= For Next Fedora Release =====================================================

o see RELEASE_CHECKLIST

= For 1.0 =====================================================================

o already_mounted() needs to handle /etc/mtab entries for dm-crypt volumes
mounted with patched util-linux.

o add printf and debug options that may be specified in pam.d.

o /home/test will not unmount.

o get test account working with patched mount and remove "crypt" type support.
	- see FIXME: ugly hack...
	- ensure "check for existing mount works with patched mount

o passwdehd needs work.

o make a test system that takes XML and creates  pam_mount.conf, images,
efsk's, mnt points and check script.

%if %{?WITH_SELINUX:0}%{!?WITH_SELINUX:1}
%define WITH_SELINUX 1
%endif
Summary: The GNU core utilities: a set of tools commonly used in shell scripts
Name:    coreutils
Version: 5.2.1
Release: 6
License: GPL
Group:   System Environment/Base
Url:     ftp://alpha.gnu.org/gnu/coreutils/
%if %{WITH_SELINUX}
BuildRequires: libselinux-devel
%endif

o scrub pam_mount.conf

o add shfs support

o finish .*_valid invariants.

o finish using struct invariants throghout code.

o write class invariant function for assertions

o int to gboolean and 1/0 to TRUE/FALSE

o Migrate to glib functions.

o replace PRE, POST and FN VAL conditions with asserts in code where applicable
	- Document fns with INPUT, SIDE AFFECTS and OUTPUT
	- assert that side affects happen if OUTPUT is not an error code
	- only one return statement per function so assertions may be made

	- readconfig.c (started -- see last INPUT)
	- pam_mount.c
	- mount.c
	- pmvarrun.c

- Description is a bit longish - certainly not showstopper but it might be
better to give a brief description there and perhaps refer to some README in the
docs dir

o help test new mount/cryptsetup patch.
	- does not umount right
	- configure needs to -lselinux with -lcryptsetup
	- need to update selinux policy

o how can I determine target user name when root su's to another user
or when I ssh using public key?

o pam_mount should chdir("/") right before unmounting, not earlier
(for Brandon).

o remove include/new from CVS

o splint -I. -I.. -I../include -I/usr/include/glib-2.0 -I/usr/lib/glib-2.0/include +posixlib mount.c | less

o ensure include/new/* and include/new are cvs rm'ed (should be)

o scrub code on Savannah after break in?
	The following files were committed after system restore (and should not need scrubbing):
		buffer.c
		common.c
		modifiers.c
		template.c
		fmt_ptrn.c
		<all include-fmt_ptrn except pair.h and Makefile.am>

o need progress feedback from fsck, especially for gdm.

o once mount supports cryptsetup natively remove hacks from (search for "some day"):
	misc.c
	pam_mount.h
	mount.c
	readconfig.c
	pam_mount_macros.te
	MY INSTALLED pam_mount.conf

o replace vol_t fields with one fmt_ptrn and add value_query fn to
fmt_ptrn lib?

o regression tests:
	options = '-', do not use fstab
	options = '-', use fstab (mnt pt not defined either)

o ????? return to using user owned /var/run/pam_mount/test -- document
in code that this is a good idea to allow an option to ssh users besides
turning of priv. sep code.  Also, it renders the benefits of /etc/fstab
use.  BUT CAN SSH CREATE /var/run/ ENTRIES WHEN PRIV SEP ENABLED?

o fix detecting of previously mounted volumes that used --bind.

o test new "no --bind with remote mount" code.  (and ensure --bind is
used for local mounts)

o Test/scrub glib code in optlist.c, etc.

o Should -N go in pam_mount.conf like it is now?  Shall I put this in
conf/pam_mount.conf?  How does hashing/not hashing affect scripts?

o ensure const's are used (see esp. hash argument to hash_authtok).

o ensure NULL-termination is guarenteed everytime strlen is used.

o fix gconfd-2 blocking umount problem (gconfd-2).
		ALSO:
		bonobo-ac	/home/test (bonobo-activation-server)
		gnome-set	/home/test (gnome-settings-daemon)
		xscreensa	/home/test (xscreensaver -nosplash)
		mapping-d	/home/test (mapping-daemon)
		esd

o If losetup does not regain -k option, modify scripts.

o Scrub code one last time and allow people to test for a few weeks.

o Get rid of FIXMEs.

o Perhaps /var/run/pam_mount/* should be owned by root so users can not
edit it (see related FIXMEs)?  Currently testing.

= OpenBSD =====================================================================

o Add losetup/fsck code.

o Add support to vnconfig for reading passwords from stdin so that
it can be used for EHD on OBSD.

o Can't tell if EHD is already mounted on OpenBSD because mount says:
/dev/svnd0c on /home/mike/enc..., not /home/mike.img on /home/mike/enc.

o Make EHD on OpenBSD and Linux as similar as possible document EHD
on OpenBSD.

o Test new openpam to ensure OpenBSD patches are integrated.

= Past 1.0 (punted) ===========================================================

o fork a (one, don't fork again if its already running) daemon that
continues to try and unmount volumes after a user logs out.  pam_mount
would pass the daemon volumes to unmount and cancel things if the user
logs back in.  HOW WOULD ALL OF THIS BE AUTHENTICATED?

o use libgcrypt instead of openssl?

o share configuration reading and sanity checks with authconfig using
a shared library.

o Break into multiple (root priveleged and user priv.) processes? 
	- See /* This code needs root priv. */
	- root "exec program" process (or user + "mount" POSIX capability? CAP_SYS_ADMIN (not very fine-grained)) use shared memory (see shmget) to pass argv to root process.
	- root "logger" process (or user + "logging" POSIX capability?)
	- root "update /var/run/pam_mount" process (or pseudouser/group that ownes /var/run/pam_mount?)
	- all else run with user privs.
  - OR -
	- reduce features
  - OR -
	- split into multiple pam modules, pam_fsck, etc.

o Get umount -l to release loop device when appropriate and possible?

o Ensure util-linux-2.11z-mountpoint.patch is in mail util-linux.

o Make pam_mount.c and mount.c completely binary passwd safe.

o Does auth code still work with null password?

o Debian-guy security flaw?  If changed, update luserconf info in
pam_mount.conf and pam_mount.xml.

o Why does pam_mount not work with RH 9.0's gdm?  Socket issue?
	I HAVE REPORTS THAT IT WORKS NOW.  DOES IT?

o Fix GNOME so that Gconfd does not hang around after a user exits.
This is causing pam_mount's umount to fail on Red Hat 8.0 and Debian
unstable.  In Red Hat bugzilla.

o Deamon to unmount volume after all processes finally exit after a user logs
out?  What if a user uses nohup?

o Change & config syntax to allow groups to be used.

o Remove pmhelper code completely from readconfig.c.

o Get smbmount and ncpmount to support mount-like -p0 option to simplify
pmhelper's code (Or ncpmount and mount to support PASSWD like smbmount).

o Fix Debian: see README_DEBIAN.

o Ensure that NFS shares are working.  Document NFS use.  Get TCFS
working.  Get SSLed NFS shares working.

o Add the ability to create an encrypted loopback filesystem to useradd.
This should also create a README file in, for example, /home/mike that
explains setup.  (useradd is a part of passwd package, adduser is a part
of adduser package).

o Modify passwd to update /home/mike.key.  Add -p, --post-script option
to run passwdehd?  (See passwdehd script)

o Get pam_mount in standard and Red Hat pam dist.

o Get supported by Red Hat.
	- Need upstream linux-utils/kernel to support encr.

o Make home directory images scalable in size (resize.*fs?).

o From Roman Sliva <roman.sliva@vsb.cz>: pam_mount doesn't mount ncp
filesystems of Novell servers using NDS - full context username must be
provided to ncpmount -U option (not just short unix name).  I solve this
by writing wrapper script for ncpmount, which gets full context username
using ldapsearch. I think a possibility of cooperation directly with
pam_ldap might be a great solution.

	- For NDS, use username to look up full context using LDAP?
		. email pam_ldap folks about sharing:
			1.  /etc/ldap.conf.
			2.  _get_user_info (gets userdn -- used by 
			    ldap_simple_bind).
	- SENT EMAIL TO PAM_LDAP MAINT. ABOUT EXPORTING LDAP INFO. USING
	PAM_SET_DATA.  WILL ALSO NEED TO IMPLEMNT A HACK TO ALLOW THIS
	INFO TO BE REFERENCED IN VOLUME DEFINITIONS UNTIL NICE, NEW
	VOLUME DEF. CODE IS IMPLEENTED.

o Write a nice GNOME control center applet to configre mounts.

o Tie in to xscreensaver?

= Personal ====================================================================

o Figure out better way to handle ~/.gnome/photo and move
/home/mike-nocrypt/.gnome back into ~.  Linux does not support union
mounting?
