From b480a4c15e7664bf60b4b32855a12c27edcd7d95 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Fri, 8 Nov 2024 10:10:11 +0100 Subject: [PATCH] update TODO --- TODO | 25 +++++-------------------- 1 file changed, 5 insertions(+), 20 deletions(-) diff --git a/TODO b/TODO index dbc3d5a2f99d4..45d5f13e59e1c 100644 --- a/TODO +++ b/TODO @@ -129,6 +129,10 @@ Deprecations and removals: Features: +* format-table: introduce new cell type for strings with ansi sequences in + them. display them in regular output mode (via strip_tab_ansi()), but + suppress them in json mode. + * machined: when registering a machine, also take a relative cgroup path, relative to the machine's unit. This is useful when registering unpriv machines, as they might sit down the cgroup tree, below a cgroup delegation @@ -217,12 +221,8 @@ Features: services where mount propagation from the root fs is off, an still have confext/sysext propagated in. -* support F_DUDFD_QUERY for comparing fds in same_fd (requires kernel 6.10) - * generic interface for varlink for setting log level and stuff that all our daemons can implement -* use pty ioctl to get peer wherever possible (TIOCGPTPEER) - * maybe teach repart.d/ dropins a new setting MakeMountNodes= or so, which is just like MakeDirectories=, but uses an access mode of 0000 and sets the +i chattr bit. This is useful as protection against early uses of /var/ or /tmp/ @@ -253,8 +253,6 @@ Features: * initrd: when transitioning from initrd to host, validate that /lib/modules/`uname -r` exists, refuse otherwise -* tmpfiles: add "owning" flag for lines that limits effect of --purge - * signed bpf loading: to address need for signature verification for bpf programs when they are loaded, and given the bpf folks don't think this is realistic in kernel space, maybe add small daemon that facilitates this @@ -458,9 +456,6 @@ Features: * introduce mntid_t, and make it 64bit, as apparently the kernel switched to 64bit mount ids -* use udev rule networkd ownership property to take ownership of network - interfaces nspawn creates - * mountfsd/nsresourced - userdb: maybe allow callers to map one uid to their own uid - bpflsm: allow writes if resulting UID on disk would be userns' owner UID @@ -647,6 +642,7 @@ Features: - openpt_allocate_in_namespace() - unit_attach_pid_to_cgroup_via_bus() - cg_attach() – requires new kernel feature + - journald's process cache * ddi must be listed as block device fstype @@ -1470,9 +1466,6 @@ Features: * in sd-id128: also parse UUIDs in RFC4122 URN syntax (i.e. chop off urn:uuid: prefix) -* DynamicUser= + StateDirectory= → use uid mapping mounts, too, in order to - make dirs appear under right UID. - * systemd-sysext: optionally, run it in initrd already, before transitioning into host, to open up possibility for services shipped like that. @@ -1644,14 +1637,6 @@ Features: * maybe add kernel cmdline params: to force random seed crediting -* introduce a new per-process uuid, similar to the boot id, the machine id, the - invocation id, that is derived from process creds, specifically a hashed - combination of AT_RANDOM + getpid() + the starttime from - /proc/self/status. Then add these ids implicitly when logging. Deriving this - uuid from these three things has the benefit that it can be derived easily - from /proc/$PID/ in a stable, and unique way that changes on both fork() and - exec(). - * let's not GC a unit while its ratelimits are still pending * when killing due to service watchdog timeout maybe detect whether target