps wouldn't necessarilly be
pulled in immediately.
2022-07-23 19:02:39 +02:00
Lennart Poettering
b98445cd7c TODO/NEWS: write down that we intend to remove cgroupsv1 support by EOY 2023
After discussions here:

https://lists.freedesktop.org/archives/systemd-devel/2022-July/thread.html

EOY 2023 is apparently what people can agree with, hence let formalize
this in the TODO list, so we don't forget.
2022-07-22 19:59:36 +01:00
Yu Watanabe
e1b45a756f tree-wide: fix typo 2022-07-20 13:15:37 +09:00
Lennart Poettering
9f3a3ac70f update TODO 2022-07-19 22:33:13 +02:00
Lennart Poettering
9fbb7df7bc
Merge pull request #24011 from poettering/condition-cred
pid1: add new condition type "ConditionCredential=" for checking for credentials passed into the system
2022-07-15 15:03:49 +02:00
Lennart Poettering
b89cfe8a60 update TODO 2022-07-15 11:46:20 +02:00
Lennart Poettering
2c7b8f3dd5 update TODO 2022-07-15 10:53:45 +02:00
Lennart Poettering
2a8e474d95 update TODO 2022-07-15 08:31:34 +09:00
Yu Watanabe
08894b568f
Merge pull request #24021 from poettering/man-rlimit-comments
man: elaborate on the usefulness (and not-so-usefulness) of various process resource limits
2022-07-15 08:28:53 +09:00
Lennart Poettering
c043291774 update TODO 2022-07-15 00:15:59 +02:00
Lennart Poettering
52cd58b878 update TODO 2022-07-15 00:02:22 +02:00
Lennart Poettering
5ea8fa1db3 update TODO 2022-07-14 23:58:51 +02:00
Lennart Poettering
bbe29ca29b update TODO 2022-07-14 17:11:43 +02:00
Lennart Poettering
0fde330d66 update TODO 2022-07-14 14:45:56 +02:00
Lennart Poettering
1aad75efdf update TODO 2022-07-14 14:41:43 +02:00
Lennart Poettering
8c77652334 update TODO 2022-07-14 14:04:36 +02:00
Lennart Poettering
f95db4d6fa update TODO 2022-07-14 10:24:08 +02:00
Lennart Poettering
81a965187d update TODO 2022-07-11 17:37:41 +02:00
Lennart Poettering
9c18b36372 update TODO 2022-07-11 15:11:58 +02:00
Luca Boccassi
89f119b654
Merge pull request #23731 from bluca/bootctl_image
bootctl: add --root and --image
2022-07-08 21:59:16 +01:00
Luca Boccassi
d5bf74f9e2 Update TODO 2022-07-08 16:59:51 +01:00
Lennart Poettering
b467422bd2 update TODO 2022-07-08 11:19:39 +02:00
Yu Watanabe
47b86590af TODO: fix typo 2022-07-07 09:31:43 +09:00
Lennart Poettering
2df264e60c update TODO 2022-07-06 13:13:03 +02:00
Zbigniew Jędrzejewski-Szmek
b8df7f8629 user: delegate cpu controller, assign weights to user slices
So far we didn't enable the cpu controller because of overhead of the
accounting. If I'm reading things correctly, delegation was enabled for a while
for the units with user and pam context set, i.e. for user@.service too.
a931ad47a8 added the explicit Delegate=yes|no
switch, but it was initially set to 'yes'.
acc8059129 disabled delegation for user@.service
with the justication that CPU accounting is expensive, but half a year later
a88c5b8ac4 changed DefaultCPUAccounting=yes for
kernels >=4.15 with the justification that CPU accounting is inexpensive there.

In my (very noncomprehensive) testing, I don't see a measurable overhead if the
cpu controller is enabled for user slices. I tried some repeated compilations,
and there is was no statistical difference, but the noise level was fairly
high. Maybe better benchmarking would reveal a difference.

The goal of this change is very simple: currently all of the user session,
including services like the display server and pipewire are under user@.service.
This means that when e.g. a compilation job is started in the session's
app.slice, the processes in session.slice compete for CPU and can be starved.
In particular, audio starts to stutter, etc. With CPU controller enabled,
I can start start 'ninja -C build -j40' in a tab and this doesn't have any
noticable effect on audio.

I don't think the particular values matter too much: the CPU controller is
work-convserving, and presumably the session slice would never need more than
e.g. one 1 full CPU, i.e. half or a quarter of available CPU resources on even
the smallest of today's machines. app.slice and session.slice are assigned
equal weights, background.slice is assigned a smaller fraction. CPUWeight=100
is the default, but I wrote it explicitly to make it easier for users to see
how the split is done. So effectively this should result in session.slice
getting as much power as it needs.

If if turns out that this does have a noticable overhead, we could make it
opt-in. But I think that the benefit to usability is important enough to enable
it by default. W/o something like this the session is not really usable with
background tasks.
2022-07-05 14:40:01 +02:00
Lennart Poettering
d486b26fe3 update TODO 2022-07-05 14:22:03 +02:00
Michael Biebl
41d6f3bf4d Use https for freedesktop.org
grep -l -r http:// | xargs sed -E -i s'#http://(.*).freedesktop.org#https://\1.freedesktop.org#'
2022-06-28 13:10:05 +02:00
Yu Watanabe
0dd4876815 sd-bus: drop D-Bus version 2 format support
It seems the format is used only by kdbus.
2022-06-01 03:41:15 +09:00
Zbigniew Jędrzejewski-Szmek
3844a42138 TODO: drop entry
Implemented in 14e6e444dd.
2022-05-26 14:29:50 +02:00
Luca Boccassi
051c4e5419
Merge pull request #23342 from poettering/efi-monotonic-counter-random-seed
sd-boot: include GetNextMonotonicCount() in random seed calculations
2022-05-21 15:08:21 +01:00
Luca Boccassi
070f737083 Update TODO 2022-05-17 17:47:38 +01:00
Yu Watanabe
3881fd406b tree-wide: fix typo 2022-05-14 04:58:47 +09:00
Lennart Poettering
027301b434 update TODO 2022-05-13 17:29:15 +02:00
Luca Boccassi
1f066ce255 Update TODO 2022-05-11 14:51:37 +01:00
Lennart Poettering
32f3e21853 update TODO 2022-05-11 11:05:46 +02:00
Lennart Poettering
3a466defd4 update TODO 2022-05-09 12:17:08 +02:00
Yu Watanabe
af2ff171e0
Merge pull request #23272 from keszybz/logind-man-and-rules
Logind man and rules
2022-05-07 04:23:02 +09:00
Zbigniew Jędrzejewski-Szmek
155078c835 meson: move udev rules to rules.d/ 2022-05-05 11:51:44 +02:00
Zbigniew Jędrzejewski-Szmek
4a5f779f0e TODO: add entry about boot entries on the bus
Something like this is needed to allow integration with graphical envs and
fully unprivileged operation.
2022-05-05 11:51:44 +02:00
Lennart Poettering
a8796773b0 update TODO 2022-05-05 10:55:18 +02:00
Lennart Poettering
fd74ed23c7 update TODO 2022-05-02 16:41:52 +02:00
Lennart Poettering
41be3b099f
Merge pull request #23170 from poettering/creds-copy
import system credentials from sd-stub + qemu fw_cfg + kernel cmdline explicitly in PID 1
2022-05-02 16:32:21 +02:00
Lennart Poettering
cfa7d57ba1
Merge pull request #23217 from keszybz/oomd-docs
More cross-references in bootctl/systemctl man pages
2022-04-28 22:30:50 +02:00
Lennart Poettering
de62df8103 update TODO 2022-04-28 18:12:00 +02:00
Zbigniew Jędrzejewski-Szmek
483091b0f1 TODO: more entries for bootctl
https://bugzilla.redhat.com/show_bug.cgi?id=2079784#c9
2022-04-28 17:45:44 +02:00
Lennart Poettering
98045d12f6 update TODO 2022-04-28 17:16:33 +02:00
Zbigniew Jędrzejewski-Szmek
76c068b77c man: cross-advertize bootctl and systemctl boot loader support 2022-04-28 16:44:40 +02:00
Yu Watanabe
8ac6b05b7c tree-wide: Fix typo 2022-04-25 10:06:08 +09:00
Lennart Poettering
0b3a64fed9 update TODO 2022-04-22 15:56:33 +02:00
Lennart Poettering
127927b2c2 update TODO 2022-04-22 10:56:47 +02:00
Lennart Poettering
55fc776bbc update TODO 2022-04-20 23:20:08 +02:00
Lennart Poettering
fe43a638c5 update TODO 2022-04-20 17:49:17 +02:00
Lennart Poettering
47a9f91760 update TODO 2022-04-20 15:45:10 +02:00
Lennart Poettering
8b82513375 update TODO 2022-04-20 14:49:53 +02:00
Lennart Poettering
e4b5226d63 update TODO 2022-04-19 12:44:45 +02:00
Lennart Poettering
256cfb71ae update TODO 2022-04-14 18:38:10 +02:00
Lennart Poettering
9c9c87ac97 update TODO 2022-04-14 15:15:19 +02:00
Lennart Poettering
2f048ad0fe update TODO 2022-04-13 14:41:05 +02:00
Lennart Poettering
cfb5bf23d3 update TODO 2022-04-13 10:44:56 +02:00
Yu Watanabe
29d902f03a
Merge pull request #22992 from poettering/loop-dissect-tweaks
loop-util/image dissect fixes
2022-04-11 23:08:46 +09:00
Yu Watanabe
3a258d3a47 fix typo 2022-04-11 00:13:16 +09:00
Lennart Poettering
7cad78c0bc update TODO 2022-04-10 22:52:29 +09:00
Lennart Poettering
11b957b59b update TODO 2022-04-08 22:23:35 +02:00
Lennart Poettering
6247128902 update TODO 2022-04-08 18:59:47 +02:00
Lennart Poettering
5b06ad5132 update TODO 2022-04-08 18:41:51 +02:00
Lennart Poettering
2df2bb1ff4 update TODO 2022-04-08 18:20:22 +02:00
Lennart Poettering
5645b4976e update TODO 2022-04-06 18:37:51 +02:00
Lennart Poettering
c0da575a0e update TODO 2022-04-05 14:36:00 +02:00
Lennart Poettering
197be5324e fix TODO 2022-04-05 14:02:36 +02:00
Lennart Poettering
598e431500 update TODO 2022-04-05 13:59:39 +02:00
Lennart Poettering
3e3c49cbe7 update TODO 2022-04-05 10:44:52 +02:00
Lennart Poettering
2cf120f7cf update TODO 2022-04-05 10:44:04 +02:00
Lennart Poettering
666efe94c9 TODO 2022-04-04 16:07:26 +02:00
Lennart Poettering
e4f92a62a8 update TODO 2022-04-04 13:14:42 +02:00
Yu Watanabe
b17a681be5 tree-wide: fix typo 2022-04-02 00:34:39 +09:00
Lennart Poettering
49888d31b6 update TODO 2022-04-01 11:21:44 +02:00
Lennart Poettering
5b89bff55f update TODO 2022-04-01 11:03:59 +02:00
Lennart Poettering
9e83d3e45f update TODO 2022-03-31 14:39:55 +02:00
Lennart Poettering
d360eafb36 update TODO 2022-03-30 16:13:41 +02:00
Yu Watanabe
288bd40620 fix typo 2022-03-29 01:21:51 +09:00
Lennart Poettering
dca92ca300 update TODO 2022-03-24 09:44:52 +01:00
Lennart Poettering
f1a147f2be update TODO 2022-03-23 12:29:20 +01:00
Lennart Poettering
f5d0f21c37 update TODO 2022-03-21 18:17:04 +01:00
Lennart Poettering
178d3ff2aa update TODO 2022-03-19 00:14:55 +01:00
Lennart Poettering
f620a36865 update TODO 2022-03-18 11:59:30 +01:00
Lennart Poettering
63a185dc72 update TODO 2022-03-17 16:24:31 +01:00