man: note that DynamicUser=yes is incompatible with D-Bus

Due to policy checks against system users this cannot currently work, and it is non-obvious. In the future it might be implemented if support is added to dbus-broker/dbus-daemon, e.g.: https://github.com/bus1/dbus-broker/issues/259
2024-11-24 02:33:36 +08:00 · 2022-12-28 17:27:37 +01:00 · 2022-12-28 17:27:37 +01:00 · 0a207d8f23
commit 0a207d8f23
parent e03fa62b63
1 changed files with 3 additions and 1 deletions
--- a/man/systemd.exec.xml
+++ b/man/systemd.exec.xml
@ -584,7 +584,9 @@
        <varname>BindPaths=</varname> and be careful with <constant>AF_UNIX</constant> file descriptor
        passing for directory file descriptors, as this would permit processes to create files or directories
        owned by the dynamic user/group that are not subject to the lifecycle and access guarantees of the
-        service. Defaults to off.</para></listitem>
+        service. Note that this option is currently incompatible with D-Bus policies, thus a service using
+        this option may currently not allocate a D-Bus service name (note that this does not affect calling
+        into other D-Bus services). Defaults to off.</para></listitem>
      </varlistentry>

      <varlistentry>