update TODO
This commit is contained in:
parent
0edd431e15
commit
c809ed783e
44
TODO
44
TODO
|
@ -37,6 +37,9 @@ Features:
|
||||||
* honour specifiers in unit files that resolve to some very basic
|
* honour specifiers in unit files that resolve to some very basic
|
||||||
/etc/os-release data, such as ID, VERSION_ID, BUILD_ID, VARIANT_ID.
|
/etc/os-release data, such as ID, VERSION_ID, BUILD_ID, VARIANT_ID.
|
||||||
|
|
||||||
|
* cryptsetup: allow encoding key directly in /etc/crypttab, maybe with a
|
||||||
|
"base64:" prefix. Useful in particular for pkcs11 mode.
|
||||||
|
|
||||||
* socket units: allow creating a udev monitor socket with ListenDevices= or so,
|
* socket units: allow creating a udev monitor socket with ListenDevices= or so,
|
||||||
with matches, then actviate app thorugh that passing socket oveer
|
with matches, then actviate app thorugh that passing socket oveer
|
||||||
|
|
||||||
|
@ -189,6 +192,38 @@ Features:
|
||||||
user@.service, which returns the XDG_RUNTIME_DIR value, and make this
|
user@.service, which returns the XDG_RUNTIME_DIR value, and make this
|
||||||
behaviour selectable via pam module option.
|
behaviour selectable via pam module option.
|
||||||
|
|
||||||
|
* homed:
|
||||||
|
- when user tries to log into record signed by unrecognized key, automatically add key to our chain after polkit auth
|
||||||
|
- hook up machined/nspawn users with a varlink user query interface
|
||||||
|
- rollback when resize fails mid-operation
|
||||||
|
- GNOME's side for forget key on suspend (requires rework so that lock screen runs outside of uid)
|
||||||
|
- resize on login?
|
||||||
|
- fstrim on logout?
|
||||||
|
- shrink fs on logout?
|
||||||
|
- update LUKS password on login if we find there's a password that unlocks the JSON record but not the LUKS device.
|
||||||
|
- create on activate?
|
||||||
|
- properties: icon url?, preferred session type?, administrator bool (which translates to 'wheel' membership)?, address?, telephone?, vcard?, samba stuff?, parental controls?
|
||||||
|
- communicate clearly when usb stick is safe to remove. probably involves
|
||||||
|
beefing up logind to make pam session close hook synchronous and wait until
|
||||||
|
systemd --user is shut down.
|
||||||
|
- logind: maybe keep a "busy fd" as long as there's a non-released session around or the user@.service
|
||||||
|
- maybe make automatic, read-only, time-based reflink-copies of LUKS disk images (think: time machine)
|
||||||
|
- distuingish destroy / remove (i.e. currently we can unregister a user, unregister+remove their home directory, but not just remove their home directory)
|
||||||
|
- in systemd's PAMName= logic: query passwords with ssh-askpassword, so that we can make "loginctl set-linger" mode work
|
||||||
|
- fingerprint authentication, pattern authentication, …
|
||||||
|
- make sure "classic" user records can also be managed by homed
|
||||||
|
- description field for groups
|
||||||
|
- make size of $XDG_RUNTIME_DIR configurable in user record
|
||||||
|
- reuse pwquality magic in firstboot
|
||||||
|
- query password from kernel keyring first
|
||||||
|
- update even if record is "absent"
|
||||||
|
- add a "access mode" + "fstype" field to the "status" section of json identity records reflecting the actually used access mode and fstype, even on non-luks backends
|
||||||
|
- move acct mgmt stuff from pam_systemd_home to pam_systemd?
|
||||||
|
- when "homectl --pkcs11-token-uri=" is used, synthesize ssh-authorized-keys records for all keys we have private keys on the stick for
|
||||||
|
- make slice for users configurable (requires logind rework)
|
||||||
|
- logind: populate auto-login list bus property from PKCS#11 token
|
||||||
|
- when determining state of a LUKS home directory, check DM suspended sysfs file
|
||||||
|
|
||||||
* introduce a new per-process uuid, similar to the boot id, the machine id, the
|
* introduce a new per-process uuid, similar to the boot id, the machine id, the
|
||||||
invocation id, that is derived from process creds, specifically a hashed
|
invocation id, that is derived from process creds, specifically a hashed
|
||||||
combination of AT_RANDOM + getpid() + the starttime from
|
combination of AT_RANDOM + getpid() + the starttime from
|
||||||
|
@ -490,15 +525,6 @@ Features:
|
||||||
"systemd-gdb" for attaching to the start-up of any system service in its
|
"systemd-gdb" for attaching to the start-up of any system service in its
|
||||||
natural habitat.
|
natural habitat.
|
||||||
|
|
||||||
* maybe add gpt-partition-based user management: each user gets his own
|
|
||||||
LUKS-encrypted GPT partition with a new GPT type. A small nss module
|
|
||||||
enumerates users via udev partition enumeration. UIDs are assigned in a fixed
|
|
||||||
way: the partition index is added as offset to some fixed base uid. User name
|
|
||||||
is stored in GPT partition name. A PAM module authenticates the user via the
|
|
||||||
LUKS partition password. Benefits: strong per-user security, compatibility
|
|
||||||
with stateless/read-only/verity-enabled root. (other idea: do this based on
|
|
||||||
loopback files in /home, without GPT involvement)
|
|
||||||
|
|
||||||
* gpt-auto logic: related to the above, maybe support a "secondary" root
|
* gpt-auto logic: related to the above, maybe support a "secondary" root
|
||||||
partition, that is mounted to / and is writable, and where the actual root's
|
partition, that is mounted to / and is writable, and where the actual root's
|
||||||
/usr is mounted into.
|
/usr is mounted into.
|
||||||
|
|
Loading…
Reference in New Issue