diff options
| author | Lennart Poettering <lennart@poettering.net> | 2023-02-21 09:49:30 +0100 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2023-02-21 10:18:33 +0100 |
| commit | 512f2da5c7009bbc72ce2167badd50c06aa0037a (patch) | |
| tree | 838ba49b30be7d6c02e93ab3aababc18b8b25d19 /TODO | |
| parent | f72dcb92c458f66efbdc2dc0b0b611e873c2fd70 (diff) | |
| download | systemd-512f2da5c7009bbc72ce2167badd50c06aa0037a.tar.gz | |
update TODO
Diffstat (limited to 'TODO')
| -rw-r--r-- | TODO | 11 |
1 files changed, 11 insertions, 0 deletions
@@ -129,6 +129,17 @@ Deprecations and removals: Features: +* landlock: lock down RuntimeDirectory= via landlock, so that services lose + ability to write anywehere else below /run/. Similar for + StateDirectory=. Benefit would be clear delegation via unit files: services + get the directories they get, and nothing else even if they wanted to. + +* landlock: for unprivileged systemd (i.e. systemd --user), use landlock to + implement ProtectSystem=, ProtectHome= and so on. Landlock does not require + privs, and we can implement pretty similar behaviour. Also, maybe add a mode + where ProtectSystem= combined with an explicit PrivateMounts=no could request + similar behaviour for system services, too. + * Add systemd-mount@.service which is instantiated for a block device and invokes systemd-mount and exits. This is then useful to use in ENV{SYSTEMD_WANTS} in udev rules, and a bit prettier than using RUN+= |