Merge pull request #13217 from poettering/TODO-updates

udev: warn if rules files are executable

2 files changed, 4 insertions, 6 deletions

diff --git a/TODO b/TODO
index ba3e7cf8f5..b10eafe663 100644
--- a/TODO
+++ b/TODO
@@ -83,8 +83,6 @@ Features:
 * make rfkill uaccess controllable by default, i.e. steal rule from
   gnome-bluetooth and friends
 
-* warn if udev rules files are marked executable (docker?)
-
 * tweak journald context caching. In addition to caching per-process attributes
   keyed by PID, cache per-cgroup attributes (i.e. the various xattrs we read)
   keyed by cgroup path, and guarded by ctime changes. This should provide us
@@ -116,9 +114,6 @@ Features:
 
 * when no locale is configured, default to UEFI's PlatformLang variable
 
-* When logind.conf contains HandleLidSwitch=suspend-then-hibernate and we can't
-  hibernate because the swap partition isn't large enough, still suspend
-
 * bootctl,sd-boot: actually honour the "architecture" key
 
 * add a new syscall group "@esoteric" for more esoteric stuff such as bpf() and
@@ -154,7 +149,8 @@ Features:
   non-zero "tries done" count
 
 * maybe set a special xattr on cgroups that have delegate=yes set, to make it
-  easy to mark cut points
+  easy to mark cut points, then use this information in "systemd-cgls" to show
+  them (e.g. color delegated subtrees in a different color)
 
 * introduce an option (or replacement) for "systemctl show" that outputs all
   properties as JSON, similar to busctl's new JSON output. In contrast to that
diff --git a/src/udev/udev-rules.c b/src/udev/udev-rules.c
index 64b0b9b102..3473a7eb7e 100644
--- a/src/udev/udev-rules.c
+++ b/src/udev/udev-rules.c
@@ -1186,6 +1186,8 @@ static int parse_file(UdevRules *rules, const char *filename) {
                 return -errno;
         }
 
+        (void) fd_warn_permissions(filename, fileno(f));
+
         if (null_or_empty_fd(fileno(f))) {
                 log_debug("Skipping empty file: %s", filename);
                 return 0;