diff options
author | Lennart Poettering <lennart@poettering.net> | 2021-03-10 22:36:20 +0100 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2021-03-10 22:38:28 +0100 |
commit | 0361cee4284a64ef6cdfd4613d531fa64d36ddab (patch) | |
tree | 1ce5321aa48137c64d47de430ef49795e5c8d905 /TODO | |
parent | a174da59c299f6197425707f23757dc9149e5fba (diff) | |
download | systemd-0361cee4284a64ef6cdfd4613d531fa64d36ddab.tar.gz |
update TODO
Diffstat (limited to 'TODO')
-rw-r--r-- | TODO | 18 |
1 files changed, 17 insertions, 1 deletions
@@ -22,8 +22,24 @@ Janitorial Clean-ups: Features: +* nspawn: default to 1:1 userns + +* Provide a reasonably bespoke solution for mounting host $HOME directories + into containers: + • add new option --mount-user=$USER for mounting $HOME of the user into the + container at the same place + • check /etc/passwd for UID or user name clashes. If UID clash pick a different + UID in container, and map via userns. If user name clash, refuse. If + matching user already exists use that. + • otherwise: write user record of specified user into /run/host/passwd or so + • in nss-systemd pick up user record from there and make available to system + With all that in place if nspawn host and container payload are up-to-date + enough we have a very simple way to make host users available in containers. + * systemd-sysusers: pick up passwords from credentials logic, so that users can - easily set root user pw + easily set root user pw. enable cred inheriting for root user from PID 1, so + that for containers we can configure the root pw automatically via nspawn's + --set-credential= switch. (Also do this for systemd-firstboot) * whenever we receive fds via SCM_RIGHTS make sure none got dropped due to the reception limit the kernel silently enforces. |