diff options
author | Lennart Poettering <lennart@poettering.net> | 2021-10-04 10:31:04 +0200 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2021-10-07 15:43:24 +0200 |
commit | da3ab57cbc7915031362744ce646b3c40eb1b9a8 (patch) | |
tree | 35ed451e63e59eeeab08b9867e9af215227d6594 /TODO | |
parent | 4c737f4ef1e519652f0a04ca68602f82525e47a7 (diff) | |
download | systemd-da3ab57cbc7915031362744ce646b3c40eb1b9a8.tar.gz |
update TODO
Diffstat (limited to 'TODO')
-rw-r--r-- | TODO | 5 |
1 files changed, 5 insertions, 0 deletions
@@ -83,6 +83,11 @@ Janitorial Clean-ups: Features: +* /etc/veritytab: allow that the roothash column can be specified as fs path + including a path to an AF_UNIX path, similar to how we do things with the + keys of /etc/crypttab. That way people can store/provide the roothash + externally and provide to us on demand only. + * add high-level lockdown level for GPT dissection logic: e.g. an enum that can be ANY (to mount anything), TRUSTED (to require that /usr is on signed verity, but rest doesn't matter), LOCKEDDOWN (to require that everything is |