TODO revision df22b0bbfde403b3fa71f3c2f1e2ca38af946388
8f2d43a0121bc9a57ba8b79b33d5ac87d36ca2f2Lennart Poettering* Should systemctl status \* work on all unit types, not just .service?
755a02c6800246e7e293897d0594fe7e7531ba59Lennart Poettering* Dangling symlinks of .automount unit files in .wants/ directories, set up
fc5e60ee0c64343d1bd08c343275fc1ceff445aaLennart Poettering automount points even when the original .automount file did not exist
4b2d99d9f4258a29f0bf8b1a78d17836e75bc378Lennart Poettering anymore. Only the .mount unit was still around.
87d2c1ff6a7375f03476767e6f59454bcc5cd04bLennart Poettering* ExecStart with unicode characters fails in strv_split_quoted:
830964834f330836b9d33752e83de09d4f38da87Lennart Poettering Environment=ONE='one' "TWO='two two' too" THREE=
3fd476bb11f22969fe761ed17cc64298479c5850Lennart Poettering ExecStart=/bin/python3 -c 'import sys;print(sys.argv)' $ONE $TWO $THREE
114a50f898a89bd7784c215ac5df95ec8c45a905Lennart Poettering* MEMORY return code is overloaded for syntax errors in the command line.
74b91131ed09850ed487a2f7849147ff6f80194dLennart Poettering str_split_quoted() should return a real return code, so spawn_child can
74b91131ed09850ed487a2f7849147ff6f80194dLennart Poettering report the failure properly.
f401e48c2db22ff9d1a05885b5599bebf19c2707Lennart Poettering* When systemctl --host is used, underlying ssh connection can remain open.
f401e48c2db22ff9d1a05885b5599bebf19c2707Lennart Poettering bus_close does not kill children?
7640a5de1b3ffe6547200ad204d14e4f067caf4fLennart Poettering* Fedora: add an rpmlint check that verifies that all unit files in the RPM are listed in %systemd_post macros.
2a796654b9a1f84962e5dafbcf171dcc22742c99Lennart Poettering* Fedora: move kernel image to /usr/lib/modules/, kernel-install will take care of populating /boot
a8f11321c209830a35edd0357e8def5d4437d854Lennart Poettering* Fedora: remove /etc/resolv.conf tmpfiles hack
07faed4f99d0c798f92de3032b9c20ca31388494Lennart Poettering* wiki: update journal format documentation for lz4 additions
f90cf44c02ac09469279126e2863a1e71358ee11Lennart Poettering* When lz4 gets an API for lz4 command output, make use of it to
06cdd2484c5d0b7792168a7c2d99311e35b0fb8eLennart Poettering compress coredumps in a way compatible with /usr/bin/lz4.
ec863ba65a41e58680a3ab15841243088284e808Lennart Poettering* generate better errors when people try to set transient properties
3d20ed6d51e38968cd646e2b3b24f36673408024Lennart Poettering that are not supported...
3d20ed6d51e38968cd646e2b3b24f36673408024Lennart Poettering http://lists.freedesktop.org/archives/systemd-devel/2015-February/028076.html
e3478379751fda30316204c68112b5a2b9ffd5a7Fabiano Fidêncio* nspawn, if stdout/stderr/stdin are non-ttys, don't set up
bfaf42d22bbd72a286b519ea121dbf8e799b1fe5Lennart Poettering /dev/console, but instead just pass the fds through directly.
22be093ffb403a1c474037939ca9b88b1ee39f77Lennart Poettering* When runlevel3.target is used to define dependencies on other units,
490aed584944b684026a3fd01f8d81f2881e38d6Lennart Poettering then we don't pick it up currently, since nothing ever references
ec863ba65a41e58680a3ab15841243088284e808Lennart Poettering runlevel3.target, and never figure out it actually is just an alias
490aed584944b684026a3fd01f8d81f2881e38d6Lennart Poettering for multi-user.target. A hackish fix could be to add a .wants link
addab137cd8d318e4f543ca56018ee23d51aaca9Lennart Poettering from multi-user.target to runlevel3.target, if it is a symlink to
449ddb2d23a63ca4c8cd70d13a070fba87c1fb30Lennart Poettering it. Best would be to create this .wants/ symlink from
e59077036bcf5a041e336f04cb0d2f7d18d489a1Lennart Poettering sysv-generator. systemd would then load the referenced unit, figure
b2423f1f436f847d9fc96a63679be2b5552b6bafLennart Poettering out it is just an alias and that the dependency would be on itself
97c4a07df982ee967705022feaba9be33947abf0Lennart Poettering and suppress it. Thus the alias and its deps would be loaded as
4927fcae48de061393b3ce9c12d49f80d73fbf1dLennart Poettering* PID 1: when invoking systemctl preset-all on first boots, operate in
50f2a90dae31943c99df7369008f0240a79d1dc0Lennart Poettering an exclusively additive way, i.e. never remove any pre-existing
fa776d8e962da9d90459e2f3e86a2a0c6366ee12Lennart Poettering symlinks, only add new ones.
8c6db8336536916d0476ff8233e0abf40a2f6aabLennart Poettering* Introduce $LISTEN_NAMES to complement $LISTEN_FDS, containing a
8c6db8336536916d0476ff8233e0abf40a2f6aabLennart Poettering colon separated list of identifiers for the fds passed.
8c47c7325fa1ab72febf807f8831ff24c75fbf45Lennart Poettering* networkd: implement BindCarrier= logic to .network units that binds
10e87ee7f66b59a504c0ed2025463ba5faa69923Lennart Poettering application of the file to the carrier sense on another interface,
4288f619215e3dda0b75113d78e4fb7ba219ed58Lennart Poettering in order to implement uplink/downlink logic.
af5bc85dc1297079edc9890861aaa38de0ec30dfLennart Poettering* make networkd subscribe to PrepareForSleep(false) and refresh all
8e27452380193a5f81bfd08a59aab8b07008ba0bLennart Poettering DHCP leases then.
dcd5f1020c36cddb9e250c01df057b9b5e5447b0Lennart Poettering* when the fstab-generator runs in the initrd, it should create a /dev/null mask for systemd-fsck-root.service, to avoid that the the root fs is fsck'ed twice.
1ffba6fe82d65f2a87b53a21c7927bca8176038cLennart Poettering* maybe introduce WantsMountsFor=? Usecase:
346bce1f4cff0096177c613987cdc80fa4ec134eLennart Poettering http://lists.freedesktop.org/archives/systemd-devel/2015-January/027729.html
501c7d0b77607fe858911b1c94070b63b6cc221eLennart Poettering* rework kexec logic to use new kexec_file_load() syscall, so that we
dfac97b21e00cd3617ba817227db7b621841b5ccLennart Poettering don't have to call kexec tool anymore.
f9378423b9758861850748aeb49ae0d3300e56e6Lennart Poettering* The udev blkid built-in should expose a property that reflects
dfac97b21e00cd3617ba817227db7b621841b5ccLennart Poettering whether media was sensed in USB CF/SD card readers. This should then
9f23530860942a8f94b7c535ead80c38f02424b1Lennart Poettering be used to control SYSTEMD_READY=1/0 so that USB card readers aren't
f9378423b9758861850748aeb49ae0d3300e56e6Lennart Poettering picked up by systemd unless they contain a medium. This would mirror
dfac97b21e00cd3617ba817227db7b621841b5ccLennart Poettering the behaviour we already have for CD drives.
dfac97b21e00cd3617ba817227db7b621841b5ccLennart Poettering* We should remove really old cruft from cdrom_id
514f4ef52f91edb3741cad88d34572d162459346Lennart Poettering* nspawn: emulate /dev/kmsg using CUSE and turn off the syslog syscall
514f4ef52f91edb3741cad88d34572d162459346Lennart Poettering with seccomp. That should provide us with a useful log buffer that
47be870bd83fb3719dffc3ee9348a409ab762a14Lennart Poettering systemd can log to during early boot, and disconnect container logs
47be870bd83fb3719dffc3ee9348a409ab762a14Lennart Poettering from the kernel's logs.
47be870bd83fb3719dffc3ee9348a409ab762a14Lennart Poettering* networkd/udev: implement SR_IOV configuration in .link files:
47be870bd83fb3719dffc3ee9348a409ab762a14Lennart Poettering http://lists.freedesktop.org/archives/systemd-devel/2015-January/027451.html
47be870bd83fb3719dffc3ee9348a409ab762a14Lennart Poettering* When RLIMIT_NPROC is set from a unit file it currently always is set
47be870bd83fb3719dffc3ee9348a409ab762a14Lennart Poettering for root, not for the user set in User=, which makes it
47be870bd83fb3719dffc3ee9348a409ab762a14Lennart Poettering useless. After fixing this, set RLIMIT_NPROC for
47be870bd83fb3719dffc3ee9348a409ab762a14Lennart Poettering systemd-journal-xyz, and all other of our services that run under
47be870bd83fb3719dffc3ee9348a409ab762a14Lennart Poettering their own user ids, and use User= (but only in a world where userns
47be870bd83fb3719dffc3ee9348a409ab762a14Lennart Poettering is ubiquitous since otherwise we cannot invoke those daemons on the
47be870bd83fb3719dffc3ee9348a409ab762a14Lennart Poettering host AND in a container anymore). Also, if LimitNPROC= is used
47be870bd83fb3719dffc3ee9348a409ab762a14Lennart Poettering without User= we should warn and refuse operation.
47be870bd83fb3719dffc3ee9348a409ab762a14Lennart Poettering* logind: maybe allow configuration of the StopTimeout for session scopes
87d2c1ff6a7375f03476767e6f59454bcc5cd04bLennart Poettering* Set NoNewPriviliges= on all of our own services, where that makes sense
f9378423b9758861850748aeb49ae0d3300e56e6Lennart Poettering* Rework systemctl's GetAll property parsing to use the generic bus_map_all_properties() API
9cacf564513b5fd6078cd418b104083aab8b9bd8Lennart Poettering* rework journald sigbus stuff to use mutex
3e2147858f21943d5f4a781c60f33ac22c6096edKay Sievers* import-dkr: support tarsum checksum verification, if it becomes reality one day...
3e2147858f21943d5f4a781c60f33ac22c6096edKay Sievers* import-dkr: convert json bits to nspawn configuration
3e2147858f21943d5f4a781c60f33ac22c6096edKay Sievers* import: support import from local files, and export to local files
3e2147858f21943d5f4a781c60f33ac22c6096edKay Sievers* core/cgroup: support net_cls modules, and support automatically allocating class ids, then add support for making firewall changes depending on it, to implement a per-service firewall
3e2147858f21943d5f4a781c60f33ac22c6096edKay Sievers* introduce systemd-nspawn-ephemeral@.service, and hook it into "machinectl start" with a new --ephemeral switch
3e2147858f21943d5f4a781c60f33ac22c6096edKay Sievers* logind,machined: add generic catch-all polkit verbs for most privileged operations, similar to systemd itself
* "machinectl list-images" should show os-release data, as well as machine-info data (including deployment level)
* nspawn: when start a container "foobar" look for its configuration in a file "foobar.nspawn" in /etc/systemd/nspawn/ as well as next to the actualy directory or image to boot
* "machinectl commit" that takes a writable snapshot of a tree, invokes a shell in it, and marks it read-only after use
* "machinectl status" should show 10 most recent log lines of both the host logs of the unit of the machine, plus the logs generated in the machine
* add transparent btrfs pool in a loopback file in /var if btrfs operations (such as systemd-import pull-dkr) are used and /var is not a btrfs file system
* as soon as we have kdbus, and sender timestamps, revisit coalescing multiple parallel daemon reloads:
* set $REMOTE_IP (or $REMOTE_ADDR/$REMOTE_PORT) environment variable when doing per-connection socket activation. use format introduced by xinetd or CGI for this
* the install state probably shouldn't get confused by generated units, think dbus1/kdbus compat!
* in systemctl list-unit-files: show the install value the presets would suggest for a service in a third column
* add "systemctl start -v foobar.service" that shows logs of a service
* firstboot: make it useful to be run immediately after yum --installroot to set up a machine. (most specifically, make --copy-root-password work even if /etc/passwd already exists
* timesyncd + resolved: add ugly bus calls to set NTP and DNS servers per-interface, for usage by NM
* add infrastructure to allocate dynamic/transient users and UID ranges, for use in user-namespaced containers, per-seat gdm login screens and gdm guest sessions
* machined: add an API so that libvirt-lxc can inform us about network interfaces being removed or added to an existing machine
* maybe add support for specifier expansion in user.conf, specifically DefaultEnvironment=
* introduce systemd-timesync-wait.service or so to sync on an NTP fix?
* systemd --user should issue sd_notify() upon reaching basic.target, not on becoming idle
* consider showing the unit names during boot up in the status output, not just the unit descriptions
* dhcp: do we allow configuring dhcp routes on interfaces that are not the one we got the dhcp info from?
* maybe support a new very "soft" reboot mode, that simply kills all processes, disassembles everything, flushes /run and sysvipc, and then reexecs systemd again
* systemd.show_status= should probably have a mode where only failed
- the DHCP lease data (such as NTP/DNS) is still made available when
- option 15, domain name and/or option 119, search list
- option 12, host name and/or option 81, fqdn
- option 252, configure http proxy (PAC/wpad)
- add display of private key types (http://tools.ietf.org/html/rfc4034#appendix-A.1.1)?
* Allow multiple ExecStart= for all Type= settings, so that we can cover rescue.service nicely
- nspawn/gpt-generator: introduce new gpt partition type for /usr
- fstab-generator: support systemd.volatile=yes|no|state on the kernel cmdline, too, similar to nspawn's --volatile=
* generator that automatically discovers btrfs subvolumes, identifies their purpose based on some xattr on them.
* timer units: actually add extra delays to timer units with high AccuracySec values, don't start them already when we are awake...
* figure out a nice way how we can let the admin know what child/sibling unit causes cgroup membership for a specific unit
* For timer units: add some mechanisms so that timer units that trigger immediately on boot do not have the services
* Run most system services with cgroupfs read-only and procfs with a more secure mode (doesn't work, since the hidepid= option is per-pid-namespace, not per-mount)
/proc/$PID/exe
a tiny process that joins the namespace and creates/binds the socket
to allow Chown/chgrp on sockets without requiring NSS in PID 1.
- add field to transient units that indicate whether systemd or somebody else saves/restores its settings, for integration with libvirt
* Automatically configure swap partition to use for hibernation by looking for largest swap partition on the root disk?
* libsystemd-journal, libsystemd-login, libudev: add calls to easily attach these objects to sd-event event loops
* rfkill,backlight: we probably should run the load tools inside of the udev rules so that the state is properly initialized by the time other software sees it
* After coming back from hibernation reset hibernation swap partition using the /dev/snapshot ioctl APIs
* make sure gdm does not use multi-user-x but the new default X configuration file, and then remove multi-user-x from systemd
* man: the documentation of Restart= currently is very misleading and suggests the tools from ExecStartPre= might get restarted.
- see if we can introduce a new sd_bus_get_owner_machine_id() call to retrieve the machine ID of the machine of the bus itself
- kdbus: matches against source or destination pids for an "strace -p"-like feel. Problem: The PID info needs to be available in userspace too...
- NameLost/NameAcquired obsolete
- kdbus: add counter for refused unicast messages that is passed out via the RECV ioctl. SImilar to the counter for dropped multicast messages we already have.
* dbus: when a unit failed to load (i.e. is in UNIT_ERROR state), we
* add a pam module that passes the hdd passphrase into the PAM stack and then expires it, for usage by gdm auto-login.
* maybe add a generator that looks for "systemd.run=" on the kernel cmdline for container usercases...
* systemd-inhibit: make taking delay locks useful: support sending SIGINT or SIGTERM on PrepareForSleep()
* journal-or-kmsg is currently broken? See reverted commit 4a01181e460686d8b4a543b1dfa7f77c9e3c5ab8.
* remove any syslog support from log.c -- we probably cannot do this before split-off udev is gone for good
* think about window-manager-run-as-user-service problem: exit 0 → activate shutdown.target; exit != 0 → restart service
- change bootctl to be backed by systemd-bootd to control temporary and persistent default boot goal plus efi variables
* fstab: add new mount option x-systemd-after=/foobar/waldo to allow manual dependencies to other mount points
* print a nicer explanation if people use variable/specifier expansion in ExecStart= for the first word
* mount: turn dependency information from /proc/self/mountinfo into dependency information between systemd units.
- logind: optionally, ignore idle-hint logic for autosuspend, block suspend as long as a session is around
- When we update the kernel all kind of hibernation should be prohibited until shutdown/reboot
- logind: wakelock/opportunistic suspend support
- we should probably handle SIGTERM/SIGINT to not leave dot files around, just in case
- session scopes/user unit: add RequiresMountsFor for the home directory of the user
- add Suspend() bus calls which take timestamps to fix double suspend issues when somebody hits suspend and closes laptop quickly.
* exec: when deinitializating a tty device fix the perms and group, too, not only when initializing. Set access mode/gid to 0620/tty.
- journal: when waiting for journal additions in the client always sleep at least 1s or so, in order to minimize wakeups
- add API to close/reopen/get fd for journal client fd in libsystemd-journal.
- fallback to /dev/log based logging in libsystemd-journal, if we cannot log natively?
- check if we can make journalctl by default use --follow mode inside of less if called without args?
- journal: add a setgid "systemd-journal" utility to invoke from libsystemd-journal, which passes fds via STDOUT and does PK access
- journactl: support negative filtering, i.e. FOOBAR!="waldo",
- journal-send.c, log.c: when the log socket is clogged, and we drop, count this and write a message about this when it gets unclogged again.
- journal: sanely deal with entries which are larger than the individual file size, but where the components would fit
- optionally support running journald from the command line for testing purposes in external projects
- journald: allow per-priority and per-service retention times when rotating/vacuuming
- journald: make use of uid-range.h to managed uid ranges to split
- journalctl: add the ability to look for the most recent process of a binary. journalctl /usr/bin/X11 --pid=-1 or so...
- man: clarify that time-sync.target is not only sysv compat but also useful otherwise. Same for similar targets
- add a man page containing packaging guidelines and recommending usage of things like Documentation=, PrivateTmp=, PrivateNetwork= and ReadOnlyDirectories=/etc /usr.
- document systemd-journal-flush.service properly
- documentation: recommend to connect the timer units of a service to the service via Also= in [Install]
- man: extend runlevel(8) to mention that runlevels suck, and are dead. Maybe add runlevel(7) with a note about that too
- print nice message from systemctl --failed if there are no entries shown, and hook that into ExecStartPre of rescue.service/emergency.service
- add new command to systemctl: "systemctl system-reexec" which reexecs as many daemons as virtually possible
- systemctl enable: fail if target to alias into does not exist? maybe show how many units are enabled afterwards?
- systemctl list-unit-files should list generated files (and probably with a new state "generated" for them, or so)
- when parsing calendar timestamps support the UTC timezone (even if we will not support arbitrary timezone specs, support UTC itself certainly makes sense), also support syntaxes such as +0200
* If we show an error about a unit (such as not showing up) and it has no Description string, then show a description string generated form the reverse of unit_name_mangle().
* clean up date formatting and parsing so that all absolute/relative timestamps we format can also be parsed
* on shutdown: move utmp, wall, audit logic all into PID 1 (or logind?), get rid of systemd-update-utmp-runlevel
* hostnamed: before returning information from /etc/machine-info.conf check the modification data and reread. Similar for localed, ...
* currently x-systemd.timeout is lost in the initrd, since crypttab is copied into dracut, but fstab is not
- refuses to boot containers without /etc/machine-id (OK?), and with empty /etc/machine-id (not OK).
- support rd.luks.allow-discards= kernel cmdline params in cryptsetup generator
* after deserializing sockets in socket.c we should reapply sockopts and things
* move PID 1 segfaults to /var/lib/systemd/coredump?
* create /sbin/init symlinks from the build system
* properly handle loop back mounts via fstab, especially regards to fsck/passno
* initialize the hostname from the fs label of /, if /etc/hostname does not exist?
* when breaking cycles drop sysv services first, then services from /run, then from /etc, then from /usr
* ExecOnFailure=/usr/bin/foo
- add trigger --subsystem-match=usb/usb_device device
* when a service has the same env var set twice we actually store it twice and return that in systemctl show -p... We should only show the last setting
* add option to sockets to avoid activation. Instead just drop packets/connections, see http://cyberelk.net/tim/2012/02/15/portreserve-systemd-solution/
* save coredump in Windows/Mozilla minidump format
* support crash reporting operation modes (https://live.gnome.org/GnomeOS/Design/Whiteboards/ProblemReporting)
* default to actual 32-bit PIDs, via /proc/sys/kernel/pid_max
* when a bus name of a service disappears from the bus make sure to queue further activation requests
- init=/bin/sh vs. "emergency" mode, vs. "rescue" mode, vs. "multi-user" mode, vs. "graphical" mode, and the debug shell
- hooking a script into various stages of shutdown/rearly booot
- add documentation to systemd.daemon
- inbuilt piping support (essentially degenerate async)? see loopback-setup.c and other places
- add proper initrd support (in particular generate .network/.link files based on /proc/cmdline)
- investigate the usefulness of Confirm messages; i.e. are there any
- teach dbus to activate all services it finds in /etc/systemd/services/org-*.service
* dbus upstream still refers to dbus.target and should not
* /usr/bin/service should actually show the new command line
* fedora: suggest auto-restart on failure, but not on success and not on coredump. also, ask people to think about changing the start limit logic. Also point people to RestartPreventExitStatus=, SuccessExitStatus=
* fedora: F20: go timer units all the way, leave cron.daily for cron
* fedora: update policy to declare access mode and ownership of unit files to root:root 0644, and add an rpmlint check for it
* set_put(), hashmap_put() return values check. i.e. == 0 does not free()!