+* shutdown: don't read-only mount anything when running in container
+
+* nspawn: --read-only is not applied recursively to submounts
+
+* MountFlags=shared acts as MountFlags=slave right now.
+
+* ReadOnlyDirectories= is not applied recursively to submounts
+
+* drop PID 1 reloading, only do reexecing (difficult: Reload()
+ currently is properly synchronous, Reexec() is weird, because we
+ can't delay the response properly until we are back, so instead of
+ being properly synchronous we just keep open the fd and close it
+ when done. That means clients don't get a succesful method reply,
+ but much rather a disconnect on success.
+
+* document that service reload may be implemented as service reexec