NEWS: note about future implicit PrivateUsers= in user units

diff --git a/NEWS b/NEWS
index fc9d100257cf96fbc5732d870a02b8d169038342..6df17aa599cd73e65f300e4988c62982c8f4b6a0 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -18,6 +18,22 @@ CHANGES WITH 253 in spe:
           For more details, see:
           https://lists.freedesktop.org/archives/systemd-devel/2022-September/048352.html
 
+        * We intend to change behaviour w.r.t. units of the per-user service
+          manager and sandboxing options, so that they work without having to
+          manually enable PrivateUsers= as well, which is not required for
+          system units. To make this work, we will implicitly enable user
+          namespaces (PrivateUsers=yes) when a sandboxing option is enabled in a
+          user unit. The drawback is that system users will no longer be visible
+          (and appear as 'nobody') to the user unit when a sandboxing option is
+          enabled. By definition a sandboxed user unit should run with reduced
+          privileges, so impact should be small. This will remove a great source
+          of confusion that has been reported by users over the years, due to
+          how these options require an extra setting to be manually enabled when
+          used in the per-user service manager, as opposed as to the system
+          service manager. We plan to enable this change in the next release
+          later this year. For more details, see:
+          https://lists.freedesktop.org/archives/systemd-devel/2022-December/048682.html
+
         Deprecations and incompatible changes:
 
         * systemctl will now warn when invoked without /proc/ mounted