Features:
+* drop the TARGET_xxx stuff as far as possible
+
* logind: optionally, ignore idle-hint logic for autosuspend, block suspend as long as a session is around
* service: when killing a service with SIGKILL always kill all processes, even if for SIGTERM we only killed the main process
* exec: when deinitializating a tty device fix the perms and group, too, not only when initializing. Set access mode/gid to 0620/tty.
-* udev: only reset mode/gid of /dev/tty1 and friends on ACTION=add, not ACTION=changed
-
* DeviceAllow/DeviceDeny: disallow everything by default, but whitelist /dev/zero, /dev/null and friends
* service: watchdog logic: for testing purposes allow ping, but do not require pong
"dropped %u messages" not only when we are about to print the next
message that works, but alraedy after a short tiemout
-* use C11 static_assert() where we currently use assert_cc()
-
* journald: also get thread ID from client, plus thread name
* check if we can make journalctl by default use --follow mode inside of less if called without args?
* Add a verbose mode to "systemctl start" and friends that explains what is being done or not done
-* "systemctl is-failed" to join "systemctl is-active" and "systemctl is-enabled".
-
* journal is not closed properly at shutdown when run in a container?
* All log messages generated from socket.c, service.c, ... should
* When shutdown.target is queued begin with an asynchronous sync()?
-* Add ConditionBatteryPower= or ConditionACPower=? (but definitely not both)
-
* add API to close/reopen/get fd for journal client fd in libsystemd-journal.
* maybe add API to send pairs of iovecs via sd_journal_send
* system-wide seccomp filter
-* ability to pass fds into systemd
-
* system.conf should have controls for cgroups
* bind mount read-only the cgroup tree higher than nspawn