* In journalctl add a way how "-o verbose" and suchlike can be tweaked to show
only a specific set of properties
+* beef up pam_systemd to take unit file settings such as cgroups properties as
+ parameters
+
* export UID ranges nspawns's --private-user and DynamicUser= uses in
the systemd.pc pkg-config file, the same way we already expose the system
user boundary there
+* a new "systemd-analyze security" tool outputting a checklist of security
+ features a service does and does not implement
+
* Whenever we check a UID against the system UID range, also check for the
dynamic UID range
then use that for the setting used in user@.service. It should be understood
relative to the configured default value.
-* on cgroupsv2 add DelegateControllers=, to pick the precise cgroup controllers to delegate
-
* in networkd, when matching device types, fix up DEVTYPE rubbish the kernel passes to us
* enable LockMLOCK to take a percentage value relative to physical memory
prefixed with /sys generally special.
http://lists.freedesktop.org/archives/systemd-devel/2015-June/032962.html
-* man: document that unless you use StandardError=null the shell >/dev/stderr won't work in shell scripts in services
-
* fstab-generator: default to tmpfs-as-root if only usr= is specified on the kernel cmdline
* docs: bring http://www.freedesktop.org/wiki/Software/systemd/MyServiceCantGetRealtime up to date