TODO: sort

2025-01-10 05:18:17 +03:00 · 2015-11-16 15:05:00 +01:00 · 2015-11-16 15:05:00 +01:00 · e25b5a8d73
commit e25b5a8d73
parent ab32771aa0
1 changed files with 171 additions and 226 deletions
--- a/397
+++ b/397
@ -48,22 +48,14 @@ Features:
 * push CPUAffinity= also into the "cpuset" cgroup controller (only after the cpuset controller got ported to the unified hierarchy)
 * add a concept of RemainAfterExit= to scope units
 * add a new command "systemctl revert" or so, that removes all dropin
  snippets in /run and /etc, and all unit files with counterparts in
  /usr, and thus undoes what "systemctl set-property" and "systemctl
  edit" create. Maybe even add "systemctl revert -a" to do this for
  all units.
 * sd-event: maybe add support for inotify events
 * PID 1 should send out sd_notify("WATCHDOG=1") messages (for usage in the --user mode, and when run via nspawn)
 * nspawn should send out sd_notify("WATCHDOG=1") messages
 * nspawn should optionally support receiving WATCHDOG=1 messages from its payload PID 1...
 * consider throwing a warning if a service declares it wants to be "Before=" a .device unit.
 * "systemctl edit" should know a mode to create a new unit file
@ -73,62 +65,17 @@ Features:
  prefixed with /sys generally special.
  http://lists.freedesktop.org/archives/systemd-devel/2015-June/032962.html
 * nspawn: fix logic always print a final newline on output.
  https://github.com/systemd/systemd/pull/272#issuecomment-113153176
 * man: document that unless you use StandardError=null the shell >/dev/stderr won't work in shell scripts in services
 * "systemctl daemon-reload" should result in /etc/systemd/system.conf being reloaded by systemd
 * install: include generator dirs in unit file search paths
 * logind: follow PropertiesChanged state more closely, to deal with quick logouts and relogins
 * invent a better systemd-run scheme for naming scopes, that works with remoting
 * add journalctl -H that talks via ssh to a remote peer and passes through binary logs data
 * change journalctl -M to acquire fd to journal directory via machined, and then operate on that via openat() instead of absolute paths
 * add a version of --merge which also merges /var/log/journal/remote
 * log accumulated resource usage after each service invocation
 * nspawn: a nice way to boot up without machine id set, so that it is set at boot automatically for supporting --ephemeral. Maybe hash the host machine id together with the machine name to generate the machine id for the container
 * logind: rename session scope so that it includes the UID. THat way
  the session scope can be arranged freely in slices and we don't have
  make assumptions about their slice anymore.
 * journalctl: -m should access container journals directly by enumerating them via machined, and also watch containers coming and going. Benefit: nspawn --ephemeral would start working nicely with the journal.
 * nspawn: don't copy /etc/resolv.conf from host into container unless we are in shared-network mode
 * nspawn: optionally automatically add FORWARD rules to iptables whenever nspawn is running, remove them when shut down.
 * importd: generate a nice warning if mkfs.btrfs is missing
 * nspawn: add a logic for cleaning up read-only, hidden container images in /var/lib/machines that are not ancestors of any non-hidden containers
 * nspawn: Improve error message when --bind= is used on a non-existing source directory
 * nspawn: maybe make copying of /etc/resolv.conf optional, and skip it if --read-only is used
 * man: document how update dkr images works with machinectl
  http://lists.freedesktop.org/archives/systemd-devel/2015-February/028630.html
 * nspawn: as soon as networkd has a bus interface, hook up --network-interface=, --network-bridge= with networkd, to trigger netdev creation should an interface be missing
 * rework C11 utf8.[ch] to use char32_t instead of uint32_t when referring
  to unicode chars, to make things more expressive.
 * "machinectl migrate" or similar to copy a container from or to a
  difference host, via ssh
 * tmpfiles: creating new directories/subvolumes/fifos/device nodes
  should not follow symlinks. None of the other adjustment or creation
  calls follow symlinks.
 * fstab-generator: default to tmpfs-as-root if only usr= is specified on the kernel cmdline
 * docs: bring http://www.freedesktop.org/wiki/Software/systemd/MyServiceCantGetRealtime up to date
@ -145,84 +92,21 @@ Features:
 * Maybe add support for the equivalent of "ethtool advertise" to .link files?
  http://lists.freedesktop.org/archives/systemd-devel/2015-April/030112.html
 * .timer units should optionally support CLOCK_BOOTTIME in addition to CLOCK_MONOTONIC
 * When logging about multiple units (stopping BoundTo units, conflicts, etc.),
  log both units as UNIT=, so that journalctl -u triggers on both.
 * to allow "linking" of nspawn containers, extend --network-bridge= so
  that it can dynamically create bridge interfaces that are refcounted
  by the containers on them. For each group of containers to link together
 * journalctl --verify: don't show files that are currently being
  written to as FAIL, but instead show that their are being written
  to.
 * assign MESSAGE_ID to log messages about failed services
 * coredump: make the handler check /proc/$PID/rlimits for RLIMIT_CORE,
  and supress coredump if turned off. Then change RLIMIT_CORE to
  infinity by default for all services. This then allows per-service
  control of coredumping.
 * generate better errors when people try to set transient properties
  that are not supported...
  http://lists.freedesktop.org/archives/systemd-devel/2015-February/028076.html
 * maybe introduce WantsMountsFor=? Usecase:
  http://lists.freedesktop.org/archives/systemd-devel/2015-January/027729.html
 * The udev blkid built-in should expose a property that reflects
  whether media was sensed in USB CF/SD card readers. This should then
  be used to control SYSTEMD_READY=1/0 so that USB card readers aren't
  picked up by systemd unless they contain a medium. This would mirror
  the behaviour we already have for CD drives.
 * nspawn: emulate /dev/kmsg using CUSE and turn off the syslog syscall
  with seccomp. That should provide us with a useful log buffer that
  systemd can log to during early boot, and disconnect container logs
  from the kernel's logs.
 * networkd/udev: implement SR_IOV configuration in .link files:
  http://lists.freedesktop.org/archives/systemd-devel/2015-January/027451.html
 * Set RLIMIT_NPROC for systemd-journal-xyz, and all other of our
  services that run under their own user ids, and use User= (but only
  in a world where userns is ubiquitous since otherwise we cannot
  invoke those daemons on the host AND in a container anymore). Also,
  if LimitNPROC= is used without User= we should warn and refuse
  operation.
 * logind: maybe allow configuration of the StopTimeout for session scopes
 * Set NoNewPrivileges= on all of our own services, where that makes sense
 * Rework systemctl's GetAll property parsing to use the generic bus_map_all_properties() API
 * rework journald sigbus stuff to use mutex
 * import-dkr: support tarsum checksum verification, if it becomes reality one day...
 * import-dkr: convert json bits to nspawn configuration
 * core/cgroup: support net_cls modules, and support automatically allocating class ids, then add support for making firewall changes depending on it, to implement a per-service firewall
 * introduce systemd-nspawn-ephemeral@.service, and hook it into "machinectl start" with a new --ephemeral switch
 * "machinectl status" should also show internal logs of the container in question
 * "machinectl list-images" should show os-release data, as well as machine-info data (including deployment level)
 * Port various tools to make use of verbs.[ch], where applicable
 * "machinectl history"
 * "machinectl diff"
 * "machinectl commit" that takes a writable snapshot of a tree, invokes a shell in it, and marks it read-only after use
 * systemd-nspawn -x should support ephemeral instances of gpt images
 * hostnamectl: show root image uuid
 * sysfs set api in libudev is not const
@ -235,15 +119,6 @@ Features:
  ensure deterministic behaviour if two unit files conflict (like DMs
  do, for example)
 * resolved should optionally register additional per-interface LLMNR
  names, so that for the container case we can establish the same name
  (maybe "host") for referencing the server, everywhere.
 * systemd-journal-upload (or a new, related tool): allow pushing out
  journal messages onto the network in BSD syslog protocol,
  continuously. Default to some link-local IP mcast group, to make this
  useful as a one-stop debugging tool.
 * synchronize console access with BSD locks:
  http://lists.freedesktop.org/archives/systemd-devel/2014-October/024582.html
@ -263,12 +138,8 @@ Features:
 * firstboot: make it useful to be run immediately after yum --installroot to set up a machine. (most specifically, make --copy-root-password work even if /etc/passwd already exists
 * timesyncd + resolved: add ugly bus calls to set NTP and DNS servers per-interface, for usage by NM
 * add infrastructure to allocate dynamic/transient users and UID ranges, for use in user-namespaced containers, per-seat gdm login screens and gdm guest sessions
 * machined: add an API so that libvirt-lxc can inform us about network interfaces being removed or added to an existing machine
 * maybe add support for specifier expansion in user.conf, specifically DefaultEnvironment=
 * introduce systemd-timesync-wait.service or so to sync on an NTP fix?
@ -277,8 +148,6 @@ Features:
 * consider showing the unit names during boot up in the status output, not just the unit descriptions
 * dhcp: do we allow configuring dhcp routes on interfaces that are not the one we got the dhcp info from?
 * maybe allow timer units with an empty Units= setting, so that they
  can be used for resuming the system but nothing else.
@ -288,12 +157,8 @@ Features:
 * maybe support a new very "soft" reboot mode, that simply kills all processes, disassembles everything, flushes /run and sysvipc, and then reexecs systemd again
 * man: document that corrupted journal files is nothing to act on
 * man: maybe use the word "inspect" rather than "introspect"?
 * "machinectl list" should probably show columns for OS version and IP addresses
 * systemctl: if some operation fails, show log output?
 * systemctl edit:
@ -301,10 +166,10 @@ Features:
 - use equvalent of cat() to insert existing config as a comment, prepended with #.
  Upon editor exit, lines with one # are removed, lines with two # are left with one #, etc.
 * refcounting in sd-resolve is borked
 * exponential backoff in timesyncd and resolved when we cannot reach a server
 * timesyncd + resolved: add ugly bus calls to set NTP and DNS servers per-interface, for usage by NM
 * extract_many_words() should probably be used by a lot of code that
  currently uses FOREACH_WORD and friends. For example, most conf
  parsing callbacks should use it.
@ -317,24 +182,6 @@ Features:
 * add systemd.abort_on_kill or some other such flag to send SIGABRT instead of SIGKILL
  (throughout the codebase, not only PID1)
 * networkd:
  - add LLDP client side support
  - the DHCP lease data (such as NTP/DNS) is still made available when
    a carrier is lost on a link. It should be removed instantly.
  - expose in the API the following bits:
        - option 15, domain name and/or option 119, search list
        - option 12, host name and/or option 81, fqdn
        - option 123, 144, geolocation
        - option 252, configure http proxy (PAC/wpad)
  - provide a way to define a per-network interface default metric value
    for all routes to it. possibly a second default for DHCP routes.
  - allow Name= to be specified repeatedly in the [Match] section. Maybe also
    support Name=foo*|bar*|baz ?
  - duplicate address check for static IPs (like ARPCHECK in network-scripts)
  - allow DUID/IAID to be customized, see issue #394.
  - support configuration option for TSO (tcp segmentation offload)
  - networkd: whenever uplink info changes, make DHCP server send out FORCERENEW
 * resolved:
  - put networkd events and rtnl events at a higher priority, so that
    we always process them before we process client requests
@ -350,8 +197,11 @@ Features:
           announce dname support. However, for DNSSEC it is necessary as the synthesized cname
           will not be signed.
  - cname on PTR (?)
  - resolved should optionally register additional per-interface LLMNR
    names, so that for the container case we can establish the same name
    (maybe "host") for referencing the server, everywhere.
-* Allow multiple ExecStart= for all Type= settings, so that we can cover rescue.service nicely
+* refcounting in sd-resolve is borked
 * Add a new verb "systemctl top"
@ -376,14 +226,8 @@ Features:
 * Run most system services with cgroupfs read-only and procfs with a more secure mode (doesn't work, since the hidepid= option is per-pid-namespace, not per-mount)
 * sd-event: generate a failure of a default event loop is executed out-of-thread
 * add bus api to query unit file's X fields.
 * consider adding RuntimeDirectoryUser= + RuntimeDirectoryGroup=
 * sd-event: define more intervals where we will shift wakeup intervals around in, 1h, 6h, 24h, ...
 * gpt-auto-generator:
  - Support LUKS for root devices
  - Define new partition type for encrypted swap? Support probed LUKS for encrypted swap?
@ -434,8 +278,6 @@ Features:
 * when we detect low battery and no AC on boot, show pretty splash and refuse boot
 * machined, localed: when we try to kill an empty cgroup, generate an ESRCH error over the bus
 * libsystemd-journal, libsystemd-login, libudev: add calls to easily attach these objects to sd-event event loops
 * be more careful what we export on the bus as (usec_t) 0 and (usec_t) -1
@ -493,6 +335,9 @@ Features:
 * sd-event
  - allow multiple signal handlers per signal?
  - document chaining of signal handler for SIGCHLD and child handlers
  - define more intervals where we will shift wakeup intervals around in, 1h, 6h, 24h, ...
  - generate a failure of a default event loop is executed out-of-thread
  - maybe add support for inotify events
 * in the final killing spree, detect processes from the root directory, and
  complain loudly if they have argv[0][0] == '@' set.
@ -537,14 +382,10 @@ Features:
 * systemd-inhibit: make taking delay locks useful: support sending SIGINT or SIGTERM on PrepareForSleep()
 * journal-or-kmsg is currently broken? See reverted commit 4a01181e460686d8b4a543b1dfa7f77c9e3c5ab8.
 * remove any syslog support from log.c -- we probably cannot do this before split-off udev is gone for good
 * shutdown logging: store to EFI var, and store to USB stick?
 * write UI tool that pops up emergency messages from the journal as notification
 * think about window-manager-run-as-user-service problem: exit 0 → activate shutdown.target; exit != 0 → restart service
 * merge unit_kill_common() and unit_kill_context()
@ -587,6 +428,12 @@ Features:
    probably reduce the capability set it retains substantially.
    (we need CAP_SYS_ADMIN for drmSetMaster(), so maybe not worth it)
  - expose orientation sensors and tablet mode through logind
  - maybe allow configuration of the StopTimeout for session scopes
  - rename session scope so that it includes the UID. THat way
    the session scope can be arranged freely in slices and we don't have
    make assumptions about their slice anymore.
  - follow PropertiesChanged state more closely, to deal with quick logouts and
    relogins
 * exec: when deinitializating a tty device fix the perms and group, too, not only when initializing. Set access mode/gid to 0620/tty.
@ -641,6 +488,32 @@ Features:
    lazily. Encode just enough information in the file name, so that we
    do not have to open it to know that it is not interesting for us, for
    the most common operations.
  - journal-or-kmsg is currently broken? See reverted
    commit 4a01181e460686d8b4a543b1dfa7f77c9e3c5ab8.
  - man: document that corrupted journal files is nothing to act on
  - systemd-journal-upload (or a new, related tool): allow pushing out
    journal messages onto the network in BSD syslog protocol,
    continuously. Default to some link-local IP mcast group, to make this
    useful as a one-stop debugging tool.
  - rework journald sigbus stuff to use mutex
  - Set RLIMIT_NPROC for systemd-journal-xyz, and all other of our
    services that run under their own user ids, and use User= (but only
    in a world where userns is ubiquitous since otherwise we cannot
    invoke those daemons on the host AND in a container anymore). Also,
    if LimitNPROC= is used without User= we should warn and refuse
    operation.
  - journalctl --verify: don't show files that are currently being
    written to as FAIL, but instead show that their are being written to.
  - add journalctl -H that talks via ssh to a remote peer and passes through
    binary logs data
  - change journalctl -M to acquire fd to journal directory via machined, and
    then operate on that via openat() instead of absolute paths
  - add a version of --merge which also merges /var/log/journal/remote
  - log accumulated resource usage after each service invocation
  - journalctl: -m should access container journals directly by enumerating
    them via machined, and also watch containers coming and going.
    Benefit: nspawn --ephemeral would start working nicely with the journal.
  - assign MESSAGE_ID to log messages about failed services
 * document:
  - document that deps in [Unit] sections ignore Alias= fields in
@ -685,8 +558,6 @@ Features:
 * add libsystemd-password or so to query passwords during boot using the password agent logic
 * If we show an error about a unit (such as not showing up) and it has no Description string, then show a description string generated form the reverse of unit_name_mangle().
 * clean up date formatting and parsing so that all absolute/relative timestamps we format can also be parsed
 * on shutdown: move utmp, wall, audit logic all into PID 1 (or logind?), get rid of systemd-update-utmp-runlevel
@ -699,7 +570,62 @@ Features:
 * currently x-systemd.timeout is lost in the initrd, since crypttab is copied into dracut, but fstab is not
 * nspawn:
-  - refuses to boot containers without /etc/machine-id (OK?), and with empty /etc/machine-id (not OK).
+  - to allow "linking" of nspawn containers, extend --network-bridge= so
    that it can dynamically create bridge interfaces that are refcounted
    by the containers on them. For each group of containers to link together
  - refuses to boot containers without /etc/machine-id (OK?), and with empty
    /etc/machine-id (not OK).
  - nspawn -x should support ephemeral instances of gpt images
  - emulate /dev/kmsg using CUSE and turn off the syslog syscall
    with seccomp. That should provide us with a useful log buffer that
    systemd can log to during early boot, and disconnect container logs
    from the kernel's logs.
  - as soon as networkd has a bus interface, hook up --network-interface=,
    --network-bridge= with networkd, to trigger netdev creation should an
    interface be missing
  - don't copy /etc/resolv.conf from host into container unless we are in
    shared-network mode
  - a nice way to boot up without machine id set, so that it is set at boot
    automatically for supporting --ephemeral. Maybe hash the host machine id
    together with the machine name to generate the machine id for the container
  - fix logic always print a final newline on output.
    https://github.com/systemd/systemd/pull/272#issuecomment-113153176
  - should optionally support receiving WATCHDOG=1 messages from its payload
    PID 1...
  - should send out sd_notify("WATCHDOG=1") messages
  - optionally automatically add FORWARD rules to iptables whenever nspawn is
    running, remove them when shut down.
  - add a logic for cleaning up read-only, hidden container images in
    /var/lib/machines that are not ancestors of any non-hidden containers
  - Improve error message when --bind= is used on a non-existing source
    directory
  - maybe make copying of /etc/resolv.conf optional, and skip it if --read-only
    is used
 * machined:
  - "machinectl list" should probably show columns for OS version and IP
    addresses
  - add an API so that libvirt-lxc can inform us about network interfaces being
    removed or added to an existing machine
  - "machinectl migrate" or similar to copy a container from or to a
    difference host, via ssh
  - man: document how update dkr images works with machinectl
    http://lists.freedesktop.org/archives/systemd-devel/2015-February/028630.html
  - introduce systemd-nspawn-ephemeral@.service, and hook it into
    "machinectl start" with a new --ephemeral switch
  - "machinectl status" should also show internal logs of the container in
    question
  - "machinectl list-images" should show os-release data, as well as
    machine-info data (including deployment level)
  - "machinectl history"
  - "machinectl diff"
  - "machinectl commit" that takes a writable snapshot of a tree, invokes a
    shell in it, and marks it read-only after use
 * importd:
  - dkr: support tarsum checksum verification, if it becomes reality one day...
  - dkr: convert json bits to nspawn configuration
  - generate a nice warning if mkfs.btrfs is missing
 * cryptsetup:
  - cryptsetup-generator: allow specification of passwords in crypttab itself
@ -710,40 +636,16 @@ Features:
 * hw watchdog: optionally try to use the preset watchdog timeout instead of always overriding it
  https://bugs.freedesktop.org/show_bug.cgi?id=54712
 * after deserializing sockets in socket.c we should reapply sockopts and things
 * make timer units go away after they elapsed
 * move PID 1 segfaults to /var/lib/systemd/coredump?
 * create /sbin/init symlinks from the build system
 * allow writing multiple conditions in unit files on one line
 * MountFlags=shared acts as MountFlags=slave right now.
 * drop PID 1 reloading, only do reexecing (difficult: Reload()
  currently is properly synchronous, Reexec() is weird, because we
  cannot delay the response properly until we are back, so instead of
  being properly synchronous we just keep open the fd and close it
  when done. That means clients do not get a successful method reply,
  but much rather a disconnect on success.
 * properly handle loop back mounts via fstab, especially regards to fsck/passno
 * initialize the hostname from the fs label of /, if /etc/hostname does not exist?
 * rename "userspace" to "core-os"
 * load-fragment: when loading a unit file via a chain of symlinks
  verify that it is not masked via any of the names traversed.
 * introduce Type=pid-file
 * when breaking cycles drop sysv services first, then services from /run, then from /etc, then from /usr
 * ExecOnFailure=/usr/bin/foo
 * udev:
  - move to LGPL
  - kill scsi_id
@ -752,13 +654,17 @@ Features:
 * when a service has the same env var set twice we actually store it twice and return that in systemctl show -p... We should only show the last setting
 * introduce mix of BindTo and Requisite
 * There's currently no way to cancel fsck (used to be possible via C-c or c on the console)
 * add option to sockets to avoid activation. Instead just drop packets/connections, see http://cyberelk.net/tim/2012/02/15/portreserve-systemd-solution/
-* save coredump in Windows/Mozilla minidump format
+* coredump:
  - save coredump in Windows/Mozilla minidump format
  - move PID 1 segfaults to /var/lib/systemd/coredump?
  - make the handler check /proc/$PID/rlimits for RLIMIT_CORE,
    and supress coredump if turned off. Then change RLIMIT_CORE to
    infinity by default for all services. This then allows per-service
    control of coredumping.
 * support crash reporting operation modes (https://live.gnome.org/GnomeOS/Design/Whiteboards/ProblemReporting)
@ -767,31 +673,16 @@ Features:
 * be able to specify a forced restart of service A where service B depends on, in case B
  needs to be auto-respawned?
 * when a bus name of a service disappears from the bus make sure to queue further activation requests
 * tmpfiles:
  - apply "x" on "D" too (see patch from William Douglas)
  - replace F with f+.
  - instead of ignoring unknown fields, reject them.
-
+  - creating new directories/subvolumes/fifos/device nodes
-* for services: do not set $HOME in services unless requested
+    should not follow symlinks. None of the other adjustment or creation
-
+    calls follow symlinks.
 * hide PAM options in fragment parser when compile time disabled
 * when we automatically restart a service, ensure we restart its rdeps, too.
 * allow Type=simple with PIDFile=
  https://bugzilla.redhat.com/show_bug.cgi?id=723942
 * move PAM code into its own binary
 * implement Register= switch in .socket units to enable registration
  in Avahi, RPC and other socket registration services.
 * make sure systemd-ask-password-wall does not shutdown systemd-ask-password-console too early
 * add ReloadSignal= for configuring a reload signal to use
 * verify that the AF_UNIX sockets of a service in the fs still exist
  when we start a service in order to avoid confusion when a user
  assumes starting a service is enough to make it accessible
@ -801,8 +692,6 @@ Features:
 * and a dbus call to generate target from current state
 * GC unreferenced jobs (such as .device jobs)
 * write blog stories about:
  - hwdb: what belongs into it, lsusb
  - enabling dbus services
@ -823,20 +712,59 @@ Features:
  - instantiated apache, dovecot and so on
  - hooking a script into various stages of shutdown/rearly booot
 * allow port=0 in .socket units
 * recreate systemd's D-Bus private socket file on SIGUSR2
 * Support --test based on current system state
 * investigate whether the gnome pty helper should be moved into systemd, to provide cgroup support.
 * maybe introduce ExecRestartPre=
 * dot output for --test showing the 'initial transaction'
 * fingerprint.target, wireless.target, gps.target, netdevice.target
 * pid1:
  - .timer units should optionally support CLOCK_BOOTTIME in addition to CLOCK_MONOTONIC
  - When logging about multiple units (stopping BoundTo units, conflicts, etc.),
    log both units as UNIT=, so that journalctl -u triggers on both.
  - generate better errors when people try to set transient properties
    that are not supported...
    http://lists.freedesktop.org/archives/systemd-devel/2015-February/028076.html
  - maybe introduce WantsMountsFor=? Usecase:
    http://lists.freedesktop.org/archives/systemd-devel/2015-January/027729.html
  - recreate systemd's D-Bus private socket file on SIGUSR2
  - GC unreferenced jobs (such as .device jobs)
  - move PAM code into its own binary
  - when we automatically restart a service, ensure we restart its rdeps, too.
  - for services: do not set $HOME in services unless requested
  - hide PAM options in fragment parser when compile time disabled
  - Support --test based on current system state
  - If we show an error about a unit (such as not showing up) and it has no Description string, then show a description string generated form the reverse of unit_name_mangle().
  - after deserializing sockets in socket.c we should reapply sockopts and things
  - make timer units go away after they elapsed
  - drop PID 1 reloading, only do reexecing (difficult: Reload()
    currently is properly synchronous, Reexec() is weird, because we
    cannot delay the response properly until we are back, so instead of
    being properly synchronous we just keep open the fd and close it
    when done. That means clients do not get a successful method reply,
    but much rather a disconnect on success.
  - when breaking cycles drop sysv services first, then services from /run, then from /etc, then from /usr
  - when a bus name of a service disappears from the bus make sure to queue further activation requests
 * unit files:
  - allow port=0 in .socket units
  - maybe introduce ExecRestartPre=
  - add ReloadSignal= for configuring a reload signal to use
  - implement Register= switch in .socket units to enable registration
    in Avahi, RPC and other socket registration services.
  - allow Type=simple with PIDFile=
    https://bugzilla.redhat.com/show_bug.cgi?id=723942
  - allow writing multiple conditions in unit files on one line
  - load-fragment: when loading a unit file via a chain of symlinks
    verify that it is not masked via any of the names traversed.
  - introduce Type=pid-file
  - ExecOnFailure=/usr/bin/foo
  - introduce mix of BindTo and Requisite
  - add a concept of RemainAfterExit= to scope units
  - Set NoNewPrivileges= on all of our own services, where that makes sense
  - Allow multiple ExecStart= for all Type= settings, so that we can cover rescue.service nicely
  - consider adding RuntimeDirectoryUser= + RuntimeDirectoryGroup=
 * systemd-python:
   - figure out a simple way to wait for journal events in a way that
     works with ^C
@ -868,6 +796,23 @@ Features:
   - add more attribute support for SIT tunnel
   - work with non-Ethernet devices
   - add support for more bond options
   - dhcp: do we allow configuring dhcp routes on interfaces that are not the one we got the dhcp info from?
   - add LLDP client side support
   - the DHCP lease data (such as NTP/DNS) is still made available when
     a carrier is lost on a link. It should be removed instantly.
   - expose in the API the following bits:
         - option 15, domain name and/or option 119, search list
         - option 12, host name and/or option 81, fqdn
         - option 123, 144, geolocation
         - option 252, configure http proxy (PAC/wpad)
   - provide a way to define a per-network interface default metric value
     for all routes to it. possibly a second default for DHCP routes.
   - allow Name= to be specified repeatedly in the [Match] section. Maybe also
     support Name=foo*|bar*|baz ?
   - duplicate address check for static IPs (like ARPCHECK in network-scripts)
   - allow DUID/IAID to be customized, see issue #394.
   - support configuration option for TSO (tcp segmentation offload)
   - whenever uplink info changes, make DHCP server send out FORCERENEW
 * networkd-wait-online:
   - make operstates to wait for configurable?