Merge v235 into tizen

Change-Id: Iafcca23df73f2694eda50a97771acac4b7996f30

1 files changed, 32 insertions, 38 deletions

diff --git a/TODO b/TODO
index 0b96d400c1..4c238a299a 100644
--- a/TODO
+++ b/TODO
@@ -24,6 +24,36 @@ Janitorial Clean-ups:
 
 Features:
 
+* maybe set a new set of env vars for services, based on RuntimeDirectory=,
+  StateDirectory=, LogsDirectory=, CacheDirectory= and ConfigurationDirectory=
+  automatically. For example, there could be $RUNTIME_DIRECTORY,
+  $STATE_DIRECTORY, $LOGS_DIRECTORY=, $CACHE_DIRECTORY and
+  $CONFIGURATION_DIRECTORY or so. This could be useful to write services that
+  can adapt to varying directories for these purposes. Special care has to be
+  taken if multiple dirs are configured. Maybe avoid setting the env vars in
+  that case?
+
+* In a similar vein, consider adding unit specifiers that resolve to the root
+  directory used for state, logs, cache and configuration
+  directory. i.e. similar to %t, but for the root of the other special dirs.
+
+* expose IO accounting data on the bus, show it in systemd-run --wait and log
+  about it in the resource log message
+
+* add "systemctl purge" for flushing out configuration, state, logs, ... of a
+  unit when it is stopped
+
+* show whether a service has out-of-date configuration in "systemctl status" by
+  using mtime data of ConfigurationDirectory=.
+
+* replace all uses of fgets() + LINE_MAX by read_line()
+
+* set IPAddressDeny=any on all services that shouldn't do networking (possibly
+  combined with IPAddressAllow=localhost).
+
+* dissect: when we discover squashfs, don't claim we had a "writable" partition
+  in systemd-dissect
+
 * Add AddUser= setting to unit files, similar to DynamicUser=1 which however
   creates a static, persistent user rather than a dynamic, transient user. We
   can leverage code from sysusers.d for this.
@@ -37,8 +67,6 @@ Features:
   diffs remain minimal (in particular: the OUI databases we import are not
   sorted, and not stable)
 
-* set SystemCallArchitectures=native on all our services
-
 * maybe add call sd_journal_set_block_timeout() or so to set SO_SNDTIMEO for
   the sd-journal logging socket, and, if the timeout is set to 0, sets
   O_NONBLOCK on it. That way people can control if and when to block for
@@ -47,13 +75,6 @@ Features:
 * tighten sd_notify() MAINPID= checks a bit: don't accept foreign PIDs (i.e.
   PIDs not managed by the service manager)
 
-* journald: when we recv a log datagram via the native or syslog transports,
-  search for the PID in the active stream connections, and let's make sure to
-  always process the datagrams before the streams. Then, cache client metadata
-  per stream in the stream object. This way we can somewhat fix the race with
-  quickly exiting processes which log as long as they had their own stream
-  connection...
-
 * hostnamed: populate form factor data from a new hwdb database, so that old
   yogas can be recognized as "convertible" too, even if they predate the DMI
   "convertible" form factor
@@ -94,8 +115,6 @@ Features:
 
 * maybe introduce gpt auto discovery for /var/tmp?
 
-* set ProtectSystem=strict for all our usual services.
-
 * fix PrivateNetwork= so that we fall back gracefully on kernels lacking
   namespacing support (similar for the other namespacing options)
 
@@ -140,8 +159,6 @@ Features:
 
 * enable LockMLOCK to take a percentage value relative to physical memory
 
-* switch to ProtectSystem=strict for all our long-running services where that's possible
-
 * Permit masking specific netlink APIs with RestrictAddressFamily=
 
 * nspawn: start UID allocation loop from hash of container name
@@ -168,9 +185,6 @@ Features:
 
 * DeviceAllow= should also generate seccomp filters for mknod()
 
-* Add DataDirectory=, CacheDirectory= and LogDirectory= to match
-  RuntimeDirectory=, and create it as necessary when starting a service, owned by the right user.
-
 * make sure the ratelimit object can deal with USEC_INFINITY as way to turn off things
 
 * journalctl: make sure -f ends when the container indicated by -M terminates
@@ -437,25 +451,18 @@ Features:
 * sd-bus:
   - EBADSLT handling
   - GetAllProperties() on a non-existing object does not result in a failure currently
-  - kdbus: process fd=-1 for incoming msgs
   - port to sd-resolve for connecting to TCP dbus servers
-  - kdbus: maybe add controlling tty metadata fields
   - see if we can introduce a new sd_bus_get_owner_machine_id() call to retrieve the machine ID of the machine of the bus itself
-  - when kdbus does not take our message without memfds, try again with memfds
   - see if we can drop more message validation on the sending side
   - add API to clone sd_bus_message objects
   - make AddMatch calls on dbus1 transports async?
-  - kdbus: matches against source or destination pids for an "strace -p"-like feel. Problem: The PID info needs to be available in userspace too...
   - longer term: priority inheritance
   - dbus spec updates:
-       - kdbus mapping
        - NameLost/NameAcquired obsolete
        - GVariant
        - path escaping
   - update systemd.special(7) to mention that dbus.socket is only about the compatibility socket now
   - test bloom filter generation indexes
-  - kdbus: introduce a concept of "send-only" connections
-  - kdbus: add counter for refused unicast messages that is passed out via the RECV ioctl. SImilar to the counter for dropped multicast messages we already have.
 
 * sd-event
   - allow multiple signal handlers per signal?
@@ -475,8 +482,6 @@ Features:
 
 * maybe add a generator that looks for "systemd.run=" on the kernel cmdline for container usercases...
 
-* cgtop: make cgtop useful in a container
-
 * test/:
   - add 'set -e' to scripts in test/
   - make stuff in test/ work with separate output dir
@@ -726,8 +731,6 @@ Features:
 
 * cryptsetup:
   - cryptsetup-generator: allow specification of passwords in crypttab itself
-  - move cryptsetup key caching into kernel keyctl?
-    https://bugs.freedesktop.org/show_bug.cgi?id=54982
   - support rd.luks.allow-discards= kernel cmdline params in cryptsetup generator
 
 * hw watchdog: optionally try to use the preset watchdog timeout instead of always overriding it
@@ -735,6 +738,8 @@ Features:
 
 * create /sbin/init symlinks from the build system
 
+* add a dependency on standard-conf.xml and other included files to man pages
+
 * MountFlags=shared acts as MountFlags=slave right now.
 
 * properly handle loop back mounts via fstab, especially regards to fsck/passno
@@ -747,8 +752,6 @@ Features:
   - add trigger --subsystem-match=usb/usb_device device
   - reimport udev db after MOVE events for devices without dev_t
 
-* when a service has the same env var set twice we actually store it twice and return that in systemctl show -p... We should only show the last setting
-
 * There's currently no way to cancel fsck (used to be possible via C-c or c on the console)
 
 * add option to sockets to avoid activation. Instead just drop packets/connections, see http://cyberelk.net/tim/2012/02/15/portreserve-systemd-solution/
@@ -807,10 +810,7 @@ Features:
 
 * dot output for --test showing the 'initial transaction'
 
-* fingerprint.target, wireless.target, gps.target, netdevice.target
-
 * pid1:
-  - .timer units should optionally support CLOCK_BOOTTIME in addition to CLOCK_MONOTONIC
   - When logging about multiple units (stopping BoundTo units, conflicts, etc.),
     log both units as UNIT=, so that journalctl -u triggers on both.
   - generate better errors when people try to set transient properties
@@ -846,12 +846,9 @@ Features:
   - load-fragment: when loading a unit file via a chain of symlinks
     verify that it is not masked via any of the names traversed.
   - introduce Type=pid-file
-  - ExecOnFailure=/usr/bin/foo
   - introduce mix of BindTo and Requisite
   - add a concept of RemainAfterExit= to scope units
-  - Set NoNewPrivileges= on all of our own services, where that makes sense
   - Allow multiple ExecStart= for all Type= settings, so that we can cover rescue.service nicely
-  - consider adding RuntimeDirectoryUser= + RuntimeDirectoryGroup=
 
 * udev-link-config:
    - Make sure ID_PATH is always exported and complete for
@@ -893,7 +890,6 @@ Features:
 
 * dhcp:
    - figure out how much we can increase Maximum Message Size
-   - support RFC4702 (pass FQDN)
 
 * dhcp6:
    - add functions to set previously stored IPv6 addresses on startup and get
@@ -925,8 +921,6 @@ External:
 
 * drop accountsservice's StandardOutput=syslog and Type=dbus fields
 
-* dbus: in fedora, make /var/lib/dbus/machine-id a symlink to /etc/machine-id
-
 * /usr/bin/service should actually show the new command line
 
 * fedora: suggest auto-restart on failure, but not on success and not on coredump. also, ask people to think about changing the start limit logic. Also point people to RestartPreventExitStatus=, SuccessExitStatus=