+* if pam_systemd is invoked by su from a process that is outside of a
+ any session we should probably just become a NOP, since that's
+ usually not a real user session but just some system code that just
+ needs setuid().
+
+* add a pam module that passes the hdd passphrase into the PAM stack and then expires it, for usage by gdm auto-login.
+
+* add a pam module that on password changes updates any LUKS slot where the password matches
+
+* maybe add a generator that looks for "systemd.run=" on the kernel cmdline for container usercases...
+
+* timedatctl, localectl: possibly make some commands work without the daemon, for chroot situations...
+
+* nspawn: expose init PID, UUID, root directory as cgroup EAs. names should be: 'user.machine_id', 'user.init_pid', 'user.root_directory'.
+
+* logind: consider making suspend inhibitor locks non-session specific, but keep suspend-key inhibitor locks session specific
+
+* logind: add Suspend() bus calls which take timestamps to fix double suspend issues when somebody hits suspend and closes laptop quickly.
+
+* we need dynamic units
+
+* nss-myhostname should also resolve 'localhost' so that /etc/hosts becomes optional.
+
+* add s.th. like "systemctl set-log-level debug"
+
+* sd-login: allow enumerating machines and add inotify iface
+
+* move session owner code from sd-login.c to cgroup-util.c
+
+* cgroup-util: verify syntax of cgroup controllers
+
+* cgtop: make cgtop useful in a container
+
+* make sure cg_pid_get_path() works properly for co-mounted controllers
+
+* nspawn: ensure syntax of --uuid= argument is correct
+
+* explicitly disallow changing the cgroup path of units in the
+ name=systemd hierarchy, unless it is outside of /system
+
+* add 'set -e' to scripts in test/
+* make test in test/ work with separate output dir
+
+* suppress log output on shutdown when "quiet" is used
+
+* systemctl delete x.snapshot leaves no trace in logs (at least at default level).
+
+* make the coredump collector tool move itself into the user's cgroup
+ so that the coredump is properly written to the user's own journal
+ file.
+
+* move /usr/lib/modules/$(uname -r)/modules.devname parsing from udevd to
+ kmod static-nodes
+ call kmod as an early service, and drop CAP_MKNOD from udevd.service
+
+* systemd-delta needs to be made aware of *.d/*.conf drop-in files for
+ units.
+
+* seems that when we follow symlinks to units we prefer the symlink
+ destination path over /etc and /usr. We shouldn't do that. Instead
+ /etc should always override /run+/usr and also any symlink
+ destination.
+
+* remove duplicate default deps logic from fstab-generator vs. mount.c
+
+* when isolating, try to figure out a way how we implicitly can order
+ all units we stop before the isolating unit...
+
+* teach udev + logind's uaccess to somehow handle the "dead" device nodes from:
+ /lib/modules/$(uname -r)/modules.devname
+ and apply ACLs to them if they have TAG=="uaccess" in udev rules.
+
+* matching against units is currently broken in journalctl. We really
+ need another AND level in the expressions,
+ i.e. sd_journal_add_conjunction().
+
+* add ConditionArchitecture= or so
+
+* teach ConditionKernelCommandLine= globs or regexes (in order to match foobar={no,0,off})
+
+* we should log capabilities too
+
+* Support SO_REUSEPORT with socket activation:
+ - Let systemd maintain a pool of servers.
+ - Use for seamless upgrades, by running the new server before stopping the
+ old.
+
+* after all byte-wise realloc() is slow, even on glibc, so i guess we
+ need manual exponential loops after all
+
+* BootLoaderSpec: drop allowing ext234 for $BOOT. Clarify that the
+ kernel has to be in $BOOT. Clarify that the boot loader should be
+ installed to the ESP. Define a way how an installer can figure out
+ whether a BLS compliant boot loader is installed.
+
+* man: remove .include documentation, and instead push people to use .d/*.conf
+
+* disallow .include from included files
+
+* safe_atod() is too naive, as it is vulnerable to locale parameters, should be locale independent.
+
+* think about requeuing jobs when daemon-reload is issued? usecase:
+ the initrd issues a reload after fstab from the host is accessible
+ and we might want to requeue the mounts local-fs acquired through
+ that automatically.
+
+* neither pkexec nor sudo initialize environ[] from the PAM environment?
+