+* something pulls in pcre as shared object dependency into our daemons such as hostnamed.
+
+* allow implementation of InaccessibleDirectories=/ plus
+ ReadOnlyDirectories=... for whitelisting files for a service.
+
+* sd-bus:
+ - when kdbus doesn't take our message without memfds, try again with memfds
+ - implement monitor logic
+ - see if we can drop more message validation on the sending side
+ - add API to clone sd_bus_message objects
+ - systemd-bus-proxyd needs to enforce good old XML policy
+ - upload minimal kdbus policy into the kernel at boot
+ - kdbus: matches against source or destination pids for an "strace -p"-like feel. Problem: The PID info needs to be available in userspace too...
+ - longer term: priority inheritance
+ - check sender of response messages
+ - dbus spec updates:
+ - kdbus mapping
+ - NameLost/NameAcquired obsolete
+ - GVariant
+ - "const" properties (posted)
+ - port exit-on-idle logic to byebye ioctl
+ - update systemd.special(7) to mention that dbus.socket is only about the compatibility socket now
+ - allow updating attach flags during runtime
+ - pid1: peek into activating message when activating a service
+ - test bloom filter generation indexes
+
+* sd-event
+ - allow multiple signal handlers per signal?
+
+* in the final killing spree, detect processes from the root directory, and
+ complain loudly if they have argv[0][0] == '@' set.
+ https://bugzilla.redhat.com/show_bug.cgi?id=961044
+
+* Introduce a way how we can kill the main process of a service with KillSignal, but all processes with SIGKILL later on
+ https://bugzilla.redhat.com/show_bug.cgi?id=952634
+
+* maybe add a warning to the unit file parses where the access mode of unit files is nonsensical.
+
+* investigate endianness issues of UUID vs. GUID
+
+* dbus: when a unit failed to load (i.e. is in UNIT_ERROR state), we
+ should be able to safely try another attempt when the bus call LoadUnit() is invoked.
+
+* add a pam module that passes the hdd passphrase into the PAM stack and then expires it, for usage by gdm auto-login.
+
+* add a pam module that on password changes updates any LUKS slot where the password matches
+
+* maybe add a generator that looks for "systemd.run=" on the kernel cmdline for container usercases...
+
+* timedatctl, localectl: possibly make some commands work without the daemon, for chroot situations...
+
+* timedatectl: print a nicer message when enabling ntp fails because ntpd/chrony are not installed
+
+* cgtop: make cgtop useful in a container
+
+* test/:
+ - add 'set -e' to scripts in test/
+ - make stuff in test/ work with separate output dir