* core/cgroup: support net_cls modules, and support automatically allocating class ids, then add support for making firewall changes depending on it, to implement a per-service firewall
* core/cgroup: support net_cls modules, and support automatically allocating class ids, then add support for making firewall changes depending on it, to implement a per-service firewall
-* bus-proxy: reload policy when PID 1 reports a reload
-
* introduce systemd-nspawn-ephemeral@.service, and hook it into "machinectl start" with a new --ephemeral switch
* logind,machined: add generic catch-all polkit verbs for most priviliged operations, similar to systemd itself
* introduce systemd-nspawn-ephemeral@.service, and hook it into "machinectl start" with a new --ephemeral switch
* logind,machined: add generic catch-all polkit verbs for most priviliged operations, similar to systemd itself