* core/cgroup: support net_cls modules, and support automatically allocating class ids, then add support for making firewall changes depending on it, to implement a per-service firewall
* core/cgroup: support net_cls modules, and support automatically allocating class ids, then add support for making firewall changes depending on it, to implement a per-service firewall
-* bus-proxy: reload policy when PID 1 reports a reload
-
* introduce systemd-nspawn-ephemeral@.service, and hook it into "machinectl start" with a new --ephemeral switch
* introduce systemd-nspawn-ephemeral@.service, and hook it into "machinectl start" with a new --ephemeral switch
-* logind,machined: add generic catch-all polkit verbs for most priviliged operations, similar to systemd itself
+* logind,machined: add generic catch-all polkit verbs for most privileged operations, similar to systemd itself
* "machinectl status" should also show internal logs of the container in question
* "machinectl status" should also show internal logs of the container in question