dasharo/systemd
0
0
Fork 0
mirror of https://github.com/Dasharo/systemd.git synced 2026-03-06 15:02:31 -08:00
Code Issues Packages Projects Releases Wiki Activity

update TODO

Browse Source
This commit is contained in:
Lennart Poettering
2022-10-14 21:21:46 +02:00
parent f44ed151c6
commit a67a50e8f4
1 changed files with 2 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
TODO
View File

@@ -451,9 +451,8 @@ Features:
and via the time window TPM logic invalidated if node doesn't keep itself
updated, or becomes corrupted in some way.
* Always measure the LUKS rootfs volume key into PCR 15, and derive the machine
ID from it securely. This would then allow us to bind secrets a specific
system securely.
* in the initrd, once the rootfs encryption key has been measured to PCR 15,
derive default machine ID to use from it, and pass it to host PID 1.
* tree-wide: convert as much as possible over to use sd_event_set_signal_exit(), instead
of manually hooking into SIGINT/SIGTERM