From 54f9aa554a3fcb71d02ecceaeec8d84d33a4361b Mon Sep 17 00:00:00 2001
From: Simon McVittie <smcv@collabora.com>
Date: Mon, 18 Nov 2024 18:53:23 +0000
Subject: [PATCH] bus: Don't create /run/dbus/containers if the feature is
 disabled

The `Containers1` interface is not stable or production-ready, and is
compile-time-optional behind a build option, which in fact currently
cannot be enabled (it intentionally provokes a compiler `#error` if
enabled). If it isn't enabled, this directory won't be useful, so
there's no reason to create it.

As discussed in <https://github.com/systemd/mkosi/issues/3189>, if we
use the `@DBUS_USER@` here, it makes `tmpfiles.d/dbus.conf` dependent
on having created the `@DBUS_USER@` via `sysusers.d` or some
appropriate distro-specific mechanism. This is problematic in distros
that split up the functionality of dbus into several layers, such as
Debian: the `@DBUS_USER@` conceptually belongs to the same layer as
the well-known system bus, but `/etc/machine-id` and
`/var/lib/dbus/machine-id` are also used by the well-known session bus,
which is orthogonal to the system bus; so we want `dbus.conf` to be in a
lower layer than the `@DBUS_USER@`.

Signed-off-by: Simon McVittie <smcv@collabora.com>
---
 bus/tmpfiles.d/dbus-containers.conf.in | 5 +++++
 bus/tmpfiles.d/dbus.conf.in            | 4 ----
 bus/tmpfiles.d/meson.build             | 9 +++++++++
 3 files changed, 14 insertions(+), 4 deletions(-)
 create mode 100644 bus/tmpfiles.d/dbus-containers.conf.in

diff --git a/bus/tmpfiles.d/dbus-containers.conf.in b/bus/tmpfiles.d/dbus-containers.conf.in
new file mode 100644
index 000000000..4bf1b02b8
--- /dev/null
+++ b/bus/tmpfiles.d/dbus-containers.conf.in
@@ -0,0 +1,5 @@
+# Fields: type; path; mode; uid; gid; age; argument (symlink target)
+
+# Create ${runstatedir}/dbus/containers owned by the system bus user.
+# org.freedesktop.DBus.Containers1 uses this to create sockets.
+d @EXPANDED_RUNSTATEDIR@/dbus/containers 0755 @DBUS_USER@ - - -
diff --git a/bus/tmpfiles.d/dbus.conf.in b/bus/tmpfiles.d/dbus.conf.in
index aaaa9e027..0ec7de041 100644
--- a/bus/tmpfiles.d/dbus.conf.in
+++ b/bus/tmpfiles.d/dbus.conf.in
@@ -7,7 +7,3 @@ d @EXPANDED_LOCALSTATEDIR@/lib/dbus 0755 - - -
 # Make ${localstatedir}/lib/dbus/machine-id a symlink to /etc/machine-id
 # if it does not already exist
 L @EXPANDED_LOCALSTATEDIR@/lib/dbus/machine-id - - - - /etc/machine-id
-
-# Create ${runstatedir}/dbus/containers owned by the system bus user.
-# org.freedesktop.DBus.Containers1 uses this to create sockets.
-d @EXPANDED_RUNSTATEDIR@/dbus/containers 0755 @DBUS_USER@ - - -
diff --git a/bus/tmpfiles.d/meson.build b/bus/tmpfiles.d/meson.build
index f866879ce..91dd13f3c 100644
--- a/bus/tmpfiles.d/meson.build
+++ b/bus/tmpfiles.d/meson.build
@@ -25,3 +25,12 @@ configure_file(
     configuration: data_config,
     install_dir: get_option('prefix') / 'lib' / 'tmpfiles.d',
 )
+
+if get_option('containers')
+  configure_file(
+      input: 'dbus-containers.conf.in',
+      output: 'dbus-containers.conf',
+      configuration: data_config,
+      install_dir: get_option('prefix') / 'lib' / 'tmpfiles.d',
+  )
+endif
-- 
2.47.3