summaryrefslogtreecommitdiff
path: root/TODO
diff options
context:
space:
mode:
Diffstat (limited to 'TODO')
-rw-r--r--TODO8
1 files changed, 2 insertions, 6 deletions
diff --git a/TODO b/TODO
index fb118f1550..5fe1a20734 100644
--- a/TODO
+++ b/TODO
@@ -32,6 +32,8 @@ External:
Features:
+* ProtectedHome= turn into enum, and add "full" option that also marks /etc read-only
+
* generator that automatically discovers btrfs subvolumes, identifies their purpose based on some xattr on them.
* support setting empty environment variables with Environment= and EnvironmentFile=
@@ -68,10 +70,6 @@ Features:
* Add timeout to early-boot, and shut down the system if it is hit. Solves the laptop-in-bag problem and is useful for embedded cases
-* ImmutableSystem=yes/no or so to mount /usr, /boot read-only/invisible, and leave /var and /etc writable
-
-* InaccessibleHome=yes/no or so to hide /home and /run/user from a service
-
* Run most system services with cgroupfs read-only and procfs with a more secure mode
* sd-event: generate a failure of a default event loop is executed out-of-thread
@@ -552,8 +550,6 @@ Features:
* introduce mix of BindTo and Requisite
-* add DeleteSocketsOnStop=yes|no option to socket units
-
* There's currently no way to cancel fsck (used to be possible via C-c or c on the console)
* add option to sockets to avoid activation. Instead just drop packets/connections, see http://cyberelk.net/tim/2012/02/15/portreserve-systemd-solution/