man: note that DynamicUser=yes is incompatible with D-Bus

Due to policy checks against system users this cannot currently work, and it is non-obvious.
In the future it might be implemented if support is added to dbus-broker/dbus-daemon, e.g.:

https://github.com/bus1/dbus-broker/issues/259

diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml
index 5e6658ff061cf3e6ca1d9673707c67579402d91b..78cede439c3eb7a25252710592d96884b733da83 100644 (file)
--- a/man/systemd.exec.xml
+++ b/man/systemd.exec.xml
@@ -584,7 +584,9 @@
         <varname>BindPaths=</varname> and be careful with <constant>AF_UNIX</constant> file descriptor
         passing for directory file descriptors, as this would permit processes to create files or directories
         owned by the dynamic user/group that are not subject to the lifecycle and access guarantees of the
-        service. Defaults to off.</para></listitem>
+        service. Note that this option is currently incompatible with D-Bus policies, thus a service using
+        this option may currently not allocate a D-Bus service name (note that this does not affect calling
+        into other D-Bus services). Defaults to off.</para></listitem>
       </varlistentry>
 
       <varlistentry>