Shell script fails to kill-off child processes upon app closure and sandbox termination

[TeusLollo]

Description

It seems that, at least on non-systemd distros (Utilizing runit as init, in my case) varying zombie processes are leftover upon sandbox termination given interaction with dbus-launch gsettings command (Which, on non-systemd distros, is largely necessary to properly set-up custom GTK themes, icons, cursors, and similar) in a custom script.

May be at least partially related to #3949 and #3224

Steps to Reproduce

It is given the following:

A non-systemd distro (Void Linux, in my case, which runs on runit as init system)
sway as window manager.
No login manager (sway is run on a custom config through a custom script)
A LibreWolf AppImage (From https://gitlab.com/librewolf-community/browser/appimage/-/packages)

A custom .local/share/applications/LibreWolf_Firejailed/ freedesktop-based app setup, which operates as follows:

LibreWolf_Firejailed.desktop

[Desktop Entry]
Version=1.0
Type=Application
Name=LibreWolf (Firejailed)
Comment=LibreWolf Web Browser In A Firejail
Exec=$HOME/.local/share/applications/LibreWolf_Firejailed/librewolf_firejailed.sh
Icon=$HOME/.local/share/applications/LibreWolf_Firejailed/LibreWolf_Firejailed.png
Terminal=false
StartupNotify=false
Categories=Application;Network;

Hence, LibreWolf_Firejailed.desktop loads librewolf_firejailed.sh, the latter being thus compiled:

#!/bin/sh

# usage: import-gsettings
config="${XDG_CONFIG_HOME:-$HOME/.config}/gtk-3.0/settings.ini"
if [ ! -f "$config" ]; then exit 1; fi

gnome_schema="org.gnome.desktop.interface"

gtk_theme="$(grep 'gtk-theme-name' "$config" | sed 's/.*\s*=\s*//')"
icon_theme="$(grep 'gtk-icon-theme-name' "$config" | sed 's/.*\s*=\s*//')"
cursor_theme="$(grep 'gtk-cursor-theme-name' "$config" | sed 's/.*\s*=\s*//')"
font_name="$(grep 'gtk-font-name' "$config" | sed 's/.*\s*=\s*//')"

dbus-launch gsettings set "$gnome_schema" gtk-theme "$gtk_theme"
dbus-launch gsettings set "$gnome_schema" icon-theme "$icon_theme"
dbus-launch gsettings set "$gnome_schema" cursor-theme "$cursor_theme"
dbus-launch gsettings set "$gnome_schema" font-name "$font_name"

firejail --appimage --apparmor --profile="$HOME/.local/share/applications/LibreWolf_Firejailed/librewolf_firejailed.profile" "$HOME/.bin/LibreWolf.x86_64.AppImage"

Thus, librewolf_firejailed.sh executes dbus-launch gsettings to import relevant custom theming, and relies upon a custom librewolf_firejailed.profile, the latter being here described:

# Firejail profile for Librewolf
# Description: Firefox fork based on privacy
# This file is overwritten after every install/update
# Persistent local customizations
include librewolf.local
# Persistent global definitions
include globals.local

noblacklist ${HOME}/.cache/librewolf
noblacklist ${HOME}/.librewolf
noblacklist ${HOME}/.local/share/applications/LibreWolf_Firejailed
#noblacklist ${HOME}/.themes
#noblacklist ${HOME}/.icons
noblacklist ${HOME}/.config/glib-2.0

mkdir ${HOME}/.cache/librewolf
mkdir ${HOME}/.librewolf
whitelist ${HOME}/.cache/librewolf
whitelist ${HOME}/.librewolf
whitelist ${HOME}/.local/share/applications/LibreWolf_Firejailed
#whitelist ${HOME}/.themes
#whitelist ${HOME}/.icons
whitelist ${HOME}/.config/glib-2.0

# Add the next lines to your librewolf.local if you want to use the migration wizard.
#noblacklist ${HOME}/.mozilla
#whitelist ${HOME}/.mozilla

# To enable KeePassXC Plugin add one of the following lines to your librewolf.local.
# NOTE: start KeePassXC before Librewolf and keep it open to allow communication between them.
#whitelist ${RUNUSER}/kpxc_server
#whitelist ${RUNUSER}/org.keepassxc.KeePassXC.BrowserServer

whitelist /usr/share/doc
whitelist /usr/share/gtk-doc/html
whitelist /usr/share/librewolf
whitelist /usr/share/mozilla
whitelist /usr/share/webext
include whitelist-usr-share-common.inc

# Add the next line to your librewolf.local to enable private-bin (Arch Linux).
#private-bin dbus-launch,dbus-send,librewolf,sh
# Add the next line to your librewolf.local to enable private-etc.
# NOTE: private-etc must first be enabled in firefox-common.local.
#private-etc librewolf

dbus-user filter
dbus-user.own io.gitlab.librewolf.*
dbus-user.own org.mozilla.librewolf.*
# Add the next line to your librewolf.local to enable native notifications.
#dbus-user.talk org.freedesktop.Notifications
# Add the next line to your librewolf.local to allow inhibiting screensavers.
#dbus-user.talk org.freedesktop.ScreenSaver
# Add the next lines to your librewolf.local for plasma browser integration.
#dbus-user.own org.mpris.MediaPlayer2.plasma-browser-integration
#dbus-user.talk org.kde.JobViewServer
#dbus-user.talk org.kde.kuiserver
# Add the next line to your librewolf.local to allow screensharing under Wayland.
#dbus-user.talk org.freedesktop.portal.Desktop
# Also add the next line to your librewolf.local if screensharing does not work with
# the above lines (depends on the portal implementation).
#ignore noroot
ignore apparmor
ignore dbus-user none

# Redirect
include firefox-common.profile

Expected behavior

This fairly involved custom setup was necessary on my side to properly sandbox an AppImage-based browser, and correctly import $gnome_schema variables. Indeed, the AppImage-based browser runs perfectly, and correctly imports system themes with this setup (While, without utilizing the dbus-launch gsettings-based schemes, it would absolutely not import custom theming), while otherwise appearing to be properly firejailed. However...

Actual behavior

...It appears that, although the AppImage-based browser runs fine, and is properly terminated by the sway WM (Default keys Super + Shift + Q, depending on sway config, thus I remark that the AppImage-based browser is closed-down by the WM), child processes presumably spawned by the dbus-launch gsettings commands to remain lingering after the sandbox has been closed.

In fact:

syslog reports the following:

2023-07-11T11:34:26.64089 daemon.info: Jul 11 13:34:26 dbus-daemon[2576]: [session uid=1000 pid=2574] Activating service name='ca.desrt.dconf' requested by ':1.0' (uid=1000 pid=2572 comm="gsettings set org.gnome.desktop.interface gtk-them")

2023-07-11T11:34:26.64297 daemon.info: Jul 11 13:34:26 dbus-daemon[2576]: [session uid=1000 pid=2574] Successfully activated service 'ca.desrt.dconf'

2023-07-11T11:34:26.64899 daemon.info: Jul 11 13:34:26 dbus-daemon[2590]: [session uid=1000 pid=2588] Activating service name='ca.desrt.dconf' requested by ':1.0' (uid=1000 pid=2586 comm="gsettings set org.gnome.desktop.interface icon-the")

2023-07-11T11:34:26.65153 daemon.info: Jul 11 13:34:26 dbus-daemon[2590]: [session uid=1000 pid=2588] Successfully activated service 'ca.desrt.dconf'

2023-07-11T11:34:26.65867 daemon.info: Jul 11 13:34:26 dbus-daemon[2604]: [session uid=1000 pid=2602] Activating service name='ca.desrt.dconf' requested by ':1.0' (uid=1000 pid=2600 comm="gsettings set org.gnome.desktop.interface cursor-t")

2023-07-11T11:34:26.66170 daemon.info: Jul 11 13:34:26 dbus-daemon[2604]: [session uid=1000 pid=2602] Successfully activated service 'ca.desrt.dconf'

2023-07-11T11:34:26.67066 daemon.info: Jul 11 13:34:26 dbus-daemon[2618]: [session uid=1000 pid=2616] Activating service name='ca.desrt.dconf' requested by ':1.0' (uid=1000 pid=2614 comm="gsettings set org.gnome.desktop.interface font-nam")

2023-07-11T11:34:26.67510 daemon.info: Jul 11 13:34:26 dbus-daemon[2618]: [session uid=1000 pid=2616] Successfully activated service 'ca.desrt.dconf'

2023-07-11T11:34:26.73120 kern.info: [  237.206014] loop0: detected capacity change from 0 to 210994
2023-07-11T11:34:26.73910 kern.info: [  237.213648] loop0: detected capacity change from 210994 to 210616
2023-07-11T11:34:26.74713 kern.info: [  237.222142] squashfs: version 4.0 (2009/01/31) Phillip Lougher

2023-07-11T11:35:03.74315 daemon.info: Jul 11 13:35:03 dbus-daemon[3116]: [session uid=1000 pid=3114] Activating service name='ca.desrt.dconf' requested by ':1.0' (uid=1000 pid=3112 comm="gsettings set org.gnome.desktop.interface gtk-them")

2023-07-11T11:35:03.74552 daemon.info: Jul 11 13:35:03 dbus-daemon[3116]: [session uid=1000 pid=3114] Successfully activated service 'ca.desrt.dconf'

It never however reports on those dbus-daemon being terminated. Also:

pstree:

      ├─sh───librewolf_firej───firejail─┬─0───2*[{0}]
      │                                 └─firejail───librewolf─┬─Isolated Web Co───23*[{Isolated Web Co}]
      │                                                        ├─Isolated Web Co───22*[{Isolated Web Co}]
      │                                                        ├─Isolated Web Co───24*[{Isolated Web Co}]
      │                                                        ├─Privileged Cont───23*[{Privileged Cont}]
      │                                                        ├─Socket Process───4*[{Socket Process}]
      │                                                        ├─Web Content───17*[{Web Content}]
      │                                                        ├─2*[Web Content───18*[{Web Content}]]
      │                                                        ├─WebExtensions───22*[{WebExtensions}]
      │                                                        ├─librewolf
      │                                                        └─117*[{librewolf}]

Those dbus-daemon are not visible on pstree. And also:

firejail --list:

4486:username::firejail --appimage --apparmor --profile=/home/username/.local/share/applications/LibreWolf_Firejailed/librewolf_firejailed.profile /home/username/.bin/LibreWolf.x86_64.AppImage

Indeed, firejail --list does not list such dbus-daemon.

ps auxf, however:

username       2576  0.0  0.0   3240  1840 ?        Ss   13:34   0:00 /usr/bin/dbus-daemon --syslog --fork --print-pid 5 --print-address 7 --session

username       2582  0.0  0.0 229032  4252 ?        Sl   13:34   0:00 /usr/libexec/dconf-service

username       2590  0.0  0.0   3240  1780 ?        Ss   13:34   0:00 /usr/bin/dbus-daemon --syslog --fork --print-pid 5 --print-address 7 --session

username       2596  0.0  0.0 229032  4160 ?        Sl   13:34   0:00 /usr/libexec/dconf-service

username       2604  0.0  0.0   3240  1932 ?        Ss   13:34   0:00 /usr/bin/dbus-daemon --syslog --fork --print-pid 5 --print-address 7 --session

username       2610  0.0  0.0 229032  4308 ?        Sl   13:34   0:00 /usr/libexec/dconf-service

username       2618  0.0  0.0   3240  1800 ?        Ss   13:34   0:00 /usr/bin/dbus-daemon --syslog --fork --print-pid 5 --print-address 7 --session

username       2624  0.0  0.0 229032  4204 ?        Sl   13:34   0:00 /usr/libexec/dconf-service

username       3116  0.0  0.0   3240  1776 ?        Ss   13:35   0:00 /usr/bin/dbus-daemon --syslog --fork --print-pid 5 --print-address 7 --session

username       3122  0.0  0.0 229032  4208 ?        Sl   13:35   0:00 /usr/libexec/dconf-service

username       3130  0.0  0.0   3240  1848 ?        Ss   13:35   0:00 /usr/bin/dbus-daemon --syslog --fork --print-pid 5 --print-address 7 --session

username       3136  0.0  0.0 229032  4320 ?        Sl   13:35   0:00 /usr/libexec/dconf-service

username       3144  0.0  0.0   3240  1856 ?        Ss   13:35   0:00 /usr/bin/dbus-daemon --syslog --fork --print-pid 5 --print-address 7 --session

username       3150  0.0  0.0 229032  4296 ?        Sl   13:35   0:00 /usr/libexec/dconf-service

username       3158  0.0  0.0   3240  1764 ?        Ss   13:35   0:00 /usr/bin/dbus-daemon --syslog --fork --print-pid 5 --print-address 7 --session

username       3164  0.0  0.0 229032  4324 ?        Sl   13:35   0:00 /usr/libexec/dconf-service

username       4416  0.0  0.0   2612   924 ?        S    13:37   0:00 sh -c $HOME/.local/share/applications/LibreWolf_Firejailed/librewolf_firejailed.sh

username       4417  0.0  0.0   2612   952 ?        S    13:37   0:00  \_ /bin/sh /home/username/.local/share/applications/LibreWolf_Firejailed/librewolf_firejailed.sh

username       4486  0.0  0.0   4348  2572 ?        S    13:37   0:00      \_ firejail --appimage --apparmor --profile=/home/username/.local/share/applications/LibreWolf_Firejailed/librewolf_firejailed.profile /home/username/.bi

username       4487  0.0  0.0 229012  4340 ?        Sl   13:37   0:00          \_ /usr/bin/xdg-dbus-proxy --fd=4 --args=5

username       4490  0.0  0.0   4360  2256 ?        S    13:37   0:00          \_ firejail --appimage --apparmor --profile=/home/username/.local/share/applications/LibreWolf_Firejailed/librewolf_firejailed.profile /home/username

username       4496  9.7  3.9 11977704 648244 ?     Sl   13:37   6:03              \_ librewolf

username       4605  0.0  0.2 209736 36180 ?        Sl   13:37   0:00                  \_ /run/firejail/appimage/librewolf -contentproc -parentBuildID 20230419103845 -prefsLen 23634 -prefMapSize 232816 -appDir /run/fir

username       4649  0.0  0.6 2527800 98696 ?       Sl   13:37   0:00                  \_ /run/firejail/appimage/librewolf -contentproc -childID 1 -isForBrowser -prefsLen 23775 -prefMapSize 232816 -jsInitLen 240056 -pa

username       4681  0.0  0.0      0     0 ?        Z    13:37   0:00                  \_ [librewolf] <defunct>

username       4734  0.3  1.0 19663788 166824 ?     Sl   13:37   0:11                  \_ /run/firejail/appimage/librewolf -contentproc -childID 2 -isForBrowser -prefsLen 27554 -prefMapSize 232816 -jsInitLen 240056 -pa

username       4817  5.1  1.3 2714952 226272 ?      Sl   13:37   3:11                  \_ /run/firejail/appimage/librewolf -contentproc -childID 3 -isForBrowser -prefsLen 24390 -prefMapSize 232816 -jsInitLen 240056 -pa

username       5639  0.0  1.0 2632096 173636 ?      Sl   13:44   0:02                  \_ /run/firejail/appimage/librewolf -contentproc -childID 8 -isForBrowser -prefsLen 24423 -prefMapSize 232816 -jsInitLen 240056 -pa

username       6412  0.0  0.9 2601332 159220 ?      Sl   13:49   0:01                  \_ /run/firejail/appimage/librewolf -contentproc -childID 9 -isForBrowser -prefsLen 24423 -prefMapSize 232816 -jsInitLen 240056 -pa

username       7649  0.0  0.7 2544700 121196 ?      Sl   14:02   0:00                  \_ /run/firejail/appimage/librewolf -contentproc -childID 11 -isForBrowser -prefsLen 24423 -prefMapSize 232816 -jsInitLen 240056 -p

username       7652  0.2  0.9 2589096 162544 ?      Sl   14:02   0:04                  \_ /run/firejail/appimage/librewolf -contentproc -childID 12 -isForBrowser -prefsLen 24423 -prefMapSize 232816 -jsInitLen 240056 -p

username      10325  0.0  0.4 2498420 74072 ?       Sl   14:36   0:00                  \_ /run/firejail/appimage/librewolf -contentproc -childID 15 -isForBrowser -prefsLen 24504 -prefMapSize 232816 -jsInitLen 240056 -p

username      10786  0.0  0.4 2498420 73532 ?       Sl   14:37   0:00                  \_ /run/firejail/appimage/librewolf -contentproc -childID 16 -isForBrowser -prefsLen 24504 -prefMapSize 232816 -jsInitLen 240056 -p

username      10831  0.0  0.4 2498420 74176 ?       Sl   14:37   0:00                  \_ /run/firejail/appimage/librewolf -contentproc -childID 17 -isForBrowser -prefsLen 24504 -prefMapSize 232816 -jsInitLen 240056 -p

username      10865  1.3  0.7 2572676 120712 ?      Sl   14:37   0:01                  \_ /run/firejail/appimage/librewolf -contentproc -childID 18 -isForBrowser -prefsLen 28325 -prefMapSize 232816 -jsInitLen 240056 -p

username       4434  0.0  0.0   3240  1824 ?        Ss   13:37   0:00 /usr/bin/dbus-daemon --syslog --fork --print-pid 5 --print-address 7 --session

username       4440  0.0  0.0 229032  4192 ?        Sl   13:37   0:00 /usr/libexec/dconf-service

username       4448  0.0  0.0   3240  1852 ?        Ss   13:37   0:00 /usr/bin/dbus-daemon --syslog --fork --print-pid 5 --print-address 7 --session

username       4454  0.0  0.0 229032  4204 ?        Sl   13:37   0:00 /usr/libexec/dconf-service

username       4462  0.0  0.0   3240  1840 ?        Ss   13:37   0:00 /usr/bin/dbus-daemon --syslog --fork --print-pid 5 --print-address 7 --session

username       4468  0.0  0.0 229032  4172 ?        Sl   13:37   0:00 /usr/libexec/dconf-service

username       4476  0.0  0.0   3240  1816 ?        Ss   13:37   0:00 /usr/bin/dbus-daemon --syslog --fork --print-pid 5 --print-address 7 --session

username       4482  0.0  0.0 229032  4300 ?        Sl   13:37   0:00 /usr/libexec/dconf-service

username       6006  0.0  0.0   3240  1744 ?        Ss   13:47   0:00 /usr/bin/dbus-daemon --syslog --fork --print-pid 5 --print-address 7 --session

username       6012  0.0  0.0 229032  4108 ?        Sl   13:47   0:00 /usr/libexec/dconf-service

username       6020  0.0  0.0   3240  1836 ?        Ss   13:47   0:00 /usr/bin/dbus-daemon --syslog --fork --print-pid 5 --print-address 7 --session

username       6026  0.0  0.0 229032  4228 ?        Sl   13:47   0:00 /usr/libexec/dconf-service

username       6034  0.0  0.0   3240  1880 ?        Ss   13:47   0:00 /usr/bin/dbus-daemon --syslog --fork --print-pid 5 --print-address 7 --session

username       6040  0.0  0.0 229032  4308 ?        Sl   13:47   0:00 /usr/libexec/dconf-service

username       6048  0.0  0.0   3240  1804 ?        Ss   13:47   0:00 /usr/bin/dbus-daemon --syslog --fork --print-pid 5 --print-address 7 --session

username       6054  0.0  0.0 229032  4224 ?        Sl   13:47   0:00 /usr/libexec/dconf-service

Those blocks of

username       2576  0.0  0.0   3240  1840 ?        Ss   13:34   0:00 /usr/bin/dbus-daemon --syslog --fork --print-pid 5 --print-address 7 --session

username       2582  0.0  0.0 229032  4252 ?        Sl   13:34   0:00 /usr/libexec/dconf-service

remain lingering after EACH sandbox is terminated. Thus, each time the AppImage-browser is closed, a new block of those

username       2576  0.0  0.0   3240  1840 ?        Ss   13:34   0:00 /usr/bin/dbus-daemon --syslog --fork --print-pid 5 --print-address 7 --session

username       2582  0.0  0.0 229032  4252 ?        Sl   13:34   0:00 /usr/libexec/dconf-service

is spawned, and remains lingering until system shut-off, or manual termination.

It is even easier to locate such blocks with htop, but unfortunately pasting htop output is fairly difficult.

Behavior without a profile

Not applicable here.

Additional context

Not sure. The above wall of text should be fairly self-evident. This is an edge case, after all, and largely depends upon usage of dbus-launch gsettings, which is however necessary on nonsystemd distros to ensure that GTK custom theming "sticks".

It should also be noted that sway DM also launches its own scheme of

set $gnome-schema org.gnome.desktop.interface

set $gtk_theme "$(grep 'gtk-theme-name' "$config" | sed 's/.*\s*=\s*//')"
set $icon_theme "$(grep 'gtk-icon-theme-name' "$config" | sed 's/.*\s*=\s*//')"
set $cursor_theme "$(grep 'gtk-cursor-theme-name' "$config" | sed 's/.*\s*=\s*//')"
set $font_name "$(grep 'gtk-font-name' "$config" | sed 's/.*\s*=\s*//')"

exec_always {
        dbus-launch gsettings set "$gnome_schema" gtk-theme "$gtk_theme"
        dbus-launch gsettings set "$gnome_schema" icon-theme "$icon_theme"
        dbus-launch gsettings set "$gnome_schema" cursor-theme "$cursor_theme"
        dbus-launch gsettings set "$gnome_schema" font-name "$font_name"
        dbus-launch gsettings set "$gnome-schema" document-font-name "$document-font-name"
        dbus-launch gsettings set "$gnome-schema" monospace-font-name "$monospace-font-name"
}

exec_always import-gsettings \
    gtk-theme:gtk-theme-name \
    icon-theme:gtk-icon-theme-name \
    cursor-theme:gtk-cursor-theme-name \
    font-name:gtk-font-name \
    document-font-name:gtk-document-font-name \
    monospace-font-name:gtk-monospace-font-name \

Yet that is not sufficient to force sandboxed applications to import $gnome_schema variables.

Environment

Void Linux with runit as init.

firejail version 0.9.72

Compile time support:
- always force nonewprivs support is disabled
- AppArmor support is enabled
- AppImage support is enabled
- chroot support is enabled
- D-BUS proxy support is enabled
- file transfer support is enabled
- firetunnel support is disabled
- IDS support is disabled
- networking support is enabled
- output logging is enabled
- overlayfs support is disabled
- private-home support is enabled
- private-cache and tmpfs as user enabled
- SELinux support is disabled
- user namespace support is enabled
- X11 sandboxing support is enabled

Checklist

• [ X] The issues is caused by firejail (Indeed, none of this happens without firejail, since there would never be any use of the dbus-launch gsettings workaround).
• [ X] I have performed a short search for similar issues (to avoid opening a duplicate). I however presume this case to be more involved.
• [ X] I used --profile=PROFILENAME to set the right profile. (Only relevant for AppImages). Indeed I have, and you can read for yourself the contents of such a custom profile above.

Log

Logs are provided above, this is an edge case. I can perform more tests if necessary.

[TeusLollo]

These are possibly relevant:

#3224 (comment)
#3224 (comment)

Maybe I could try something like this #3224 (comment), but to me it looks it may be better to find a native solution.

[rusty-snake]

Enable deterministic-shitutdown and try again.

[rusty-snake]

However, killing zombie processes does not help because killing them is a no-op.

Maybe runit can not collect zombie processes inside pid-namespaces or has some other bug with it?

[TeusLollo]

I just modified the script with firejail --deterministic-shutdown --appimage --apparmor --profile="$HOME/.local/share/applications/LibreWolf_Firejailed/librewolf_firejailed.profile" "$HOME/.bin/LibreWolf.x86_64.AppImage"

And no, those zombie processes still linger.

Indeed, it may be a runit bug, or something else funky going on with dbus-launch.

[TeusLollo]

Okay, I had a chat with Void Linux devs on IRC:

They say those blocks of

username       2576  0.0  0.0   3240  1840 ?        Ss   13:34   0:00 /usr/bin/dbus-daemon --syslog --fork --print-pid 5 --print-address 7 --session

username       2582  0.0  0.0 229032  4252 ?        Sl   13:34   0:00 /usr/libexec/dconf-service

Are not technically zombie processes. Indeed, since those were spawned with dbus-launch, they are expected to stay around, and would not be picked-up by the init system. Something else must be going on.

[TeusLollo]

OK, just to clarify, since the documentation isn't entirely helpful on this:

Here firejail is run from a shell script. Such a shell script launches both a custom firejail command, and other dbus-based processes.

Is this supported, or should I just close-down the issue?

[TeusLollo]

OK, some more chats have confirmed that this probably is not a firejail issue, but some degree of funkiness with either gsettings or dbus .

Closing this.

[kmk3]

It seems that, at least on non-systemd distros (Utilizing runit as init,
in my case) varying zombie processes are leftover upon sandbox termination
given interaction with dbus-launch gsettings command (Which, on
non-systemd distros, is largely necessary to properly set-up custom GTK
themes, icons, cursors, and similar) in a custom script.

Yes, systemd apparently does some dbus-related things by itself as it depends
on dbus IIRC. dbus is optional when not using systemd, so the dbus commands
have to be executed manually or by something else.

dbus-launch gsettings set "$gnome_schema" gtk-theme "$gtk_theme"
dbus-launch gsettings set "$gnome_schema" icon-theme "$icon_theme"
dbus-launch gsettings set "$gnome_schema" cursor-theme "$cursor_theme"
dbus-launch gsettings set "$gnome_schema" font-name "$font_name"

The user dbus process is indeed intended to stay around, but it's usually only
one process and it is usually started with the user session.

What happens if dbus-launch is executed in the sway config and then (after a
reboot) you just call gsettings by itself?

See for example:

• https://wiki.archlinux.org/title/Init#Dbus

And the following file, which is provided by dbus-runit on Artix:

• /etc/X11/xinit/xinitrc.d/80-dbus.sh

#!/bin/sh

# launches a session dbus instance

dbuslaunch="$(command -v dbus-launch)"
if [ -n "$dbuslaunch" ] && [ -x "$dbuslaunch" ] && [ -z "$DBUS_SESSION_BUS_ADDRESS" ]; then
    if [ -n "$command" ]; then
        command="$dbuslaunch --exit-with-session $command"
    else
        eval " $($dbuslaunch --sh-syntax --exit-with-session)"
    fi
fi

Maybe Void has something similar.

[TeusLollo]

dbus-launch gsettings set "$gnome_schema" gtk-theme "$gtk_theme"
dbus-launch gsettings set "$gnome_schema" icon-theme "$icon_theme"
dbus-launch gsettings set "$gnome_schema" cursor-theme "$cursor_theme"
dbus-launch gsettings set "$gnome_schema" font-name "$font_name"

Upon more testing, I have confirmed that, in fact I have no need (Anymore, at least) to use dbus-launch gsettings, yet, back when I first set-up my config file, it actually was necessary (For some reason, maybe it was because GTK3 was still so unstable? It was back when each version was breaking something...)

In every case, it is better to dismiss such an heavy usage of dbus-launch, given how it can cause system instabilities, and considered also that old sourcing rules still apply to shell scripts, even when involving dbus, which can cause myriads of troublesome scenarios.

Indeed, I have discovered that sway does not even need to be run with dbus-run-session, although it's in some cases preferable.

In every case, Void devs have promised to eventually clarify this matter, and their preferred method of setting-up window managers, on their own handbook, thus the matter should eventually be cleared.

Thanks for your help.