TODO: Drop even more redundant and implemented items
This commit is contained in:
parent
09624cee53
commit
9492c16031
6
TODO
6
TODO
|
@ -42,8 +42,6 @@ Features:
|
||||||
diffs remain minimal (in particular: the OUI databases we import are not
|
diffs remain minimal (in particular: the OUI databases we import are not
|
||||||
sorted, and not stable)
|
sorted, and not stable)
|
||||||
|
|
||||||
* set SystemCallArchitectures=native on all our services
|
|
||||||
|
|
||||||
* maybe add call sd_journal_set_block_timeout() or so to set SO_SNDTIMEO for
|
* maybe add call sd_journal_set_block_timeout() or so to set SO_SNDTIMEO for
|
||||||
the sd-journal logging socket, and, if the timeout is set to 0, sets
|
the sd-journal logging socket, and, if the timeout is set to 0, sets
|
||||||
O_NONBLOCK on it. That way people can control if and when to block for
|
O_NONBLOCK on it. That way people can control if and when to block for
|
||||||
|
@ -92,8 +90,6 @@ Features:
|
||||||
|
|
||||||
* maybe introduce gpt auto discovery for /var/tmp?
|
* maybe introduce gpt auto discovery for /var/tmp?
|
||||||
|
|
||||||
* set ProtectSystem=strict for all our usual services.
|
|
||||||
|
|
||||||
* fix PrivateNetwork= so that we fall back gracefully on kernels lacking
|
* fix PrivateNetwork= so that we fall back gracefully on kernels lacking
|
||||||
namespacing support (similar for the other namespacing options)
|
namespacing support (similar for the other namespacing options)
|
||||||
|
|
||||||
|
@ -138,8 +134,6 @@ Features:
|
||||||
|
|
||||||
* enable LockMLOCK to take a percentage value relative to physical memory
|
* enable LockMLOCK to take a percentage value relative to physical memory
|
||||||
|
|
||||||
* switch to ProtectSystem=strict for all our long-running services where that's possible
|
|
||||||
|
|
||||||
* Permit masking specific netlink APIs with RestrictAddressFamily=
|
* Permit masking specific netlink APIs with RestrictAddressFamily=
|
||||||
|
|
||||||
* nspawn: start UID allocation loop from hash of container name
|
* nspawn: start UID allocation loop from hash of container name
|
||||||
|
|
Loading…
Reference in New Issue