mirror of
https://github.com/systemd/systemd
synced 2024-07-08 20:15:55 +00:00
update TODO
This commit is contained in:
parent
b33c2757d8
commit
bbe29ca29b
12
TODO
12
TODO
|
@ -79,6 +79,11 @@ Janitorial Clean-ups:
|
|||
|
||||
Features:
|
||||
|
||||
* journald: generate recognizable log events whenever we shutdown journald
|
||||
cleanly, and when we migrate run → var. This way tools can verify that a
|
||||
previous boot terminated cleanly, because either of these two messages must
|
||||
be safely written to disk, then.
|
||||
|
||||
* systemd-creds: extend encryption logic to support asymmetric
|
||||
encryption/authentication. Idea: add new verb "systemd-creds public-key"
|
||||
which generates a priv/pub key pair on the TPM2 and stores the priv key
|
||||
|
@ -92,6 +97,9 @@ Features:
|
|||
the dropped in certs and encrypted with machine pubkey, and pass to machine.
|
||||
Machine is then able to authenticate you, and confidentiality is guaranteed.
|
||||
|
||||
* building on top of the above, the pub/priv key pair generated on the TPM2
|
||||
should probably also one you can use to get a remote attestation quote.
|
||||
|
||||
* bootctl: add "gc" verb that loads all type #1 .conf files, and then removes
|
||||
all files from the set of files from the ESP/XBOOTLDR matching the entry
|
||||
token that are not referenced by any. Then, change kernel-install to use only
|
||||
|
@ -109,6 +117,10 @@ Features:
|
|||
|
||||
* run-generator: allow defining additional commands to run via a credential
|
||||
|
||||
* resolved: allow defining additional /etc/hosts entries via a credential (it
|
||||
might make sense to then synthesize a new combined /etc/hosts file in /run
|
||||
and bind mount it on /etc/hosts for other clients that want to read it.
|
||||
|
||||
* define a JSON format for units, separating out unit definitions from unit
|
||||
runtime state. Then, expose it:
|
||||
|
||||
|
|
Loading…
Reference in New Issue
Block a user