* maybe add DefaultTimerAccuracySec= as global config option to set AccuracySec='s default value in .timer units
-* mount /sys/fs/cgroup read-only (but leave the subdirs writable)
-
* gpt-auto-generator:
- Support LUKS for root devices
- Define new partition type for encrypted swap? Support probed LUKS for encrypted swap?
* support transient mount units
-* Imply DevicePolicy=closed and CapabilityBoundingSet=~CAP_SYS_MKNOD when PrivateDevices= is used
+* Imply DevicePolicy=closed when PrivateDevices= is used. Mount
+ pts+kdbus+shm+mqueue into /dev namespace
* add an "input" group to udev logic and add all input devices to it
-* libsystemd-login: implement getpeer_unit(), get_peer_slice(), ...
-
* machined: provide calls GetMachineByAddress() on the manager
interface to get the machine for a local IP address, and
GetAddress() on the Machine interface to get the Address for a
* sd-bus:
- when kdbus doesn't take our message without memfds, try again with memfds
- - implement monitor logic
- see if we can drop more message validation on the sending side
- add API to clone sd_bus_message objects
- systemd-bus-proxyd needs to enforce good old XML policy
- - upload minimal kdbus policy into the kernel at boot
- kdbus: matches against source or destination pids for an "strace -p"-like feel. Problem: The PID info needs to be available in userspace too...
- longer term: priority inheritance
- - check sender of response messages
- dbus spec updates:
- kdbus mapping
- NameLost/NameAcquired obsolete