From 9287925a0dc4d54cf880648744aecae982e92e68 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Fri, 19 May 2023 13:37:22 +0200 Subject: [PATCH] update TODO --- TODO | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/TODO b/TODO index 54d459eadd..ee3f65e085 100644 --- a/TODO +++ b/TODO @@ -129,6 +129,15 @@ Deprecations and removals: Features: +* open up creds for uses in generators, and document clearly that encrypted + creds are only supported if strictly tpm bound, but not when using the host + secret (as that is only avilable if /var/ is around. + +* logind: when logging in, always take an fd to the home dir, to keep the dir + busy, so that autofs release can never happen. (this is generally a good + idea, and specifically works around the fact the autofs ignores busy by mount + namespaces) + * mount most file systems with a restrictive uidmap. e.g. mount /usr/ with a uidmap that blocks out anything outside 0…1000 (i.e. system users) and similar.