= For 1.0 =====================================================================

o With openpam's su, euid and uid of su process is 1000/1000 during
close_session.  Should be 0/1000 for unmount.  Is the same true on
Linux?  NOT ON DEBIAN WOODY! I modified openpam's su so it wouldn't 
do this anymore.  Should I report change to openpam folks?
	|
	+-> related: does /var/run/pam_mount/user have to owned by user or not?
	|	if not do I need to check the number it contains carefully.
	|
	--> If su should drop privs then how will I unmount on OBSD?!
	|
	|
	--> But when I logout of a Debian /login/ session, PAM's e/uid
	is 1000/1000!  What about Red Hat or newer Debian?  What is the
	correct behavior here?

o Also related to openpam su: memcpy is broken?  Causes username argument
to be used as first argument to bash when "su mike" is issued!

o Make EHD on OpenBSD and Linux as similar as possible document EHD
on OpenBSD.

o Re-enable rpm and deb in top-level makefile publish target.

o Does configure's libcrypt check work?  Is -lcrypt or -lssl req.
on Linux?  It seems only -lcrypto is required on OpenBSD.  I need to
install OpenSSL on Debian to test this.

o Why does pam_mount not work with ssh?

o Does new smbmount code work?

o Does new ncpmount code work?

o Ensure mounting a volume as root does not prohibit user from changing
permissions on it.  Ensure users can unmount pam_mounted volumes
(or document).

o Fix GNOME so that Gconfd does not hang around after a user exits.
This is causing pam_mount's umount to fail on Red Hat 8.0 and Debian
unstable.  In Red Hat bugzilla.

o Evaluate fns related to options_allow, deny, and require (use splint?).

o Security audit.  Scrub code for buffer overflows and other
security-related bugs (use splint?):
mount.c
pam_mount.c

= Past 1.0 (punted) ===========================================================

o Remove pmhelper code completely from readconfig.c.

o Use format like smbmount /usr/bin/smbmount %user ... in pam_mount.conf
to simplify code in pmhelper.c.  This will make pam_mount much more
flexible too.  No smbmount, ncpmount, lclmount-specific code will
be required in smbmount.c.

o Get smbmount and ncpmount to support mount-like -p0 option to simplify
pmhelper's code (Or ncpmount and mount to support PASSWD like smbmount).

o Fix Debian:
	Mounting encrypted loopback volumes with keybits option broken
		in unstable (bug 163639)
	CLOSE_SESSION set to no in /etc/login.defs (bug 163635)

o Get rid of FIXME and XXXs.

o Ensure that NFS shares are working.  Document NFS use.  Get TCFS working.

o Add the ability to create an encrypted loopback filesystem to useradd.
This should also create a README file in, for example, /home/mike that
explains setup.

o Modify passwd to update /home/mike.key.  Add -p, --post-script option
to run passwdehd?  (See passwdehd script)

o Get pam_mount in standard and Red Hat pam dist.

o Get supported by Red Hat.
	- Need upstream linux-utils/kernel to support encr.

o Make home directory images scalable in size (resize.*fs?).

o From Roman Sliva <roman.sliva@vsb.cz>: pam_mount doesn't mount ncp
filesystems of Novell servers using NDS - full context username must be
provided to ncpmount -U option (not just short unix name).  I solve this
by writing wrapper script for ncpmount, which gets full context username
using ldapsearch. I think a possibility of cooperation directly with
pam_ldap might be a great solution.

	- For NDS, use username to look up full context using LDAP?
		. email pam_ldap folks about sharing:
			1.  /etc/ldap.conf.
			2.  _get_user_info (gets userdn -- used by 
			    ldap_simple_bind).

= Personal ====================================================================

o Figure out better way to handle ~/.gnome/photo and move
/home/mike-nocrypt/.gnome back into ~.
