* When a PROCESS service process dies, and smooth_recovery is false, probably
  need to force-stop dependents even if the process itself was stopped
  deliberately.
* Complete control socket handling and protocol
  - support for pinned-start and pinned-stop
  - support for listing all services
* Implement a control utility to start/stop services after dinit has started
  - very basic version exists, needs thorough cleanup
* Clean up tree a little, move source files into "src"

For version 1.0:
----------------
* Log messages need to be duplicated to file (or to a logging process) once the
  file system comes up read/write.
* Log messages are completely prevented from going to the console if the console
  is being held by a service, meaning some can get lost. It would be better if
  there was a (limited) buffer.
* Perhaps need a way to prevent script services from re-starting.
  (eg there's no need to mount filesystems twice; there might be various other
   system initialisations that can't or shouldn't really be "undone" and so do
   not need to be re-done).
* Documentation including sample service definitions
* Better error handling, logging of errors (largely done, still some patches
  of code where it may be missing).
* Write wtmp entry on startup (see simpleinit)
* Allow running services as a different UID
* On linux when running with PID != 1, write PID to /proc/sys/kernel/cad_pid so
  that we still receive SIGINT from ctrl+alt+del (must be done after /proc is
  mounted, possibly could be left to a service script)

For later:
* Internationalisation
* A service can prevent shutdown/reboot by failing to stop. Maybe make
  multiple CTRL-ALT-DEL presses (or ^C since that's more portable) commence
  immediate shutdown (or launch a simple control interface).
* Interruptible scripted services - where it's ok to terminate the start
  script with a signal (and return the service to the STOPPED state). So a long-
  running filesystem check, for instance, need not hold up shutdown.
* When we take down a service or tty session, it would be ideal if we could kill
  the whole process tree, not just the leader process.
* Investigate using cn_proc netlink connector (cn_proc.h) to receive process
  termination events even when running with PID != 1 (Linux only).
  Also, there is the possibility of having a small, simple PID-1 init which
  sends terminated process IDs over a pipe to Dinit. Finally, it may be possible
  to run dinit (and subprocesses) in a new PID namespace (again linux-only).
* Allow logging tasks to memory (growing or circular buffer) and later
  switching to disk logging (allows for filesystem mounted readonly on boot)
* Rate control on process respawn
* Allow running services with different resource limits, chroot, cgroups,
  namespaces (pid/fs/uid), etc
* Make default control socket location build-time configurable
* Allow specifying a timeout for killing services; if they don't die within
  the timeout (after a TERM) then hit them with a KILL.

Even later / Maybe never:
* Support recognising /etc/init.d services automatically (as script services, with
  no dependency management - or upstart compatible dependency management)
  Also BSD's rc.d style scripts (PROVIDE, REQUIRE).
* Place some reasonable, soft limit on the number of services to be started
  simultaneously, to prevent thrashing. Services that are taking a long time
  to start don't count to the limit. Maybe use CPU/IO usage as a controlling
  factor.
* Cron-like tasks (if started, they run a sub-task periodically. Stopping the
  task will wait until the sub-task is complete). 
* Socket activation of services? Not sure if enough non-SystemD derived
  daemons actually support this to warrant implementing it.
* Allow to run services attached to virtual tty, allow connection to that tty (ala "screen").
* SystemD-like handling of filesystem mounts (see autofs documentation in kernel)
  i.e. a mount point gets an autofs attached, and lazily gets mounted when accessed
  (or is mounted in parallel). Probably put the functionality in a separate daemon.


Documentation:
* Design philosophy/rationale document
* Coding style guidelines

* What's the best TERM setting? gogetty gives me "linux" but I think other variants may be
  better (eg "linux-c").

* Figure out the ConsoleKit/logind / PolicyKit mess & how dinit needs to fit into it.
  * Consolekit/logind tracks "sessions". Provides a mechanism to mark a session starting,
    associates processes with sessions, provides calls to terminate sessions etc (why?!!)
    Can use environment variable or cgroups to track processes in a session.
    A PAM module exists to create/destroy sessions.
  * Consolekit/logind also allows for requesting shutdown, reboot, and inhibiting reboot
    (via dbus API).
  * "seats" are a set of input/output hardware (mouse/keyboard/monitor) on which a session
    can be run. You can have multiple sessions on a seat - one is in the foreground
    (eg linux virtual ttys implement multiple sessions on a single seat).
    Sessions can run without a seat (eg ssh session).