Merge pull request #3818 from poettering/exit-status-env

beef up /var/tmp and /tmp handling; set $SERVICE_RESULT/$EXIT_CODE/$EXIT_STATUS on ExecStop= and make sure root/nobody are always resolvable

1 files changed, 0 insertions, 10 deletions

diff --git a/TODO b/TODO
index bb36522bf9..723292cde0 100644
--- a/TODO
+++ b/TODO
@@ -35,27 +35,17 @@ Features:
 
 * RemoveIPC= in unit files for removing POSIX/SysV IPC objects
 
-* Set SERVICE_RESULT= as env var while running ExecStop=
-
 * Introduce ProtectSystem=strict for making the entire OS hierarchy read-only
   except for a select few
 
 * nspawn: start UID allocation loop from hash of container name
 
-* in the DynamicUser=1 nss module, also map "nobody" and "root" statically
-
-* pid1: log about all processes we kill with with SIGKILL or in abandoned scopes, as this should normally not happen
-
 * nspawn: support that /proc, /sys/, /dev are pre-mounted
 
-* nspawn: mount esp, so that bootctl can work
-
 * define gpt header bits to select volatility mode
 
 * nspawn: mount loopback filesystems with "discard"
 
-* Make TasksMax= take percentages, taken relative to the pids_max sysctl and pids.max cgroup limit
-
 * ProtectKernelLogs= (drops CAP_SYSLOG, add seccomp for syslog() syscall, and DeviceAllow to /dev/kmsg) in service files
 
 * ProtectClock= (drops CAP_SYS_TIMES, adds seecomp filters for settimeofday, adjtimex), sets DeviceAllow o /dev/rtc