diff --git a/TODO b/TODO index 8e4c120603..e79aeda90e 100644 --- a/TODO +++ b/TODO @@ -25,6 +25,12 @@ Features: * set memory.oom.group in cgroupsv2 for all leaf cgroups +* drop umask() calls and suchlike from our generators, pid1 should set things up correctly anyway + +* paranoia: whenever we process passwords, call mlock() on the memory + first. i.e. look for all places we use string_erase()/string_free_erase() and + augment them with mlock() + * whenever oom_kill memory.event event is triggered print a nice log message * Move RestrictAddressFamily= to the new cgroup create socket @@ -34,6 +40,14 @@ Features: * chown() tty a service is attached to after the service goes down +* replace systemd-reboot.service's ExecStart= with a single SuccessAction= + line, so that we don't need to fork() for executing the reboot + service. Similar for other services like this, such as systemd-exit.service + and so on. Of course, for this to work service units with no ExecYYZ= set but + SuccessAction= set need to be acceptable. + +* optionally: turn on cgroup delegation for per-session scope units + * optionally, if a per-partition GPT flag is set for the root/home/… partitions format the partition on next boot and unset the flag, in order to implement factory reset. also, add a second flag that simply indicates whether such a @@ -41,20 +55,6 @@ Features: show state of these flags, and optionally trigger such a factory reset on next boot by setting the flag. -* logind: maybe watch utmp asynchronously using inotify, and populate our own - tracked session metadata from the fields available therein. Why bother? Right - now, all "ssh" sessions will be tracked without their TTY by logind (which is - not just unfriendly to users as this means "loginctl session-status" shows - less information than "who" in many cases, but also breaks the IdleAction - logic, as we never can detect such sessions as idle, as we have no TTY to - watch). ssh sets the PAM_TTY field on its PAM sessions to "ssh" rather than - the actual pty, because the PAM session is opened early on for new - connections, but the PTY only registered much later (if at all). ssh writes - the utmp record only after a TTY is actually registered, hence we could use - this data then, and use it if it is available. Using utmp for this is ugly of - course, and watching things asynchronously even more so, but it should be - good enough for the idle detection logic at least. - * maybe extend .path units to expose fanotify() per-mount change events * Add a "systemctl list-units --by-slice" mode or so, which rearranges the @@ -472,8 +472,6 @@ Features: * maybe add support for specifier expansion in user.conf, specifically DefaultEnvironment= -* introduce systemd-timesync-wait.service or so to sync on an NTP fix? - * consider showing the unit names during boot up in the status output, not just the unit descriptions * maybe allow timer units with an empty Units= setting, so that they @@ -615,7 +613,6 @@ Features: - document chaining of signal handler for SIGCHLD and child handlers - define more intervals where we will shift wakeup intervals around in, 1h, 6h, 24h, ... - generate a failure of a default event loop is executed out-of-thread - - maybe add support for inotify events (which we can do safely now, with O_PATH) * investigate endianness issues of UUID vs. GUID @@ -674,11 +671,9 @@ Features: * logind: - logind: optionally, ignore idle-hint logic for autosuspend, block suspend as long as a session is around - - When we update the kernel all kind of hibernation should be prohibited until shutdown/reboot - logind: wakelock/opportunistic suspend support - Add pretty name for seats in logind - logind: allow showing logout dialog from system? - - session scopes/user unit: add RequiresMountsFor for the home directory of the user - add Suspend() bus calls which take timestamps to fix double suspend issues when somebody hits suspend and closes laptop quickly. - if pam_systemd is invoked by su from a process that is outside of a any session we should probably just become a NOP, since that's @@ -851,8 +846,6 @@ Features: "machinectl start" with a new --ephemeral switch - "machinectl status" should also show internal logs of the container in question - - "machinectl list-images" should show os-release data, as well as - machine-info data (including deployment level) - "machinectl history" - "machinectl diff" - "machinectl commit" that takes a writable snapshot of a tree, invokes a @@ -1048,8 +1041,6 @@ External: * kernel: add device_type = "fb", "fbcon" to class "graphics" -* drop accountsservice's StandardOutput=syslog and Type=dbus fields - * /usr/bin/service should actually show the new command line * fedora: suggest auto-restart on failure, but not on success and not on coredump. also, ask people to think about changing the start limit logic. Also point people to RestartPreventExitStatus=, SuccessExitStatus=