man: note that DynamicUser=yes is incompatible with D-Bus

Due to policy checks against system users this cannot currently work, and it is non-obvious. In the future it might be implemented if support is added to dbus-broker/dbus-daemon, e.g.: bus1/dbus-broker#259
bluca · Jan 4, 2023 · ddf8995 · ddf8995
1 parent 7900968
commit ddf8995
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml
@@ -584,7 +584,9 @@
         <varname>BindPaths=</varname> and be careful with <constant>AF_UNIX</constant> file descriptor
         passing for directory file descriptors, as this would permit processes to create files or directories
         owned by the dynamic user/group that are not subject to the lifecycle and access guarantees of the
-        service. Defaults to off.</para></listitem>
+        service. Note that this option is currently incompatible with D-Bus policies, thus a service using
+        this option may currently not allocate a D-Bus service name (note that this does not affect calling
+        into other D-Bus services). Defaults to off.</para></listitem>
       </varlistentry>
 
       <varlistentry>