[thirdparty/systemd.git] / TODO

Bugfixes:
* check systemd-tmpfiles for selinux context hookup for mknod(), symlink() and similar

* swap units that are activated by one name but shown in the kernel under another are semi-broken

* Dangling symlinks of .automount unit files in .wants/ directories, set up
  automount points even when the original .automount file did not exist
  anymore. Only the .mount unit was still around.

* make polkit checks async

* properly handle .mount unit state tracking when two mount points are stacked one on top of another on the exact same mount point.

* stop importing kernel exported env variables. The utterly broken logic in
  the kernel exports every kernel command line option which is not recognized
  as a built-in module option as an env variable. Systemd should not pass-on
  that nonsense, a kernel command line option is a command line option not an
  env variable:
    $ cat /proc/252/environ
    initrd=\6a9857a393724b7a981ebb5b8495b9ea\3.10.0-2.fc20.x86_64\initrd

Fedora 19:

* external: maybe it is time to patch procps so that "ps" links to
  libsystemd-logind to print a pretty service name, seat name, session
  name in its output. Currently it only shows cgroup membership, but
  that's sometimes kinda hard to parse for a human.

* cgroup attrs:
  - update dbus interface docs in wiki

* localed:
  - localectl: support new converted x11→console keymaps

* when installing fedora with yum --installroot /var/run is a directory, not a symlink

CGroup Rework Completion:

* introduce "mainpid" for scopes

* implement system-wide DefaultCPUAccounting=1 switch (and similar for blockio, memory?)

* implement per-slice CPUFairScheduling=1 switch

* handle jointly mounted controllers correctly

* logind: implement session kill exceptions

* make BlockIODeviceWeight=, BlockIODeviceBandwidth= runtime settable

* introduce high-level settings for RT budget, swappiness

* man: document new bus apis

* Send SIGHUP and SIGTERM in session scopes

Features:

* when parsing calendar timestamps support the UTC timezone (even if we won't support arbitrary timezone specs, support UTC itself certainly makes sense), also support syntaxes such as +0200

* journalctl: add an output mode that looks like classic /var/log/messages, but also outputs the cursor of the last entry so that people can write scripts that can run iteratively and always process data that has been added since the last time.

* when a kernel driver logs in a tight loop we should ratelimit that too.

* journald: optionally, when messages with a high log prioerity are logged, sync() immeidately.

* introduce %v resolving to the string returned by "uname -r"

* systemctl list-unit-files should list generated files (and probably with a new state "generated" for them, or so)

* Get rid of systemd-sysv:
  https://fedoraproject.org/wiki/User:Toshio/Systemd_Convert_draft

* do we really need both hasprefix() and startswith()?

* when a kernel driver logs in a tight loop we should ratelimit that too.

* journald: when we drop syslog messages because the syslog socket is
  full, make sure to write how many messages are lost as first thing
  to syslog when it works again.

* prohibit Restart= set with Type=oneshot

* man: the documentation of Restart= currently is very misleading and suggests the tools from ExecStartPre= might get restarted.

* load .d/*.conf dropins for device units

* move systemctl set-log-level to systemd-analyze?

* move "systemctl dump" to systemd-analyze

* add a fixed dbus path for "my own unit", "my own session", ... to PID1, logind, ...

* service_coldplug() appears to reinstall the wrong stop timeout watch?

* transient units: allow creating auxiliary units with the same call

* how to reset dynamically changed attributes sanely?

* when reloading configuration, apply new cgroup configuration

* journald: make sure ratelimit is actually really per-service with the new cgroup changes

* libsystemd-logind: sd_session_is_active() and friends: verify
  validity of session name before appending it to a path

* gparted needs to disable auto-activation of mount units somehow, or
  maybe we should stop doing auto-activiation of this after boot
  entirely. https://bugzilla.gnome.org/show_bug.cgi?id=701676

* when a service changes state make reflect that in the
  RUNNING/LISTENING states of its socket

* when recursively showing the cgroup hierarchy, optionally also show
  the hierarchies of child processes

* document logic of auto/noauto and fail/nofail in fstab in systemd.mount or systemd-fstab-generator man page

* we should properly escape ssh hostnames we add into dbus server strings

* something pulls in pcre as so dep into our daemons such as hostnamed.

* cgroup-agent: downgrade error messages

* document systemd-journal-flush.service properly

* chane systemd-journal-flush into a service that stays around during
  boot, and causes the journal to be moved back to /run on shutdown,
  so that we don't keep /var busy. This needs to happen synchronously,
  hence doing this via signals is not going to work.

* allow implementation of InaccessibleDirectories=/ plus
  ReadOnlyDirectories=... for whitelisting files for a service.

* libsystemd-journal:
  - return ECHILD as soon as somebody tries to reuse a journal object across a fork()

* libsystemd-bus:
  - default policy (allow uid == 0 and our own uid)
  - enforce alignment of pointers passed in
  - when kdbus doesn't take our message without memfds, try again with memfds
  - implement translator service
  - port systemd to new library
  - implement busname unit type in systemd
  - move to gvariant
  - merge busctl into systemctl or so?
  - synthesize sd_bus_message objects from kernel messages
  - properly implement name registry ioctls for kdbus
  - get rid of object hash table, use decision tree everyhwere instead?
  - implement monitor logic
  - object vtable logic
  - longer term:
    * priority queues
    * priority inheritance

* in the final killing spree, detect processes from the root directory, and
  complain loudly if they have argv[0][0] == '@' set.
  https://bugzilla.redhat.com/show_bug.cgi?id=961044

* add an option to nspawn that uses seccomp to make socket(AF_NETLINK,
  SOCK_RAW, NETLINK_AUDIT) fail the the appropriate error code that
  makes the audit userspace to think auditing is not available in the
  kernel.

* Introduce a way how we can kill the main process of a service with KillSignal, but all processes with SIGKILL later on
  https://bugzilla.redhat.com/show_bug.cgi?id=952634

* maybe add a warning to the unit file parses whern the acces mode of unit files is non-sensical.

* investigate endianess issues of UUID vs. GUID

* dbus: when a unit failed to load (i.e. is in UNIT_ERROR state), we
  should be able to safely try another attempt when the bus call LoadUnit() is invoked.

* if pam_systemd is invoked by su from a process that is outside of a
  any session we should probably just become a NOP, since that's
  usually not a real user session but just some system code that just
  needs setuid().

* add a pam module that passes the hdd passphrase into the PAM stack and then expires it, for usage by gdm auto-login.

* add a pam module that on password changes updates any LUKS slot where the password matches

* maybe add a generator that looks for "systemd.run=" on the kernel cmdline for container usercases...

* timedatctl, localectl: possibly make some commands work without the daemon, for chroot situations...

* logind: add Suspend() bus calls which take timestamps to fix double suspend issues when somebody hits suspend and closes laptop quickly.

* we need dynamic units

* cgtop: make cgtop useful in a container

* test/:
  - add 'set -e' to scripts in test/
  - make stuff in test/ work with separate output dir
  - remove all the duplicated code in test/

* suppress log output on shutdown when "quiet" is used

* systemctl delete x.snapshot leaves no trace in logs (at least at default level).

* make the coredump collector tool move itself into the user's cgroup
  so that the coredump is properly written to the user's own journal
  file.

* seems that when we follow symlinks to units we prefer the symlink
  destination path over /etc and /usr. We shouldn't do that. Instead
  /etc should always override /run+/usr and also any symlink
  destination.

* remove duplicate default deps logic from fstab-generator vs. mount.c

* when isolating, try to figure out a way how we implicitly can order
  all units we stop before the isolating unit...

* teach udev + logind's uaccess to somehow handle the "dead" device nodes from:
     /lib/modules/$(uname -r)/modules.devname
  and apply ACLs to them if they have TAG=="uaccess" in udev rules.

* add ConditionArchitecture= or so

* teach ConditionKernelCommandLine= globs or regexes (in order to match foobar={no,0,off})

* Support SO_REUSEPORT with socket activation:
  - Let systemd maintain a pool of servers.
  - Use for seamless upgrades, by running the new server before stopping the
    old.

* after all byte-wise realloc() is slow, even on glibc, so i guess we
  need manual exponential loops after all

* BootLoaderSpec: drop allowing ext234 for $BOOT. Clarify that the
  kernel has to be in $BOOT. Clarify that the boot loader should be
  installed to the ESP. Define a way how an installer can figure out
  whether a BLS compliant boot loader is installed.

* man: remove .include documentation, and instead push people to use .d/*.conf

* think about requeuing jobs when daemon-reload is issued? usecase:
  the initrd issues a reload after fstab from the host is accessible
  and we might want to requeue the mounts local-fs acquired through
  that automatically.

* rework specifier logic so that we can distuingish OOM errors from other errors

* systemd-inhibit: make taking delay locks useful: support sending SIGINT or SIGTERM on PrepareForSleep()

* journal-or-kmsg is currently broken? See reverted commit 4a01181e460686d8b4a543b1dfa7f77c9e3c5ab8.

* remove any syslog support from log.c -- we probably can't do this before split-off udev is gone for good

* documentation: recommend to connect the timer units of a service to the service via Also= in [Install]

* add a tool that lists active timer units plus their next elapstion and the time the units ran last

* man: document the very specific env the shutdown drop-in tools live in

* shutdown logging: store to EFI var, and store to USB stick?

* man: extend runlevel(8) to mention that runlevels suck, and are dead. Maybe  add runlevel(7) with a note about that too

* systemctl: maybe add "systemctl add-wants" or so...

* man: add more examples to man pages

* man: maybe sort directives in man pages, and take sections from --help and apply them to man too

* write UI tool that pops up emergency messages from the journal as notification

* think about window-manager-run-as-user-service problem: exit 0 → activate shutdown.target; exit != 0 → restart service

* msgcatalog determine default language of entries from the catalog
  file name. i.e. foobar.de_DE.catalog would set the default entry
  name for the entries to de_DE if they aren't explicitly suffixed
  individually.

* use "log level" rather than "log priority" everywhere

* timedate: have global on/off switches for auto-time (NTP), and auto-timezone that connman can subscribe to.

* Honour "-" prefix for InaccessibleDirectories= and ReadOnlyDirectories= to
  suppress errors of the specified path doesn't exist

* dev-setup.c: when running in a container, create a tiny stub udev
  database with the systemd tag set for all network interfaces found,
  so that libudev reports them as present, and systemd's .device units
  will be activated.

* merge unit_kill_common() and unit_kill_context()

* introduce ExecCondition= in services

* EFI:
  - fsck hookup for the ESP mount is missing
  - write man page for efi boot generator
  - honor language efi variables for default language selection (if there are any?)
  - honor timezone efi variables for default timezone selection (if there are any?)
  - introduce bootctl (backed by systemd-bootd) to control temporary and persistent default boot goal plus efi variables

* maybe do not install getty@tty1.service symlink in /etc but in /usr?

* re-enable "make check" for gtk-doc (broken for unknown reason)

* fstab: add new mount option x-systemd-after=/foobar/waldo to allow manual dependencies to other mount points
  https://bugzilla.redhat.com/show_bug.cgi?id=812826

* print a nicer explanation if people use variable/specifier expansion in ExecStart= for the first word

* mount: turn dependency information from /proc/self/mountinfo into dependency information between systemd units.

* logind:
  - logind: optionally, ignore idle-hint logic for autosuspend, block suspend as long as a session is around
  - When we update the kernel all kind of hibernation should be prohibited until shutdown/reboot
  - logind: wakelock/opportunistic suspend support
  - Add pretty name for seats in logind
  - logind: allow showing logout dialog from system?
  - logind: spawn user@..service on login
  - logind: non-local X11 server handling
  - logind: add equivalent to sd_pid_get_owner_uid() to the D-Bus API
  - pam: when leaving a session explicitly exclude the ReleaseSession() caller process from the killing spree
  - logind: GetSessionByPID() should accept 0 as PID value
  - we should probably handle SIGTERM/SIGINT to not leave dot files around, just in case

* exec: when deinitializating a tty device fix the perms and group, too, not only when initializing. Set access mode/gid to 0620/tty.

* DeviceAllow/DeviceDeny: disallow everything by default, but whitelist /dev/zero, /dev/null and friends

* service: watchdog logic: for testing purposes allow ping, but do not require pong

* journal:
  - do not use magic msync() in src/journal/journal-file.c, just call fsync()
      <alxchk> poettering: looks like msync just calls vfs_fsync
      http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/mm/msync.c#n18
  - import and delete pstore filesystem content at startup
  - journald: also get thread ID from client, plus thread name
  - journal: when waiting for journal additions in the client always sleep at least 1s or so, in order to minimize wakeups
  - add API to close/reopen/get fd for journal client fd in libsystemd-journal.
  - fallback to /dev/log based logging in libsystemd-journal, if we can't log natively?
  - declare the local journal protocol stable in the wiki interface chart
  - journal: reuse XZ context
  - sd-journal: speed up sd_journal_get_data() with transparent hash table in bg
  - journald: when dropping msgs due to ratelimit make sure to write
    "dropped %u messages" not only when we are about to print the next
    message that works, but alraedy after a short tiemout
  - check if we can make journalctl by default use --follow mode inside of less if called without args?
  - maybe add API to send pairs of iovecs via sd_journal_send
  - journal: when writing journal auto-rotate if time jumps backwards
  - journal: add a setgid "systemd-journal" utility to invoke from libsystemd-journal, which passes fds via STDOUT and does PK access
  - journactl: support negative filtering, i.e. FOOBAR!="waldo",
    and !FOOBAR for events without FOOBAR.
  - journal: when rotating, copy over old acls/access mode
  - journal: send out marker messages every now and then, and immediately sync with fdatasync() afterwards, in order to have hourly guaranteed syncs.
  - journal-send.c, log.c: when the log socket is clogged, and we drop, count this and write a message about this when it gets unclogged again.
  - journal: find a way to allow dropping history early, based on priority, other rules
  - journal: When used on NFS, check payload hashes
  - Introduce journalctl -b <nr> to show journal messages of a previous boot
  - journald: check whether it is OK if the client can still modify delivered journal entries
  - journal live copy, based on libneon (client) and libmicrohttpd (server)
  - journald: add kernel cmdline option to disable ratelimiting for debug purposes
  - refuse taking lower-case variable names in sd_journal_send() and friends.
  - journald: we currently rotate only after MaxUse+MaxFilesize has been reached.
  - journal: deal nicely with byte-by-byte copied files, especially regards header
  - journalctl: expand tabs
  - journal: store euid in journal if it differs from uid
  - journal: sanely deal with entries which are larger than the individual file size, but where the components would fit
  - Replace utmp, wtmp, btmp, and lastlog completely with journal
  - Port upower to use the journal for historical power information used in future calculations

* document:
  - document unit_name_mangle()
  - document that deps in [Unit] sections ignore Alias= fileds in
    [Install] units of other units, unless those units are disabled
  - man: clarify that time-sync.target is not only sysv compat but also useful otherwise. Same for similar targets
  - Document word splitting syntax for ExecStart= and friends
  - document that units from /etc override those from /usr and /run
  - document the exit codes when services fail before they are exec()ed
  - document that service reload may be implemented as service reexec
  - document in wiki how to map ical recurrence events to systemd timer unit calendar specifications

* systemctl:
  - systemctl list-jobs - show dependencies
  - add systemctl switch to dump transaction without executing it
  - Add a verbose mode to "systemctl start" and friends that explains what is being done or not done
  - "systemctl disable" on a static unit prints no message and does
    nothing. "systemctl enable" does nothing, and gives a bad message
    about it. Should fix both to print nice actionable messages.
  - print nice message from systemctl --failed if there are no entries shown, and hook that into ExecStartPre of rescue.service/emergency.service
  - add new command to systemctl: "systemctl system-reexec" which reexecs as many daemons as virtually possible
  - systemctl enable: improve the success messages (i.e. more human readable, less shell-like)
  - systemctl enable: fail if target to alias into doesn't exist? maybe show how many units are enabled afterwards?
  - systemctl: "Journal has been rotated since unit was started." message is misleading
  - support "systemctl stop foobar@.service" to stop all units matching a certain template
  - Something is wrong with symlink handling of "autovt@.service" in "systemctl list-unit-files"

* introduce ntp.service (or suchlike) as symlink that is used to arbitrate between various NTP implementations

* deal with sendmail/postfix exclusivity

* timer units:
  - configurable jitter for timer events
  - timer events with system resume
  - timer units should get the ability to trigger when:
    o CLOCK_REALTIME makes jumps (TFD_TIMER_CANCEL_ON_SET)
    o DST changes
  - Support 2012-02~4 as syntax for specifying the fourth to last day of the month.

* update the kernel's TZ (sys_tz) when DST changes

* sync down the system time to the RTC when:
    - CLOCK_REALTIME makes jumps (the user explicitely requested a time set)
    - DST/timezone changes && ntp is active && RTC-in-localtime (never do it without ntp)
  This takes care of syncing ntpdate updates to the RTC, and DST updates for localtime
  mode, it will never touch the RTC if the no reliable time source is active or the
  user did not request anything like it.

* hwdb:
  - implement conditional properties (dmi matches)
  - hwdb --filter=ID_DRIVE_*

* if booted in "quiet" mode, and an error happens, turn on status
  output again, so that the emergency mode isn't totally
  surprising. Also, terminate plymouth.

* libunwind support for coredump pattern hook, and includes this in
  the message for coredumps. After all, libunwind is now capable to
  unwind coredumps since a few weeks ago. This probably requires that
  we have nice support for multi-line messages on display in
  logs-show.c. Alternatively: use libelfutil, which seems to be the
  better supported alternative.

* figure out relation of --all and --full in the various tools

* add libsystemd-password or so to query passwords during boot using the password agent logic

* If we show an error about a unit (such as not showing up) and it has no Description string, then show a description string generated form the reverse of unit_name_mangle().

* fedup: add --unit to systemctl switch-root somehow
* fedup: don't delete initrd on switch-root
* fedup: generator

* timedated:
  - timedated: refuse time changes when NTP is on

* clean up date formatting and parsing so that all absolute/relative timestamps we format can also be parsed

* introduce generic AUGMENT_PID=, AUGMENT_DEVICE= fields

* on shutdown: move utmp, wall, audit logic all into PID 1 (or logind?), get rid of systemd-update-utmp-runlevel

* add "provisioning" instructions to setup an empty /etc + /var
    - used to setup a new container from a shared /usr
    - superset of tmpfiles model
    - instructions shipped by packages and stored in /usr/lib/
    - compose /etc/passwd and /etc/group, copy files
    - able to create uid + gid used by packages, for file ownership

* make repeated alt-ctrl-del presses printing a dump, or even force a reboot without
  waiting for the timeout

* high level net_prio setting in execution context

* hostnamed: before returning information from /etc/machine-info.conf check the modification data and reread. Similar for localed, ...

* currently x-systemd.timeout is lost in the initrd, since crypttab is copied into dracut, but fstab isn't

* refuse boot if /etc/machine-id is not useful (or set taint?)

* nspawn:
  - nspawn: consider changing users for -u with su, so that NSS resolving works correctly
  - nspawn: implement personality changes a la linux32(8)
  - nspawn: --read-only is not applied recursively to submounts
  - nspawn: make use of device cgroup controller by default
  - bind mount read-only the cgroup tree higher than nspawn
  - nspawn: investigate whether we can support the same as LXC's
    lxc.network.type=phys mode, and pass through entire network
    interfaces to the container
  - nspawn: maybe add a way to drop additional caps, in addition to add additional caps
  - nspawn: maybe explicitly reset loginuid?
  - nspawn: make it work for dwalsh and shared /usr containers -- tmpfs mounts as command line parameters, selinux exec context

* cryptsetup:
  - cryptsetup-generator: allow specification of passwords in crypttab itself
  - move cryptsetup key caching into kernel keyctl?
    https://bugs.freedesktop.org/show_bug.cgi?id=54982
  - support rd.luks.allow-discards= kernel cmdline params in cryptsetup generator

* move debug shell to tty6 and make sure this doesn't break the gettys on tty6

* hw watchdog: optionally try to use the preset watchdog timeout instead of always overriding it
  https://bugs.freedesktop.org/show_bug.cgi?id=54712

* after deserializing sockets in socket.c we should reapply sockopts and things

* make timer units go away after they elapsed

* http://lists.freedesktop.org/archives/systemd-devel/2012-September/006502.html
  (network and remote-fs on shutdown)

* come up with a nice way to write queue/read_ahead_kb for a block device without interfering with readahead

* move PID 1 segfaults to /var/lib/systemd/coredump?

* create /sbin/init symlinks from the build system

* Query Paul Moore about relabelling socket fds while they are open

* system.conf should have controls for cgroups

* allow writing multiple conditions in unit files on one line

* explore multiple service instances per listening socket idea

* shutdown: don't read-only mount anything when running in container

* MountFlags=shared acts as MountFlags=slave right now.

* ReadOnlyDirectories= is not applied recursively to submounts

* drop PID 1 reloading, only do reexecing (difficult: Reload()
  currently is properly synchronous, Reexec() is weird, because we
  can't delay the response properly until we are back, so instead of
  being properly synchronous we just keep open the fd and close it
  when done. That means clients don't get a successful method reply,
  but much rather a disconnect on success.

* remember which condition failed for services, not just the fact that something failed

* use opterr = 0 for all getopt tools

* properly handle loop back mounts via fstab, especially regards to fsck/passno

* allow services with no ExecStart= but with an ExecStop=

* dracut-shutdown needs to be ordered before unmounting /boot

* initialize the hostname from the fs label of /, if /etc/hostname does not exist?

* rename "userspace" to "core-os"

* syscall filter:
  - syscall filter: add knowledge about compat syscalls
  - syscall filter: don't enforce no new privs?
  - syscall filter: option to return EPERM rather than SIGSYS?
  - syscall filter: port to libseccomp
  - system-wide seccomp filter

* .device aliases need to be implemented with the "following" logic, probably.

* load-fragment: when loading a unit file via a chain of symlinks
  verify that it isn't masked via any of the names traversed.

* introduce Type=pid-file

* change Requires=basic.target to RequisiteOverride=basic.target

* when breaking cycles drop sysv services first, then services from /run, then from /etc, then from /usr

* move passno parsing to fstab generator

* automount: implement expire:
   - set superblock timeout AUTOFS_DEV_IOCTL_TIMEOUT_CMD
   - periodically run AUTOFS_DEV_IOCTL_EXPIRE_CMD
     - every timeout/4 (original autofs logic)
     - blocking, needs a thread
     - run until -EAGAIN
   - receive expire packet on pipe if kernel tells the timeout is over
     - call umount
     - answer expire packet on pipe with AUTOFS_DEV_IOCTL_{READY,FAIL}_CMD
   - AUTOFS_DEV_IOCTL_EXPIRE_CMD returns

* services which create their own subcgroups break cgroup-empty notification (needs to be fixed in the kernel)

* ExecOnFailure=/usr/bin/foo

* udev:
  - remove src/udev/udev-builtin-firmware.c (CONFIG_FW_LOADER_USER_HELPER=n)
  - move to LGPL
  - unify utf8 validator code with shared/
  - kill scsi_id
  - add trigger --subsystem-match=usb/usb_device device

* cleanup syslog 'priority' vs. 'level' wording

* when a service has the same env var set twice we actually store it twice and return that in systemctl show -p... We should only show the last setting

* support container_ttys=

* introduce mix of BindTo and Requisite

* add DeleteSocketsOnStop=yes|no option to socket units

* There's currently no way to cancel fsck (used to be possible via C-c or c on the console)

* add option to sockets to avoid activation. Instead just drop packets/connections, see http://cyberelk.net/tim/2012/02/15/portreserve-systemd-solution/

* default unix qlen is too small (10). bump sysctl? add sockopt?

* save coredump in Windows/Mozilla minidump format

* support crash reporting operation modes (https://live.gnome.org/GnomeOS/Design/Whiteboards/ProblemReporting)

* clean up session cgroups that remain after logout (think sshd), but eventually run empty

* when an instanced service exits, remove its parent cgroup too if possible.

* default to actual 32bit PIDs, via /proc/sys/kernel/pid_max

* be able to specify a forced restart of service A where service B depends on, in case B
  needs to be auto-respawned?

* when a bus name of a service disappears from the bus make sure to queue further activation requests

* tmpfiles: apply "x" on "D" too (see patch from William Douglas)

* for services: don't set $HOME in services unless requested

* hide PAM/TCPWrap options in fragment parser when compile time disabled

* when we automatically restart a service, ensure we restart its rdeps, too.

* allow Type=simple with PIDFile=
  https://bugzilla.redhat.com/show_bug.cgi?id=723942

* move PAM code into its own binary

* implement Register= switch in .socket units to enable registration
  in Avahi, RPC and other socket registration services.

* make sure systemd-ask-password-wall does not shutdown systemd-ask-password-console too early

* support sd_notify() style notification when reload begins (RELOADING=1), reload is finished (READY=1), and add ReloadSignal= then to use in combination

* support sd_notify() style notification when shutting down, to make auto-exit bus services work (STOPPING=1)

* verify that the AF_UNIX sockets of a service in the fs still exist
  when we start a service in order to avoid confusion when a user
  assumes starting a service is enough to make it accessible

* Make it possible to set the keymap independently from the font on
  the kernel cmdline. Right now setting one resets also the other.

* and a dbus call to generate target from current state

* readahead:
  - drop /.readahead on bigger upgrades with yum
  - move readahead files into /var (look for them with .path units?)
  - readahead: use BTRFS_IOC_DEFRAG_RANGE instead of BTRFS_IOC_DEFRAG ioctl, with START_IO
  - readahead: when bumping /sys readahead variable save mtime and compare later to detect changes
  - readahead: make use of EXT4_IOC_MOVE_EXT, as used by http://e4rat.sourceforge.net/

* add support for /bin/mount -s

* GC unreferenced jobs (such as .device jobs)

* write blog stories about:
  - hwdb: what belongs into it, lsusb
  - enabling dbus services
  - status update
  - how to make changes to sysctl and sysfs attributes
  - remote access
  - how to pass throw-away units to systemd, or dynamically change properties of existing units
  - how to integrate cgconfig and suchlike with systemd
  - testing with Harald's awesome test kit
  - auto-restart
  - how to develop against journal browsing APIs
  - the journal HTTP iface
  - non-cgroup resource management
  - dynamic resource management with cgroups
  - refreshed, longer missions statement
  - calendar time events
  - init=/bin/sh vs. "emergency" mode, vs. "rescue" mode, vs. "multi-user" mode, vs. "graphical" mode, and the debug shell
  - how to create your own target
  - instantiated apache, dovecot and so on
  - hooking a script into various stages of shutdown/rearly booot

* allow port=0 in .socket units

* support systemd.mask= on the kernel command line.

* recreate systemd's D-Bus private socket file on SIGUSR2

* Support --test based on current system state

* investigate whether the gnome pty helper should be moved into systemd, to provide cgroup support.

* maybe introduce ExecRestartPre=

* dot output for --test showing the 'initial transaction'

* port over to LISTEN_FDS/LISTEN_PID:
   - rpcbind (/var/run/rpcbind.sock!) HAVEPATCH
   - cups     HAVEPATCH
   - postfix, saslauthd
   - apache/samba
   - libvirtd (/var/run/libvirt/libvirt-sock-ro)
   - bluetoothd (/var/run/sdp! @/org/bluez/audio!)
   - distccd

* fingerprint.target, wireless.target, gps.target, netdevice.target

* io priority during initialization

* drop cap bounding set in readahead and other services

* systemd-python:
   - figure out a simple way to wait for journal events in a way that
     works with ^C
   - add documentation to systemd.daemon

* bootchart:
   - plot per-process IO utilization
   - group processes based on service association (cgroups)
   - document initcall_debug
   - kernel cmdline "bootchart" option for simplicity?

External:

* dbus:
   - dbus --user
   - natively watch for dbus-*.service symlinks (PENDING)
   - allow specification of socket mode/umask when allocating DBusServer
   - allow disabling of fd passing when connecting a AF_UNIX connection
   - allow disabling of UID passing for AUTH EXTERNAL
   - always pass cred data along each message
   - teach dbus to activate all services it finds in /etc/systemd/services/org-*.service

* fix alsa mixer restore to not print error when no config is stored

* make cryptsetup lower --iter-time

* patch kernel for xattr support in /dev, /proc/, /sys?

* NTP: the kernel's 11-minutes-mode syncs the system time to the RTC, but only
  in an ~30 minutes window. It does not adjust larger differences. Find a way
  to tell the kernel, to always do a full time sync when the RTC is in UTC and
  we are in 11-minutes-mode. When we trust the system time to NTP we also want
  the RTC to sync up.

* kernel: add device_type = "fb", "fbcon" to class "graphics"

* drop accountsservice's StandardOutput=syslog and Type=dbus fields

* dbus upstream still refers to dbus.target and shouldn't

* dbus: in fedora, make /var/lib/dbus/machine-id a symlink to /etc/machine-id

* add "# export SYSTEMD_PAGER=" to bash login

* /usr/bin/service should actually show the new command line

* fedora: suggest auto-restart on failure, but not on success and not on coredump. also, ask people to think about changing the start limit logic. Also point people to RestartPreventExitStatus=, SuccessExitStatus=

* fedora: F20: go timer units all the way, leave cron.daily for cron

* neither pkexec nor sudo initialize environ[] from the PAM environment?

* fedora: update policy to declare access mode and ownership of unit files to root:root 0644, and add an rpmlint check for it

Regularly:

* look for close() vs. close_nointr() vs. close_nointr_nofail()

* check for strerror(r) instead of strerror(-r)

* Use PR_SET_PROCTITLE_AREA if it becomes available in the kernel

* %m in printf() instead of strerror(errno);

* pahole

* set_put(), hashmap_put() return values check. i.e. == 0 doesn't free()!

* use secure_getenv() instead of getenv() where appropriate

* link up selected blog stories from man pages and unit files Documentation= fields

Scheduled for removal or fixing:

* xxxOverridable dependencies (probably: fix)