Features:
-* make sure the ratelimit object can deal with USEC_INFINITY as way to turn off things
+* use phyical_memory() to allow MemoryLimit= configuration based on available system memory
+
+* ProtectKernelLogs= (drops CAP_SYSLOG, add seccomp for syslog() syscall, and DeviceAllow to /dev/kmsg) in service files
+
+* ProtectClock= (drops CAP_SYS_TIMES, adds seecomp filters for settimeofday, adjtimex), sets DeviceAllow o /dev/rtc
+
+* ProtectMount= (drop mount/umount/pivot_root from seccomp, disallow fuse via DeviceAllow, imply Mountflags=slave)
+
+* ProtectDevices= should also take iopl/ioperm/pciaccess away
-* maybe: pid1: replace cgroups agent transport by AF_UNIX/SOCK_DGRAM, so that
- we aren't hit by socket backlog exhaustion on the dbus AF_UNIX/SOCK_STREAM
- socket
+* ProtectKeyRing= to take keyring calls away
+
+* RestrictNamespaces= or so in services (taking away the ability to create namespaces, with setns, unshare, clone)
+
+* make sure the ratelimit object can deal with USEC_INFINITY as way to turn off things
* journalctl: make sure -f ends when the container indicated by -M terminates
* make sure resolved can be restarted without losing pushed-in dns config
-* fix https://github.com/systemd/systemd/pull/2890, this shouldn't be exported
- like this.
-
* journald: sigbus API via a signal-handler safe function that people may call
from the SIGBUS handler
* implement a per-service firewall based on net_cls
-* Port various tools to make use of verbs.[ch], where applicable
+* Port various tools to make use of verbs.[ch], where applicable: busctl,
+ bootctl, coredumpctl, hostnamectl, localectl, systemd-analyze, timedatectl
* hostnamectl: show root image uuid
* be more careful what we export on the bus as (usec_t) 0 and (usec_t) -1
-* unify dispatch table in systemctl_main() and friends
-
* rfkill,backlight: we probably should run the load tools inside of the udev rules so that the state is properly initialized by the time other software sees it
* After coming back from hibernation reset hibernation swap partition using the /dev/snapshot ioctl APIs