dbus-activation applications shouldn't be in session.slice
To reproduce
Steps to reproduce the behavior:
- Run a standard Gnome desktop (Ubuntu 23.10 here, so dbus 1.14.10, systemd 253.5-1ubuntu6.1)
- Click Files icon to start Nautilus
It runs via dbus-activation:
Feb 05 16:32:06 dust dbus-daemon[263850]: [session uid=1001 pid=263850] Activating service name='org.gnome.Nautilus' requested by ':1.28' (uid=1001 pid=264522 comm="/usr/bin/gnome-shell" label="unconfined")
Expected result
Nautilus runs in app.slice or a similar cgroup/slice under that. This would be seen running systemd-cgls
.
Actual result
Nautilus runs as part of dbus.service slice, which is under session.slice. The slice is set in the user service file 03b4fba4
session.slice is meant to be for "All essential services and applications required for the session should use this slice. These are services that either cannot be restarted easily" https://www.freedesktop.org/software/systemd/man/latest/systemd.special.html#session.slice
Instead something like Nautilus should be in app.slice.
systemd-cgls
shows:
Control group /:
-.slice
├─user.slice (#361)
│ → user.invocation_id: fa8aa6526dd44a01be2aa1c509494d2f
│ └─user-1001.slice (#6298)
│ → user.invocation_id: 2ce5f7ea76bf48e58c6b9e79ab0d4a21
│ ├─user@1001.service … (#8184)
│ │ → user.invocation_id: 260ffcb0b0fa45edb3ef8e3d8f20557b
│ │ → user.delegate: 1
│ │ ├─session.slice (#8717)
...
│ │ │ ├─dbus.service (#69985)
│ │ │ │ → user.xdg.inactive-since: 91549941866
│ │ │ │ ├─263850 /usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
│ │ │ │ ├─264725 /usr/libexec/gnome-shell-calendar-server
│ │ │ │ ├─264739 /usr/bin/gjs -m /usr/share/gnome-shell/org.gnome.Shell.Notifications
│ │ │ │ ├─264893 /usr/libexec/ibus-portal
│ │ │ │ ├─264959 /usr/libexec/goa-daemon
│ │ │ │ ├─264974 /usr/libexec/goa-identity-service
│ │ │ │ ├─265271 /usr/bin/gjs -m /usr/share/gnome-shell/org.gnome.ScreenSaver
│ │ │ │ ├─268197 /usr/bin/nautilus --gapplication-service
│ │ │ │ ├─271088 /usr/bin/gnome-calendar --gapplication-service
│ │ │ │ ├─281847 /bin/evince /home/matt/path/to/some.pdf
│ │ │ │ └─281856 /usr/libexec/evinced
Additional context
The reason I'm reporting this is that if something in dbus.service is oom-killed, systemd might kill everything in dbus.service. (https://github.com/systemd/systemd/issues/25376 is somewhat related, in terms of preventing systemd killing the whole slice. But Nautilus etc shouldn't be in dbus.service's slice)
I saw this with evince running in dbus.service's cgroup, so the whole desktop crashes. Evince had been launched by double-clicking on a file in Nautilus, running via dbus-activation
Feb 05 19:12:40 dust dbus-daemon[263850]: [session uid=1001 pid=263850] Activating service name='org.gnome.evince.Daemon' requested by ':1.480' (uid=1001 pid=281847 comm="/bin/evince /home/matt/path/to/some.pdf" label="/usr/bin/evince (enforce)")
dmesg:
[351225.625584] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=user.slice,mems_allowed=0,global_oom,task_memcg=/user.slice/user-1001.slice/user@1001.service/session.slice/dbus.service,task=evince,pid=238570,uid=1001
[351225.625617] Out of memory: Killed process 238570 (evince) total-vm:1455872kB, anon-rss:309100kB, file-rss:1292kB, shmem-rss:32324kB, UID:1001 pgtables:976kB oom_score_adj:200
journalctl:
Feb 05 16:09:27 dust kernel: oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=user.slice,mems_allowed=0,global_oom,task_memcg=/user.slice/user-1001.slice/user@1001.service/session.slice/dbus.service,task=evince,pid=238570,uid=1001
Feb 05 16:09:26 dust systemd[2282]: dbus.service: A process of this unit has been killed by the OOM killer.
Feb 05 16:09:26 dust systemd[2282]: dbus.service: Failed with result 'oom-kill'.
...
Feb 05 16:09:26 dust systemd[2282]: dbus.service: Failed with result 'oom-kill'.
I'm not sure if this issue entirely belongs as a bug in dbus, but certainly having the user dbus.service file set Slice=session.slice
(but no other slice switching) seems like it's part of the problem.