diff options
author | Luca Boccassi <bluca@debian.org> | 2022-12-28 17:27:37 +0100 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2023-01-04 17:49:41 +0100 |
commit | 0a207d8f234ff7ea0d7988445e38685090fc930e (patch) | |
tree | 6601c0533a9a6f27c7ae05e951d6fb2f1718a4e8 /man/systemd.exec.xml | |
parent | e03fa62b63c3f1e19aa31ac678d808635b28ee49 (diff) | |
download | systemd-0a207d8f234ff7ea0d7988445e38685090fc930e.tar.gz |
man: note that DynamicUser=yes is incompatible with D-Bus
Due to policy checks against system users this cannot currently work, and it is non-obvious.
In the future it might be implemented if support is added to dbus-broker/dbus-daemon, e.g.:
https://github.com/bus1/dbus-broker/issues/259
Diffstat (limited to 'man/systemd.exec.xml')
-rw-r--r-- | man/systemd.exec.xml | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml index 5e6658ff06..78cede439c 100644 --- a/man/systemd.exec.xml +++ b/man/systemd.exec.xml @@ -584,7 +584,9 @@ <varname>BindPaths=</varname> and be careful with <constant>AF_UNIX</constant> file descriptor passing for directory file descriptors, as this would permit processes to create files or directories owned by the dynamic user/group that are not subject to the lifecycle and access guarantees of the - service. Defaults to off.</para></listitem> + service. Note that this option is currently incompatible with D-Bus policies, thus a service using + this option may currently not allocate a D-Bus service name (note that this does not affect calling + into other D-Bus services). Defaults to off.</para></listitem> </varlistentry> <varlistentry> |