add systemd dropins for minimal sys-net and sys-usb

Some unnecessary services are running on sys-net and sys-usb which consumes RAM for nothing.
SystemD dropins are added to automatically disable identified unecessary services by enabling minimal-netvm or minimal-usbvm  service on the sys-vms with qvm-service.

Makefile

@@ -54,6 +54,9 @@ SYSTEM_DROPINS += sysinit.target
 ifeq ($(ENABLE_SELINUX),1)
 SYSTEM_DROPINS += selinux-autorelabel.target selinux-autorelabel.service
 endif
+SYSTEM_DROPINS += polkit.service
+SYSTEM_DROPINS += abrtd.service
+SYSTEM_DROPINS += bluetooth.service
 
 SYSTEM_DROPINS_NETWORKING := NetworkManager.service NetworkManager-wait-online.service
 SYSTEM_DROPINS_NETWORKING += tinyproxy.service
@@ -68,7 +71,12 @@ USER_DROPINS := \
 	evolution-addressbook-factory.service \
 	evolution-calendar-factory.service \
 	evolution-source-registry.service \
-	evolution-user-prompter.service
+	evolution-user-prompter.service \
+	pipewire.service \
+	gvfs-daemon.service \
+	at-spi-dbus-bus.service \
+	wireplumber.service
+
 
 # Ubuntu Dropins
 ifeq ($(release),Ubuntu)

debian/qubes-core-agent.install

@@ -70,9 +70,11 @@ lib/systemd/system/boot.automount.d/30_qubes.conf
 lib/systemd/system/ModemManager.service.d/30_qubes.conf
 lib/systemd/system/NetworkManager-wait-online.service.d/30_qubes.conf
 lib/systemd/system/NetworkManager.service.d/30_qubes.conf
+lib/systemd/system/abrtd.service.d/30_qubes.conf
 lib/systemd/system/anacron-resume.service.d/30_qubes.conf
 lib/systemd/system/anacron.service.d/30_qubes.conf
 lib/systemd/system/avahi-daemon.service.d/30_qubes.conf
+lib/systemd/system/bluetooth.service.d/30_qubes.conf
 lib/systemd/system/chronyd.service.d/30_qubes.conf
 lib/systemd/system/cron.service.d/30_qubes.conf
 lib/systemd/system/cups.path.d/30_qubes.conf
@@ -85,6 +87,7 @@ lib/systemd/system/netfilter-persistent.service.d/30_qubes.conf
 lib/systemd/system/org.cups.cupsd.path.d/30_qubes.conf
 lib/systemd/system/org.cups.cupsd.service.d/30_qubes.conf
 lib/systemd/system/org.cups.cupsd.socket.d/30_qubes.conf
+lib/systemd/system/polkit.service.d/30_qubes.conf
 lib/systemd/system/dev-xvdc1-swap.service
 lib/systemd/system/qubes-early-vm-config.service
 lib/systemd/system/qubes-misc-post.service
@@ -118,6 +121,10 @@ usr/lib/systemd/user/evolution-addressbook-factory.service.d/30_qubes.conf
 usr/lib/systemd/user/evolution-calendar-factory.service.d/30_qubes.conf
 usr/lib/systemd/user/evolution-source-registry.service.d/30_qubes.conf
 usr/lib/systemd/user/evolution-user-prompter.service.d/30_qubes.conf
+usr/lib/systemd/user/at-spi-dbus-bus.service.d/30_qubes.conf
+usr/lib/systemd/user/gvfs-daemon.service.d/30_qubes.conf
+usr/lib/systemd/user/pipewire.service.d/40_minimal.conf
+usr/lib/systemd/user/wireplumber.service.d/30_qubes.conf
 lib/udev/rules.d/50-qubes-mem-hotplug.rules
 usr/bin/qfile-unpacker
 usr/bin/qubes-desktop-run

rpm_spec/core-agent.spec.in

@@ -1272,6 +1272,8 @@ The Qubes core startup configuration for SystemD init.
 %_unitdir/qubes-updates-proxy-forwarder.socket
 %{_unitdir}-preset/%qubes_preset_file
 %_modulesloaddir/qubes-core.conf
+%_unitdir/abrtd.service.d/30_qubes.conf
+%_unitdir/bluetooth.service.d/30_qubes.conf
 %dir %_unitdir/boot.automount.d
 %_unitdir/boot.automount.d/30_qubes.conf
 %dir %_unitdir/*.service.d
@@ -1292,6 +1294,7 @@ The Qubes core startup configuration for SystemD init.
 %_unitdir/ModemManager.service.d/30_qubes.conf
 %_unitdir/NetworkManager.service.d/30_qubes.conf
 %_unitdir/NetworkManager-wait-online.service.d/30_qubes.conf
+%_unitdir/polkit.service.d/30_qubes.conf
 %_unitdir/[email protected]/30_qubes.conf
 %_unitdir/systemd-random-seed.service.d/30_qubes.conf
 %_unitdir/systemd-timesyncd.service.d/30_qubes.conf
@@ -1314,6 +1317,10 @@ The Qubes core startup configuration for SystemD init.
 %_userunitdir/evolution-calendar-factory.service.d/30_qubes.conf
 %_userunitdir/evolution-source-registry.service.d/30_qubes.conf
 %_userunitdir/evolution-user-prompter.service.d/30_qubes.conf
+%_userunitdir/at-spi-dbus-bus.service.d/30_qubes.conf
+%_userunitdir/gvfs-daemon.service.d/30_qubes.conf
+%_userunitdir/pipewire.service.d/40_minimal.conf
+%_userunitdir/wireplumber.service.d/30_qubes.conf
 
 %post systemd
 

vm-systemd/abrtd.service.d/30_qubes.conf

@@ -0,0 +1,3 @@
+[Unit]
+ConditionPathExists=!/var/run/qubes-service/minimal-netvm
+ConditionPathExists=!/var/run/qubes-service/minimal-usbvm

vm-systemd/bluetooth.service.d/30_qubes.conf

@@ -0,0 +1,2 @@
+[Unit]
+ConditionPathExists=!/var/run/qubes-service/minimal-usbvm

vm-systemd/polkit.service.d/30_qubes.conf

@@ -0,0 +1,2 @@
+[Unit]
+ConditionPathExists=!/var/run/qubes-service/minimal-usbvm

vm-systemd/user/at-spi-dbus-bus.service.d/30_qubes.conf

@@ -0,0 +1,3 @@
+[Unit]
+ConditionPathExists=!/var/run/qubes-service/minimal-netvm
+ConditionPathExists=!/var/run/qubes-service/minimal-usbvm

vm-systemd/user/gvfs-daemon.service.d/30_qubes.conf

@@ -0,0 +1,3 @@
+[Unit]
+ConditionPathExists=!/var/run/qubes-service/minimal-netvm
+ConditionPathExists=!/var/run/qubes-service/minimal-usbvm

vm-systemd/user/pipewire.service.d/40_minimal.conf

@@ -0,0 +1,3 @@
+[Unit]
+ConditionPathExists=!/var/run/qubes-service/minimal-netvm
+ConditionPathExists=!/var/run/qubes-service/minimal-usbvm

vm-systemd/user/wireplumber.service.d/30_qubes.conf

@@ -0,0 +1,3 @@
+[Unit]
+ConditionPathExists=!/var/run/qubes-service/minimal-netvm
+ConditionPathExists=!/var/run/qubes-service/minimal-usbvm