Lines Matching refs:on
23 * fedora: suggest auto-restart on failure, but not on success and not on coredump. also, ask people…
56 - instantiated apache, dovecot and so on
103 kernel PCR state, without breaking things on every kernel update. As long as
107 on the measured kernel/initrd of course, thus we cannot put the signature
153 on subsequent boots. Then provide a tool to sign code with the key in the
175 * add a clear concept how the initrd can make up credentials on their own to
181 depending on whether a specific system credential is set. Usecase: a service
191 for it, or when read() returns EAGAIN or on IN_Q_OVERFLOW. Then, whenever we
198 creds, sysexts and so on. similar to existing variable of sd-boot
210 on verification if in secureboot mode
224 microcode does that on its own. Pass as first initrd to kernel.
260 extending the command line to enable vsock on the VM, and using fw_cfg to
304 files, drivers, keys to enroll and so on. Then, add whatever we find that way
318 sd-stub, so that machine ID is stable even on systems where unified kernels
328 but operates on /etc/ instead of /usr/ and /opt/. Use case would be: trusted,
358 make it harder for the service to identify the host. Depending on the user
384 vs. Question vs. Transaction vs. Stream and so on.
411 traffic on port 53 to resolved stub 127.0.0.54
441 dissection logic, so that nspawn/RootImage= and so on grok it. Maybe make
446 simple version control. Also use this in systemd-nspawn --image= and so on.
455 we'll neatly prompt for the homedir's password if its needed. –– Building on
471 * drop dependency on libcap, replace by direct syscalls based on
482 on-disk storage.
501 externally and provide to us on demand only.
504 be ANY (to mount anything), TRUSTED (to require that /usr is on signed
506 on signed verity, except for ESP), SUPERLOCKDOWN (like LOCKEDDOWN but ESP not
517 on boot. (i.e. maybe add a crypttab option tpm2-measure=8 or so to measure it
547 defined on the host, plus all images installed into /var/lib/machines/,
548 /var/lib/portable/ and so on.
566 off screen and run it automatically on boot failures, emergency logs and
571 * introduce /dev/disk/root/* symlinks that allow referencing partitions on the
572 disk the rootfs is on in a reasonably secure way. (or maybe: add
595 * Add a concept of ListenStream=anonymous to socket units: listen on a socket
605 invoked on processes forked off PID 1.
639 * cyptsetup: add option for automatically removing empty password slot on boot
642 entered, and we are on battery power (or so), power off machine again
722 operate on disk images directly. Specifically: bootctl, systemctl,
726 * seccomp: by default mask x32 ABI system wide on x86-64. it's on its way out
741 * unify on openssl:
743 - figure out what to do about libmicrohttpd, which has a hard dependency on
767 hence on each event loop iteration check all processes which we shall watch
771 waitid() only on the children with the highest priority until one is waitable
772 and ignore all lower-prio ones from that point on
774 * maybe introduce xattrs that can be set on the root dir of the root fs
792 based on the battery load level: if battery level is above a specific
798 automatically when the system is low on power and move automatically to
815 from /proc/$PID/ in a stable, and unique way that changes on both fork() and
830 * maybe trigger a uevent "change" on a device if "systemctl reload xyz.device"
850 * paranoia: whenever we process passwords, call mlock() on the memory
860 * optionally: turn on cgroup delegation for per-session scope units
890 2. check if swap is on weird storage and refuse if so
899 files and suchlike we operate on.
935 /etc/resolv.conf. Should be smart and do something useful on read-only
943 and so on, which would mean we could report errors and such.
950 different slice too by default. Usecase: people who want to put resources on
975 doing disk usage calculations and so on.
1002 possibly implement a CPULoad property based on it.
1015 * In DynamicUser= mode: before selecting a UID, use disk quota APIs on relevant
1018 * expose IO accounting data on the bus, show it in systemd-run --wait and log
1035 process), so that it may be queried on the bus and everything.
1066 on PID 1 with the relevant signals, and makes relevant files in /sys and
1076 a user/group for a service only has to exist on the host for the right
1083 * add bus API to retrieve current unit file contents (i.e. implement "systemctl cat" on the bus onl…
1111 * fstab-generator: default to tmpfs-as-root if only usr= is specified on the kernel cmdline
1175 …hat automatically discovers btrfs subvolumes, identifies their purpose based on some xattr on them.
1181 * For timer units: add some mechanisms so that timer units that trigger immediately on boot do not …
1211 * when we detect low battery and no AC on boot, show pretty splash and refuse boot
1215 * be more careful what we export on the bus as (usec_t) 0 and (usec_t) -1
1231 * There's currently no way to cancel fsck (used to be possible via C-c or c on the console)
1241 * Make it possible to set the keymap independently from the font on
1250 * be able to specify a forced restart of service A where service B depends on, in case B
1255 log both units as UNIT=, so that journalctl -u triggers on both.
1261 - recreate systemd's D-Bus private socket file on SIGUSR2
1265 - Support --test based on current system state
1273 but much rather a disconnect on success.
1288 - allow writing multiple conditions in unit files on one line
1296 - Modulate timer frequency based on battery state
1302 * on shutdown: move utmp, wall, audit logic all into PID 1 (or logind?), get rid of systemd-update-…
1310 * add a pam module that on password changes updates any LUKS slot where the password matches
1337 * systemd-inhibit: make taking delay locks useful: support sending SIGINT or SIGTERM on PrepareForS…
1345 * add a dependency on standard-conf.xml and other included files to man pages
1355 - GetAllProperties() on a non-existing object does not result in a failure currently
1358 - see if we can drop more message validation on the sending side
1388 the host on invocation
1400 installer images can just drop the certfiicates in the ESP, and on first boot
1416 - recognize the case when not booted on EFI
1424 - make it operate on loopback files, dissecting enough to find ESP to operate on
1448 - expose "Locked" property on logind session objects
1456 - expose details of boot entries on the bus. In particular, it should be possible
1467 …in or lingering is on (so that containers don't bother with it until PAM is used). also exit-on-id…
1488 - journal: find a way to allow dropping history early, based on priority, other rules
1489 - journal: When used on NFS, check payload hashes
1510 - man: document that corrupted journal files is nothing to act on
1515 invoke those daemons on the host AND in a container anymore). Also,
1533 time-based policy, so that the verification key can remain on host and ve
1546 with a nice speed-up on services that have many processes running in the same
1551 O_NONBLOCK on it. That way people can control if and when to block for
1567 - GNOME's side for forget key on suspend (requires rework so that lock screen runs outside of uid)
1568 …- update LUKS password on login if we find there's a password that unlocks the JSON record but not…
1569 - create on activate?
1585 … is used, synthesize ssh-authorized-keys records for all keys we have private keys on the stick for
1594 the right one for signing records automatically depending on a pre-existing
1598 - as an extension to the directory+subvolume backend: if located on
1610 fallback logic to get a regular user created on uninitialized systems.
1615 - on login, if we can't fallocate initially, but rebalance is on, then allow
1624 partition on disk, but only if it is marked for growing and not read-only.
1631 another machine, ensuring that luks key is generated on new machine, not old)
1635 * systemd-repart: maybe remove half-initialized image on failure. It fails
1637 something goes wrong on the way.
1639 * systemd-repart: drop pager mode on normal operation?
1692 - "systemctl disable" on a static unit prints no message and does
1722 operates on lexicographically before starting to work, in order to
1750 - fix logic always print a final newline on output.
1772 * nspawn: on cgroupsv1 issue cgroup empty handler process based on host events,
1780 for hangup or ^D before passing on the EOF.
1813 - apply "x" on "D" too (see patch from William Douglas)
1825 on Path= matching
1837 …- dhcp: do we allow configuring dhcp routes on interfaces that are not the one we got the dhcp inf…
1839 a carrier is lost on a link. It should be removed instantly.
1859 - add functions to set previously stored IPv6 addresses on startup and get