diff options
| author | Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> | 2013-04-21 20:25:01 -0400 |
|---|---|---|
| committer | Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> | 2013-04-21 21:43:43 -0400 |
| commit | a383724e4202ee9681bd31cb668c44bdbbf83638 (patch) | |
| tree | c770133a8de1794fd4fe6d43374e7a5770f3d378 /TODO | |
| parent | 9097fe299f22c46316979356d945ebb494e85814 (diff) | |
systemd,nspawn: use extended attributes to store metadata
All attributes are stored as text, since root_directory is already
text, and it seems easier to have all of them in text format.
Attributes are written in the trusted. namespace, because the kernel
currently does not allow user. attributes on cgroups. This is a PITA,
and CAP_SYS_ADMIN is required to *read* the attributes. Alas.
A second pipe is opened for the child to signal the parent that the
cgroup hierarchy has been set up.
Diffstat (limited to 'TODO')
| -rw-r--r-- | TODO | 3 |
1 files changed, 0 insertions, 3 deletions
@@ -55,8 +55,6 @@ Features: * timedatctl, localectl: possibly make some commands work without the daemon, for chroot situations... -* nspawn: expose init PID, UUID, root directory as cgroup EAs. names should be: 'user.machine_id', 'user.init_pid', 'user.root_directory'. - * logind: consider making suspend inhibitor locks non-session specific, but keep suspend-key inhibitor locks session specific * logind: add Suspend() bus calls which take timestamps to fix double suspend issues when somebody hits suspend and closes laptop quickly. @@ -405,7 +403,6 @@ Features: interfaces to the container - nspawn: maybe add a way to drop additional caps, in addition to add additional caps - nspawn: maybe explicitly reset loginuid? - - nspawn: move all containers to name=systemd:/containers/, and introduce externally visible names for containers - nspawn: make it work for dwalsh and shared /usr containers -- tmpfs mounts as command line parameters, selinux exec context * cryptsetup: |