From: Adrian Szyndela Date: Wed, 5 Feb 2020 11:35:36 +0000 (+0100) Subject: Merge v234 into tizen X-Git-Tag: submit/tizen/20200402.112550^2~74 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=1e973517ac2be38d1695dd686a3e5a8558faf9ab;p=platform%2Fupstream%2Fsystemd.git Merge v234 into tizen Change-Id: If676fe909a40eadc60ee5ff023abe4ee2c64b44e --- 1e973517ac2be38d1695dd686a3e5a8558faf9ab diff --cc .gitignore index 9306ae6,8c4331e..fd9bef4 --- a/.gitignore +++ b/.gitignore @@@ -1,3 -1,326 +1,328 @@@ +cscope.files +cscope.out - tags + *.a + *.cache + *.gch + *.la + *.lo + *.log + *.o + *.plist + *.stamp + *.swp + *.trs + *~ + .config.args + .deps/ + .dirstamp + .libs/ + /*.gcda + /*.gcno + /*.tar.bz2 + /*.tar.gz + /*.tar.xz + /30-systemd-environment-d-generator + /GPATH + /GRTAGS + /GSYMS + /GTAGS + /Makefile + /TAGS + /ata_id + /bootctl + /build* + /busctl + /cdrom_id + /collect + /coredumpctl + /coverage/ + /defined + /exported + /exported-* + /hostnamectl + /image.raw + /install-tree + /journalctl + /libtool + /linuxx64.efi.stub + /localectl + /loginctl + /machinectl + /mtd_probe + /networkctl + /scsi_id + /systemctl + /systemd + /systemd-ac-power + /systemd-analyze + /systemd-ask-password + /systemd-backlight + /systemd-binfmt + /systemd-bootx64.efi + /systemd-cat + /systemd-cgls + /systemd-cgroups-agent + /systemd-cgtop + /systemd-coredump + /systemd-cryptsetup + /systemd-cryptsetup-generator + /systemd-dbus1-generator + /systemd-debug-generator + /systemd-delta + /systemd-detect-virt + /systemd-dissect + /systemd-escape + /systemd-export + /systemd-firstboot + /systemd-fsck + /systemd-fstab-generator + /systemd-getty-generator + /systemd-gpt-auto-generator + /systemd-hibernate-resume + /systemd-hibernate-resume-generator + /systemd-hostnamed + /systemd-hwdb + /systemd-import + /systemd-importd + /systemd-inhibit + /systemd-initctl + /systemd-journal-gatewayd + /systemd-journal-remote + /systemd-journal-upload + /systemd-journald + /systemd-localed + /systemd-logind + /systemd-machine-id-setup + /systemd-machined + /systemd-modules-load + /systemd-mount + /systemd-networkd + /systemd-networkd-wait-online + /systemd-notify + /systemd-nspawn + /systemd-path + /systemd-pull + /systemd-quotacheck + /systemd-random-seed + /systemd-rc-local-generator + /systemd-remount-fs + /systemd-reply-password + /systemd-resolve + /systemd-resolved + /systemd-rfkill + /systemd-run + /systemd-shutdown + /systemd-sleep + /systemd-socket-activate + /systemd-socket-proxyd + /systemd-stdio-bridge + /systemd-sysctl + /systemd-system-update-generator + /systemd-sysusers + /systemd-sysv-generator + /systemd-timedated + /systemd-timesyncd + /systemd-tmpfiles + /systemd-tty-ask-password-agent + /systemd-udevd + /systemd-update-done + /systemd-update-utmp + /systemd-user-sessions + /systemd-vconsole-setup + /systemd-veritysetup + /systemd-veritysetup-generator + /systemd-volatile-root + /tags + /test-acd + /test-acl-util + /test-af-list + /test-alloc-util + /test-architecture + /test-arphrd-list + /test-ask-password-api + /test-async + /test-audit-type + /test-barrier + /test-bitmap + /test-boot-timestamps + /test-btrfs + /test-bus-benchmark + /test-bus-chat + /test-bus-cleanup + /test-bus-creds + /test-bus-error + /test-bus-gvariant + /test-bus-introspect + /test-bus-kernel + /test-bus-kernel-bloom + /test-bus-marshal + /test-bus-match + /test-bus-objects + /test-bus-policy + /test-bus-server + /test-bus-signature + /test-bus-track + /test-bus-vtable + /test-bus-vtable-cc + /test-bus-zero-copy + /test-calendarspec + /test-cap-list + /test-capability + /test-catalog + /test-cgroup + /test-cgroup-mask + /test-cgroup-util + /test-clock + /test-compress + /test-compress-benchmark + /test-condition + /test-conf-files + /test-conf-parser + /test-copy + /test-coredump-vacuum + /test-cpu-set-util + /test-daemon + /test-date + /test-device-nodes + /test-dnssec-complex + /test-dhcp-client + /test-dhcp-option + /test-dhcp-server + /test-dhcp6-client + /test-dissect-image + /test-dns-domain + /test-dns-packet + /test-dnssec + /test-efi-disk.img + /test-ellipsize + /test-engine + /test-env-util + /test-escape + /test-event + /test-exec-util + /test-execute + /test-extract-word + /test-fd-util + /test-fdset + /test-fileio + /test-firewall-util + /test-fs-util + /test-fstab-util + /test-glob-util + /test-hash + /test-hashmap + /test-hexdecoct + /test-hostname + /test-hostname-util + /test-id128 + /test-inhibit + /test-install + /test-install-root + /test-io-util + /test-ipcrm + /test-ipv4ll + /test-ipv4ll-manual + /test-job-type + /test-journal + /test-journal-enum + /test-journal-flush + /test-journal-importer + /test-journal-init + /test-journal-interleaving + /test-journal-match + /test-journal-send + /test-journal-stream + /test-journal-syslog + /test-journal-verify + /test-keymap-util + /test-libsystemd-sym* + /test-libudev + /test-libudev-sym* + /test-list + /test-lldp + /test-local-addresses + /test-locale-util + /test-log + /test-login + /test-login-shared + /test-login-tables + /test-loopback + /test-machine-tables + /test-mmap-cache + /test-mount-util + /test-namespace + /test-ndisc-rs + /test-netlink + /test-netlink-manual + /test-networkd-conf + /test-network + /test-network-tables + /test-ns + /test-nss + /test-parse-util + /test-patch-uid + /test-path + /test-path-lookup + /test-path-util + /test-prioq + /test-proc-cmdline + /test-process-util + /test-pty + /test-qcow2 + /test-random-util + /test-ratelimit + /test-replace-var + /test-resolve + /test-resolve-tables + /test-resolved-packet + /test-ring + /test-rlimit-util + /test-sched-prio + /test-sd-dhcp-lease + /test-seccomp + /test-selinux + /test-set + /test-sizeof + /test-sigbus + /test-signal-util + /test-siphash24 + /test-sleep + /test-socket-util + /test-stat-util + /test-strbuf + /test-string-util + /test-strip-tab-ansi + /test-strv + /test-strxcpyx + /test-tables + /test-terminal-util + /test-time + /test-timesync + /test-tmpfiles + /test-udev + /test-uid-range + /test-unaligned + /test-unit-file + /test-unit-name + /test-user-util + /test-utf8 + /test-util + /test-verbs + /test-watchdog + /test-web-util + /test-xattr-util + /test-xml + /timedatectl + /udevadm + /undefined + /v4l_id + Makefile.in + __pycache__/ + *.py[co] + aclocal.m4 + config.h + config.h.in + config.log + config.status + configure + stamp-* diff --cc Makefile.am index cbc6292,c16e622..f90f9be --- a/Makefile.am +++ b/Makefile.am @@@ -267,9 -269,10 +269,11 @@@ INSTALL_DIRS SHUTDOWN_TARGET_WANTS = LOCAL_FS_TARGET_WANTS = + REMOTE_FS_TARGET_WANTS = MULTI_USER_TARGET_WANTS = GRAPHICAL_TARGET_WANTS = +DELAYED_TARGET_WANTS= + MACHINES_TARGET_WANTS = RESCUE_TARGET_WANTS = SYSINIT_TARGET_WANTS = SOCKETS_TARGET_WANTS = @@@ -287,9 -289,10 +291,11 @@@ GENERAL_ALIASES install-target-wants-hook: what="$(SHUTDOWN_TARGET_WANTS)" && wants=shutdown.target && dir=$(systemunitdir) && $(add-wants) what="$(LOCAL_FS_TARGET_WANTS)" && wants=local-fs.target && dir=$(systemunitdir) && $(add-wants) + what="$(REMOTE_FS_TARGET_WANTS)" && wants=remote-fs.target && dir=$(systemunitdir) && $(add-wants) + what="$(MACHINES_TARGET_WANTS)" && wants=machines.target && dir=$(systemunitdir) && $(add-wants) what="$(MULTI_USER_TARGET_WANTS)" && wants=multi-user.target && dir=$(systemunitdir) && $(add-wants) what="$(GRAPHICAL_TARGET_WANTS)" && wants=graphical.target && dir=$(systemunitdir) && $(add-wants) + what="$(DELAYED_TARGET_WANTS)" && wants=delayed.target && dir=$(systemunitdir) && $(add-wants) what="$(RESCUE_TARGET_WANTS)" && wants=rescue.target && dir=$(systemunitdir) && $(add-wants) what="$(SYSINIT_TARGET_WANTS)" && wants=sysinit.target && dir=$(systemunitdir) && $(add-wants) what="$(SOCKETS_TARGET_WANTS)" && wants=sockets.target && dir=$(systemunitdir) && $(add-wants) @@@ -517,9 -543,9 +547,8 @@@ dist_systemunit_DATA = units/sys-kernel-debug.mount \ units/sys-fs-fuse-connections.mount \ units/tmp.mount \ - units/var-lib-machines.mount \ units/printer.target \ units/sound.target \ - units/bluetooth.target \ units/smartcard.target \ units/systemd-ask-password-wall.path \ units/systemd-ask-password-console.path \ @@@ -532,21 -558,6 +561,27 @@@ dist_systemunit_DATA += \ $(dist_systemunit_DATA_busnames) +dist_systemunit_DATA += \ + units/delayed.target \ + units/booting-done.service \ + units/system-delayed-target-trigger.service \ + units/system-default-target-done.service \ + units/system-delayed-target-done.service + ++EXTRA_DIST += \ ++ units/booting-done.service.in \ ++ units/system-delayed-target-done.service.in \ ++ units/system-delayed-target-trigger.service.in \ ++ units/system-default-target-done.service.in ++ +GRAPHICAL_TARGET_WANTS += \ + system-delayed-target-trigger.service \ + system-default-target-done.service + +DELAYED_TARGET_WANTS += \ + booting-done.service \ + system-delayed-target-done.service + dist_systemunit_DATA_busnames += \ units/busnames.target @@@ -594,21 -606,19 +630,32 @@@ endi dist_userunit_DATA = \ units/user/basic.target \ units/user/default.target \ - units/user/exit.target + units/user/exit.target \ + units/user/graphical-session.target \ + units/user/graphical-session-pre.target \ + units/user/bluetooth.target \ + units/user/busnames.target \ + units/user/paths.target \ + units/user/printer.target \ + units/user/shutdown.target \ + units/user/smartcard.target \ + units/user/sockets.target \ + units/user/sound.target \ + units/user/timers.target +dist_userunit_DATA += \ + units/user/delayed.target \ + units/user/user-delayed-target-trigger.service \ + units/user/user-default-target-done.service \ + units/user/user-delayed-target-done.service + +USER_DEFAULT_TARGET_WANTS += \ + user-delayed-target-trigger.service \ + user-default-target-done.service + +USER_DELAYED_TARGET_WANTS += \ + user-delayed-target-done.service + nodist_userunit_DATA = \ units/user/systemd-exit.service @@@ -1871,9 -1962,20 +1999,21 @@@ test_util_SOURCES = src/test/test-util.c test_util_LDADD = \ + libsystemd-internal.la \ libsystemd-shared.la + test_mount_util_SOURCES = \ + src/test/test-mount-util.c + + test_mount_util_LDADD = \ + libsystemd-shared.la + + test_exec_util_SOURCES = \ + src/test/test-exec-util.c + + test_exec_util_LDADD = \ + libsystemd-shared.la + test_hexdecoct_SOURCES = \ src/test/test-hexdecoct.c @@@ -3729,13 -3894,9 +3949,14 @@@ dist_udevrules_DATA += rules/80-net-setup-link.rules nodist_udevrules_DATA += \ + rules/50-udev-default.rules \ rules/99-systemd.rules +if HAVE_SMACK +dist_udevrules_DATA += \ + rules/55-udev-smack-default.rules +endif + udevconfdir = $(sysconfdir)/udev dist_udevconf_DATA = \ src/udev/udev.conf diff --cc TODO index 3d1239f,61efa5e..0b96d40 --- a/TODO +++ b/TODO @@@ -95,12 -214,8 +214,10 @@@ Features * cache sd_event_now() result from before the first iteration... +* remove Capabilities=, after all AmbientCapabilities= and CapabilityBoundingSet= should be enough. + * add systemctl stop --job-mode=triggering that follows TRIGGERED_BY deps and adds them to the same transaction - * Maybe add a way how users can "pin" units into memory, so that they are not subject to automatic GC? - * PID1: find a way how we can reload unit file configuration for specific units only, without reloading the whole of systemd diff --cc autogen.sh index 3a06958,1897e23..21ff4aa --- a/autogen.sh +++ b/autogen.sh @@@ -52,22 -60,28 +60,28 @@@ args="$args " fi + args="$args $@" cd $oldpwd - if [ "x$1" = "xc" ]; then + if [ "$verb" = "c" ]; then + set -x - $topdir/configure CFLAGS='-g -O0 -ftrapv' $args + $topdir/configure CFLAGS='-g -O0 -ftrapv' --enable-kdbus $args - make clean - elif [ "x$1" = "xg" ]; then + make clean >/dev/null + elif [ "$verb" = "g" ]; then + set -x - $topdir/configure CFLAGS='-g -Og -ftrapv' $args + $topdir/configure CFLAGS='-g -Og -ftrapv' --enable-kdbus $args - make clean - elif [ "x$1" = "xa" ]; then + make clean >/dev/null + elif [ "$verb" = "a" ]; then + set -x - $topdir/configure CFLAGS='-g -O0 -Wsuggest-attribute=pure -Wsuggest-attribute=const -ftrapv' $args + $topdir/configure CFLAGS='-g -O0 -Wsuggest-attribute=pure -Wsuggest-attribute=const -ftrapv' --enable-kdbus $args - make clean - elif [ "x$1" = "xl" ]; then + make clean >/dev/null + elif [ "$verb" = "l" ]; then + set -x - $topdir/configure CC=clang CFLAGS='-g -O0 -ftrapv' $args + $topdir/configure CC=clang CFLAGS='-g -O0 -ftrapv' --enable-kdbus $args - make clean - elif [ "x$1" = "xs" ]; then + make clean >/dev/null + elif [ "$verb" = "s" ]; then + set -x - scan-build $topdir/configure CFLAGS='-std=gnu99 -g -O0 -ftrapv' $args + scan-build $topdir/configure CFLAGS='-std=gnu99 -g -O0 -ftrapv' --enable-kdbus $args scan-build make else echo diff --cc configure.ac index 69c0fd6,c7537aa..8455271 --- a/configure.ac +++ b/configure.ac @@@ -1289,19 -1452,9 +1453,19 @@@ AC_ARG_WITH(tpm-pcrindex AC_DEFINE_UNQUOTED(SD_TPM_PCR, [$SD_TPM_PCR], [TPM PCR register number to use]) # ------------------------------------------------------------------------------ +have_kdbus=no +AC_ARG_ENABLE(kdbus, AS_HELP_STRING([--disable-kdbus], [do not connect to kdbus by default])) +if test "x$enable_kdbus" != "xno"; then + AC_DEFINE(ENABLE_KDBUS, 1, [Define if kdbus is to be connected to by default]) + have_kdbus=yes + M4_DEFINES="$M4_DEFINES -DENABLE_KDBUS" +fi +AM_CONDITIONAL(ENABLE_KDBUS, [test "$have_kdbus" = "yes"]) + +# ------------------------------------------------------------------------------ AC_ARG_WITH(rc-local-script-path-start, AS_HELP_STRING([--with-rc-local-script-path-start=PATH], - [Path to /etc/rc.local]), + [path to /etc/rc.local]), [RC_LOCAL_SCRIPT_PATH_START="$withval"], [RC_LOCAL_SCRIPT_PATH_START="/etc/rc.local"]) @@@ -1384,22 -1537,8 +1548,22 @@@ AS_IF([test "x$enable_manpages" != xno] AM_CONDITIONAL(ENABLE_MANPAGES, [test "x$have_manpages" = "xyes"]) # ------------------------------------------------------------------------------ +journald_kmsg=no +AC_ARG_ENABLE(journald-kmsg, AS_HELP_STRING([--disable-journald-kmsg], [Disable journald kmsg]), + [case "${enableval}" in + yes) journald-kmsg=yes ;; + no) journald-kmsg=no ;; + *) AC_MSG_ERROR(bad value ${enableval} for --disable-journald-kmsg) ;; + esac], + [journald_kmsg=no]) + +if test "x${journald_kmsg}" != xno; then + AC_DEFINE(TIZEN_JOURNALD_KMSG, 1, [Define if journald kmsg is on]) +fi + +# ------------------------------------------------------------------------------ AC_ARG_ENABLE(hibernate, - [AC_HELP_STRING([--disable-hibernate], [disable hibernation support])], + [AS_HELP_STRING([--disable-hibernate], [disable hibernation support])], enable_hibernate=$enableval, enable_hibernate=yes) AM_CONDITIONAL(ENABLE_HIBERNATE, [test x$enable_hibernate = xyes]) diff --cc meson.build index 0000000,20b27c8..fba442e mode 000000,100644..100644 --- a/meson.build +++ b/meson.build @@@ -1,0 -1,2528 +1,2542 @@@ + project('systemd', 'c', + version : '234', + license : 'LGPLv2+', + default_options: [ + 'c_std=gnu99', + 'prefix=/usr', + 'sysconfdir=/etc', + 'localstatedir=/var', + ], + meson_version : '>= 0.40', + ) + + # We need the same data in three different formats, ugh! + # Also, for hysterical reasons, we use different variable + # names, sometimes. Not all variables are included in every + # set. Ugh, ugh, ugh! + conf = configuration_data() + conf.set_quoted('PACKAGE_STRING', meson.project_name() + ' ' + meson.project_version()) + conf.set_quoted('PACKAGE_VERSION', meson.project_version()) + + substs = configuration_data() + substs.set('PACKAGE_URL', 'https://www.freedesktop.org/wiki/Software/systemd') + substs.set('PACKAGE_VERSION', meson.project_version()) + + m4_defines = [] + + ##################################################################### + + rootprefixdir = get_option('rootprefix') + if get_option('split-usr') + conf.set('HAVE_SPLIT_USR', true) + rootprefixdir = rootprefixdir != '' ? rootprefixdir : '/' + else + rootprefixdir = rootprefixdir != '' ? rootprefixdir : '/usr' + endif + + sysvinit_path = get_option('sysvinit-path') + sysvrcnd_path = get_option('sysvrcnd-path') + if sysvinit_path != '' or sysvrcnd_path != '' + conf.set('HAVE_SYSV_COMPAT', true, + description : 'SysV init scripts and rcN.d links are supported') + m4_defines += ['-DHAVE_SYSV_COMPAT'] + endif + + # join_paths ignore the preceding arguments if an absolute component is + # encountered, so this should canonicalize various paths when they are + # absolute or relative. + prefixdir = get_option('prefix') + if not prefixdir.startswith('/') + error('Prefix is not absolute: "@0@"'.format(prefixdir)) + endif + bindir = join_paths(prefixdir, get_option('bindir')) + libdir = join_paths(prefixdir, get_option('libdir')) + sysconfdir = join_paths(prefixdir, get_option('sysconfdir')) + includedir = join_paths(prefixdir, get_option('includedir')) + datadir = join_paths(prefixdir, get_option('datadir')) + localstatedir = join_paths('/', get_option('localstatedir')) + + rootbindir = join_paths(rootprefixdir, 'bin') + rootlibexecdir = join_paths(rootprefixdir, 'lib/systemd') + + rootlibdir = get_option('rootlibdir') + if rootlibdir == '' + rootlibdir = join_paths(rootprefixdir, libdir.split('/')[-1]) + endif + + # Dirs of external packages + pkgconfigdatadir = join_paths(datadir, 'pkgconfig') + pkgconfiglibdir = join_paths(libdir, 'pkgconfig') + polkitpolicydir = join_paths(datadir, 'polkit-1/actions') + polkitrulesdir = join_paths(datadir, 'polkit-1/rules.d') + polkitpkladir = join_paths(localstatedir, 'lib/polkit-1/localauthority/10-vendor.d') + varlogdir = join_paths(localstatedir, 'log') + xinitrcdir = join_paths(sysconfdir, 'X11/xinit/xinitrc.d') + rpmmacrosdir = get_option('rpmmacrosdir') + + # Our own paths + pkgdatadir = join_paths(datadir, 'systemd') + environmentdir = join_paths(prefixdir, 'lib/environment.d') + pkgsysconfdir = join_paths(sysconfdir, 'systemd') + userunitdir = join_paths(prefixdir, 'lib/systemd/user') + userpresetdir = join_paths(prefixdir, 'lib/systemd/user-preset') + tmpfilesdir = join_paths(prefixdir, 'lib/tmpfiles.d') + sysusersdir = join_paths(prefixdir, 'lib/sysusers.d') + sysctldir = join_paths(prefixdir, 'lib/sysctl.d') + binfmtdir = join_paths(prefixdir, 'lib/binfmt.d') + modulesloaddir = join_paths(prefixdir, 'lib/modules-load.d') + networkdir = join_paths(rootprefixdir, 'lib/systemd/network') + pkgincludedir = join_paths(includedir, 'systemd') + systemgeneratordir = join_paths(rootlibexecdir, 'system-generators') + usergeneratordir = join_paths(prefixdir, 'lib/systemd/user-generators') + systemenvgeneratordir = join_paths(prefixdir, 'lib/systemd/system-environment-generators') + userenvgeneratordir = join_paths(prefixdir, 'lib/systemd/user-environment-generators') + systemshutdowndir = join_paths(rootlibexecdir, 'system-shutdown') + systemsleepdir = join_paths(rootlibexecdir, 'system-sleep') + systemunitdir = join_paths(rootprefixdir, 'lib/systemd/system') + systempresetdir = join_paths(rootprefixdir, 'lib/systemd/system-preset') + udevlibexecdir = join_paths(rootprefixdir, 'lib/udev') + udevhomedir = udevlibexecdir + udevrulesdir = join_paths(udevlibexecdir, 'rules.d') + udevhwdbdir = join_paths(udevlibexecdir, 'hwdb.d') + catalogdir = join_paths(prefixdir, 'lib/systemd/catalog') + kernelinstalldir = join_paths(prefixdir, 'lib/kernel/install.d') + factorydir = join_paths(datadir, 'factory') + docdir = join_paths(datadir, 'doc/systemd') + bootlibdir = join_paths(prefixdir, 'lib/systemd/boot/efi') + testsdir = join_paths(prefixdir, 'lib/systemd/tests') + systemdstatedir = join_paths(localstatedir, 'lib/systemd') + catalogstatedir = join_paths(systemdstatedir, 'catalog') + randomseeddir = join_paths(localstatedir, 'lib/systemd') + + dbuspolicydir = get_option('dbuspolicydir') + if dbuspolicydir == '' + dbuspolicydir = join_paths(datadir, 'dbus-1/system.d') + endif + + dbussessionservicedir = get_option('dbussessionservicedir') + if dbussessionservicedir == '' + dbussessionservicedir = join_paths(datadir, 'dbus-1/services') + endif + + dbussystemservicedir = get_option('dbussystemservicedir') + if dbussystemservicedir == '' + dbussystemservicedir = join_paths(datadir, 'dbus-1/system-services') + endif + + pamlibdir = get_option('pamlibdir') + if pamlibdir == '' + pamlibdir = join_paths(rootlibdir, 'security') + endif + + pamconfdir = get_option('pamconfdir') + if pamconfdir == '' + pamconfdir = join_paths(sysconfdir, 'pam.d') + endif + + conf.set_quoted('PKGSYSCONFDIR', pkgsysconfdir) + conf.set_quoted('SYSTEM_CONFIG_UNIT_PATH', join_paths(pkgsysconfdir, 'system')) + conf.set_quoted('SYSTEM_DATA_UNIT_PATH', systemunitdir) + conf.set_quoted('SYSTEM_SYSVINIT_PATH', sysvinit_path) + conf.set_quoted('SYSTEM_SYSVRCND_PATH', sysvrcnd_path) + conf.set_quoted('RC_LOCAL_SCRIPT_PATH_START', get_option('rc-local')) + conf.set_quoted('RC_LOCAL_SCRIPT_PATH_STOP', get_option('halt-local')) + conf.set_quoted('USER_CONFIG_UNIT_PATH', join_paths(pkgsysconfdir, 'user')) + conf.set_quoted('USER_DATA_UNIT_PATH', userunitdir) + conf.set_quoted('CERTIFICATE_ROOT', get_option('certificate-root')) + conf.set_quoted('CATALOG_DATABASE', join_paths(catalogstatedir, 'database')) + conf.set_quoted('SYSTEMD_CGROUP_AGENT_PATH', join_paths(rootlibexecdir, 'systemd-cgroups-agent')) + conf.set_quoted('SYSTEMD_BINARY_PATH', join_paths(rootlibexecdir, 'systemd')) + conf.set_quoted('SYSTEMD_FSCK_PATH', join_paths(rootlibexecdir, 'systemd-fsck')) + conf.set_quoted('SYSTEMD_SHUTDOWN_BINARY_PATH', join_paths(rootlibexecdir, 'systemd-shutdown')) + conf.set_quoted('SYSTEMD_SLEEP_BINARY_PATH', join_paths(rootlibexecdir, 'systemd-sleep')) + conf.set_quoted('SYSTEMCTL_BINARY_PATH', join_paths(rootbindir, 'systemctl')) + conf.set_quoted('SYSTEMD_TTY_ASK_PASSWORD_AGENT_BINARY_PATH', join_paths(rootbindir, 'systemd-tty-ask-password-agent')) + conf.set_quoted('SYSTEMD_STDIO_BRIDGE_BINARY_PATH', join_paths(bindir, 'systemd-stdio-bridge')) + conf.set_quoted('ROOTPREFIX', rootprefixdir) + conf.set_quoted('RANDOM_SEED_DIR', randomseeddir) + conf.set_quoted('RANDOM_SEED', join_paths(randomseeddir, 'random-seed')) + conf.set_quoted('SYSTEMD_CRYPTSETUP_PATH', join_paths(rootlibexecdir, 'systemd-cryptsetup')) + conf.set_quoted('SYSTEM_GENERATOR_PATH', systemgeneratordir) + conf.set_quoted('USER_GENERATOR_PATH', usergeneratordir) + conf.set_quoted('SYSTEM_ENV_GENERATOR_PATH', systemenvgeneratordir) + conf.set_quoted('USER_ENV_GENERATOR_PATH', userenvgeneratordir) + conf.set_quoted('SYSTEM_SHUTDOWN_PATH', systemshutdowndir) + conf.set_quoted('SYSTEM_SLEEP_PATH', systemsleepdir) + conf.set_quoted('SYSTEMD_KBD_MODEL_MAP', join_paths(pkgdatadir, 'kbd-model-map')) + conf.set_quoted('SYSTEMD_LANGUAGE_FALLBACK_MAP', join_paths(pkgdatadir, 'language-fallback-map')) + conf.set_quoted('UDEVLIBEXECDIR', udevlibexecdir) + conf.set_quoted('POLKIT_AGENT_BINARY_PATH', join_paths(bindir, 'pkttyagent')) + conf.set_quoted('LIBDIR', libdir) + conf.set_quoted('ROOTLIBDIR', rootlibdir) + conf.set_quoted('ROOTLIBEXECDIR', rootlibexecdir) + conf.set_quoted('BOOTLIBDIR', bootlibdir) + conf.set_quoted('SYSTEMD_PULL_PATH', join_paths(rootlibexecdir, 'systemd-pull')) + conf.set_quoted('SYSTEMD_IMPORT_PATH', join_paths(rootlibexecdir, 'systemd-import')) + conf.set_quoted('SYSTEMD_EXPORT_PATH', join_paths(rootlibexecdir, 'systemd-export')) + conf.set_quoted('VENDOR_KEYRING_PATH', join_paths(rootlibexecdir, 'import-pubring.gpg')) + conf.set_quoted('USER_KEYRING_PATH', join_paths(pkgsysconfdir, 'import-pubring.gpg')) + conf.set_quoted('DOCUMENT_ROOT', join_paths(pkgdatadir, 'gatewayd')) + + conf.set_quoted('ABS_BUILD_DIR', meson.build_root()) + conf.set_quoted('ABS_SRC_DIR', meson.source_root()) + + substs.set('prefix', prefixdir) + substs.set('exec_prefix', prefixdir) + substs.set('libdir', libdir) + substs.set('rootlibdir', rootlibdir) + substs.set('includedir', includedir) + substs.set('pkgsysconfdir', pkgsysconfdir) + substs.set('bindir', bindir) + substs.set('rootbindir', rootbindir) + substs.set('rootlibexecdir', rootlibexecdir) + substs.set('systemunitdir', systemunitdir) + substs.set('userunitdir', userunitdir) + substs.set('systempresetdir', systempresetdir) + substs.set('userpresetdir', userpresetdir) + substs.set('udevhwdbdir', udevhwdbdir) + substs.set('udevrulesdir', udevrulesdir) + substs.set('udevlibexecdir', udevlibexecdir) + substs.set('catalogdir', catalogdir) + substs.set('tmpfilesdir', tmpfilesdir) + substs.set('sysusersdir', sysusersdir) + substs.set('sysctldir', sysctldir) + substs.set('binfmtdir', binfmtdir) + substs.set('modulesloaddir', modulesloaddir) + substs.set('systemgeneratordir', systemgeneratordir) + substs.set('usergeneratordir', usergeneratordir) + substs.set('systemenvgeneratordir', systemenvgeneratordir) + substs.set('userenvgeneratordir', userenvgeneratordir) + substs.set('systemshutdowndir', systemshutdowndir) + substs.set('systemsleepdir', systemsleepdir) + substs.set('VARLOGDIR', varlogdir) + substs.set('CERTIFICATEROOT', get_option('certificate-root')) + substs.set('SYSTEMCTL', join_paths(rootbindir, 'systemctl')) + substs.set('RANDOM_SEED', join_paths(randomseeddir, 'random-seed')) + substs.set('SYSTEM_SYSVINIT_PATH', sysvinit_path) + substs.set('SYSTEM_SYSVRCND_PATH', sysvrcnd_path) + substs.set('RC_LOCAL_SCRIPT_PATH_START', get_option('rc-local')) + substs.set('RC_LOCAL_SCRIPT_PATH_STOP', get_option('halt-local')) + + ##################################################################### + + cc = meson.get_compiler('c') + pkgconfig = import('pkgconfig') + check_compilation_sh = find_program('tools/meson-check-compilation.sh') + + cxx = find_program('c++', required : false) + if cxx.found() + # Used only for tests + add_languages('cpp') + endif + + foreach arg : ['-Wextra', + '-Wundef', + '-Wlogical-op', + '-Wmissing-include-dirs', + '-Wold-style-definition', + '-Wpointer-arith', + '-Winit-self', + '-Wdeclaration-after-statement', + '-Wfloat-equal', + '-Wsuggest-attribute=noreturn', + '-Werror=missing-prototypes', + '-Werror=implicit-function-declaration', + '-Werror=missing-declarations', + '-Werror=return-type', + '-Werror=incompatible-pointer-types', + '-Werror=format=2', + '-Wstrict-prototypes', + '-Wredundant-decls', + '-Wmissing-noreturn', + '-Wshadow', + '-Wendif-labels', + '-Wstrict-aliasing=2', + '-Wwrite-strings', + '-Werror=overflow', + '-Wdate-time', + '-Wnested-externs', + '-ffast-math', + '-fno-common', + '-fdiagnostics-show-option', + '-fno-strict-aliasing', + '-fvisibility=hidden', + '-fstack-protector', + '-fstack-protector-strong', + '-fPIE', + '--param=ssp-buffer-size=4', + ] + if cc.has_argument(arg) + add_project_arguments(arg, language : 'c') + endif + endforeach + + # "negative" arguments: gcc on purpose does not return an error for "-Wno-" + # arguments, just emits a warnings. So test for the "positive" version instead. + foreach arg : ['unused-parameter', + 'missing-field-initializers', + 'unused-result', + 'format-signedness'] + if cc.has_argument('-W' + arg) + add_project_arguments('-Wno-' + arg, language : 'c') + endif + endforeach + + if cc.compiles(' + #include + #include + typedef uint64_t usec_t; + usec_t now(clockid_t clock); + int main(void) { + struct timespec now; + return 0; + } + ', name : '-Werror=shadow with local shadowing') + add_project_arguments('-Werror=shadow', language : 'c') + endif + + if cc.get_id() == 'clang' + foreach arg : ['-Wno-typedef-redefinition', + '-Wno-gnu-variable-sized-type-not-at-end', + ] + if cc.has_argument(arg, + name : '@0@ is supported'.format(arg)) + add_project_arguments(arg, language : 'c') + endif + endforeach + endif + + link_test_c = files('tools/meson-link-test.c') + + # --as-needed and --no-undefined are provided by meson by default, + # run mesonconf to see what is enabled + foreach arg : ['-Wl,-z,relro', + '-Wl,-z,now', + '-pie', + ] + + have = run_command(check_compilation_sh, + cc.cmd_array(), '-x', 'c', arg, + '-include', link_test_c).returncode() == 0 + message('Linking with @0@ supported: @1@'.format(arg, have ? 'yes' : 'no')) + if have + add_project_link_arguments(arg, language : 'c') + endif + endforeach + + if get_option('buildtype') != 'debug' + foreach arg : ['-ffunction-sections', + '-fdata-sections'] + if cc.has_argument(arg, + name : '@0@ is supported'.format(arg)) + add_project_arguments(arg, language : 'c') + endif + endforeach + + foreach arg : ['-Wl,--gc-sections'] + have = run_command(check_compilation_sh, + cc.cmd_array(), '-x', 'c', arg, + '-include', link_test_c).returncode() == 0 + message('Linking with @0@ supported: @1@'.format(arg, have ? 'yes' : 'no')) + if have + add_project_link_arguments(arg, language : 'c') + endif + endforeach + endif + + cpp = ' '.join(cc.cmd_array()) + ' -E' + + ##################################################################### + # compilation result tests + + conf.set('_GNU_SOURCE', true) + conf.set('__SANE_USERSPACE_TYPES__', true) + + conf.set('SIZEOF_PID_T', cc.sizeof('pid_t', prefix : '#include ')) + conf.set('SIZEOF_UID_T', cc.sizeof('uid_t', prefix : '#include ')) + conf.set('SIZEOF_GID_T', cc.sizeof('gid_t', prefix : '#include ')) + conf.set('SIZEOF_DEV_T', cc.sizeof('dev_t', prefix : '#include ')) + conf.set('SIZEOF_INO_T', cc.sizeof('ino_t', prefix : '#include ')) + conf.set('SIZEOF_TIME_T', cc.sizeof('time_t', prefix : '#include ')) + conf.set('SIZEOF_RLIM_T', cc.sizeof('rlim_t', prefix : '#include ')) + + decl_headers = ''' + #include + #include + ''' + # FIXME: key_serial_t is only defined in keyutils.h, this is bound to fail + + foreach decl : ['char16_t', + 'char32_t', + 'key_serial_t', + 'struct ethtool_link_settings', + ] + + # We get -1 if the size cannot be determined + have = cc.sizeof(decl, prefix : decl_headers) > 0 + conf.set('HAVE_' + decl.underscorify().to_upper(), have) + endforeach + + foreach decl : [['IFLA_INET6_ADDR_GEN_MODE', 'linux/if_link.h'], + ['IN6_ADDR_GEN_MODE_STABLE_PRIVACY', 'linux/if_link.h'], + ['IFLA_VRF_TABLE', 'linux/if_link.h'], + ['IFLA_MACVLAN_FLAGS', 'linux/if_link.h'], + ['IFLA_IPVLAN_MODE', 'linux/if_link.h'], + ['IFLA_PHYS_PORT_ID', 'linux/if_link.h'], + ['IFLA_BOND_AD_INFO', 'linux/if_link.h'], + ['IFLA_VLAN_PROTOCOL', 'linux/if_link.h'], + ['IFLA_VXLAN_REMCSUM_NOPARTIAL', 'linux/if_link.h'], + ['IFLA_VXLAN_GPE', 'linux/if_link.h'], + ['IFLA_GENEVE_LABEL', 'linux/if_link.h'], + # if_tunnel.h is buggy and cannot be included on its own + ['IFLA_VTI_REMOTE', 'linux/if_tunnel.h', '#include '], + ['IFLA_IPTUN_ENCAP_DPORT', 'linux/if_tunnel.h', '#include '], + ['IFLA_GRE_ENCAP_DPORT', 'linux/if_tunnel.h', '#include '], + ['IFLA_BRIDGE_VLAN_INFO', 'linux/if_bridge.h'], + ['IFLA_BRPORT_PROXYARP', 'linux/if_link.h'], + ['IFLA_BRPORT_LEARNING_SYNC', 'linux/if_link.h'], + ['IFLA_BR_VLAN_DEFAULT_PVID', 'linux/if_link.h'], + ['NDA_IFINDEX', 'linux/neighbour.h'], + ['IFA_FLAGS', 'linux/if_addr.h'], + ['LO_FLAGS_PARTSCAN', 'linux/loop.h'], + ] + prefix = decl.length() > 2 ? decl[2] : '' + have = cc.has_header_symbol(decl[1], decl[0], prefix : prefix) + conf.set10('HAVE_DECL_' + decl[0], have) + endforeach + + skip = false + foreach ident : ['secure_getenv', '__secure_getenv'] + if not skip and cc.has_function(ident) + conf.set('HAVE_' + ident.to_upper(), true) + skip = true + endif + endforeach + + foreach ident : [ + ['memfd_create', '''#include '''], + ['gettid', '''#include '''], + ['pivot_root', '''#include '''], # no known header declares pivot_root + ['name_to_handle_at', '''#define _GNU_SOURCE + #include + #include + #include '''], + ['setns', '''#define _GNU_SOURCE + #include '''], + ['renameat2', '''#include '''], + ['kcmp', '''#include '''], + ['keyctl', '''#include + #include '''], + ['copy_file_range', '''#include + #include '''], + ['explicit_bzero' , '''#include '''], + ] + + have = cc.has_function(ident[0], prefix : ident[1]) + conf.set10('HAVE_DECL_' + ident[0].to_upper(), have) + endforeach + + if cc.has_function('getrandom', prefix : '''#include ''') + conf.set('USE_SYS_RANDOM_H', true) + conf.set10('HAVE_DECL_GETRANDOM', true) + else + have = cc.has_function('getrandom', prefix : '''#include ''') + conf.set10('HAVE_DECL_GETRANDOM', have) + endif + + ##################################################################### + + sed = find_program('sed') + grep = find_program('grep') + awk = find_program('awk') + m4 = find_program('m4') + stat = find_program('stat') + git = find_program('git', required : false) + + meson_make_symlink = meson.source_root() + '/tools/meson-make-symlink.sh' + mkdir_p = 'mkdir -p $DESTDIR/@0@' + test_efi_create_disk_sh = find_program('test/test-efi-create-disk.sh') + splash_bmp = files('test/splash.bmp') + + # if -Dxxx-path option is found, use that. Otherwise, check in $PATH, + # /usr/sbin, /sbin, and fall back to the default from middle column. + progs = [['telinit', '/lib/sysvinit/telinit'], + ['quotaon', '/usr/sbin/quotaon' ], + ['quotacheck', '/usr/sbin/quotacheck' ], + ['kill', '/usr/bin/kill' ], + ['kmod', '/usr/bin/kmod' ], + ['kexec', '/usr/sbin/kexec' ], + ['sulogin', '/usr/sbin/sulogin' ], + ['mount', '/usr/bin/mount', 'MOUNT_PATH'], + ['umount', '/usr/bin/umount', 'UMOUNT_PATH'], + ['loadkeys', '/usr/bin/loadkeys', 'KBD_LOADKEYS'], + ['setfont', '/usr/bin/setfont', 'KBD_SETFONT'], + ] + foreach prog : progs + path = get_option(prog[0] + '-path') + if path != '' + message('Using @1@ for @0@'.format(prog[0], path)) + else + exe = find_program(prog[0], + '/usr/sbin/' + prog[0], + '/sbin/' + prog[0], + required: false) + path = exe.found() ? exe.path() : prog[1] + endif + name = prog.length() > 2 ? prog[2] : prog[0].to_upper() + conf.set_quoted(name, path) + substs.set(name, path) + endforeach + -if run_command('ln', '--relative', '--help').returncode() != 0 - error('ln does not support --relative') -endif ++#if run_command('ln', '--relative', '--help').returncode() != 0 ++# error('ln does not support --relative') ++#endif + + ############################################################ + + gperf = find_program('gperf') + + gperf_test_format = ''' + #include + const char * in_word_set(const char *, @0@); + @1@ + ''' + gperf_snippet_format = 'echo foo,bar | @0@ -L ANSI-C' + gperf_snippet = run_command('sh', '-c', gperf_snippet_format.format(gperf.path())) + gperf_test = gperf_test_format.format('size_t', gperf_snippet.stdout()) + if cc.compiles(gperf_test) + gperf_len_type = 'size_t' + else + gperf_test = gperf_test_format.format('unsigned', gperf_snippet.stdout()) + if cc.compiles(gperf_test) + gperf_len_type = 'unsigned' + else + error('unable to determine gperf len type') + endif + endif + message('gperf len type is @0@'.format(gperf_len_type)) + conf.set('GPERF_LEN_TYPE', gperf_len_type, + description : 'The type of gperf "len" parameter') + + ############################################################ + + if not cc.has_header('sys/capability.h') + error('POSIX caps headers not found') + endif + foreach header : ['linux/btrfs.h', + 'linux/memfd.h', + 'linux/vm_sockets.h', + 'valgrind/memcheck.h', + 'valgrind/valgrind.h', + ] + + conf.set('HAVE_' + header.underscorify().to_upper(), + cc.has_header(header)) + endforeach + + ############################################################ + + conf.set_quoted('FALLBACK_HOSTNAME', get_option('fallback-hostname')) + + default_hierarchy = get_option('default-hierarchy') + conf.set_quoted('DEFAULT_HIERARCHY_NAME', default_hierarchy, + description : 'default cgroup hierarchy as string') + if default_hierarchy == 'legacy' + conf.set('DEFAULT_HIERARCHY', 'CGROUP_UNIFIED_NONE') + elif default_hierarchy == 'hybrid' + conf.set('DEFAULT_HIERARCHY', 'CGROUP_UNIFIED_SYSTEMD') + else + conf.set('DEFAULT_HIERARCHY', 'CGROUP_UNIFIED_ALL') + endif + + time_epoch = get_option('time-epoch') + if time_epoch == '' + NEWS = files('NEWS') + time_epoch = run_command(stat, '-c', '%Y', NEWS).stdout() + endif + time_epoch = time_epoch.to_int() + conf.set('TIME_EPOCH', time_epoch) + + system_uid_max = get_option('system-uid-max') + if system_uid_max == '' + system_uid_max = run_command( + awk, + 'BEGIN { uid=999 } /^\s*SYS_UID_MAX\s+/ { uid=$2 } END { print uid }', + '/etc/login.defs').stdout() + endif + system_uid_max = system_uid_max.to_int() + conf.set('SYSTEM_UID_MAX', system_uid_max) + substs.set('systemuidmax', system_uid_max) + message('maximum system UID is @0@'.format(system_uid_max)) + + conf.set_quoted('NOBODY_USER_NAME', get_option('nobody-user')) + conf.set_quoted('NOBODY_GROUP_NAME', get_option('nobody-group')) + + system_gid_max = get_option('system-gid-max') + if system_gid_max == '' + system_gid_max = run_command( + awk, + 'BEGIN { gid=999 } /^\s*SYS_GID_MAX\s+/ { gid=$2 } END { print gid }', + '/etc/login.defs').stdout() + endif + system_gid_max = system_gid_max.to_int() + conf.set('SYSTEM_GID_MAX', system_gid_max) + substs.set('systemgidmax', system_gid_max) + message('maximum system GID is @0@'.format(system_gid_max)) + + tty_gid = get_option('tty-gid') + conf.set('TTY_GID', tty_gid) + substs.set('TTY_GID', tty_gid) + + if get_option('adm-group') + m4_defines += ['-DENABLE_ADM_GROUP'] + endif + + if get_option('wheel-group') + m4_defines += ['-DENABLE_WHEEL_GROUP'] + endif + + substs.set('DEV_KVM_MODE', get_option('dev-kvm-mode')) + + kill_user_processes = get_option('default-kill-user-processes') + conf.set10('KILL_USER_PROCESSES', kill_user_processes) + substs.set('KILL_USER_PROCESSES', kill_user_processes ? 'yes' : 'no') + + dns_servers = get_option('dns-servers') + conf.set_quoted('DNS_SERVERS', dns_servers) + substs.set('DNS_SERVERS', dns_servers) + + ntp_servers = get_option('ntp-servers') + conf.set_quoted('NTP_SERVERS', ntp_servers) + substs.set('NTP_SERVERS', ntp_servers) + + conf.set_quoted('GETTEXT_PACKAGE', meson.project_name()) + + substs.set('SUSHELL', get_option('debug-shell')) + substs.set('DEBUGTTY', get_option('debug-tty')) + + debug = get_option('debug') + if debug != '' + foreach name : debug.split(',') + if name == 'hashmap' + conf.set('ENABLE_DEBUG_HASHMAP', true) + elif name == 'mmap-cache' + conf.set('ENABLE_DEBUG_MMAP_CACHE', true) + else + message('unknown debug option "@0@", ignoring'.format(name)) + endif + endforeach + endif + + ##################################################################### + + threads = dependency('threads') + librt = cc.find_library('rt') + libm = cc.find_library('m') + libdl = cc.find_library('dl') + libcrypt = cc.find_library('crypt') + + libcap = dependency('libcap', required : false) + if not libcap.found() + # Compat with Ubuntu 14.04 which ships libcap w/o .pc file + libcap = cc.find_library('cap') + endif + + libmount = dependency('mount', + version : '>= 2.27') + + want_seccomp = get_option('seccomp') + if want_seccomp != 'false' + libseccomp = dependency('libseccomp', + version : '>= 2.3.1', + required : want_seccomp == 'true') + if libseccomp.found() + conf.set('HAVE_SECCOMP', true) + m4_defines += ['-DHAVE_SECCOMP'] + endif + else + libseccomp = [] + endif + + want_selinux = get_option('selinux') + if want_selinux != 'false' + libselinux = dependency('libselinux', + version : '>= 2.1.9', + required : want_selinux == 'true') + if libselinux.found() + conf.set('HAVE_SELINUX', true) + m4_defines += ['-DHAVE_SELINUX'] + endif + else + libselinux = [] + endif + + want_apparmor = get_option('apparmor') + if want_apparmor != 'false' + libapparmor = dependency('libapparmor', + required : want_apparmor == 'true') + if libapparmor.found() + conf.set('HAVE_APPARMOR', true) + m4_defines += ['-DHAVE_APPARMOR'] + endif + else + libapparmor = [] + endif + + smack_run_label = get_option('smack-run-label') + if smack_run_label != '' + conf.set_quoted('SMACK_RUN_LABEL', smack_run_label) + m4_defines += ['-DHAVE_SMACK_RUN_LABEL'] + endif + + want_polkit = get_option('polkit') + install_polkit = false + install_polkit_pkla = false + if want_polkit != 'false' + conf.set('ENABLE_POLKIT', true) + install_polkit = true + + libpolkit = dependency('polkit-gobject-1', + required : false) + if libpolkit.found() and libpolkit.version().version_compare('< 0.106') + message('Old polkit detected, will install pkla files') + install_polkit_pkla = true + endif + endif + + want_acl = get_option('acl') + if want_acl != 'false' + libacl = cc.find_library('acl', required : want_acl == 'true') + if libacl.found() + conf.set('HAVE_ACL', true) + m4_defines += ['-DHAVE_ACL'] + endif + else + libacl = [] + endif + + want_audit = get_option('audit') + if want_audit != 'false' + libaudit = dependency('audit', required : want_audit == 'true') + conf.set('HAVE_AUDIT', libaudit.found()) + else + libaudit = [] + endif + + want_blkid = get_option('blkid') + if want_blkid != 'false' + libblkid = dependency('blkid', required : want_blkid == 'true') + conf.set('HAVE_BLKID', libblkid.found()) + else + libblkid = [] + endif + + want_kmod = get_option('kmod') + if want_kmod != 'false' + libkmod = dependency('libkmod', + version : '>= 15', + required : want_kmod == 'true') + conf.set('HAVE_KMOD', libkmod.found()) + else + libkmod = [] + endif + + want_pam = get_option('pam') + if want_pam != 'false' + libpam = cc.find_library('pam', required : want_pam == 'true') + libpam_misc = cc.find_library('pam_misc', required : want_pam == 'true') + if libpam.found() and libpam_misc.found() + conf.set('HAVE_PAM', true) + m4_defines += ['-DHAVE_PAM'] + endif + else + libpam = [] + libpam_misc = [] + endif + + want_microhttpd = get_option('microhttpd') + if want_microhttpd != 'false' + libmicrohttpd = dependency('libmicrohttpd', + version : '>= 0.9.33', + required : want_microhttpd == 'true') + if libmicrohttpd.found() + conf.set('HAVE_MICROHTTPD', true) + m4_defines += ['-DHAVE_MICROHTTPD'] + endif + else + libmicrohttpd = [] + endif + + want_libcryptsetup = get_option('libcryptsetup') + if want_libcryptsetup != 'false' + libcryptsetup = dependency('libcryptsetup', + version : '>= 1.6.0', + required : want_libcryptsetup == 'true') + conf.set('HAVE_LIBCRYPTSETUP', libcryptsetup.found()) + else + libcryptsetup = [] + endif + + want_libcurl = get_option('libcurl') + if want_libcurl != 'false' + libcurl = dependency('libcurl', + version : '>= 7.32.0', + required : want_libcurl == 'true') + if libcurl.found() + conf.set('HAVE_LIBCURL', true) + m4_defines += ['-DHAVE_LIBCURL'] + endif + else + libcurl = [] + endif + + want_libidn = get_option('libidn') + want_libidn2 = get_option('libidn2') + if want_libidn == 'true' and want_libidn2 == 'true' + error('libidn and libidn2 cannot be requested simultaneously') + endif + + if want_libidn != 'false' and want_libidn2 != 'true' + libidn = dependency('libidn', + required : want_libidn == 'true') + if libidn.found() + conf.set('HAVE_LIBIDN', true) + m4_defines += ['-DHAVE_LIBIDN'] + endif + else + libidn = [] + endif + if not conf.get('HAVE_LIBIDN', false) and want_libidn2 != 'false' + # libidn is used for both libidn and libidn2 objects + libidn = dependency('libidn2', + required : want_libidn2 == 'true') + if libidn.found() + conf.set('HAVE_LIBIDN2', true) + m4_defines += ['-DHAVE_LIBIDN2'] + endif + endif + + want_libiptc = get_option('libiptc') + if want_libiptc != 'false' + libiptc = dependency('libiptc', + required : want_libiptc == 'true') + if libiptc.found() + conf.set('HAVE_LIBIPTC', true) + m4_defines += ['-DHAVE_LIBIPTC'] + endif + else + libiptc = [] + endif + + want_qrencode = get_option('qrencode') + if want_qrencode != 'false' + libqrencode = dependency('libqrencode', + required : want_qrencode == 'true') + conf.set('HAVE_QRENCODE', libqrencode.found()) + else + libqrencode = [] + endif + + want_gnutls = get_option('gnutls') + if want_gnutls != 'false' + libgnutls = dependency('gnutls', + version : '>= 3.1.4', + required : want_gnutls == 'true') + conf.set('HAVE_GNUTLS', libgnutls.found()) + else + libgnutls = [] + endif + + want_elfutils = get_option('elfutils') + if want_elfutils != 'false' + libdw = dependency('libdw', + required : want_elfutils == 'true') + conf.set('HAVE_ELFUTILS', libdw.found()) + else + libdw = [] + endif + + want_zlib = get_option('zlib') + if want_zlib != 'false' + libz = dependency('zlib', + required : want_zlib == 'true') + conf.set('HAVE_ZLIB', libz.found()) + else + libz = [] + endif + + want_bzip2 = get_option('bzip2') + if want_bzip2 != 'false' + libbzip2 = cc.find_library('bz2', + required : want_bzip2 == 'true') + conf.set('HAVE_BZIP2', libbzip2.found()) + else + libbzip2 = [] + endif + + want_xz = get_option('xz') + if want_xz != 'false' + libxz = dependency('liblzma', + required : want_xz == 'true') + conf.set('HAVE_XZ', libxz.found()) + else + libxz = [] + endif + + want_lz4 = get_option('lz4') + if want_lz4 != 'false' + liblz4 = dependency('liblz4', + required : want_lz4 == 'true') + conf.set('HAVE_LZ4', liblz4.found()) + else + liblz4 = [] + endif + + want_glib = get_option('glib') + if want_glib != 'false' + libglib = dependency('glib-2.0', + version : '>= 2.22.0', + required : want_glib == 'true') + libgobject = dependency('gobject-2.0', + version : '>= 2.22.0', + required : want_glib == 'true') + libgio = dependency('gio-2.0', + required : want_glib == 'true') + have = libglib.found() and libgobject.found() and libgio.found() + conf.set('HAVE_GLIB', have) + else + libglib = [] + libgobject = [] + libgio = [] + endif + + want_xkbcommon = get_option('xkbcommon') + if want_xkbcommon != 'false' + libxkbcommon = dependency('xkbcommon', + version : '>= 0.3.0', + required : want_xkbcommon == 'true') + conf.set('HAVE_XKBCOMMON', libxkbcommon.found()) + else + libxkbcommon = [] + endif + + want_dbus = get_option('dbus') + if want_dbus != 'false' + libdbus = dependency('dbus-1', + version : '>= 1.3.2', + required : want_dbus == 'true') + conf.set('HAVE_DBUS', libdbus.found()) + else + libdbus = [] + endif + + want_gcrypt = get_option('gcrypt') + if want_gcrypt != 'false' + libgcrypt = cc.find_library('gcrypt', required : want_gcrypt == 'true') + libgpg_error = cc.find_library('gpg-error', required : want_gcrypt == 'true') + + have_deps = libgcrypt.found() and libgpg_error.found() + conf.set('HAVE_GCRYPT', have_deps) + if not have_deps + # link to neither of the libs if one is not found + libgcrypt = [] + libgpg_error = [] + endif + else + libgcrypt = [] + libgpg_error = [] + endif + + default_dnssec = get_option('default-dnssec') + if default_dnssec != 'no' and not conf.get('HAVE_GCRYPT', false) + message('default-dnssec cannot be set to yes or allow-downgrade when gcrypt is disabled. Setting default-dnssec to no.') + default_dnssec = 'no' + endif + conf.set('DEFAULT_DNSSEC_MODE', + 'DNSSEC_' + default_dnssec.underscorify().to_upper()) + substs.set('DEFAULT_DNSSEC_MODE', default_dnssec) + + want_importd = get_option('importd') + if want_importd != 'false' + have_deps = (conf.get('HAVE_LIBCURL', false) and + conf.get('HAVE_ZLIB', false) and + conf.get('HAVE_BZIP2', false) and + conf.get('HAVE_XZ', false) and + conf.get('HAVE_GCRYPT', false)) + conf.set('ENABLE_IMPORTD', have_deps) + if want_importd == 'true' and not have_deps + error('importd support was requested, but dependencies are not available') + endif + endif + + want_remote = get_option('remote') + if want_remote != 'false' + have_deps = [conf.get('HAVE_MICROHTTPD', false), + conf.get('HAVE_LIBCURL', false)] + # sd-j-remote requires µhttpd, and sd-j-upload requires libcurl, so + # it's possible to build one without the other. Complain only if + # support was explictly requested. The auxiliary files like sysusers + # config should be installed when any of the programs are built. + if want_remote == 'true' and not (have_deps[0] and have_deps[1]) + error('remote support was requested, but dependencies are not available') + endif + conf.set('ENABLE_REMOTE', have_deps[0] or have_deps[1]) + endif + + foreach pair : [['utmp', 'HAVE_UTMP'], ++ ['kdbus', 'ENABLE_KDBUS'], + ['hibernate', 'ENABLE_HIBERNATE'], + ['environment-d', 'ENABLE_ENVIRONMENT_D'], + ['binfmt', 'ENABLE_BINFMT'], + ['coredump', 'ENABLE_COREDUMP'], + ['resolve', 'ENABLE_RESOLVED'], + ['logind', 'ENABLE_LOGIND'], + ['hostnamed', 'ENABLE_HOSTNAMED'], + ['localed', 'ENABLE_LOCALED'], + ['machined', 'ENABLE_MACHINED'], + ['networkd', 'ENABLE_NETWORKD'], + ['timedated', 'ENABLE_TIMEDATED'], + ['timesyncd', 'ENABLE_TIMESYNCD'], + ['myhostname', 'HAVE_MYHOSTNAME'], + ['firstboot', 'ENABLE_FIRSTBOOT'], + ['randomseed', 'ENABLE_RANDOMSEED'], + ['backlight', 'ENABLE_BACKLIGHT'], + ['vconsole', 'ENABLE_VCONSOLE'], + ['quotacheck', 'ENABLE_QUOTACHECK'], + ['sysusers', 'ENABLE_SYSUSERS'], + ['tmpfiles', 'ENABLE_TMPFILES'], + ['hwdb', 'ENABLE_HWDB'], + ['rfkill', 'ENABLE_RFKILL'], + ['ldconfig', 'ENABLE_LDCONFIG'], + ['efi', 'ENABLE_EFI'], + ['tpm', 'SD_BOOT_LOG_TPM'], + ['ima', 'HAVE_IMA'], + ['smack', 'HAVE_SMACK'], + ['gshadow', 'ENABLE_GSHADOW'], + ['idn', 'ENABLE_IDN'], + ['nss-systemd', 'ENABLE_NSS_SYSTEMD'], + ] + + if get_option(pair[0]) + conf.set(pair[1], true) + m4_defines += ['-D' + pair[1]] + endif + endforeach + + want_tests = get_option('tests') + install_tests = get_option('install-tests') + tests = [] + + ##################################################################### + + if get_option('efi') + efi_arch = host_machine.cpu_family() + + if efi_arch == 'x86' + EFI_MACHINE_TYPE_NAME = 'ia32' + gnu_efi_arch = 'ia32' + elif efi_arch == 'x86_64' + EFI_MACHINE_TYPE_NAME = 'x64' + gnu_efi_arch = 'x86_64' + elif efi_arch == 'arm' + EFI_MACHINE_TYPE_NAME = 'arm' + gnu_efi_arch = 'arm' + elif efi_arch == 'aarch64' + EFI_MACHINE_TYPE_NAME = 'aa64' + gnu_efi_arch = 'aarch64' + else + EFI_MACHINE_TYPE_NAME = '' + gnu_efi_arch = '' + endif + + conf.set('ENABLE_EFI', true) + conf.set_quoted('EFI_MACHINE_TYPE_NAME', EFI_MACHINE_TYPE_NAME) + + conf.set('SD_TPM_PCR', get_option('tpm-pcrindex').to_int()) + endif + + ##################################################################### + + config_h = configure_file( + output : 'config.h', + configuration : conf) + + includes = include_directories('src/basic', + 'src/shared', + 'src/systemd', + 'src/journal', + 'src/resolve', + 'src/timesync', + 'src/login', + 'src/udev', + 'src/libudev', + 'src/core', + 'src/libsystemd/sd-bus', + 'src/libsystemd/sd-device', + 'src/libsystemd/sd-hwdb', + 'src/libsystemd/sd-id128', + 'src/libsystemd/sd-netlink', + 'src/libsystemd/sd-network', + 'src/libsystemd-network', + ) + + add_project_arguments('-include', 'config.h', language : 'c') + + gcrypt_util_sources = files('src/shared/gcrypt-util.h', + 'src/shared/gcrypt-util.c') + + subdir('po') + subdir('catalog') + subdir('src/systemd') + subdir('src/basic') + subdir('src/libsystemd') + subdir('src/libsystemd-network') + subdir('src/journal') + subdir('src/login') + + libjournal_core = static_library( + 'journal-core', + libjournal_core_sources, + journald_gperf_c, + include_directories : includes, + install : false) + + libsystemd_sym_path = '@0@/@1@'.format(meson.current_source_dir(), libsystemd_sym) + libsystemd = shared_library( + 'systemd', + libsystemd_internal_sources, + journal_internal_sources, + version : '0.19.0', + include_directories : includes, + link_args : ['-shared', + '-Wl,--version-script=' + libsystemd_sym_path], + link_with : [libbasic], + dependencies : [threads, + libgcrypt, + librt, + libxz, + liblz4], + link_depends : libsystemd_sym, + install : true, + install_dir : rootlibdir) + + ############################################################ + + # binaries that have --help and are intended for use by humans, + # usually, but not always, installed in /bin. + public_programs = [] + + subdir('src/libudev') + subdir('src/shared') + subdir('src/core') + subdir('src/udev') + subdir('src/network') + + subdir('src/analyze') + subdir('src/journal-remote') + subdir('src/coredump') + subdir('src/hostname') + subdir('src/import') + subdir('src/kernel-install') + subdir('src/locale') + subdir('src/machine') + subdir('src/nspawn') + subdir('src/resolve') + subdir('src/timedate') + subdir('src/timesync') + subdir('src/vconsole') + subdir('src/sulogin-shell') + subdir('src/boot/efi') + + subdir('src/test') + subdir('test') + + ############################################################ + + # only static linking apart from libdl, to make sure that the + # module is linked to all libraries that it uses. + test_dlopen = executable( + 'test-dlopen', + test_dlopen_c, + include_directories : includes, + link_with : [libbasic], + dependencies : [libdl]) + + foreach tuple : [['myhostname', 'HAVE_MYHOSTNAME'], + ['systemd', 'ENABLE_NSS_SYSTEMD'], + ['mymachines', 'ENABLE_MACHINED'], + ['resolve', 'ENABLE_RESOLVED']] + + condition = tuple[1] == '' or conf.get(tuple[1], false) + if condition + module = tuple[0] + + sym = 'src/nss-@0@/nss-@0@.sym'.format(module) + version_script_arg = join_paths(meson.current_source_dir(), sym) + + nss = shared_library( + 'nss_' + module, + 'src/nss-@0@/nss-@0@.c'.format(module), + version : '2', + include_directories : includes, + link_args : ['-shared', + '-Wl,--version-script=' + version_script_arg, + '-Wl,--undefined'], + link_with : [libsystemd_internal, + libbasic], + dependencies : [threads, + librt], + link_depends : sym, + install : true, + install_dir : rootlibdir) + + # We cannot use shared_module because it does not support version suffix. + # Unfortunately shared_library insists on creating the symlink… + meson.add_install_script('sh', '-c', + 'rm $DESTDIR@0@/libnss_@1@.so' + .format(rootlibdir, module)) + + test('dlopen-nss_' + module, + test_dlopen, + args : [nss.full_path()]) # path to dlopen must include a slash + endif + endforeach + + ############################################################ + + executable('systemd', + systemd_sources, + include_directories : includes, + link_with : [libcore, + libshared], + dependencies : [threads, + librt, + libseccomp, + libselinux, + libmount, + libblkid], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootlibexecdir) + + exe = executable('systemd-analyze', + systemd_analyze_sources, + include_directories : includes, + link_with : [libcore, + libshared], + dependencies : [threads, + librt, + libseccomp, + libselinux, + libmount, + libblkid], + install_rpath : rootlibexecdir, + install : true) + public_programs += [exe] + + executable('systemd-journald', + systemd_journald_sources, + include_directories : includes, + link_with : [libjournal_core, + libshared], + dependencies : [threads, + libxz, + liblz4, + libselinux], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootlibexecdir) + + exe = executable('systemd-cat', + systemd_cat_sources, + include_directories : includes, + link_with : [libjournal_core, + libshared], + dependencies : [threads], + install_rpath : rootlibexecdir, + install : true) + public_programs += [exe] + + exe = executable('journalctl', + journalctl_sources, + include_directories : includes, + link_with : [libshared], + dependencies : [threads, + libqrencode, + libxz, + liblz4], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootbindir) + public_programs += [exe] + + executable('systemd-getty-generator', + 'src/getty-generator/getty-generator.c', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true, + install_dir : systemgeneratordir) + + executable('systemd-debug-generator', + 'src/debug-generator/debug-generator.c', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true, + install_dir : systemgeneratordir) + + executable('systemd-fstab-generator', + 'src/fstab-generator/fstab-generator.c', + 'src/core/mount-setup.c', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true, + install_dir : systemgeneratordir) + + if conf.get('ENABLE_ENVIRONMENT_D', false) + executable('30-systemd-environment-d-generator', + 'src/environment-d-generator/environment-d-generator.c', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true, + install_dir : userenvgeneratordir) + + meson.add_install_script(meson_make_symlink, + join_paths(sysconfdir, 'environment'), + join_paths(environmentdir, '99-environment.conf')) + endif + + if conf.get('ENABLE_HIBERNATE', false) + executable('systemd-hibernate-resume-generator', + 'src/hibernate-resume/hibernate-resume-generator.c', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true, + install_dir : systemgeneratordir) + + executable('systemd-hibernate-resume', + 'src/hibernate-resume/hibernate-resume.c', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootlibexecdir) + endif + + if conf.get('HAVE_BLKID', false) + executable('systemd-gpt-auto-generator', + 'src/gpt-auto-generator/gpt-auto-generator.c', + 'src/basic/blkid-util.h', + include_directories : includes, + link_with : [libshared], + dependencies : libblkid, + install_rpath : rootlibexecdir, + install : true, + install_dir : systemgeneratordir) + + exe = executable('systemd-dissect', + 'src/dissect/dissect.c', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootlibexecdir) + public_programs += [exe] + endif + + if conf.get('ENABLE_RESOLVED', false) + executable('systemd-resolved', + systemd_resolved_sources, + gcrypt_util_sources, + include_directories : includes, + link_with : [libshared], + dependencies : [threads, + libgcrypt, + libgpg_error, + libm, + libidn], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootlibexecdir) + + exe = executable('systemd-resolve', + systemd_resolve_sources, + gcrypt_util_sources, + include_directories : includes, + link_with : [libshared], + dependencies : [threads, + libgcrypt, + libgpg_error, + libm, + libidn], + install_rpath : rootlibexecdir, + install : true) + public_programs += [exe] + endif + + if conf.get('ENABLE_LOGIND', false) + executable('systemd-logind', + systemd_logind_sources, + include_directories : includes, + link_with : [liblogind_core, + libshared], + dependencies : [threads, + libacl], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootlibexecdir) + + exe = executable('loginctl', + loginctl_sources, + include_directories : includes, + link_with : [libshared], + dependencies : [threads, + liblz4, + libxz], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootbindir) + public_programs += [exe] + + exe = executable('systemd-inhibit', + 'src/login/inhibit.c', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootbindir) + public_programs += [exe] + + if conf.get('HAVE_PAM', false) + version_script_arg = join_paths(meson.current_source_dir(), pam_systemd_sym) + pam_systemd = shared_library( + 'pam_systemd', + pam_systemd_c, + name_prefix : '', + include_directories : includes, + link_args : ['-shared', + '-Wl,--version-script=' + version_script_arg], + link_with : [libsystemd_internal, + libshared_static], + dependencies : [threads, + libpam, + libpam_misc], + link_depends : pam_systemd_sym, + install : true, + install_dir : pamlibdir) + + test('dlopen-pam_systemd', + test_dlopen, + args : [pam_systemd.full_path()]) # path to dlopen must include a slash + endif + endif + + if conf.get('HAVE_PAM', false) + executable('systemd-user-sessions', + 'src/user-sessions/user-sessions.c', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootlibexecdir) + endif + + if conf.get('ENABLE_EFI', false) and conf.get('HAVE_BLKID', false) + exe = executable('bootctl', + 'src/boot/bootctl.c', + include_directories : includes, + link_with : [libshared], + dependencies : [libblkid], + install_rpath : rootlibexecdir, + install : true) + public_programs += [exe] + endif + + exe = executable('systemd-socket-activate', 'src/activate/activate.c', + include_directories : includes, + link_with : [libshared], + dependencies : [threads], + install_rpath : rootlibexecdir, + install : true) + public_programs += [exe] + + exe = executable('systemctl', 'src/systemctl/systemctl.c', + include_directories : includes, + link_with : [libshared], + dependencies : [threads, + libcap, + libselinux, + libxz, + liblz4], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootbindir) + public_programs += [exe] + + if conf.get('ENABLE_BACKLIGHT', false) + executable('systemd-backlight', + 'src/backlight/backlight.c', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootlibexecdir) + endif + + if conf.get('ENABLE_RFKILL', false) + executable('systemd-rfkill', + 'src/rfkill/rfkill.c', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootlibexecdir) + endif + + executable('systemd-system-update-generator', + 'src/system-update-generator/system-update-generator.c', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true, + install_dir : systemgeneratordir) + + if conf.get('HAVE_LIBCRYPTSETUP', false) + executable('systemd-cryptsetup', + 'src/cryptsetup/cryptsetup.c', + include_directories : includes, + link_with : [libshared], + dependencies : [libcryptsetup], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootlibexecdir) + + executable('systemd-cryptsetup-generator', + 'src/cryptsetup/cryptsetup-generator.c', + include_directories : includes, + link_with : [libshared], + dependencies : [libcryptsetup], + install_rpath : rootlibexecdir, + install : true, + install_dir : systemgeneratordir) + + executable('systemd-veritysetup', + 'src/veritysetup/veritysetup.c', + include_directories : includes, + link_with : [libshared], + dependencies : [libcryptsetup], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootlibexecdir) + + executable('systemd-veritysetup-generator', + 'src/veritysetup/veritysetup-generator.c', + include_directories : includes, + link_with : [libshared], + dependencies : [libcryptsetup], + install_rpath : rootlibexecdir, + install : true, + install_dir : systemgeneratordir) + endif + + if conf.get('HAVE_SYSV_COMPAT', false) + executable('systemd-sysv-generator', + 'src/sysv-generator/sysv-generator.c', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true, + install_dir : systemgeneratordir) + + executable('systemd-rc-local-generator', + 'src/rc-local-generator/rc-local-generator.c', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true, + install_dir : systemgeneratordir) + endif + + if conf.get('ENABLE_HOSTNAMED', false) + executable('systemd-hostnamed', + 'src/hostname/hostnamed.c', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootlibexecdir) + + exe = executable('hostnamectl', + 'src/hostname/hostnamectl.c', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true) + public_programs += [exe] + endif + + if conf.get('ENABLE_LOCALED', false) + if conf.get('HAVE_XKBCOMMON', false) + # logind will load libxkbcommon.so dynamically on its own + deps = [libdl] + else + deps = [] + endif + + executable('systemd-localed', + systemd_localed_sources, + include_directories : includes, + link_with : [libshared], + dependencies : deps, + install_rpath : rootlibexecdir, + install : true, + install_dir : rootlibexecdir) + + exe = executable('localectl', + localectl_sources, + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true) + public_programs += [exe] + endif + + if conf.get('ENABLE_TIMEDATED', false) + executable('systemd-timedated', + 'src/timedate/timedated.c', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootlibexecdir) + + exe = executable('timedatectl', + 'src/timedate/timedatectl.c', + include_directories : includes, + install_rpath : rootlibexecdir, + link_with : [libshared], + install : true) + public_programs += [exe] + endif + + if conf.get('ENABLE_TIMESYNCD', false) + executable('systemd-timesyncd', + systemd_timesyncd_sources, + include_directories : includes, + link_with : [libshared], + dependencies : [threads, + libm], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootlibexecdir) + endif + + if conf.get('ENABLE_MACHINED', false) + executable('systemd-machined', + systemd_machined_sources, + include_directories : includes, + link_with : [libmachine_core, + libshared], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootlibexecdir) + + exe = executable('machinectl', + 'src/machine/machinectl.c', + include_directories : includes, + link_with : [libshared], + dependencies : [threads, + libxz, + liblz4], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootbindir) + public_programs += [exe] + endif + + if conf.get('ENABLE_IMPORTD', false) + executable('systemd-importd', + systemd_importd_sources, + include_directories : includes, + link_with : [libshared], + dependencies : [threads], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootlibexecdir) + + systemd_pull = executable('systemd-pull', + systemd_pull_sources, + include_directories : includes, + link_with : [libshared], + dependencies : [libcurl, + libz, + libbzip2, + libxz, + libgcrypt], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootlibexecdir) + + systemd_import = executable('systemd-import', + systemd_import_sources, + include_directories : includes, + link_with : [libshared], + dependencies : [libcurl, + libz, + libbzip2, + libxz], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootlibexecdir) + + systemd_export = executable('systemd-export', + systemd_export_sources, + include_directories : includes, + link_with : [libshared], + dependencies : [libcurl, + libz, + libbzip2, + libxz], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootlibexecdir) + public_programs += [systemd_pull, systemd_import, systemd_export] + endif + + if conf.get('ENABLE_REMOTE', false) and conf.get('HAVE_LIBCURL', false) + exe = executable('systemd-journal-upload', + systemd_journal_upload_sources, + include_directories : includes, + link_with : [libshared], + dependencies : [threads, + libcurl, + libgnutls, + libxz, + liblz4], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootlibexecdir) + public_programs += [exe] + endif + + if conf.get('ENABLE_REMOTE', false) and conf.get('HAVE_MICROHTTPD', false) + s_j_remote = executable('systemd-journal-remote', + systemd_journal_remote_sources, + include_directories : includes, + link_with : [libshared], + dependencies : [threads, + libmicrohttpd, + libgnutls, + libxz, + liblz4], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootlibexecdir) + + s_j_gatewayd = executable('systemd-journal-gatewayd', + systemd_journal_gatewayd_sources, + include_directories : includes, + link_with : [libshared], + dependencies : [threads, + libmicrohttpd, + libgnutls, + libxz, + liblz4], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootlibexecdir) + public_programs += [s_j_remote, s_j_gatewayd] + endif + + if conf.get('ENABLE_COREDUMP', false) + executable('systemd-coredump', + systemd_coredump_sources, + include_directories : includes, + link_with : [libshared], + dependencies : [threads, + libacl, + libdw, + libxz, + liblz4], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootlibexecdir) + + exe = executable('coredumpctl', + coredumpctl_sources, + include_directories : includes, + link_with : [libshared], + dependencies : [threads, + libxz, + liblz4], + install_rpath : rootlibexecdir, + install : true) + public_programs += [exe] + endif + + if conf.get('ENABLE_BINFMT', false) + exe = executable('systemd-binfmt', + 'src/binfmt/binfmt.c', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootlibexecdir) + public_programs += [exe] + + meson.add_install_script('sh', '-c', + mkdir_p.format(binfmtdir)) + meson.add_install_script('sh', '-c', + mkdir_p.format(join_paths(sysconfdir, 'binfmt.d'))) + endif + + if conf.get('ENABLE_VCONSOLE', false) + executable('systemd-vconsole-setup', + 'src/vconsole/vconsole-setup.c', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootlibexecdir) + endif + + if conf.get('ENABLE_RANDOMSEED', false) + executable('systemd-random-seed', + 'src/random-seed/random-seed.c', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootlibexecdir) + endif + + if conf.get('ENABLE_FIRSTBOOT', false) + executable('systemd-firstboot', + 'src/firstboot/firstboot.c', + include_directories : includes, + link_with : [libshared], + dependencies : [libcrypt], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootbindir) + endif + + executable('systemd-remount-fs', + 'src/remount-fs/remount-fs.c', + 'src/core/mount-setup.c', + 'src/core/mount-setup.h', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootlibexecdir) + + executable('systemd-machine-id-setup', + 'src/machine-id-setup/machine-id-setup-main.c', + 'src/core/machine-id-setup.c', + 'src/core/machine-id-setup.h', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootbindir) + + executable('systemd-fsck', + 'src/fsck/fsck.c', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootlibexecdir) + + executable('systemd-sleep', + 'src/sleep/sleep.c', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootlibexecdir) + + exe = executable('systemd-sysctl', + 'src/sysctl/sysctl.c', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootlibexecdir) + public_programs += [exe] + + executable('systemd-ac-power', + 'src/ac-power/ac-power.c', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootlibexecdir) + ++exe_name = 'systemd-dbus1-generator' ++exe = executable(exe_name, ++ 'src/dbus1-generator/dbus1-generator.c', ++ include_directories : includes, ++ link_with : [libshared], ++ install_rpath : rootlibexecdir, ++ install : true, ++ install_dir : systemgeneratordir) ++meson.add_install_script(meson_make_symlink, ++ join_paths(systemgeneratordir, exe_name), ++ join_paths(usergeneratordir, exe_name)) ++ + exe = executable('systemd-detect-virt', + 'src/detect-virt/detect-virt.c', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true) + public_programs += [exe] + + exe = executable('systemd-delta', + 'src/delta/delta.c', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true) + public_programs += [exe] + + exe = executable('systemd-escape', + 'src/escape/escape.c', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootbindir) + public_programs += [exe] + + exe = executable('systemd-notify', + 'src/notify/notify.c', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootbindir) + public_programs += [exe] + + executable('systemd-volatile-root', + 'src/volatile-root/volatile-root.c', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootlibexecdir) + + executable('systemd-cgroups-agent', + 'src/cgroups-agent/cgroups-agent.c', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootlibexecdir) + + exe = executable('systemd-path', + 'src/path/path.c', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true) + public_programs += [exe] + + exe = executable('systemd-ask-password', + 'src/ask-password/ask-password.c', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootbindir) + public_programs += [exe] + + executable('systemd-reply-password', + 'src/reply-password/reply-password.c', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootlibexecdir) + + exe = executable('systemd-tty-ask-password-agent', + 'src/tty-ask-password-agent/tty-ask-password-agent.c', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootbindir) + public_programs += [exe] + + exe = executable('systemd-cgls', + 'src/cgls/cgls.c', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true) + public_programs += [exe] + + exe = executable('systemd-cgtop', + 'src/cgtop/cgtop.c', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true) + public_programs += [exe] + + executable('systemd-initctl', + 'src/initctl/initctl.c', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootlibexecdir) + + exe = executable('systemd-mount', + 'src/mount/mount-tool.c', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true) + public_programs += [exe] + + meson.add_install_script(meson_make_symlink, + 'systemd-mount', join_paths(bindir, 'systemd-umount')) + + exe = executable('systemd-run', + 'src/run/run.c', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true) + public_programs += [exe] + + exe = executable('systemd-stdio-bridge', + 'src/stdio-bridge/stdio-bridge.c', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true) + public_programs += [exe] + + exe = executable('busctl', + 'src/busctl/busctl.c', + 'src/busctl/busctl-introspect.c', + 'src/busctl/busctl-introspect.h', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true) + public_programs += [exe] + + if conf.get('ENABLE_SYSUSERS', false) + exe = executable('systemd-sysusers', + 'src/sysusers/sysusers.c', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootbindir) + public_programs += [exe] + endif + + if conf.get('ENABLE_TMPFILES', false) + exe = executable('systemd-tmpfiles', + 'src/tmpfiles/tmpfiles.c', + include_directories : includes, + link_with : [libshared], + dependencies : [libacl], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootbindir) + public_programs += [exe] + endif + + if conf.get('ENABLE_HWDB', false) + exe = executable('systemd-hwdb', + 'src/hwdb/hwdb.c', + 'src/libsystemd/sd-hwdb/hwdb-internal.h', + include_directories : includes, + link_with : [libudev_internal], + install_rpath : udev_rpath, + install : true, + install_dir : rootbindir) + public_programs += [exe] + endif + + if conf.get('ENABLE_QUOTACHECK', false) + executable('systemd-quotacheck', + 'src/quotacheck/quotacheck.c', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootlibexecdir) + endif + + exe = executable('systemd-socket-proxyd', + 'src/socket-proxy/socket-proxyd.c', + include_directories : includes, + link_with : [libshared], + dependencies : [threads], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootlibexecdir) + public_programs += [exe] + + exe = executable('systemd-udevd', + systemd_udevd_sources, + include_directories : includes, + c_args : ['-DLOG_REALM=LOG_REALM_UDEV'], + link_with : [libudev_core, + libsystemd_network, + libudev_internal], + dependencies : [threads, + libkmod, + libidn, + libacl, + libblkid], + install_rpath : udev_rpath, + install : true, + install_dir : rootlibexecdir) + public_programs += [exe] + + exe = executable('udevadm', + udevadm_sources, + include_directories : includes, + link_with : [libudev_core, + libsystemd_network, + libudev_internal], + dependencies : [threads, + libkmod, + libidn, + libacl, + libblkid], + install_rpath : udev_rpath, + install : true, + install_dir : rootbindir) + public_programs += [exe] + + executable('systemd-shutdown', + systemd_shutdown_sources, + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootlibexecdir) + + executable('systemd-update-done', + 'src/update-done/update-done.c', + include_directories : includes, + link_with : [libshared], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootlibexecdir) + + executable('systemd-update-utmp', + 'src/update-utmp/update-utmp.c', + include_directories : includes, + link_with : [libshared], + dependencies : [libaudit], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootlibexecdir) + + if conf.get('HAVE_KMOD', false) + executable('systemd-modules-load', + 'src/modules-load/modules-load.c', + include_directories : includes, + link_with : [libshared], + dependencies : [libkmod], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootlibexecdir) + + meson.add_install_script('sh', '-c', + mkdir_p.format(modulesloaddir)) + meson.add_install_script('sh', '-c', + mkdir_p.format(join_paths(sysconfdir, 'modules-load.d'))) + endif + + exe = executable('systemd-nspawn', + systemd_nspawn_sources, + 'src/core/mount-setup.c', # FIXME: use a variable? + 'src/core/mount-setup.h', + 'src/core/loopback-setup.c', + 'src/core/loopback-setup.h', + include_directories : [includes, include_directories('src/nspawn')], + link_with : [libshared], + dependencies : [libacl, + libblkid, + libseccomp, + libselinux], + install_rpath : rootlibexecdir, + install : true) + public_programs += [exe] + + if conf.get('ENABLE_NETWORKD', false) + executable('systemd-networkd', + systemd_networkd_sources, + include_directories : includes, + link_with : [libnetworkd_core, + libsystemd_network, + libudev_internal, + libshared], + dependencies : [threads], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootlibexecdir) + + executable('systemd-networkd-wait-online', + systemd_networkd_wait_online_sources, + include_directories : includes, + link_with : [libnetworkd_core, + libshared], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootlibexecdir) + endif + + exe = executable('networkctl', + networkctl_sources, + include_directories : includes, + link_with : [libsystemd_network, + libshared], + install_rpath : rootlibexecdir, + install : true, + install_dir : rootbindir) + public_programs += [exe] + + ############################################################ + + foreach tuple : tests + sources = tuple[0] + link_with = tuple[1].length() > 0 ? tuple[1] : [libshared] + dependencies = tuple[2] + condition = tuple.length() >= 4 ? tuple[3] : '' + type = tuple.length() >= 5 ? tuple[4] : '' + defs = tuple.length() >= 6 ? tuple[5] : [] + incs = tuple.length() >= 7 ? tuple[6] : includes + timeout = 30 + + name = sources[0].split('/')[-1].split('.')[0] + if type.startswith('timeout=') + timeout = type.split('=')[1].to_int() + type = '' + endif + + if condition == '' or conf.get(condition, false) + exe = executable( + name, + sources, + include_directories : incs, + link_with : link_with, + dependencies : dependencies, + c_args : defs, + install_rpath : rootlibexecdir, + install : install_tests, + install_dir : join_paths(testsdir, type)) + + if type == 'manual' + message('@0@ is a manual test'.format(name)) + elif type == 'unsafe' and want_tests != 'unsafe' + message('@0@ is an unsafe test'.format(name)) + else + test(name, exe, + env : test_env, + timeout : timeout) + endif + else + message('Not compiling @0@ because @1@ is not true'.format(name, condition)) + endif + endforeach + + test_libsystemd_sym = executable( + 'test-libsystemd-sym', + test_libsystemd_sym_c, + include_directories : includes, + link_with : [libsystemd], + install : install_tests, + install_dir : testsdir) + test('test-libsystemd-sym', + test_libsystemd_sym) + + test_libudev_sym = executable( + 'test-libudev-sym', + test_libudev_sym_c, + include_directories : includes, + c_args : ['-Wno-deprecated-declarations'], + link_with : [libudev], + install : install_tests, + install_dir : testsdir) + test('test-libudev-sym', + test_libudev_sym) + + ############################################################ + + make_directive_index_py = find_program('tools/make-directive-index.py') + make_man_index_py = find_program('tools/make-man-index.py') + xml_helper_py = find_program('tools/xml_helper.py') + hwdb_update_sh = find_program('tools/meson-hwdb-update.sh') + + subdir('units') + subdir('sysctl.d') + subdir('sysusers.d') + subdir('tmpfiles.d') + subdir('rules') + subdir('hwdb') + subdir('network') + subdir('man') + subdir('shell-completion/bash') + subdir('shell-completion/zsh') + subdir('docs/sysvinit') + subdir('docs/var-log') + + # FIXME: figure out if the warning is true: + # https://github.com/mesonbuild/meson/wiki/Reference-manual#install_subdir + install_subdir('factory/etc', + install_dir : factorydir) + + + install_data('xorg/50-systemd-user.sh', + install_dir : xinitrcdir) + install_data('system-preset/90-systemd.preset', + install_dir : systempresetdir) + install_data('README', + 'NEWS', + 'CODING_STYLE', + 'DISTRO_PORTING', + 'ENVIRONMENT.md', + 'LICENSE.GPL2', + 'LICENSE.LGPL2.1', + 'src/libsystemd/sd-bus/GVARIANT-SERIALIZATION', + install_dir : docdir) + + meson.add_install_script('sh', '-c', mkdir_p.format(systemdstatedir)) + meson.add_install_script('sh', '-c', 'touch $DESTDIR@0@'.format(prefixdir)) + + ############################################################ + + meson_check_help = find_program('tools/meson-check-help.sh') + + foreach exec : public_programs + name = exec.full_path().split('/')[-1] + test('check-help-' + name, + meson_check_help, + args : [exec.full_path()]) + endforeach + + ############################################################ + + if git.found() + all_files = run_command( + git, + ['--git-dir=@0@/.git'.format(meson.source_root()), + 'ls-files', + ':/*.[ch]']) + all_files = files(all_files.stdout().split()) + + run_target( + 'tags', + input : all_files, + command : ['env', 'etags', '-o', '@0@/TAGS'.format(meson.source_root())] + all_files) + run_target( + 'ctags', + input : all_files, + command : ['env', 'ctags', '-o', '@0@/tags'.format(meson.source_root())] + all_files) + endif + + if git.found() + meson_git_contrib_sh = find_program('tools/meson-git-contrib.sh') + run_target( + 'git-contrib', + command : [meson_git_contrib_sh]) + endif + + if git.found() + git_head = run_command( + git, + ['--git-dir=@0@/.git'.format(meson.source_root()), + 'rev-parse', 'HEAD']).stdout().strip() + git_head_short = run_command( + git, + ['--git-dir=@0@/.git'.format(meson.source_root()), + 'rev-parse', '--short=7', 'HEAD']).stdout().strip() + + run_target( + 'git-snapshot', + command : ['git', 'archive', + '-o', '@0@/systemd-@1@.tar.gz'.format(meson.source_root(), + git_head_short), + '--prefix', 'systemd-@0@/'.format(git_head), + 'HEAD']) + endif + + ############################################################ + + status = [ + '@0@ @1@'.format(meson.project_name(), meson.project_version()), + + 'prefix: @0@'.format(prefixdir), + 'rootprefix: @0@'.format(rootprefixdir), + 'sysconf dir: @0@'.format(sysconfdir), + 'includedir: @0@'.format(includedir), + 'lib dir: @0@'.format(libdir), + 'rootlib dir: @0@'.format(rootlibdir), + 'SysV init scripts: @0@'.format(sysvinit_path), + 'SysV rc?.d directories: @0@'.format(sysvrcnd_path), + 'PAM modules dir: @0@'.format(pamlibdir), + 'PAM configuration dir: @0@'.format(pamconfdir), + 'RPM macros dir: @0@'.format(rpmmacrosdir), + 'D-Bus policy dir: @0@'.format(dbuspolicydir), + 'D-Bus session dir: @0@'.format(dbussessionservicedir), + 'D-Bus system dir: @0@'.format(dbussystemservicedir), + 'bash completions dir: @0@'.format(bashcompletiondir), + 'zsh completions dir: @0@'.format(zshcompletiondir), + 'extra start script: @0@'.format(get_option('rc-local')), + 'extra stop script: @0@'.format(get_option('halt-local')), + 'debug shell: @0@ @ @1@'.format(get_option('debug-shell'), + get_option('debug-tty')), + 'TTY GID: @0@'.format(tty_gid), + 'maximum system UID: @0@'.format(system_uid_max), + 'maximum system GID: @0@'.format(system_gid_max), + '/dev/kvm access mode: @0@'.format(get_option('dev-kvm-mode')), + 'certificate root: @0@'.format(get_option('certificate-root')), + 'support URL: @0@'.format(support_url), + 'nobody user name: @0@'.format(get_option('nobody-user')), + 'nobody group name: @0@'.format(get_option('nobody-group')), + 'fallback hostname: @0@'.format(get_option('fallback-hostname')), + + 'default DNSSEC mode: @0@'.format(default_dnssec), + 'default cgroup hierarchy: @0@'.format(default_hierarchy), + 'default KillUserProcesses setting: @0@'.format(kill_user_processes)] + + alt_dns_servers = '\n '.join(dns_servers.split(' ')) + alt_ntp_servers = '\n '.join(ntp_servers.split(' ')) + status += [ + 'default DNS servers: @0@'.format(alt_dns_servers), + 'default NTP servers: @0@'.format(alt_ntp_servers)] + + alt_time_epoch = run_command('date', '-Is', '-u', '-d', + '@@0@'.format(time_epoch)).stdout().strip() + status += [ + 'time epoch: @0@ (@1@)'.format(time_epoch, alt_time_epoch)] + + # TODO: + # CFLAGS: ${OUR_CFLAGS} ${CFLAGS} + # CPPFLAGS: ${OUR_CPPFLAGS} ${CPPFLAGS} + # LDFLAGS: ${OUR_LDFLAGS} ${LDFLAGS} + + if conf.get('ENABLE_EFI', false) + status += [ + 'efi arch: @0@'.format(efi_arch)] + + if have_gnu_efi + status += [ + 'EFI machine type: @0@'.format(EFI_MACHINE_TYPE_NAME), + 'EFI CC @0@'.format(efi_cc), + 'EFI libdir: @0@'.format(efi_libdir), + 'EFI ldsdir: @0@'.format(efi_ldsdir), + 'EFI includedir: @0@'.format(efi_incdir)] + endif + endif + + found = [] + missing = [] + + foreach tuple : [ + ['libcryptsetup'], + ['PAM'], + ['AUDIT'], + ['IMA'], + ['AppArmor'], + ['SELinux'], + ['SECCOMP'], + ['SMACK'], + ['zlib'], + ['xz'], + ['lz4'], + ['bzip2'], + ['ACL'], + ['gcrypt'], + ['qrencode'], + ['microhttpd'], + ['gnutls'], + ['libcurl'], + ['idn'], + ['libidn2'], + ['libidn'], + ['nss-systemd'], + ['libiptc'], + ['elfutils'], + ['binfmt'], + ['vconsole'], + ['quotacheck'], + ['tmpfiles'], + ['environment.d'], + ['sysusers'], + ['firstboot'], + ['randomseed'], + ['backlight'], + ['rfkill'], + ['logind'], + ['machined'], + ['importd'], + ['hostnamed'], + ['timedated'], + ['timesyncd'], + ['localed'], + ['networkd'], + ['resolved'], + ['coredump'], + ['polkit'], + ['legacy pkla', install_polkit_pkla], + ['efi'], + ['gnu-efi', have_gnu_efi], + ['kmod'], + ['xkbcommon'], + ['blkid'], + ['dbus'], ++ ['kdbus', get_option('kdbus')], + ['glib'], + ['nss-myhostname', conf.get('HAVE_MYHOSTNAME', false)], + ['hwdb'], + ['tpm'], + ['man pages', want_man], + ['html pages', want_html], + ['man page indices', want_man and have_lxml], + ['split /usr', conf.get('HAVE_SPLIT_USR', false)], + ['SysV compat'], + ['utmp'], + ['ldconfig'], + ['hibernate'], + ['adm group', get_option('adm-group')], + ['wheel group', get_option('wheel-group')], + ['gshadow'], + ['debug hashmap'], + ['debug mmap cache'], + ] + + cond = tuple.get(1, '') + if cond == '' + ident1 = 'HAVE_' + tuple[0].underscorify().to_upper() + ident2 = 'ENABLE_' + tuple[0].underscorify().to_upper() + cond = conf.get(ident1, false) or conf.get(ident2, false) + endif + if cond + found += [tuple[0]] + else + missing += [tuple[0]] + endif + endforeach + + status += [ + 'enabled features: @0@'.format(', '.join(found)), + 'disabled features: @0@'.format(', '.join(missing))] + message('\n '.join(status)) diff --cc meson_options.txt index 0000000,1594fec..e7d1ba2 mode 000000,100644..100644 --- a/meson_options.txt +++ b/meson_options.txt @@@ -1,0 -1,256 +1,259 @@@ + # -*- mode: meson -*- + + option('split-usr', type : 'boolean', value : false, + description : '''assume that /bin, /sbin aren't symlinks into /usr''') + option('rootlibdir', type : 'string', + description : '''[/usr]/lib/x86_64-linux-gnu or such''') + option('rootprefix', type : 'string', + description : '''override the root prefix''') + option('link-udev-shared', type : 'boolean', + description : 'link systemd-udev and its helpers to libsystemd-shared.so') + + option('sysvinit-path', type : 'string', value : '/etc/init.d', + description : 'the directory where the SysV init scripts are located') + option('sysvrcnd-path', type : 'string', value : '/etc/rc.d', + description : 'the base directory for SysV rcN.d directories') + option('telinit-path', type : 'string', description : 'path to telinit') + option('rc-local', type : 'string', + value : '/etc/rc.local') + option('halt-local', type : 'string', + value : '/usr/sbin/halt.local') + + option('quotaon-path', type : 'string', description : 'path to quotaon') + option('quotacheck-path', type : 'string', description : 'path to quotacheck') + option('kill-path', type : 'string', description : 'path to kill') + option('kmod-path', type : 'string', description : 'path to kmod') + option('kexec-path', type : 'string', description : 'path to kexec') + option('sulogin-path', type : 'string', description : 'path to sulogin') + option('mount-path', type : 'string', description : 'path to mount') + option('umount-path', type : 'string', description : 'path to umount') + option('loadkeys-path', type : 'string', description : 'path to loadkeys') + option('setfont-path', type : 'string', description : 'path to setfont') + + option('debug-shell', type : 'string', value : '/bin/sh', + description : 'path to debug shell binary') + option('debug-tty', type : 'string', value : '/dev/tty9', + description : 'specify the tty device for debug shell') + option('debug', type : 'string', + description : 'enable extra debugging (hashmap,mmap-cache)') + + option('utmp', type : 'boolean', + description : 'support for utmp/wtmp log handling') + option('hibernate', type : 'boolean', + description : 'support for hibernation') + option('ldconfig', type : 'boolean', + description : 'support for dynamic linker cache creation') + option('resolve', type : 'boolean', + description : 'systemd-resolved stack') + option('efi', type : 'boolean', + description : 'enable systemd-boot and bootctl') + option('tpm', type : 'boolean', value : false, + description : 'TPM should be used to log events and extend the registers') + option('environment-d', type : 'boolean', + description : 'support for environment.d') + option('binfmt', type : 'boolean', + description : 'support for custom binary formats') + option('coredump', type : 'boolean', + description : 'install the coredump handler') + option('logind', type : 'boolean', + description : 'install the systemd-logind stack') + option('hostnamed', type : 'boolean', + description : 'install the systemd-hostnamed stack') + option('localed', type : 'boolean', + description : 'install the systemd-localed stack') + option('machined', type : 'boolean', + description : 'install the systemd-machined stack') + option('networkd', type : 'boolean', + description : 'install the systemd-networkd stack') + option('timedated', type : 'boolean', + description : 'install the systemd-timedated daemon') + option('timesyncd', type : 'boolean', + description : 'install the systemd-timesyncd daemon') + option('remote', type : 'boolean', + description : 'support for "journal over the network"') + option('myhostname', type : 'boolean', + description : 'nss-myhostname support') + option('firstboot', type : 'boolean', + description : 'support for firstboot mechanism') + option('randomseed', type : 'boolean', + description : 'support for restoring random seed') + option('backlight', type : 'boolean', + description : 'support for restoring backlight state') + option('vconsole', type : 'boolean', + description : 'support for vconsole configuration') + option('quotacheck', type : 'boolean', + description : 'support for the quotacheck tools') + option('sysusers', type : 'boolean', + description : 'support for the sysusers configuration') + option('tmpfiles', type : 'boolean', + description : 'support for tmpfiles.d') + option('importd', type : 'boolean', + description : 'install the systemd-importd daemon') + option('hwdb', type : 'boolean', + description : 'support for the hardware database') + option('rfkill', type : 'boolean', + description : 'support for the rfkill tools') + option('man', type : 'combo', choices : ['auto', 'true', 'false'], + description : 'build and install man pages') + option('html', type : 'combo', choices : ['auto', 'true', 'false'], + value : 'false', + description : 'build and install html pages') + + option('certificate-root', type : 'string', value : '/etc/ssl', + description : 'the prefix for TLS certificates') + option('dbuspolicydir', type : 'string', + description : 'D-Bus policy directory') + option('dbussessionservicedir', type : 'string', + description : 'D-Bus session service directory') + option('dbussystemservicedir', type : 'string', + description : 'D-Bus system service directory') + option('pkgconfigdatadir', type : 'string', value : 'share/pkgconfig', + description : 'directory for ') + option('pkgconfiglibdir', type : 'string', value : '', + description : 'directory for ') + option('rpmmacrosdir', type : 'string', value : 'lib/rpm/macros.d', + description : 'directory for rpm macros ["no" disables]') + option('pamlibdir', type : 'string', + description : 'directory for PAM modules') + option('pamconfdir', type : 'string', + description : 'directory for PAM configuration ["no" disables]') + + option('fallback-hostname', type : 'string', value : 'localhost', + description : 'the hostname used if none configured') + option('default-hierarchy', type : 'combo', + choices : ['legacy', 'hybrid', 'unified'], value : 'hybrid', + description : 'default cgroup hierarchy') + option('time-epoch', type : 'string', + description : 'time epoch for time clients') + option('system-uid-max', type : 'string', + description : 'maximum system UID') + option('system-gid-max', type : 'string', + description : 'maximum system GID') + option('tty-gid', type : 'string', + description : 'the numeric GID of the "tty" group', + value : '5') + option('adm-group', type : 'boolean', + description : 'the ACL for adm group should be added') + option('wheel-group', type : 'boolean', + description : 'the ACL for wheel group should be added') + option('nobody-user', type : 'string', + description : 'The name of the nobody user (the one with UID 65534)', + value : 'nobody') + option('nobody-group', type : 'string', + description : 'The name of the nobody group (the one with GID 65534)', + value : 'nobody') + option('dev-kvm-mode', type : 'string', value : '0660', + description : '/dev/kvm access mode') + option('default-kill-user-processes', type : 'boolean', + description : 'the default value for KillUserProcesses= setting') + option('gshadow', type : 'boolean', + description : 'support for shadow group') + + option('default-dnssec', type : 'combo', + description : 'default DNSSEC mode', + choices : ['yes', 'allow-downgrade', 'no'], + value : 'allow-downgrade') + option('dns-servers', type : 'string', + description : 'space-separated list of default DNS servers', + value : '8.8.8.8 8.8.4.4 2001:4860:4860::8888 2001:4860:4860::8844') + option('ntp-servers', type : 'string', + description : 'space-separated list of default NTP servers', + value : 'time1.google.com time2.google.com time3.google.com time4.google.com') + option('support-url', type : 'string', + description : 'the support URL to show in catalog entries included in systemd', + value : 'https://lists.freedesktop.org/mailman/listinfo/systemd-devel') + option('www-target', type : 'string', + description : 'the address and dir to upload docs too', + value : 'www.freedesktop.org:/srv/www.freedesktop.org/www/software/systemd') + + option('seccomp', type : 'combo', choices : ['auto', 'true', 'false'], + description : 'SECCOMP support') + option('selinux', type : 'combo', choices : ['auto', 'true', 'false'], + description : 'SELinux support') + option('apparmor', type : 'combo', choices : ['auto', 'true', 'false'], + description : 'AppArmor support') + option('smack', type : 'boolean', + description : 'SMACK support') + option('smack-run-label', type : 'string', + description : 'run systemd --system itself with a specific SMACK label') + option('polkit', type : 'combo', choices : ['auto', 'true', 'false'], + description : 'PolicyKit support') + option('ima', type : 'boolean', + description : 'IMA support') + + option('acl', type : 'combo', choices : ['auto', 'true', 'false'], + description : 'libacl support') + option('audit', type : 'combo', choices : ['auto', 'true', 'false'], + description : 'libaudit support') + option('blkid', type : 'combo', choices : ['auto', 'true', 'false'], + description : 'libblkid support') + option('kmod', type : 'combo', choices : ['auto', 'true', 'false'], + description : 'support for loadable modules') + option('pam', type : 'combo', choices : ['auto', 'true', 'false'], + description : 'PAM support') + option('microhttpd', type : 'combo', choices : ['auto', 'true', 'false'], + description : 'libµhttpd support') + option('libcryptsetup', type : 'combo', choices : ['auto', 'true', 'false'], + description : 'libcryptsetup support') + option('libcurl', type : 'combo', choices : ['auto', 'true', 'false'], + description : 'libcurl support') + option('idn', type : 'boolean', + description : 'use IDN when printing host names') + option('libidn2', type : 'combo', choices : ['auto', 'true', 'false'], + description : 'libidn2 support') + option('libidn', type : 'combo', choices : ['auto', 'true', 'false'], + description : 'libidn support') + option('nss-systemd', type : 'boolean', + description : 'enable nss-systemd') + option('libiptc', type : 'combo', choices : ['auto', 'true', 'false'], + description : 'libiptc support') + option('qrencode', type : 'combo', choices : ['auto', 'true', 'false'], + description : 'libqrencode support') + option('gcrypt', type : 'combo', choices : ['auto', 'true', 'false'], + description : 'gcrypt support') + option('gnutls', type : 'combo', choices : ['auto', 'true', 'false'], + description : 'gnutls support') + option('elfutils', type : 'combo', choices : ['auto', 'true', 'false'], + description : 'elfutils support') + option('zlib', type : 'combo', choices : ['auto', 'true', 'false'], + description : 'zlib compression support') + option('bzip2', type : 'combo', choices : ['auto', 'true', 'false'], + description : 'bzip2 compression support') + option('xz', type : 'combo', choices : ['auto', 'true', 'false'], + description : 'xz compression support') + option('lz4', type : 'combo', choices : ['auto', 'true', 'false'], + description : 'lz4 compression support') + option('xkbcommon', type : 'combo', choices : ['auto', 'true', 'false'], + description : 'xkbcommon keymap support') + option('glib', type : 'combo', choices : ['auto', 'true', 'false'], + description : 'libglib support (for tests only)') + option('dbus', type : 'combo', choices : ['auto', 'true', 'false'], + description : 'libdbus support (for tests only)') + + option('gnu-efi', type : 'combo', choices : ['auto', 'true', 'false'], + description : 'gnu-efi support for sd-boot') + option('efi-cc', type : 'string', value : 'gcc', + description : 'the compiler to use for EFI modules') + option('efi-ld', type : 'string', value : 'ld', + description : 'the linker to use for EFI modules') + option('efi-libdir', type : 'string', + description : 'path to the EFI lib directory') + option('efi-ldsdir', type : 'string', + description : 'path to the EFI lds directory') + option('efi-includedir', type : 'string', value : '/usr/include/efi', + description : 'path to the EFI header directory') + option('tpm-pcrindex', type : 'string', value : '8', + description : 'TPM PCR register number to use') + ++option('kdbus', type : 'boolean', value : 'false', ++ description : 'kdbus support') ++ + option('bashcompletiondir', type : 'string', + description : 'directory for bash completion scripts ["no" disables]') + option('zshcompletiondir', type : 'string', + description : 'directory for zsh completion scripts ["no" disables]') + + option('tests', type : 'combo', choices : ['true', 'unsafe'], + description : 'enable extra tests with =unsafe') + option('install-tests', type : 'boolean', value : 'false', + description : 'install test executables') diff --cc packaging/sysctl-tizen-override.conf index 0000000,0000000..aadbf78 new file mode 100644 --- /dev/null +++ b/packaging/sysctl-tizen-override.conf @@@ -1,0 -1,0 +1,1 @@@ ++net.core.default_qdisc = pfifo_fast diff --cc packaging/systemd.spec index f7fee49,0000000..2ed8e78 mode 100644,000000..100644 --- a/packaging/systemd.spec +++ b/packaging/systemd.spec @@@ -1,665 -1,0 +1,718 @@@ +# "enable foo" will turn into --enable-foo or --disable-foo +# depending "with_foo" macro +%define enable() %{expand:%%{?with_%{1}:--enable-%{1}}%%{!?with_%{1}:--disable-%{1}}} + +%define WITH_RANDOMSEED 0 +%define WITH_BASH_COMPLETION 0 +%define WITH_ZSH_COMPLETION 0 +%define WITH_COREDUMP 0 +%define WITH_BACKLIGHT 0 +%define WITH_TIMEDATED 0 +%define WITH_RFKILL 0 +%define WITH_MACHINED 0 +%define WITH_DOC 0 +%define WITH_HOSTNAMED 0 + ++%define build_dir _build ++%define dbuspolicydir %{_datadir}/dbus-1 ++ ++# The 'meson' macro is defined in rpm macros, but it uses features from rpm 4.15 ({shrink, set_build_flags) ++# Below is a version suitable for our purposes ++%define meson \ ++ CFLAGS="${CFLAGS:-%optflags}" \ ++ export CFLAGS \ ++ %{__meson} \\\ ++ --buildtype=plain \\\ ++ --prefix=%{_prefix} \\\ ++ --libdir=%{_libdir} \\\ ++ --libexecdir=%{_libexecdir} \\\ ++ --bindir=%{_bindir} \\\ ++ --sbindir=%{_sbindir} \\\ ++ --includedir=%{_includedir} \\\ ++ --datadir=%{_datadir} \\\ ++ --mandir=%{_mandir} \\\ ++ --infodir=%{_infodir} \\\ ++ --localedir=%{_datadir}/locale \\\ ++ --sysconfdir=%{_sysconfdir} \\\ ++ --localstatedir=%{_localstatedir} \\\ ++ --sharedstatedir=%{_sharedstatedir} \\\ ++ --wrap-mode=%{__meson_wrap_mode} \\\ ++ %{_vpath_builddir} ++# Ninja macros below are defined for ninja in e.g. fedora distro, but ++# so far they are not provided by Tizen's ninja package. ++%define __ninja %{_bindir}/ninja ++%define __ninja_common_opts -v %{?_smp_flags} ++%define ninja_build \ ++ %{__ninja} %{__ninja_common_opts} ++%define ninja_install \ ++ DESTDIR=%{buildroot} %{__ninja} install %{__ninja_common_opts} ++ +Name: systemd - Version: 231 ++Version: 234 +Release: 0%{?release_flags} +# For a breakdown of the licensing, see README +License: LGPL-2.1+ and GPL-2.0+ +Summary: A System and Service Manager +Url: http://www.freedesktop.org/wiki/Software/systemd +Group: Base/Startup +Source0: https://github.com/systemd/systemd/archive/v%{version}.tar.gz +Source1: pamconsole-tmp.conf +Source2: %{name}-rpmlintrc +Source3: test-runner.c +Source4: wait-default-target.sh +Source5: wait-delayed-target.sh +Source6: org.tizen.system.conf ++Source7: sysctl-tizen-override.conf +Source1001: systemd.manifest +BuildRequires: gperf +BuildRequires: intltool >= 0.40.0 +BuildRequires: libacl-devel +BuildRequires: libblkid-devel >= 2.20 +BuildRequires: libcap-devel +BuildRequires: libgcrypt-devel +BuildRequires: libkmod-devel >= 14 +%if %{?WITH_DOC} +BuildRequires: xsltproc +BuildRequires: docbook-xsl-stylesheets +%endif +BuildRequires: pam-devel +BuildRequires: pkgconfig +# BuildRequires: pkgconfig(dbus-1) # for remove circular dependency on OBS +BuildRequires: pkgconfig(glib-2.0) +BuildRequires: pkgconfig(liblzma) +BuildRequires: pkgconfig(libkmod) +BuildRequires: pkgconfig(mount) ++BuildRequires: meson ++BuildRequires: acl ++BuildRequires: python +# Requires: dbus # for remove circular dependency on OBS +Requires: filesystem +Requires(post): coreutils +Requires(pre): coreutils +Requires(pre): /usr/bin/getent +Requires(pre): /usr/sbin/groupadd +Requires(post): %{_sbindir}/update-alternatives +Requires(preun): %{_sbindir}/update-alternatives + +Obsoletes: SysVinit < 2.86-24 +Obsoletes: sysvinit < 2.86-24 +Provides: SysVinit = 2.86-24 +Provides: sysvinit = 2.86-24 +Provides: /bin/systemctl +Provides: /sbin/shutdown +Provides: udev = %{version} +Obsoletes: udev < 183 + +%description +systemd is a system and service manager for Linux, compatible with +SysV and LSB init scripts. systemd provides aggressive parallelization +capabilities, uses socket and D-Bus activation for starting services, +offers on-demand starting of daemons, keeps track of processes using +Linux cgroups, supports snapshotting and restoring of the system +state, maintains mount and automount points and implements an +elaborate transactional dependency-based service control logic. It can +work as a drop-in replacement for sysvinit. + +%package -n libsystemd +License: LGPL-2.1+ +Summary: Systemd libraries +Group: Base/Startup +Obsoletes: libudev < 183 +Provides: libudev = %{version} +Obsoletes: systemd < 185-4 +Conflicts: systemd < 185-4 + +%description -n libsystemd +Libraries for systemd and udev, as well as the systemd PAM module. + +%package devel +License: LGPL-2.1+ +Summary: Development headers for systemd +Requires: %{name} = %{version} +Requires: libsystemd = %{version} +Provides: libudev-devel = %{version} +Obsoletes: libudev-devel < 183 + +%description devel +Development headers and auxiliary files for developing applications for systemd. + +%package analyze +License: LGPL-2.1+ +Summary: Tool for processing systemd profiling information +Requires: %{name} = %{version} +Obsoletes: systemd < 38-5 + +%description analyze +'systemd-analyze blame' lists which systemd unit needed how much time to finish +initialization at boot. +'systemd-analyze plot' renders an SVG visualizing the parallel start of units +at boot. + +%package tests +License: LGPL-2.1+ and BSD-2-Clause +Summary: Set of tests for sd-bus component +Requires: %{name} = %{version} + +%description tests +This package is part of 'dbus-integratnion-tests' framework and contains set of tests +for sd-bus component (DBUS API C library). + +%package extension-kdbus +Summary: Extension for systemd to support KDBUS in Tizen +Requires: %{name} = %{version}-%{release} + +%description extension-kdbus +This modifies systemd to support KDBUS in Tizen. + +%prep +%setup -q ++ ++%build +cp %{SOURCE1001} . +cp %{SOURCE3} . + - %build - %autogen - %configure \ - --enable-kdbus \ ++%define _vpath_srcdir . ++%define _vpath_builddir %{build_dir} ++%meson \ ++ -Dkdbus=true \ +%if ! %{WITH_RANDOMSEED} - --disable-randomseed \ ++ -Drandomseed=false \ +%endif +%if ! %{?WITH_COREDUMP} - --disable-coredump \ ++ -Dcoredump=false \ +%endif +%if ! %{?WITH_BACKLIGHT} - --disable-backlight \ ++ -Dbacklight=false \ +%endif +%if ! %{?WITH_TIMEDATED} - --disable-timedated \ ++ -Dtimedated=false \ +%endif +%if ! %{WITH_RFKILL} - --disable-rfkill \ ++ -Drfkill=false \ +%endif - --enable-compat-libs \ - --disable-hwdb \ - --disable-sysusers \ - --disable-firstboot \ - --disable-polkit \ - --disable-timesyncd \ - --disable-resolved \ - --disable-networkd \ ++ -Dhwdb=false \ ++ -Dsysusers=false \ ++ -Dfirstboot=false \ ++ -Dpolkit=false \ ++ -Dtimesyncd=false \ ++ -Dresolve=false \ ++ -Dnetworkd=false \ +%if ! %{?WITH_MACHINED} - --disable-machined \ ++ -Dmachined=false \ +%endif +%if ! %{?WITH_HOSTNAMED} - --disable-hostnamed \ ++ -Dhostnamed=false \ +%endif - --disable-importd \ - --disable-gcrypt \ - --libexecdir=%{_prefix}/lib \ - --docdir=%{_docdir}/systemd \ ++ -Dimportd=false \ ++ -Denvironment-d=false \ ++ -Dnss-systemd=false \ ++ -Dgcrypt=false \ +%if ! %{?WITH_DOC} - --disable-manpages \ ++ -Dman=false \ +%endif - --disable-static \ - --with-rpmmacrosdir=%{_sysconfdir}/rpm/ \ - --with-sysvinit-path= \ - --with-sysvrcnd-path= \ - --with-smack-run-label=System::Privileged \ - cc_cv_CFLAGS__flto=no - make %{?_smp_mflags} \ - systemunitdir=%{_unitdir} \ - userunitdir=%{_unitdir_user} ++ -Drpmmacrosdir=%{_sysconfdir}/rpm/ \ ++ -Dsysvinit-path="" \ ++ -Dsysvrcnd-path="" \ ++ -Dsmack-run-label=System::Privileged \ ++ -Dinstall-tests=true \ ++ -Db_pie=true ++%meson_build + +# compile test-runner for 'dbus-integration-test' framework +%__cc %{_builddir}/%{name}-%{version}/test-runner.c -o %{_builddir}/%{name}-%{version}/systemd-tests + +%install - %make_install ++%meson_install +%find_lang %{name} +cat <> systemd.lang +%lang(be) /usr/lib/systemd/catalog/systemd.be.catalog +%lang(be) /usr/lib/systemd/catalog/systemd.be@latin.catalog +%lang(bg) /usr/lib/systemd/catalog/systemd.bg.catalog +%lang(fr) /usr/lib/systemd/catalog/systemd.fr.catalog +%lang(it) /usr/lib/systemd/catalog/systemd.it.catalog +%lang(pl) /usr/lib/systemd/catalog/systemd.pl.catalog +%lang(pt_BR) /usr/lib/systemd/catalog/systemd.pt_BR.catalog +%lang(ru) /usr/lib/systemd/catalog/systemd.ru.catalog +%lang(zh) /usr/lib/systemd/catalog/systemd.zh_CN.catalog +%lang(zh) /usr/lib/systemd/catalog/systemd.zh_TW.catalog +EOF + +# udev links +/usr/bin/mkdir -p %{buildroot}/%{_sbindir} +/usr/bin/ln -sf ../bin/udevadm %{buildroot}%{_sbindir}/udevadm +/usr/bin/mkdir -p %{buildroot}%{_prefix}/lib/firmware/updates + +# Create SysV compatibility symlinks. systemctl/systemd are smart +# enough to detect in which way they are called. +/usr/bin/ln -s ../lib/systemd/systemd %{buildroot}%{_sbindir}/init +/usr/bin/ln -s ../lib/systemd/systemd %{buildroot}%{_bindir}/systemd +/usr/bin/ln -s ../bin/systemctl %{buildroot}%{_sbindir}/reboot +/usr/bin/ln -s ../bin/systemctl %{buildroot}%{_sbindir}/halt +/usr/bin/ln -s ../bin/systemctl %{buildroot}%{_sbindir}/poweroff +/usr/bin/ln -s ../bin/systemctl %{buildroot}%{_sbindir}/shutdown +/usr/bin/ln -s ../bin/systemctl %{buildroot}%{_sbindir}/telinit +/usr/bin/ln -s ../bin/systemctl %{buildroot}%{_sbindir}/runlevel + +# legacy links +/usr/bin/ln -s loginctl %{buildroot}%{_bindir}/systemd-loginctl + +# We create all wants links manually at installation time to make sure +# they are not owned and hence overriden by rpm after the used deleted +# them. +/usr/bin/rm -r %{buildroot}%{_sysconfdir}/systemd/system/*.target.wants + +# Make sure these directories are properly owned +/usr/bin/mkdir -p %{buildroot}%{_prefix}/lib/systemd/system/basic.target.wants +/usr/bin/mkdir -p %{buildroot}%{_prefix}/lib/systemd/system/default.target.wants +/usr/bin/mkdir -p %{buildroot}%{_prefix}/lib/systemd/system/dbus.target.wants +/usr/bin/mkdir -p %{buildroot}%{_prefix}/lib/systemd/system/syslog.target.wants + +# Make sure the user generators dir exists too +/usr/bin/mkdir -p %{buildroot}%{_prefix}/lib/systemd/system-generators +/usr/bin/mkdir -p %{buildroot}%{_prefix}/lib/systemd/user-generators + +# Create new-style configuration files so that we can ghost-own them +/usr/bin/touch %{buildroot}%{_sysconfdir}/hostname +/usr/bin/touch %{buildroot}%{_sysconfdir}/vconsole.conf +/usr/bin/touch %{buildroot}%{_sysconfdir}/locale.conf +/usr/bin/touch %{buildroot}%{_sysconfdir}/machine-id +/usr/bin/touch %{buildroot}%{_sysconfdir}/machine-info +/usr/bin/touch %{buildroot}%{_sysconfdir}/timezone + +/usr/bin/mkdir -p %{buildroot}%{_prefix}/lib/systemd/system-preset/ +/usr/bin/mkdir -p %{buildroot}%{_prefix}/lib/systemd/user-preset/ + +# Make sure the shutdown/sleep drop-in dirs exist +/usr/bin/mkdir -p %{buildroot}%{_prefix}/lib/systemd/system-shutdown/ +/usr/bin/mkdir -p %{buildroot}%{_prefix}/lib/systemd/system-sleep/ + +# Make sure the NTP units dir exists +/usr/bin/mkdir -p %{buildroot}%{_prefix}/lib/systemd/ntp-units.d/ + +# Install modprobe fragment +/usr/bin/mkdir -p %{buildroot}%{_sysconfdir}/modprobe.d/ + +# Fix the dangling /var/lock -> /run/lock symlink +install -Dm644 tmpfiles.d/legacy.conf %{buildroot}%{_prefix}/lib/tmpfiles.d/legacy.conf + +install -m644 %{SOURCE1} %{buildroot}%{_prefix}/lib/tmpfiles.d/ + +install -m 755 -d %{buildroot}/%{_prefix}/lib/systemd/system + +rm -rf %{buildroot}/%{_docdir}/%{name} + +# Allow replacing systemd-shutdown with tizen-specific variant +mv %{buildroot}%{_prefix}/lib/systemd/systemd-shutdown %{buildroot}%{_prefix}/lib/systemd/systemd-shutdown-original + +# Disable some useless services in Tizen +rm -rf %{buildroot}/%{_prefix}/lib/systemd/system/sysinit.target.wants/dev-hugepages.mount +rm -rf %{buildroot}/%{_prefix}/lib/systemd/system/sysinit.target.wants/sys-fs-fuse-connections.mount +rm -rf %{buildroot}/%{_prefix}/lib/systemd/system/sysinit.target.wants/systemd-binfmt.service +rm -rf %{buildroot}/%{_prefix}/lib/systemd/system/sysinit.target.wants/systemd-modules-load.service +rm -rf %{buildroot}/%{_prefix}/lib/systemd/system/sysinit.target.wants/systemd-ask-password-console.path +rm -rf %{buildroot}/%{_prefix}/lib/systemd/system/multi-user.target.wants/systemd-ask-password-wall.path +rm -rf %{buildroot}/%{_prefix}/lib/systemd/system/systemd-tmpfiles-clean.timer +rm -rf %{buildroot}/%{_prefix}/lib/systemd/system/systemd-tmpfiles-clean.service +rm -rf %{buildroot}/%{_prefix}/lib/systemd/system/timers.target.wants/systemd-tmpfiles-clean.timer - rm -rf %{buildroot}/%{_prefix}/lib/systemd/system/systemd-remount-fs.service - rm -rf %{buildroot}/%{_prefix}/lib/systemd/system/local-fs.target.wants/systemd-remount-fs.service + +# Exclude ELF binaries +rm -f %{buildroot}/%{_prefix}/lib/systemd/system-generators/systemd-debug-generator +rm -f %{buildroot}/%{_prefix}/lib/systemd/system-generators/systemd-efi-boot-generator +rm -f %{buildroot}/%{_prefix}/lib/systemd/system-generators/systemd-gpt-auto-generator +rm -f %{buildroot}/%{_prefix}/lib/systemd/system-generators/systemd-hibernate-resume-generator + +# Marker file for kdbus +touch %{buildroot}/%{_sysconfdir}/systemd/extension-kdbus + - # Preapre tests for 'dbus-integration-test' framework ++# Prepare tests for 'dbus-integration-test' framework +install -D -m 755 %{_builddir}/%{name}-%{version}/systemd-tests %{buildroot}%{_prefix}/lib/dbus-tests/runner/systemd-tests +mkdir -p %{buildroot}%{_prefix}/lib/dbus-tests/test-suites/systemd-tests/ - mv %{_builddir}/%{name}-%{version}/test-bus-* %{buildroot}%{_prefix}/lib/dbus-tests/test-suites/systemd-tests/ ++mv %{buildroot}%{_prefix}/lib/systemd/tests/test-bus-* %{buildroot}%{_prefix}/lib/dbus-tests/test-suites/systemd-tests/ + +# Shell Completion +%if ! %{?WITH_BASH_COMPLETION} +rm -rf %{buildroot}/%{_datadir}/bash-completion/* +%endif +%if ! %{?WITH_ZSH_COMPLETION} +rm -rf %{buildroot}/%{_datadir}/zsh/site-functions/* +%endif + +mkdir -p %{buildroot}/%{_localstatedir}/log/journal + +ln -sf ./libsystemd.pc %{buildroot}%{_libdir}/pkgconfig/libsystemd-daemon.pc +ln -sf ./libsystemd.pc %{buildroot}%{_libdir}/pkgconfig/libsystemd-id128.pc +ln -sf ./libsystemd.pc %{buildroot}%{_libdir}/pkgconfig/libsystemd-journal.pc +ln -sf ./libsystemd.pc %{buildroot}%{_libdir}/pkgconfig/libsystemd-login.pc + +# Delayed target +install -m 0755 %{SOURCE4} %{buildroot}%{_bindir}/wait-default-target.sh +install -m 0755 %{SOURCE5} %{buildroot}%{_bindir}/wait-delayed-target.sh - install -m 0755 %{SOURCE6} %{buildroot}%{_sysconfdir}/dbus-1/system.d/org.tizen.system.conf ++install -m 0755 %{SOURCE6} %{buildroot}%{dbuspolicydir}/system.d/org.tizen.system.conf ++ ++# Tizen sysctl values overriding default systemd values ++install -m 0644 %{SOURCE7} %{buildroot}%{_sysconfdir}/sysctl.d/ + +# end of install +%pre +/usr/bin/getent group cdrom >/dev/null 2>&1 || /usr/sbin/groupadd -r -g 11 cdrom >/dev/null 2>&1 || : +/usr/bin/getent group tape >/dev/null 2>&1 || /usr/sbin/groupadd -r -g 33 tape >/dev/null 2>&1 || : +/usr/bin/getent group dialout >/dev/null 2>&1 || /usr/sbin/groupadd -r -g 18 dialout >/dev/null 2>&1 || : +/usr/bin/getent group floppy >/dev/null 2>&1 || /usr/sbin/groupadd -r -g 19 floppy >/dev/null 2>&1 || : +/usr/bin/systemctl stop systemd-udevd-control.socket systemd-udevd-kernel.socket systemd-udevd.service >/dev/null 2>&1 || : + +# Rename configuration files that changed their names +/usr/bin/mv -n %{_sysconfdir}/systemd/systemd-logind.conf %{_sysconfdir}/systemd/logind.conf >/dev/null 2>&1 || : +/usr/bin/mv -n %{_sysconfdir}/systemd/systemd-journald.conf %{_sysconfdir}/systemd/journald.conf >/dev/null 2>&1 || : + +%post +/usr/bin/systemd-machine-id-setup > /dev/null 2>&1 || : +%if %{WITH_RANDOMSEED} +/usr/lib/systemd/systemd-random-seed save > /dev/null 2>&1 || : +%endif +/usr/bin/systemctl daemon-reexec > /dev/null 2>&1 || : +/usr/bin/systemctl start systemd-udevd.service >/dev/null 2>&1 || : +/usr/bin/mkdir -p /etc/systemd/network +/usr/bin/ln -sf /dev/null /etc/systemd/network/99-default.link + +# Set the smack label of executable binary tools +chsmack %{_bindir}/bootctl -a "System::Tools" +chsmack %{_bindir}/busctl -a "System::Tools" +chsmack %{_bindir}/kernel-install -a "System::Tools" +%if %{?WITH_MACHINED} +chsmack %{_bindir}/machinectl -a "System::Tools" +%endif +chsmack %{_bindir}/systemd-run -a "System::Tools" +%if %{?WITH_HOSTNAMED} +chsmack %{_bindir}/hostnamectl -a "System::Tools" +%endif +chsmack %{_bindir}/localectl -a "System::Tools" +%if %{?WITH_COREDUMP} +chsmack %{_bindir}/coredumpctl -a "System::Tools" +%endif +%if %{?WITH_TIMEDATED} +chsmack %{_bindir}/timedatectl -a "System::Tools" +%endif +chsmack %{_bindir}/systemd -a "System::Tools" +chsmack %{_bindir}/systemctl -a "System::Tools" +chsmack %{_bindir}/systemd-notify -a "System::Tools" +chsmack %{_bindir}/systemd-ask-password -a "System::Tools" +chsmack %{_bindir}/systemd-tty-ask-password-agent -a "System::Tools" +chsmack %{_bindir}/systemd-machine-id-setup -a "System::Tools" +chsmack %{_bindir}/systemd-socket-activate -a "System::Tools" +chsmack %{_bindir}/loginctl -a "System::Tools" +chsmack %{_bindir}/systemd-loginctl -a "System::Tools" +chsmack %{_bindir}/journalctl -a "System::Tools" +chsmack %{_bindir}/systemd-tmpfiles -a "System::Tools" +chsmack %{_bindir}/systemd-nspawn -a "System::Tools" +chsmack %{_bindir}/systemd-stdio-bridge -a "System::Tools" +chsmack %{_bindir}/systemd-cat -a "System::Tools" +chsmack %{_bindir}/systemd-cgls -a "System::Tools" +chsmack %{_bindir}/systemd-cgtop -a "System::Tools" +chsmack %{_bindir}/systemd-delta -a "System::Tools" +chsmack %{_bindir}/systemd-detect-virt -a "System::Tools" +chsmack %{_bindir}/systemd-inhibit -a "System::Tools" +chsmack %{_bindir}/udevadm -a "System::Tools" +chsmack %{_bindir}/systemd-escape -a "System::Tools" +chsmack %{_bindir}/systemd-path -a "System::Tools" +chsmack %{_prefix}/lib/systemd/* -a "System::Tools" + +%postun +if [ $1 -ge 1 ] ; then + /usr/bin/systemctl daemon-reload > /dev/null 2>&1 || : + /usr/bin/systemctl try-restart systemd-logind.service >/dev/null 2>&1 || : +fi + +%preun +if [ $1 -eq 0 ] ; then + /usr/bin/systemctl disable \ + getty@.service \ + remote-fs.target \ + systemd-readahead-replay.service \ + systemd-readahead-collect.service >/dev/null 2>&1 || : + + update-alternatives --remove systemd-shutdown %{_prefix}/lib/systemd/systemd-shutdown-original +fi + +%posttrans +# Update alternatives after the whole transaction is completed - this is +# necessary due to RPM ordering, which removes files from old package not +# provided by new package after regular post scripts are run. Please refer +# to following guideliness for explanation: +# https://fedoraproject.org/wiki/Packaging:Scriptlets#Ordering +if [ $1 -eq 0 ]; then + update-alternatives --install %{_prefix}/lib/systemd/systemd-shutdown systemd-shutdown %{_prefix}/lib/systemd/systemd-shutdown-original 100 || : +fi + +%post -n libsystemd -p /sbin/ldconfig +%postun -n libsystemd -p /sbin/ldconfig + +%lang_package + +%files +%manifest %{name}.manifest +%license LICENSE.LGPL2.1 LICENSE.GPL2 +%config %{_sysconfdir}/pam.d/systemd-user +%{_bindir}/bootctl +%{_bindir}/busctl +%{_bindir}/kernel-install +%if %{?WITH_MACHINED} +%{_bindir}/machinectl +%endif +%{_bindir}/systemd-run +%dir %{_prefix}/lib/kernel +%dir %{_prefix}/lib/kernel/install.d +%{_prefix}/lib/kernel/install.d/50-depmod.install +%{_prefix}/lib/kernel/install.d/90-loaderentry.install +%if %{?WITH_HOSTNAMED} +%{_bindir}/hostnamectl +%endif +%{_bindir}/localectl +%if %{?WITH_COREDUMP} +%{_bindir}/coredumpctl +%endif +%if %{?WITH_TIMEDATED} +%{_bindir}/timedatectl +%endif +%dir %{_sysconfdir}/systemd +%dir %{_sysconfdir}/systemd/system +%dir %{_sysconfdir}/systemd/user +%dir %{_sysconfdir}/tmpfiles.d +%dir %{_sysconfdir}/sysctl.d +%dir %{_sysconfdir}/modules-load.d +%dir %{_sysconfdir}/binfmt.d +%if %{?WITH_BASH_COMPLETION} +%{_datadir}/bash-completion/* +%endif +%if %{?WITH_ZSH_COMPLETION} +%dir %{_datadir}/zsh/site-functions +%{_datadir}/zsh/site-functions/* +%endif +%dir %{_sysconfdir}/udev +%dir %{_sysconfdir}/udev/rules.d +%dir %{_prefix}/lib/systemd +%dir %{_prefix}/lib/systemd/system +%dir %{_prefix}/lib/systemd/system-generators +%dir %{_prefix}/lib/systemd/user-generators +%dir %{_prefix}/lib/systemd/system-preset +%dir %{_prefix}/lib/systemd/user-preset +%dir %{_prefix}/lib/systemd/system-shutdown +%dir %{_prefix}/lib/systemd/system-sleep +%dir %{_prefix}/lib/tmpfiles.d +%dir %{_prefix}/lib/sysctl.d +%dir %{_prefix}/lib/modules-load.d +%dir %{_prefix}/lib/binfmt.d +%dir %{_prefix}/lib/firmware +%dir %{_prefix}/lib/firmware/updates +%dir %{_datadir}/systemd - %config(noreplace) %{_sysconfdir}/dbus-1/system.d/org.freedesktop.systemd1.conf ++%config(noreplace) %{dbuspolicydir}/system.d/org.freedesktop.systemd1.conf +%if %{?WITH_HOSTNAMED} - %config(noreplace) %{_sysconfdir}/dbus-1/system.d/org.freedesktop.hostname1.conf ++%config(noreplace) %{dbuspolicydir}/system.d/org.freedesktop.hostname1.conf +%endif - %config(noreplace) %{_sysconfdir}/dbus-1/system.d/org.freedesktop.login1.conf - %config(noreplace) %{_sysconfdir}/dbus-1/system.d/org.freedesktop.locale1.conf ++%config(noreplace) %{dbuspolicydir}/system.d/org.freedesktop.login1.conf ++%config(noreplace) %{dbuspolicydir}/system.d/org.freedesktop.locale1.conf +%if %{?WITH_TIMEDATED} - %config(noreplace) %{_sysconfdir}/dbus-1/system.d/org.freedesktop.timedate1.conf ++%config(noreplace) %{dbuspolicydir}/system.d/org.freedesktop.timedate1.conf +%endif +%if %{?WITH_MACHINED} - %config(noreplace) %{_sysconfdir}/dbus-1/system.d/org.freedesktop.machine1.conf ++%config(noreplace) %{dbuspolicydir}/system.d/org.freedesktop.machine1.conf +%endif +%if %{?WITH_COREDUMP} +%config(noreplace) %{_sysconfdir}/systemd/coredump.conf ++%else ++%exclude %{_sysconfdir}/systemd/coredump.conf +%endif +%config(noreplace) %{_sysconfdir}/systemd/system.conf +%config(noreplace) %{_sysconfdir}/systemd/user.conf +%config(noreplace) %{_sysconfdir}/systemd/logind.conf +%config(noreplace) %{_sysconfdir}/systemd/journald.conf +%config(noreplace) %{_sysconfdir}/udev/udev.conf ++%config(noreplace) %{_sysconfdir}/sysctl.d/sysctl-tizen-override.conf +%{_sysconfdir}/xdg/systemd +%ghost %config(noreplace) %{_sysconfdir}/hostname +%ghost %config(noreplace) %{_sysconfdir}/vconsole.conf +%ghost %config(noreplace) %{_sysconfdir}/locale.conf +%ghost %config(noreplace) %{_sysconfdir}/machine-id +%ghost %config(noreplace) %{_sysconfdir}/machine-info +%ghost %config(noreplace) %{_sysconfdir}/timezone +%exclude %{_sysconfdir}/X11/xinit/xinitrc.d/50-systemd-user.sh +%{_bindir}/systemd +%{_bindir}/systemctl +%{_bindir}/systemd-notify +%{_bindir}/systemd-ask-password +%{_bindir}/systemd-tty-ask-password-agent +%{_bindir}/systemd-machine-id-setup +%{_bindir}/systemd-socket-activate +%{_bindir}/loginctl +%{_bindir}/systemd-loginctl +%{_bindir}/journalctl +%{_bindir}/systemd-tmpfiles +%{_bindir}/systemd-nspawn +%{_bindir}/systemd-stdio-bridge +%{_bindir}/systemd-cat +%{_bindir}/systemd-cgls +%{_bindir}/systemd-cgtop +%{_bindir}/systemd-delta +%{_bindir}/systemd-detect-virt +%{_bindir}/systemd-inhibit +%{_bindir}/udevadm +%{_bindir}/systemd-escape +%{_bindir}/systemd-path ++%{_bindir}/networkctl ++%{_bindir}/systemd-mount ++%{_bindir}/systemd-umount +%{_prefix}/lib/sysctl.d/*.conf +%{_prefix}/lib/systemd/systemd +%{_prefix}/lib/systemd/system - %exclude %{_prefix}/lib/systemd/resolv.conf + +%dir %{_prefix}/lib/systemd/system/basic.target.wants +%dir %{_prefix}/lib/systemd/user +%dir %{_prefix}/lib/systemd/network +%dir %{_prefix}/lib/systemd/user/default.target.wants +%{_prefix}/lib/systemd/user/basic.target +%{_prefix}/lib/systemd/user/exit.target +%{_prefix}/lib/systemd/user/printer.target +%{_prefix}/lib/systemd/user/shutdown.target +%{_prefix}/lib/systemd/user/sockets.target +%{_prefix}/lib/systemd/user/sound.target +%{_prefix}/lib/systemd/user/systemd-exit.service +%{_prefix}/lib/systemd/user/paths.target +%{_prefix}/lib/systemd/user/smartcard.target +%{_prefix}/lib/systemd/user/timers.target - %exclude %{_prefix}/lib/systemd/network/80-container-ve.network - %exclude %{_prefix}/lib/systemd/network/80-container-host0.network - %exclude %{_prefix}/lib/systemd/network/80-container-vz.network +%{_prefix}/lib/systemd/user/default.target ++%exclude %{_prefix}/lib/systemd/user/graphical-session.target ++%exclude %{_prefix}/lib/systemd/user/graphical-session-pre.target +%{_prefix}/lib/systemd/network/99-default.link +%exclude %{_prefix}/lib/systemd/system-preset/90-systemd.preset +%{_prefix}/lib/systemd/user/delayed.target +%{_prefix}/lib/systemd/user/user-delayed-target-trigger.service +%{_prefix}/lib/systemd/user/default.target.wants/user-delayed-target-trigger.service +%{_prefix}/lib/systemd/user/user-default-target-done.service +%{_prefix}/lib/systemd/user/default.target.wants/user-default-target-done.service +%{_prefix}/lib/systemd/user/user-delayed-target-done.service +%{_prefix}/lib/systemd/user/delayed.target.wants/user-delayed-target-done.service - %{_sysconfdir}/dbus-1/system.d/org.tizen.system.conf ++%{dbuspolicydir}/system.d/org.tizen.system.conf + - %{_prefix}/lib/systemd/libsystemd-shared-231.so - %{_prefix}/lib/systemd/libsystemd-shared.so ++%{_prefix}/lib/systemd/libsystemd-shared-%{version}.so +%{_prefix}/lib/systemd/systemd-* +%dir %{_prefix}/lib/systemd/catalog +%{_prefix}/lib/systemd/catalog/systemd.catalog +%{_prefix}/lib/udev +%{_prefix}/lib/systemd/system-generators/systemd-getty-generator +%{_prefix}/lib/systemd/system-generators/systemd-fstab-generator +%{_prefix}/lib/systemd/system-generators/systemd-system-update-generator +%{_prefix}/lib/tmpfiles.d/home.conf +%{_prefix}/lib/tmpfiles.d/journal-nocow.conf +%{_prefix}/lib/tmpfiles.d/legacy.conf +%{_prefix}/lib/tmpfiles.d/pamconsole-tmp.conf +%{_prefix}/lib/tmpfiles.d/systemd.conf +%{_prefix}/lib/tmpfiles.d/systemd-nologin.conf +%{_prefix}/lib/tmpfiles.d/systemd-nspawn.conf +%{_prefix}/lib/tmpfiles.d/tmp.conf +%{_prefix}/lib/tmpfiles.d/var.conf +%{_prefix}/lib/tmpfiles.d/x11.conf +%{_sbindir}/init +%{_sbindir}/reboot +%{_sbindir}/halt +%{_sbindir}/poweroff +%{_sbindir}/shutdown +%{_sbindir}/telinit +%{_sbindir}/runlevel +%{_sbindir}/udevadm +%{_datadir}/systemd/graphinfo.gvpr +%{_datadir}/systemd/kbd-model-map +%{_datadir}/systemd/language-fallback-map +%{_datadir}/dbus-1/services/org.freedesktop.systemd1.service +%{_datadir}/dbus-1/system-services/org.freedesktop.systemd1.service +%if %{?WITH_HOSTNAMED} +%{_datadir}/dbus-1/system-services/org.freedesktop.hostname1.service +%endif +%{_datadir}/dbus-1/system-services/org.freedesktop.login1.service +%{_datadir}/dbus-1/system-services/org.freedesktop.locale1.service +%if %{?WITH_TIMEDATED} +%{_datadir}/dbus-1/system-services/org.freedesktop.timedate1.service +%endif +%if %{?WITH_MACHINED} +%{_datadir}/dbus-1/system-services/org.freedesktop.machine1.service +%endif +%dir %{_datadir}/factory/ +%dir %{_datadir}/factory/etc +%dir %{_datadir}/factory/etc/pam.d +%{_datadir}/factory/etc/nsswitch.conf +%{_datadir}/factory/etc/pam.d/other +%{_datadir}/factory/etc/pam.d/system-auth + +%{_localstatedir}/log/journal + +%{_bindir}/wait-default-target.sh +%{_bindir}/wait-delayed-target.sh ++%exclude %{_prefix}/lib/systemd/system/systemd-networkd.socket ++%exclude %{_prefix}/lib/systemd/system/runlevel0.target ++%exclude %{_prefix}/lib/systemd/system/runlevel1.target ++%exclude %{_prefix}/lib/systemd/system/runlevel2.target ++%exclude %{_prefix}/lib/systemd/system/runlevel3.target ++%exclude %{_prefix}/lib/systemd/system/runlevel4.target ++%exclude %{_prefix}/lib/systemd/system/runlevel5.target ++%exclude %{_prefix}/lib/systemd/system/runlevel6.target + +%files -n libsystemd +%manifest %{name}.manifest +%license LICENSE.LGPL2.1 +%{_libdir}/security/pam_systemd.so +%{_libdir}/libsystemd.so.* +%{_libdir}/libudev.so.* +%{_libdir}/libnss_myhostname.so.2 +%if %{?WITH_MACHINED} +%{_libdir}/libnss_mymachines.so.2 +%endif + +%files extension-kdbus +%manifest %{name}.manifest +%license LICENSE.LGPL2.1 LICENSE.GPL2 +%{_sysconfdir}/systemd/extension-kdbus +%{_prefix}/lib/systemd/user/busnames.target +%{_prefix}/lib/systemd/system-generators/systemd-dbus1-generator +%{_prefix}/lib/systemd/user-generators/systemd-dbus1-generator + +%files devel +%manifest %{name}.manifest +%{_libdir}/libudev.so +%{_libdir}/libsystemd.so +%dir %{_includedir}/systemd +%{_includedir}/systemd/sd-bus.h +%{_includedir}/systemd/sd-bus-protocol.h +%{_includedir}/systemd/sd-bus-vtable.h +%{_includedir}/systemd/sd-event.h +%{_includedir}/systemd/_sd-common.h +%{_includedir}/systemd/sd-daemon.h +%{_includedir}/systemd/sd-id128.h +%{_includedir}/systemd/sd-journal.h +%{_includedir}/systemd/sd-login.h +%{_includedir}/systemd/sd-messages.h +%{_includedir}/libudev.h +%{_libdir}/pkgconfig/libudev.pc +%{_libdir}/pkgconfig/libsystemd.pc +%{_datadir}/pkgconfig/systemd.pc +%{_datadir}/pkgconfig/udev.pc +%{_libdir}/pkgconfig/libsystemd-daemon.pc +%{_libdir}/pkgconfig/libsystemd-id128.pc +%{_libdir}/pkgconfig/libsystemd-journal.pc +%{_libdir}/pkgconfig/libsystemd-login.pc +%{_sysconfdir}/rpm/macros.systemd + +%files analyze +%manifest %{name}.manifest +%license LICENSE.LGPL2.1 +%{_bindir}/systemd-analyze + +%files tests +%manifest %{name}.manifest +%{_prefix}/lib/dbus-tests/test-suites/systemd-tests/ +%{_prefix}/lib/dbus-tests/runner/systemd-tests ++%{_prefix}/lib/systemd/tests/ + +%if %{?WITH_DOC} +%docs_package ++%else ++%exclude %{_docdir} ++%exclude %{_datadir}/doc/systemd +%endif diff --cc rules/meson.build index 0000000,0f818a5..90a55eb mode 000000,100644..100644 --- a/rules/meson.build +++ b/rules/meson.build @@@ -1,0 -1,39 +1,40 @@@ + rules = files(''' ++ 55-udev-smack-default.rules + 60-block.rules + 60-cdrom_id.rules + 60-drm.rules + 60-evdev.rules + 60-input-id.rules + 60-persistent-alsa.rules + 60-persistent-input.rules + 60-persistent-storage.rules + 60-persistent-storage-tape.rules + 60-persistent-v4l.rules + 60-sensor.rules + 60-serial.rules + 64-btrfs.rules + 70-mouse.rules + 70-touchpad.rules + 75-net-description.rules + 75-probe_mtd.rules + 78-sound-card.rules + 80-drivers.rules + 80-net-setup-link.rules + '''.split()) + + install_data(rules, + install_dir : udevrulesdir) + + rules_in = ''' + 50-udev-default.rules + 99-systemd.rules + '''.split() + + foreach file : rules_in + gen = configure_file( + input : file + '.in', + output : file, + configuration : substs) + install_data(gen, + install_dir : udevrulesdir) + endforeach diff --cc src/basic/special.h index 872c56f,feb8e5f..48b36de --- a/src/basic/special.h +++ b/src/basic/special.h @@@ -118,5 -119,5 +119,7 @@@ /* The scope unit systemd itself lives in. */ #define SPECIAL_INIT_SCOPE "init.scope" + /* The root directory. */ + #define SPECIAL_ROOT_MOUNT "-.mount" + +#define XCACHE_CGROUP_ROOT "/run/systemd/x-cache-cgroup-root" diff --cc src/busctl/busctl.c index 2d3aeb3,b38d6c7..30f0fed --- a/src/busctl/busctl.c +++ b/src/busctl/busctl.c @@@ -1086,51 -1078,14 +1086,53 @@@ static int message_pcap(sd_bus_message return bus_message_pcap_frame(m, arg_snaplen, f); } -static int monitor(sd_bus *bus, char *argv[], int (*dump)(sd_bus_message *m, FILE *f)) { +static int message_dot(sd_bus_message *m, FILE *f, Hashmap *hashmap_wkn, sd_bus *bus) { + + if (arg_well_known_names){ + + dot_dump_unique_name(bus, sd_bus_message_get_sender(m), hashmap_wkn, f, m); + dot_dump_unique_name(bus, sd_bus_message_get_destination(m), hashmap_wkn, f, m); + } + + return bus_message_dot_dump(m, f); +} + +static bool check_pid(sd_bus *bus, Hashmap *hashmap_pids, const char *name, int compare_pid) { + pid_t pid; + sd_bus_creds *creds = NULL; + int r; + + if (!name) + return false; + + pid = (pid_t)hashmap_get(hashmap_pids, name); + if (pid == 0) { + r = sd_bus_get_name_creds(bus, name, SD_BUS_CREDS_PID, &creds); + if (r >= 0) + r = sd_bus_creds_get_pid(creds, &pid); + + if (r < 0) + return false; + + hashmap_put(hashmap_pids, strdup(name), (void*)pid); + } + + if (compare_pid == pid) + return true; + + return false; + +} + +static int prepare_connection(sd_bus *bus, char *argv[]) +{ - int r; - uint32_t flags = 0; - char **i; _cleanup_(sd_bus_message_unrefp) sd_bus_message *message = NULL; _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL; + char **i; + uint32_t flags = 0; + const char *unique_name; + bool is_monitor = false; + int r; /* upgrade connection; it's not used for anything else after this call */ r = sd_bus_message_new_method_call(bus, &message, "org.freedesktop.DBus", "/org/freedesktop/DBus", "org.freedesktop.DBus.Monitoring", "BecomeMonitor"); @@@ -1186,110 -1142,38 +1188,139 @@@ return r; } + r = sd_bus_get_unique_name(bus, &unique_name); + if (r < 0) + return log_error_errno(r, "Failed to get unique name: %m"); + - log_info("Monitoring bus message stream."); - - for (;;) { ++ while (!is_monitor) { + _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL; + + r = sd_bus_process(bus, &m); + if (r < 0) + return log_error_errno(r, "Failed to process bus: %m"); + + if (!is_monitor) { + const char *name; + + /* wait until we lose our unique name */ + if (sd_bus_message_is_signal(m, "org.freedesktop.DBus", "NameLost") <= 0) + continue; + + r = sd_bus_message_read(m, "s", &name); + if (r < 0) + return log_error_errno(r, "Failed to read lost name: %m"); + + if (streq(name, unique_name)) + is_monitor = true; ++ } ++ } + - continue; + return 0; +} + +static int prepare_connection_kernel(sd_bus *bus, char *argv[]) +{ + int r; + bool added_something = false; + char **i; + + STRV_FOREACH(i, argv+1) { + _cleanup_free_ char *m = NULL; + if (!service_name_is_valid(*i)) { + log_error("Invalid service name '%s'", *i); + return -EINVAL; } + m = strjoin("sender='", *i, "'", NULL); + if (!m) + return log_oom(); + + r = sd_bus_add_match(bus, NULL, m, NULL, NULL); + if (r < 0) + return log_error_errno(r, "Failed to add match: %m"); + + free(m); + m = strjoin("destination='", *i, "'", NULL); + if (!m) + return log_oom(); + + r = sd_bus_add_match(bus, NULL, m, NULL, NULL); + if (r < 0) + return log_error_errno(r, "Failed to add match: %m"); + + added_something = true; + } + + STRV_FOREACH(i, arg_matches) { + r = sd_bus_add_match(bus, NULL, *i, NULL, NULL); + if (r < 0) + return log_error_errno(r, "Failed to add match: %m"); + + added_something = true; + } + + if (!added_something) { + r = sd_bus_add_match(bus, NULL, "", NULL, NULL); + if (r < 0) + return log_error_errno(r, "Failed to add match: %m"); + } + return 0; +} + +static int monitor(sd_bus *bus, char *argv[], int (*dump)(sd_bus_message *m, FILE *f, Hashmap *hashmap_wkn, sd_bus *bus)) { + int r; + bool receiver_pid_match; + bool sender_pid_match; + + _cleanup_hashmap_free_ Hashmap *hashmap_pids = NULL; + _cleanup_hashmap_free_ Hashmap *hashmap_names = NULL; + _cleanup_strv_free_ char **acquired = NULL, **activatable = NULL; + + hashmap_pids = hashmap_new(&string_hash_ops); + hashmap_names = hashmap_new(&string_hash_ops); + + if (bus->is_kernel) + r = prepare_connection_kernel(bus, argv); + else + r = prepare_connection(bus, argv); + + if (r != 0) + return r; + ++ log_info("Monitoring bus message stream."); ++ + while (monitor_run_condi) { + _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL; + + receiver_pid_match = true; + sender_pid_match = true; + + r = sd_bus_process(bus, &m); + if (r < 0) + return log_error_errno(r, "Failed to process bus: %m"); + if (m) { - dump(m, stdout); + + if (arg_sender_pid != 0) { + sender_pid_match = check_pid( + bus, + hashmap_pids, + sd_bus_message_get_sender(m), + arg_sender_pid); + } + + if (arg_receiver_pid != 0) { + receiver_pid_match = check_pid( + bus, + hashmap_pids, + sd_bus_message_get_destination(m), + arg_receiver_pid); + } + + if ((!arg_pid && receiver_pid_match && sender_pid_match) || (arg_pid && (receiver_pid_match || sender_pid_match))) { + dump(m, stdout, hashmap_names, bus); + } + fflush(stdout); if (sd_bus_message_is_signal(m, "org.freedesktop.DBus.Local", "Disconnected") > 0) { @@@ -2234,9 -2026,7 +2265,7 @@@ int main(int argc, char *argv[]) goto finish; } - if (streq_ptr(argv[optind], "monitor") || - streq_ptr(argv[optind], "dot") || - streq_ptr(argv[optind], "capture")) { - if (STRPTR_IN_SET(argv[optind], "monitor", "capture")) { ++ if (STRPTR_IN_SET(argv[optind], "monitor", "dot", "capture")) { r = sd_bus_set_monitor(bus, true); if (r < 0) { diff --cc src/core/busname.c index 1a3536e,955f6f8..0826f2f --- a/src/core/busname.c +++ b/src/core/busname.c @@@ -28,7 -27,8 +28,7 @@@ #include "busname.h" #include "dbus-busname.h" #include "fd-util.h" - #include "formats-util.h" + #include "format-util.h" -#include "kdbus.h" #include "parse-util.h" #include "process-util.h" #include "service.h" diff --cc src/core/dbus-execute.c index 3030cbc,c041a7d..a5b8eac --- a/src/core/dbus-execute.c +++ b/src/core/dbus-execute.c @@@ -754,6 -853,18 +883,18 @@@ const sd_bus_vtable bus_exec_vtable[] SD_BUS_PROPERTY("RuntimeDirectory", "as", NULL, offsetof(ExecContext, runtime_directory), SD_BUS_VTABLE_PROPERTY_CONST), SD_BUS_PROPERTY("MemoryDenyWriteExecute", "b", bus_property_get_bool, offsetof(ExecContext, memory_deny_write_execute), SD_BUS_VTABLE_PROPERTY_CONST), SD_BUS_PROPERTY("RestrictRealtime", "b", bus_property_get_bool, offsetof(ExecContext, restrict_realtime), SD_BUS_VTABLE_PROPERTY_CONST), + SD_BUS_PROPERTY("RestrictNamespaces", "t", bus_property_get_ulong, offsetof(ExecContext, restrict_namespaces), SD_BUS_VTABLE_PROPERTY_CONST), + SD_BUS_PROPERTY("BindPaths", "a(ssbt)", property_get_bind_paths, 0, SD_BUS_VTABLE_PROPERTY_CONST), + SD_BUS_PROPERTY("BindReadOnlyPaths", "a(ssbt)", property_get_bind_paths, 0, SD_BUS_VTABLE_PROPERTY_CONST), + SD_BUS_PROPERTY("MountAPIVFS", "b", bus_property_get_bool, offsetof(ExecContext, mount_apivfs), SD_BUS_VTABLE_PROPERTY_CONST), + + /* Obsolete/redundant properties: */ - SD_BUS_PROPERTY("Capabilities", "s", property_get_empty_string, 0, SD_BUS_VTABLE_PROPERTY_CONST|SD_BUS_VTABLE_HIDDEN), ++ SD_BUS_PROPERTY("Capabilities", "s", property_get_capabilities, 0, SD_BUS_VTABLE_PROPERTY_CONST), + SD_BUS_PROPERTY("ReadWriteDirectories", "as", NULL, offsetof(ExecContext, read_write_paths), SD_BUS_VTABLE_PROPERTY_CONST|SD_BUS_VTABLE_HIDDEN), + SD_BUS_PROPERTY("ReadOnlyDirectories", "as", NULL, offsetof(ExecContext, read_only_paths), SD_BUS_VTABLE_PROPERTY_CONST|SD_BUS_VTABLE_HIDDEN), + SD_BUS_PROPERTY("InaccessibleDirectories", "as", NULL, offsetof(ExecContext, inaccessible_paths), SD_BUS_VTABLE_PROPERTY_CONST|SD_BUS_VTABLE_HIDDEN), + SD_BUS_PROPERTY("IOScheduling", "i", property_get_ioprio, 0, SD_BUS_VTABLE_PROPERTY_CONST|SD_BUS_VTABLE_HIDDEN), + SD_BUS_VTABLE_END }; diff --cc src/core/execute.c index 4b81c83,d72e5bf..9295108 --- a/src/core/execute.c +++ b/src/core/execute.c @@@ -2076,24 -2722,9 +2743,25 @@@ static int exec_child r = capability_ambient_set_apply(context->capability_ambient_set, true); if (r < 0) { *exit_status = EXIT_CAPABILITIES; + *error_message = strdup("Failed to apply ambient capabilities (before UID change)"); return r; } + + if (context->capabilities) { + + /* The capabilities in ambient set need to be also in the inherited + * set. If they aren't, trying to get them will fail. Add the ambient + * set inherited capabilities to the capability set in the context. + * This is needed because if capabilities are set (using "Capabilities=" + * keyword), they will override whatever we set now. */ + + r = capability_update_inherited_set(context->capabilities, context->capability_ambient_set); + if (r < 0) { + *exit_status = EXIT_CAPABILITIES; + return r; + } + } + } if (context->user) { @@@ -2132,16 -2806,10 +2843,16 @@@ return -errno; } + if (context->capabilities) + if (cap_set_proc(context->capabilities) < 0) { + *exit_status = EXIT_CAPABILITIES; + return -errno; + } + - if (context->no_new_privileges || - (!have_effective_cap(CAP_SYS_ADMIN) && (use_address_families || context->memory_deny_write_execute || context->restrict_realtime || use_syscall_filter))) + if (context_has_no_new_privileges(context)) if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) < 0) { *exit_status = EXIT_NO_NEW_PRIVILEGES; + *error_message = strdup("Failed to disable new privileges"); return -errno; } diff --cc src/core/load-fragment.c index 35915be,9d5c39b..8d01a0b --- a/src/core/load-fragment.c +++ b/src/core/load-fragment.c @@@ -4060,11 -4539,10 +4573,11 @@@ void unit_dump_config_items(FILE *f) { config_parse_exec_cpu_affinity, "CPUAFFINITY" }, { config_parse_mode, "MODE" }, { config_parse_unit_env_file, "FILE" }, - { config_parse_output, "OUTPUT" }, - { config_parse_input, "INPUT" }, + { config_parse_exec_output, "OUTPUT" }, + { config_parse_exec_input, "INPUT" }, { config_parse_log_facility, "FACILITY" }, { config_parse_log_level, "LEVEL" }, + { config_parse_exec_capabilities, "CAPABILITIES" }, { config_parse_exec_secure_bits, "SECUREBITS" }, { config_parse_capability_set, "BOUNDINGSET" }, { config_parse_limit, "LIMIT" }, diff --cc src/core/manager.c index 5abd531,2837207..1337ccf --- a/src/core/manager.c +++ b/src/core/manager.c @@@ -813,28 -825,59 +825,81 @@@ static int manager_setup_cgroups_agent( return 0; } +static int manager_setup_kdbus(Manager *m) { + _cleanup_free_ char *p = NULL; + + assert(m); + + if (m->test_run || m->kdbus_fd >= 0) + return 0; + if (!is_kdbus_available()) + return -ESOCKTNOSUPPORT; + + m->kdbus_fd = bus_kernel_create_bus( + MANAGER_IS_SYSTEM(m) ? "system" : "user", + MANAGER_IS_SYSTEM(m), &p); + + if (m->kdbus_fd < 0) + return log_debug_errno(m->kdbus_fd, "Failed to set up kdbus: %m"); + + log_debug("Successfully set up kdbus on %s", p); + + return 0; +} + + static int manager_setup_user_lookup_fd(Manager *m) { + int r; + + assert(m); + + /* Set up the socket pair used for passing UID/GID resolution results from forked off processes to PID + * 1. Background: we can't do name lookups (NSS) from PID 1, since it might involve IPC and thus activation, + * and we might hence deadlock on ourselves. Hence we do all user/group lookups asynchronously from the forked + * off processes right before executing the binaries to start. In order to be able to clean up any IPC objects + * created by a unit (see RemoveIPC=) we need to know in PID 1 the used UID/GID of the executed processes, + * hence we establish this communication channel so that forked off processes can pass their UID/GID + * information back to PID 1. The forked off processes send their resolved UID/GID to PID 1 in a simple + * datagram, along with their unit name, so that we can share one communication socket pair among all units for + * this purpose. + * + * You might wonder why we need a communication channel for this that is independent of the usual notification + * socket scheme (i.e. $NOTIFY_SOCKET). The primary difference is about trust: data sent via the $NOTIFY_SOCKET + * channel is only accepted if it originates from the right unit and if reception was enabled for it. The user + * lookup socket OTOH is only accessible by PID 1 and its children until they exec(), and always available. + * + * Note that this function is called under two circumstances: when we first initialize (in which case we + * allocate both the socket pair and the event source to listen on it), and when we deserialize after a reload + * (in which case the socket pair already exists but we still need to allocate the event source for it). */ + + if (m->user_lookup_fds[0] < 0) { + + /* Free all secondary fields */ + safe_close_pair(m->user_lookup_fds); + m->user_lookup_event_source = sd_event_source_unref(m->user_lookup_event_source); + + if (socketpair(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0, m->user_lookup_fds) < 0) + return log_error_errno(errno, "Failed to allocate user lookup socket: %m"); + + (void) fd_inc_rcvbuf(m->user_lookup_fds[0], NOTIFY_RCVBUF_SIZE); + } + + if (!m->user_lookup_event_source) { + r = sd_event_add_io(m->event, &m->user_lookup_event_source, m->user_lookup_fds[0], EPOLLIN, manager_dispatch_user_lookup_fd, m); + if (r < 0) + return log_error_errno(errno, "Failed to allocate user lookup event source: %m"); + + /* Process even earlier than the notify event source, so that we always know first about valid UID/GID + * resolutions */ + r = sd_event_source_set_priority(m->user_lookup_event_source, SD_EVENT_PRIORITY_NORMAL-8); + if (r < 0) + return log_error_errno(errno, "Failed to set priority ot user lookup event source: %m"); + + (void) sd_event_source_set_description(m->user_lookup_event_source, "user-lookup"); + } + + return 0; + } + static int manager_connect_bus(Manager *m, bool reexecuting) { bool try_bus_connect; @@@ -1241,11 -1317,15 +1339,21 @@@ int manager_startup(Manager *m, FILE *s if (q < 0 && r == 0) r = q; + /* We might have deserialized the kdbus control fd, but if we + * didn't, then let's create the bus now. */ + manager_setup_kdbus(m); + manager_connect_bus(m, !!serialization); - bus_track_coldplug(m, &m->subscribed, &m->deserialized_subscribed); ++ (void) bus_track_coldplug(m, &m->subscribed, false, m->deserialized_subscribed); ++ + q = manager_setup_user_lookup_fd(m); + if (q < 0 && r == 0) + r = q; + + /* Let's connect to the bus now. */ + (void) manager_connect_bus(m, !!serialization); + + (void) bus_track_coldplug(m, &m->subscribed, false, m->deserialized_subscribed); + m->deserialized_subscribed = strv_free(m->deserialized_subscribed); /* Third, fire things up! */ manager_coldplug(m); @@@ -1719,24 -1815,18 +1843,18 @@@ static int manager_dispatch_notify_fd(s /* Notify every unit that might be interested, but try * to avoid notifying the same one multiple times. */ u1 = manager_get_unit_by_pid_cgroup(m, ucred->pid); - if (u1) { + if (u1) - manager_invoke_notify_message(m, u1, ucred->pid, buf, fds); + manager_invoke_notify_message(m, u1, ucred, buf, fds); - found = true; - } u2 = hashmap_get(m->watch_pids1, PID_TO_PTR(ucred->pid)); - if (u2 && u2 != u1) { + if (u2 && u2 != u1) - manager_invoke_notify_message(m, u2, ucred->pid, buf, fds); + manager_invoke_notify_message(m, u2, ucred, buf, fds); - found = true; - } u3 = hashmap_get(m->watch_pids2, PID_TO_PTR(ucred->pid)); - if (u3 && u3 != u2 && u3 != u1) { + if (u3 && u3 != u2 && u3 != u1) - manager_invoke_notify_message(m, u3, ucred->pid, buf, fds); + manager_invoke_notify_message(m, u3, ucred, buf, fds); - found = true; - } - if (!found) + if (!u1 && !u2 && !u3) log_warning("Cannot find unit for notify message of PID "PID_FMT".", ucred->pid); if (fdset_size(fds) > 0) diff --cc src/core/mount-setup.c index 1c86ea7,7295efb..9214291 --- a/src/core/mount-setup.c +++ b/src/core/mount-setup.c @@@ -91,20 -90,19 +91,22 @@@ static const MountPoint mount_table[] { "devpts", "/dev/pts", "devpts", "mode=620,gid=" STRINGIFY(TTY_GID), MS_NOSUID|MS_NOEXEC, NULL, MNT_IN_CONTAINER }, #ifdef HAVE_SMACK - { "tmpfs", "/run", "tmpfs", "mode=755,smackfsroot=*", MS_NOSUID|MS_NODEV|MS_STRICTATIME, - mac_smack_use, MNT_FATAL }, -#endif - { "tmpfs", "/run", "tmpfs", "mode=755", MS_NOSUID|MS_NODEV|MS_STRICTATIME, + { "tmpfs", "/run", "tmpfs", "mode=755,smackfstransmute=System::Run", MS_NOSUID|MS_NODEV|MS_STRICTATIME|MS_NOEXEC, + mac_smack_use, MNT_FATAL }, + { "tmpfs", "/sys/fs/cgroup", "tmpfs", "mode=755,smackfsroot=*", MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_STRICTATIME, + mac_smack_use, MNT_IN_CONTAINER }, +#else + { "tmpfs", "/run", "tmpfs", "mode=755", MS_NOSUID|MS_NODEV|MS_STRICTATIME|MS_NOEXEC, NULL, MNT_FATAL|MNT_IN_CONTAINER }, { "cgroup", "/sys/fs/cgroup", "cgroup2", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV, - cg_is_unified_wanted, MNT_FATAL|MNT_IN_CONTAINER }, + cg_is_unified_wanted, MNT_IN_CONTAINER }, { "tmpfs", "/sys/fs/cgroup", "tmpfs", "mode=755", MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_STRICTATIME, cg_is_legacy_wanted, MNT_FATAL|MNT_IN_CONTAINER }, +#endif + { "cgroup", "/sys/fs/cgroup/unified", "cgroup2", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV, + cg_is_hybrid_wanted, MNT_IN_CONTAINER }, { "cgroup", "/sys/fs/cgroup/systemd", "cgroup", "none,name=systemd,xattr", MS_NOSUID|MS_NOEXEC|MS_NODEV, - cg_is_legacy_wanted, MNT_IN_CONTAINER }, + cg_is_legacy_wanted, MNT_IN_CONTAINER }, { "cgroup", "/sys/fs/cgroup/systemd", "cgroup", "none,name=systemd", MS_NOSUID|MS_NOEXEC|MS_NODEV, cg_is_legacy_wanted, MNT_FATAL|MNT_IN_CONTAINER }, { "pstore", "/sys/fs/pstore", "pstore", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV, diff --cc src/core/service.c index 66475d4,4c577db..0ddf935 --- a/src/core/service.c +++ b/src/core/service.c @@@ -899,13 -849,10 +917,10 @@@ static int service_load_pid_file(Servic return r; r = unit_watch_pid(UNIT(s), pid); - if (r < 0) { - /* FIXME: we need to do something here */ - log_unit_warning_errno(UNIT(s), r, "Failed to watch PID "PID_FMT" for service: %m", pid); - return r; - } + if (r < 0) /* FIXME: we need to do something here */ + return log_unit_warning_errno(UNIT(s), r, "Failed to watch PID "PID_FMT" for service: %m", pid); - return 0; + return 1; } static void service_search_main_pid(Service *s) { diff --cc src/core/socket.c index 09b52e7,8750643..7843f7e --- a/src/core/socket.c +++ b/src/core/socket.c @@@ -2419,60 -2580,26 +2589,49 @@@ static int socket_deserialize_item(Uni if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd)) log_unit_debug(u, "Failed to parse socket value: %s", value); - else { - + else LIST_FOREACH(port, p, s->ports) - if (socket_address_is_netlink(&p->address, value+skip)) + if (socket_address_is_netlink(&p->address, value+skip)) { + socket_port_take_fd(p, fds, fd); break; - - if (p) { - safe_close(p->fd); - p->fd = fdset_remove(fds, fd); - } - } + } } else if (streq(key, "ffs")) { - int fd, skip = 0; + int fd, skip = 0, n_auxiliary_fds; SocketPort *p; - if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd)) + if (sscanf(value, "%i %i %n", &fd, &n_auxiliary_fds, &skip) < 2 || fd < 0 || !fdset_contains(fds, fd)) log_unit_debug(u, "Failed to parse ffs value: %s", value); - else { - + else LIST_FOREACH(port, p, s->ports) if (p->type == SOCKET_USB_FUNCTION && - path_equal_or_files_same(p->path, value+skip)) + path_equal_or_files_same(p->path, value+skip, 0)) { + socket_port_take_fd(p, fds, fd); ++ socket_cleanup_fd_list(p); ++ p->n_auxiliary_fds = n_auxiliary_fds; ++ p->auxiliary_fds = new(int, n_auxiliary_fds); break; - - if (p) { - safe_close(p->fd); - socket_cleanup_fd_list(p); - p->fd = fdset_remove(fds, fd); - p->n_auxiliary_fds = n_auxiliary_fds; - p->auxiliary_fds = new(int, n_auxiliary_fds); - } - } - + } + } else if (streq(key, "aux")) { + int fd, skip = 0, idx; + SocketPort *p; + + if (sscanf(value, "%i %i %n", &idx, &fd, &skip) < 2 || fd < 0 || !fdset_contains(fds, fd)) + log_unit_debug(u, "Failed to parse ffs value: %s", value); + else { + + LIST_FOREACH(port, p, s->ports) + if (p->type == SOCKET_USB_FUNCTION && - path_equal_or_files_same(p->path, value+skip)) ++ path_equal_or_files_same(p->path, value+skip, 0)) + break; + + if (p) { + if (p->n_auxiliary_fds <= idx) + log_unit_debug(u, "Id of auxiliary fd out of bounds"); + else + p->auxiliary_fds[idx] = fdset_remove(fds, fd); + } + } } else log_unit_debug(UNIT(s), "Unknown serialization key: %s", key); diff --cc src/core/timer.c index 8056f8d,701949f..2b2370d --- a/src/core/timer.c +++ b/src/core/timer.c @@@ -348,14 -335,14 +335,14 @@@ static void add_random(Timer *t, usec_ else *v += add; - log_unit_info(UNIT(t), "Adding %s random time.", format_timespan(s, sizeof(s), add, 0)); + log_unit_debug(UNIT(t), "Adding %s random time.", format_timespan(s, sizeof(s), add, 0)); } -static void timer_enter_waiting(Timer *t, bool initial) { +static void timer_enter_waiting(Timer *t, bool initial, bool time_change) { bool found_monotonic = false, found_realtime = false; - usec_t ts_realtime, ts_monotonic; - usec_t base = 0; bool leave_around = false; + triple_timestamp ts; + usec_t base = 0; TimerValue *v; Unit *trigger; int r; @@@ -453,13 -438,11 +438,12 @@@ assert_not_reached("Unknown timer base"); } - if (t->wake_system) - base = monotonic_to_boottime(base); + v->next_elapse = usec_add(usec_shift_clock(base, CLOCK_MONOTONIC, TIMER_MONOTONIC_CLOCK(t)), v->value); - v->next_elapse = base + v->value; - if (!initial && + + if (!initial && !time_change && - v->next_elapse < ts_monotonic && IN_SET(v->base, TIMER_ACTIVE, TIMER_BOOT, TIMER_STARTUP)) { + v->next_elapse < triple_timestamp_by_clock(&ts, TIMER_MONOTONIC_CLOCK(t)) && + IN_SET(v->base, TIMER_ACTIVE, TIMER_BOOT, TIMER_STARTUP)) { /* This is a one time trigger, disable it now */ v->disabled = true; continue; diff --cc src/core/unit.h index 0f82cf3,cf21b37..cbca6a8 --- a/src/core/unit.h +++ b/src/core/unit.h @@@ -367,10 -387,9 +387,9 @@@ struct UnitVTable void (*notify_cgroup_empty)(Unit *u); /* Called whenever a process of this unit sends us a message */ - void (*notify_message)(Unit *u, pid_t pid, char **tags, FDSet *fds); + void (*notify_message)(Unit *u, const struct ucred *ucred, char **tags, FDSet *fds); - /* Called whenever a name this Unit registered for comes or - * goes away. */ + /* Called whenever a name this Unit registered for comes or goes away. */ void (*bus_name_owner_change)(Unit *u, const char *name, const char *old_owner, const char *new_owner); /* Called for each property that is being set */ diff --cc src/kernel-install/50-depmod.install index 8985780,56925c8..704c1bd --- a/src/kernel-install/50-depmod.install +++ b/src/kernel-install/50-depmod.install @@@ -2,9 -2,15 +2,18 @@@ # -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*- # ex: ts=8 sw=4 sts=4 et filetype=sh +PATH=/bin:/usr/bin:/sbin:/usr/sbin + +[[ $1 == "add" ]] || exit 0 [[ $2 ]] || exit 1 - exec depmod -a "$2" + case "$1" in + add) + exec depmod -a "$2" + ;; + remove) + exec rm -f /lib/modules/"$2"/modules.{alias{,.bin},builtin.bin,dep{,.bin},devname,softdep,symbols{,.bin}} + ;; + *) + exit 0 + esac diff --cc src/kernel-install/kernel-install index cce3273,66bc4a6..d6b062b --- a/src/kernel-install/kernel-install +++ b/src/kernel-install/kernel-install @@@ -19,7 -19,7 +19,8 @@@ # You should have received a copy of the GNU Lesser General Public License # along with systemd; If not, see . +PATH=/bin:/usr/bin:/sbin:/usr/sbin + SKIP_REMAINING=77 usage() { diff --cc src/libsystemd/meson.build index 0000000,ab69afe..bf73bd5 mode 000000,100644..100644 --- a/src/libsystemd/meson.build +++ b/src/libsystemd/meson.build @@@ -1,0 -1,96 +1,96 @@@ + sd_login_c = files('sd-login/sd-login.c') + + libsystemd_internal_sources = files(''' + sd-bus/bus-bloom.c + sd-bus/bus-bloom.h + sd-bus/bus-common-errors.c + sd-bus/bus-common-errors.h + sd-bus/bus-container.c + sd-bus/bus-container.h + sd-bus/bus-control.c + sd-bus/bus-control.h + sd-bus/bus-convenience.c + sd-bus/bus-creds.c + sd-bus/bus-creds.h + sd-bus/bus-dump.c + sd-bus/bus-dump.h + sd-bus/bus-error.c + sd-bus/bus-error.h + sd-bus/bus-gvariant.c + sd-bus/bus-gvariant.h + sd-bus/bus-internal.c + sd-bus/bus-internal.h + sd-bus/bus-introspect.c + sd-bus/bus-introspect.h + sd-bus/bus-kernel.c + sd-bus/bus-kernel.h + sd-bus/bus-match.c + sd-bus/bus-match.h + sd-bus/bus-message.c + sd-bus/bus-message.h + sd-bus/bus-objects.c + sd-bus/bus-objects.h + sd-bus/bus-protocol.h + sd-bus/bus-signature.c + sd-bus/bus-signature.h + sd-bus/bus-slot.c + sd-bus/bus-slot.h + sd-bus/bus-socket.c + sd-bus/bus-socket.h + sd-bus/bus-track.c + sd-bus/bus-track.h + sd-bus/bus-type.c + sd-bus/bus-type.h - sd-bus/kdbus.h + sd-bus/sd-bus.c + sd-daemon/sd-daemon.c + sd-device/device-enumerator-private.h + sd-device/device-enumerator.c + sd-device/device-internal.h + sd-device/device-private.c + sd-device/device-private.h + sd-device/device-util.h + sd-device/sd-device.c + sd-event/sd-event.c + sd-hwdb/hwdb-internal.h + sd-hwdb/hwdb-util.h + sd-hwdb/sd-hwdb.c + sd-id128/id128-util.c + sd-id128/id128-util.h + sd-id128/sd-id128.c + sd-netlink/local-addresses.c + sd-netlink/local-addresses.h + sd-netlink/netlink-internal.h + sd-netlink/netlink-message.c + sd-netlink/netlink-socket.c + sd-netlink/netlink-types.c + sd-netlink/netlink-types.h + sd-netlink/netlink-util.c + sd-netlink/netlink-util.h + sd-netlink/rtnl-message.c + sd-netlink/sd-netlink.c + sd-network/network-util.c + sd-network/network-util.h + sd-network/sd-network.c + sd-path/sd-path.c + sd-resolve/sd-resolve.c + sd-utf8/sd-utf8.c + '''.split()) + sd_login_c + + libsystemd_internal = static_library( + 'systemd', + libsystemd_internal_sources, + install : false, + include_directories : includes, + link_with : libbasic, + dependencies : [threads, + librt]) + + libsystemd_sym = 'src/libsystemd/libsystemd.sym' + + libsystemd_pc = configure_file( + input : 'libsystemd.pc.in', + output : 'libsystemd.pc', + configuration : substs) + install_data(libsystemd_pc, + install_dir : pkgconfiglibdir) ++install_data('sd-bus/graphinfo.gvpr', install_dir : pkgdatadir) diff --cc src/login/70-power-switch.rules index 70cf60a,394a80f..141dae4 --- a/src/login/70-power-switch.rules +++ b/src/login/70-power-switch.rules @@@ -5,14 -5,9 +5,16 @@@ # the Free Software Foundation; either version 2.1 of the License, or # (at your option) any later version. -ACTION=="remove", GOTO="power_switch_end" +#ACTION=="remove", GOTO="power_switch_end" -SUBSYSTEM=="input", KERNEL=="event*", ENV{ID_INPUT_SWITCH}=="1", TAG+="power-switch" -SUBSYSTEM=="input", KERNEL=="event*", ENV{ID_INPUT_KEY}=="1", TAG+="power-switch" +#SUBSYSTEM=="input", KERNEL=="event*", SUBSYSTEMS=="acpi", TAG+="power-switch" +#SUBSYSTEM=="input", KERNEL=="event*", KERNELS=="thinkpad_acpi", TAG+="power-switch" +#SUBSYSTEM=="input", KERNEL=="event*", ATTRS{name}=="twl4030_pwrbutton", TAG+="power-switch" +#SUBSYSTEM=="input", KERNEL=="event*", ATTRS{name}=="tps65217_pwr_but", TAG+="power-switch" +#SUBSYSTEM=="input", KERNEL=="event*", ATTRS{name}=="* WMI hotkeys", TAG+="power-switch" +#SUBSYSTEM=="input", KERNEL=="event*", \ +# SUBSYSTEMS=="platform", DRIVERS=="gpio-keys", ATTRS{keys}=="*,116|116,*|116|*,116,*", TAG+="power-switch" ++#SUBSYSTEM=="input", KERNEL=="event*", ENV{ID_INPUT_SWITCH}=="1", TAG+="power-switch" ++#SUBSYSTEM=="input", KERNEL=="event*", ENV{ID_INPUT_KEY}=="1", TAG+="power-switch" -LABEL="power_switch_end" +#LABEL="power_switch_end" diff --cc src/login/logind-user.c index d4b6e05,888a97c..1f4a67b --- a/src/login/logind-user.c +++ b/src/login/logind-user.c @@@ -384,9 -352,9 +385,9 @@@ static int user_mkdir_runtime_path(Use goto fail; } - r = mount("tmpfs", u->runtime_path, "tmpfs", MS_NODEV|MS_NOSUID, t); + r = mount("tmpfs", u->runtime_path, "tmpfs", MS_NODEV|MS_NOSUID|MS_NOEXEC, t); if (r < 0) { - if (errno != EPERM) { + if (errno != EPERM && errno != EACCES) { r = log_error_errno(errno, "Failed to mount per-user tmpfs directory %s: %m", u->runtime_path); goto fail; } diff --cc src/login/pam_systemd.c index 98dc201,dab082a..df5ce5f --- a/src/login/pam_systemd.c +++ b/src/login/pam_systemd.c @@@ -182,25 -182,20 +182,25 @@@ static int export_legacy_dbus_address _cleanup_free_ char *s = NULL; int r = PAM_BUF_ERR; - /* FIXME: We *really* should move the access() check into the - * daemons that spawn dbus-daemon, instead of forcing - * DBUS_SESSION_BUS_ADDRESS= here. */ - - s = strjoin(runtime, "/bus"); - if (!s) - goto error; - - if (access(s, F_OK) < 0) - return PAM_SUCCESS; - - s = mfree(s); - if (asprintf(&s, UNIX_USER_BUS_ADDRESS_FMT, runtime) < 0) - goto error; + if (is_kdbus_available()) { + if (asprintf(&s, KERNEL_USER_BUS_ADDRESS_FMT ";" UNIX_USER_BUS_ADDRESS_FMT, uid, runtime) < 0) + goto error; + } else { + /* FIXME: We *really* should move the access() check into the + * daemons that spawn dbus-daemon, instead of forcing + * DBUS_SESSION_BUS_ADDRESS= here. */ + - s = strjoin(runtime, "/bus", NULL); ++ s = strjoin(runtime, "/bus"); + if (!s) + goto error; + + if (access(s, F_OK) < 0) + return PAM_SUCCESS; + + s = mfree(s); + if (asprintf(&s, UNIX_USER_BUS_ADDRESS_FMT, runtime) < 0) + goto error; + } r = pam_misc_setenv(handle, "DBUS_SESSION_BUS_ADDRESS", s, 0); if (r != PAM_SUCCESS) diff --cc src/shared/bus-util.c index 0c08250,207b5e6..91b7fc3 --- a/src/shared/bus-util.c +++ b/src/shared/bus-util.c @@@ -1505,57 -1540,6 +1540,52 @@@ int bus_path_decode_unique(const char * return 1; } +bool is_kdbus_wanted(void) { +#ifdef ENABLE_KDBUS + static int wanted = -1; + + if (wanted < 0) { - _cleanup_free_ char *value = NULL; ++ bool b; + - if (get_proc_cmdline_key("kdbus", NULL) > 0) { - wanted = true; - goto finish; - } - - if (get_proc_cmdline_key("kdbus=", &value) > 0) { - wanted = parse_boolean(value) == 1; ++ if (proc_cmdline_get_bool("kdbus", &b) > 0) { ++ wanted = b; + goto finish; + } + + wanted = access("/etc/systemd/extension-kdbus", F_OK) == 0; + } + +finish: + return wanted ? true : false; +#else + return false; +#endif +} + +bool is_kdbus_available(void) { +#ifdef ENABLE_KDBUS + static int available = -1; + + if (!is_kdbus_wanted()) + return false; + + if (available < 0) { + _cleanup_close_ int fd = -1; + struct kdbus_cmd cmd = { .size = sizeof(cmd), .flags = KDBUS_FLAG_NEGOTIATE }; + + fd = open("/sys/fs/kdbus/control", O_RDWR | O_CLOEXEC | O_NONBLOCK | O_NOCTTY); + if (fd < 0) + available = false; + else + available = ioctl(fd, KDBUS_CMD_BUS_MAKE, &cmd) >= 0; + } + + return available ? true : false; +#else + return false; +#endif +} + int bus_property_get_rlimit( sd_bus *bus, const char *path, diff --cc src/shared/bus-util.h index d792258,d9ce426..312d616 --- a/src/shared/bus-util.h +++ b/src/shared/bus-util.h @@@ -157,7 -158,6 +158,9 @@@ int bus_log_create_error(int r) int bus_path_encode_unique(sd_bus *b, const char *prefix, const char *sender_id, const char *external_id, char **ret_path); int bus_path_decode_unique(const char *path, const char *prefix, char **ret_sender, char **ret_external); +bool is_kdbus_wanted(void); +bool is_kdbus_available(void); + int bus_property_get_rlimit(sd_bus *bus, const char *path, const char *interface, const char *property, sd_bus_message *reply, void *userdata, sd_bus_error *error); + + int bus_track_add_name_many(sd_bus_track *t, char **l); diff --cc src/systemctl/systemctl.c index fd91e79,83ed9ef..4a6fb5d --- a/src/systemctl/systemctl.c +++ b/src/systemctl/systemctl.c @@@ -7841,11 -8350,12 +8380,12 @@@ static int halt_now(enum action a) _cleanup_free_ char *param = NULL; r = read_one_line_file("/run/systemd/reboot-param", ¶m); - if (r < 0) + if (r < 0 && r != -ENOENT) - log_warning_errno(r, "Failed to read reboot parameter file: %m"); + log_debug_errno(r, "Failed to read reboot parameter file: %m"); if (!isempty(param)) { - log_info("Rebooting with argument '%s'.", param); + if (!arg_quiet) + log_info("Rebooting with argument '%s'.", param); (void) syscall(SYS_reboot, LINUX_REBOOT_MAGIC1, LINUX_REBOOT_MAGIC2, LINUX_REBOOT_CMD_RESTART2, param); log_warning_errno(errno, "Failed to reboot with parameter, retrying without: %m"); } diff --cc src/test/test-fs-util.c index 3ccb4ed,9e964a8..2ffadf5 --- a/src/test/test-fs-util.c +++ b/src/test/test-fs-util.c @@@ -20,11 -20,9 +20,11 @@@ #include #include "alloc-util.h" - #include "fileio.h" #include "fd-util.h" + #include "fileio.h" #include "fs-util.h" +#include "io-util.h" +#include "hexdecoct.h" #include "macro.h" #include "mkdir.h" #include "path-util.h" @@@ -34,137 -31,6 +34,40 @@@ #include "strv.h" #include "util.h" - static void test_unlink_noerrno(void) { - char name[] = "/tmp/test-close_nointr.XXXXXX"; - int fd; - - fd = mkostemp_safe(name, O_RDWR|O_CLOEXEC); - assert_se(fd >= 0); - assert_se(close_nointr(fd) >= 0); - - { - PROTECT_ERRNO; - errno = -42; - assert_se(unlink_noerrno(name) >= 0); - assert_se(errno == -42); - assert_se(unlink_noerrno(name) < 0); - assert_se(errno == -42); - } - } - - static void test_readlink_and_make_absolute(void) { - char tempdir[] = "/tmp/test-readlink_and_make_absolute"; - char name[] = "/tmp/test-readlink_and_make_absolute/original"; - char name2[] = "test-readlink_and_make_absolute/original"; - char name_alias[] = "/tmp/test-readlink_and_make_absolute-alias"; - char *r = NULL; - - assert_se(mkdir_safe(tempdir, 0755, getuid(), getgid()) >= 0); - assert_se(touch(name) >= 0); - - assert_se(symlink(name, name_alias) >= 0); - assert_se(readlink_and_make_absolute(name_alias, &r) >= 0); - assert_se(streq(r, name)); - free(r); - assert_se(unlink(name_alias) >= 0); - - assert_se(chdir(tempdir) >= 0); - assert_se(symlink(name2, name_alias) >= 0); - assert_se(readlink_and_make_absolute(name_alias, &r) >= 0); - assert_se(streq(r, name)); - free(r); - assert_se(unlink(name_alias) >= 0); - - assert_se(rm_rf(tempdir, REMOVE_ROOT|REMOVE_PHYSICAL) >= 0); - } - - static void test_get_files_in_directory(void) { - _cleanup_strv_free_ char **l = NULL, **t = NULL; - - assert_se(get_files_in_directory("/tmp", &l) >= 0); - assert_se(get_files_in_directory(".", &t) >= 0); - assert_se(get_files_in_directory(".", NULL) >= 0); - } - - static void test_var_tmp(void) { - char *tmp_dir = NULL; - char *tmpdir_backup = NULL; - const char *default_var_tmp = NULL; - const char *var_name; - bool do_overwrite = true; - - default_var_tmp = "/var/tmp"; - var_name = "TMPDIR"; - - if (getenv(var_name) != NULL) { - tmpdir_backup = strdup(getenv(var_name)); - assert_se(tmpdir_backup != NULL); - } - - unsetenv(var_name); - - var_tmp(&tmp_dir); - assert_se(!strcmp(tmp_dir, default_var_tmp)); - - free(tmp_dir); - - setenv(var_name, "/tmp", do_overwrite); - assert_se(!strcmp(getenv(var_name), "/tmp")); - - var_tmp(&tmp_dir); - assert_se(!strcmp(tmp_dir, "/tmp")); - - free(tmp_dir); - - setenv(var_name, "/88_does_not_exist_88", do_overwrite); - assert_se(!strcmp(getenv(var_name), "/88_does_not_exist_88")); - - var_tmp(&tmp_dir); - assert_se(!strcmp(tmp_dir, default_var_tmp)); - - free(tmp_dir); - - if (tmpdir_backup != NULL) { - setenv(var_name, tmpdir_backup, do_overwrite); - assert_se(!strcmp(getenv(var_name), tmpdir_backup)); - free(tmpdir_backup); - } - } - +static int id128_read_fd(int fd, sd_id128_t *ret) { + char buf[33]; + ssize_t k; + unsigned j; + sd_id128_t t; + + assert_return(fd >= 0, -EINVAL); + + k = loop_read(fd, buf, 33, false); + if (k < 0) + return (int) k; + + if (k != 33) + return -EIO; + + if (buf[32] !='\n') + return -EIO; + + for (j = 0; j < 16; j++) { + int a, b; + + a = unhexchar(buf[j*2]); + b = unhexchar(buf[j*2+1]); + + if (a < 0 || b < 0) + return -EIO; + + t.bytes[j] = a << 4 | b; + } + + *ret = t; + return 0; +} + static void test_chase_symlinks(void) { _cleanup_free_ char *result = NULL; char temp[] = "/tmp/test-chase.XXXXXX"; @@@ -368,64 -193,135 +271,184 @@@ r = chase_symlinks(p, NULL, 0, &result); assert_se(r == -ENOENT); - assert_se(rm_rf(temp, REMOVE_ROOT|REMOVE_PHYSICAL) >= 0); + if (geteuid() == 0) { + p = strjoina(temp, "/priv1"); + assert_se(mkdir(p, 0755) >= 0); + + q = strjoina(p, "/priv2"); + assert_se(mkdir(q, 0755) >= 0); + + assert_se(chase_symlinks(q, NULL, CHASE_SAFE, NULL) >= 0); + + assert_se(chown(q, 65534, 65534) >= 0); + assert_se(chase_symlinks(q, NULL, CHASE_SAFE, NULL) >= 0); + + assert_se(chown(p, 65534, 65534) >= 0); + assert_se(chase_symlinks(q, NULL, CHASE_SAFE, NULL) >= 0); + + assert_se(chown(q, 0, 0) >= 0); + assert_se(chase_symlinks(q, NULL, CHASE_SAFE, NULL) == -EPERM); + + assert_se(rmdir(q) >= 0); + assert_se(symlink("/etc/passwd", q) >= 0); + assert_se(chase_symlinks(q, NULL, CHASE_SAFE, NULL) == -EPERM); + + assert_se(chown(p, 0, 0) >= 0); + assert_se(chase_symlinks(q, NULL, CHASE_SAFE, NULL) >= 0); + } + + p = strjoina(temp, "/machine-id-test"); + assert_se(symlink("/usr/../etc/./machine-id", p) >= 0); + + pfd = chase_symlinks(p, NULL, CHASE_OPEN, NULL); + if (pfd != -ENOENT) { + char procfs[sizeof("/proc/self/fd/") - 1 + DECIMAL_STR_MAX(pfd) + 1]; + _cleanup_close_ int fd = -1; + sd_id128_t a, b; + + assert_se(pfd >= 0); + + xsprintf(procfs, "/proc/self/fd/%i", pfd); + + fd = open(procfs, O_RDONLY|O_CLOEXEC); + assert_se(fd >= 0); + + safe_close(pfd); + + assert_se(id128_read_fd(fd, &a) >= 0); + assert_se(sd_id128_get_machine(&b) >= 0); + assert_se(sd_id128_equal(a, b)); + } + + assert_se(rm_rf(temp, REMOVE_ROOT) >= 0); } + static void test_unlink_noerrno(void) { + char name[] = "/tmp/test-close_nointr.XXXXXX"; + int fd; + + fd = mkostemp_safe(name); + assert_se(fd >= 0); + assert_se(close_nointr(fd) >= 0); + + { + PROTECT_ERRNO; + errno = -42; + assert_se(unlink_noerrno(name) >= 0); + assert_se(errno == -42); + assert_se(unlink_noerrno(name) < 0); + assert_se(errno == -42); + } + } + + static void test_readlink_and_make_absolute(void) { + char tempdir[] = "/tmp/test-readlink_and_make_absolute"; + char name[] = "/tmp/test-readlink_and_make_absolute/original"; + char name2[] = "test-readlink_and_make_absolute/original"; + char name_alias[] = "/tmp/test-readlink_and_make_absolute-alias"; + char *r = NULL; + + assert_se(mkdir_safe(tempdir, 0755, getuid(), getgid()) >= 0); + assert_se(touch(name) >= 0); + + assert_se(symlink(name, name_alias) >= 0); + assert_se(readlink_and_make_absolute(name_alias, &r) >= 0); + assert_se(streq(r, name)); + free(r); + assert_se(unlink(name_alias) >= 0); + + assert_se(chdir(tempdir) >= 0); + assert_se(symlink(name2, name_alias) >= 0); + assert_se(readlink_and_make_absolute(name_alias, &r) >= 0); + assert_se(streq(r, name)); + free(r); + assert_se(unlink(name_alias) >= 0); + + assert_se(rm_rf(tempdir, REMOVE_ROOT|REMOVE_PHYSICAL) >= 0); + } + + static void test_get_files_in_directory(void) { + _cleanup_strv_free_ char **l = NULL, **t = NULL; + + assert_se(get_files_in_directory("/tmp", &l) >= 0); + assert_se(get_files_in_directory(".", &t) >= 0); + assert_se(get_files_in_directory(".", NULL) >= 0); + } + + static void test_var_tmp(void) { + _cleanup_free_ char *tmpdir_backup = NULL, *temp_backup = NULL, *tmp_backup = NULL; + const char *tmp_dir = NULL, *t; + + t = getenv("TMPDIR"); + if (t) { + tmpdir_backup = strdup(t); + assert_se(tmpdir_backup); + } + + t = getenv("TEMP"); + if (t) { + temp_backup = strdup(t); + assert_se(temp_backup); + } + + t = getenv("TMP"); + if (t) { + tmp_backup = strdup(t); + assert_se(tmp_backup); + } + + assert(unsetenv("TMPDIR") >= 0); + assert(unsetenv("TEMP") >= 0); + assert(unsetenv("TMP") >= 0); + + assert_se(var_tmp_dir(&tmp_dir) >= 0); + assert_se(streq(tmp_dir, "/var/tmp")); + + assert_se(setenv("TMPDIR", "/tmp", true) >= 0); + assert_se(streq(getenv("TMPDIR"), "/tmp")); + + assert_se(var_tmp_dir(&tmp_dir) >= 0); + assert_se(streq(tmp_dir, "/tmp")); + + assert_se(setenv("TMPDIR", "/88_does_not_exist_88", true) >= 0); + assert_se(streq(getenv("TMPDIR"), "/88_does_not_exist_88")); + + assert_se(var_tmp_dir(&tmp_dir) >= 0); + assert_se(streq(tmp_dir, "/var/tmp")); + + if (tmpdir_backup) { + assert_se(setenv("TMPDIR", tmpdir_backup, true) >= 0); + assert_se(streq(getenv("TMPDIR"), tmpdir_backup)); + } + + if (temp_backup) { + assert_se(setenv("TEMP", temp_backup, true) >= 0); + assert_se(streq(getenv("TEMP"), temp_backup)); + } + + if (tmp_backup) { + assert_se(setenv("TMP", tmp_backup, true) >= 0); + assert_se(streq(getenv("TMP"), tmp_backup)); + } + } + + static void test_dot_or_dot_dot(void) { + assert_se(!dot_or_dot_dot(NULL)); + assert_se(!dot_or_dot_dot("")); + assert_se(!dot_or_dot_dot("xxx")); + assert_se(dot_or_dot_dot(".")); + assert_se(dot_or_dot_dot("..")); + assert_se(!dot_or_dot_dot(".foo")); + assert_se(!dot_or_dot_dot("..foo")); + } + int main(int argc, char *argv[]) { test_unlink_noerrno(); - test_readlink_and_make_absolute(); test_get_files_in_directory(); + test_readlink_and_make_absolute(); test_var_tmp(); test_chase_symlinks(); + test_dot_or_dot_dot(); return 0; } diff --cc src/test/test-stat-util.c index 71ad597,8e027ff..9d56a71 --- a/src/test/test-stat-util.c +++ b/src/test/test-stat-util.c @@@ -23,14 -24,10 +24,16 @@@ #include "alloc-util.h" #include "fd-util.h" #include "fileio.h" +#include "hexdecoct.h" +#include "io-util.h" #include "macro.h" +#include "path-util.h" +#include "rm-rf.h" + #include "missing.h" + #include "mount-util.h" #include "stat-util.h" +#include "stdio-util.h" +#include "string-util.h" static void test_files_same(void) { _cleanup_close_ int fd = -1; diff --cc tmpfiles.d/meson.build index 0000000,29efe21..0563f91 mode 000000,100644..100644 --- a/tmpfiles.d/meson.build +++ b/tmpfiles.d/meson.build @@@ -1,0 -1,51 +1,50 @@@ + enable_tmpfiles = conf.get('ENABLE_TMPFILES', false) + + tmpfiles = [['home.conf', ''], + ['journal-nocow.conf', ''], + ['systemd-nologin.conf', ''], + ['systemd-nspawn.conf', ''], + ['tmp.conf', ''], + ['x11.conf', ''], + ['legacy.conf', 'HAVE_SYSV_COMPAT'], + ] + + foreach pair : tmpfiles + if not enable_tmpfiles + # do nothing + elif pair[1] == '' or conf.get(pair[1], false) + install_data(pair[0], install_dir : tmpfilesdir) + else + message('Not installing tmpfiles.d/@0@ because @1@ is @2@' + .format(pair[0], pair[1], conf.get(pair[1], 0))) + endif + endforeach + -m4_files = [['etc.conf', ''], - ['systemd.conf', ''], ++m4_files = [['systemd.conf', ''], + ['systemd-remote.conf', 'ENABLE_REMOTE'], + ['var.conf', ''], + ] + + foreach pair : m4_files + if not enable_tmpfiles + # do nothing + elif pair[1] == '' or conf.get(pair[1], false) + custom_target( + 'tmpfiles.d_' + pair[0], + input : pair[0] + '.m4', + output: pair[0], + command : [m4, '-P'] + m4_defines + ['@INPUT@'], + capture : true, + install : true, + install_dir : tmpfilesdir) + else + message('Not installing tmpfiles.d/@0@.m4 because @1@ is @2@' + .format(pair[0], pair[1], conf.get(pair[1], 0))) + endif + endforeach + + if enable_tmpfiles + meson.add_install_script( + 'sh', '-c', + mkdir_p.format(join_paths(sysconfdir, 'tmpfiles.d'))) + endif diff --cc tools/meson-make-symlink.sh index 0000000,47a5e70..4c21909 mode 000000,100755..100755 --- a/tools/meson-make-symlink.sh +++ b/tools/meson-make-symlink.sh @@@ -1,0 -1,11 +1,17 @@@ + #!/bin/sh -eu + ++relpath() { ++ python -c 'import os.path, sys;\ ++ print os.path.relpath(sys.argv[1],sys.argv[2])' "$1" "${2-$PWD}" ++} ++ + # this is needed mostly because $DESTDIR is provided as a variable, + # and we need to create the target directory... + + mkdir -vp "$(dirname "${DESTDIR:-}$2")" + if [ "$(dirname $1)" = . ]; then + ln -vfs -T "$1" "${DESTDIR:-}$2" + else - ln -vfs -T --relative "${DESTDIR:-}$1" "${DESTDIR:-}$2" ++ reltarget="$(relpath "${DESTDIR:-}$1" "$(dirname "${DESTDIR:-}$2")")" ++ ln -vfs -T "$reltarget" "${DESTDIR:-}$2" + fi diff --cc units/booting-done.service.in index f4591d3,0000000..41d14ad mode 100644,000000..100644 --- a/units/booting-done.service.in +++ b/units/booting-done.service.in @@@ -1,11 -1,0 +1,11 @@@ +[Unit] +Description=All Delayed Target Booting Done Service +RefuseManualStart=yes +RefuseManualStop=yes + +[Service] +User=system_fw +Group=system_fw - ExecStart=/usr/bin/wait-delayed-target.sh ++ExecStart=@rootbindir@/wait-delayed-target.sh +RemainAfterExit=yes +SmackProcessLabel=System diff --cc units/initrd-switch-root.service.in index dae6748,d31497f..2e883e5 --- a/units/initrd-switch-root.service.in +++ b/units/initrd-switch-root.service.in @@@ -15,7 -15,4 +15,5 @@@ AllowIsolate=ye [Service] Type=oneshot - # we have to use "--force" here, otherwise systemd would umount /run - ExecStart=@rootbindir@/systemctl --no-block --force switch-root /sysroot - KillMode=none +SmackProcessLabel=System + ExecStart=@rootbindir@/systemctl --no-block switch-root /sysroot diff --cc units/meson-add-wants.sh index 0000000,dfd287e..081a0c3 mode 000000,100755..100755 --- a/units/meson-add-wants.sh +++ b/units/meson-add-wants.sh @@@ -1,0 -1,27 +1,34 @@@ + #!/bin/sh -eu + + unitdir="$1" + target="$2" + unit="$3" + + case "$target" in + */?*) # a path, but not just a slash at the end + dir="${DESTDIR:-}${target}" + ;; + *) + dir="${DESTDIR:-}${unitdir}/${target}" + ;; + esac + + unitpath="${DESTDIR:-}${unitdir}/${unit}" + ++relpath() { ++ python -c 'import os.path, sys;\ ++ print os.path.relpath(sys.argv[1],sys.argv[2])' "$1" "${2-$PWD}" ++} ++ + case "$target" in + */) + mkdir -p -m 0755 "$dir" ++ reltarget="$(relpath "$unitpath" "$dir")" + ;; + *) + mkdir -p -m 0755 "$(basename "$dir")" ++ reltarget="$(relpath "$unitpath" "$(dirname "$dir")")" + ;; + esac + -ln -vfs --relative "$unitpath" "$dir" ++ln -vfs "$reltarget" "$dir" diff --cc units/meson.build index 0000000,e94add6..405deb2 mode 000000,100644..100644 --- a/units/meson.build +++ b/units/meson.build @@@ -1,0 -1,329 +1,340 @@@ + units = [ + ['basic.target', ''], - ['bluetooth.target', ''], + ['cryptsetup-pre.target', 'HAVE_LIBCRYPTSETUP'], + ['cryptsetup.target', 'HAVE_LIBCRYPTSETUP', + 'sysinit.target.wants/'], + ['dev-hugepages.mount', '', + 'sysinit.target.wants/'], + ['dev-mqueue.mount', '', + 'sysinit.target.wants/'], + ['emergency.target', ''], + ['exit.target', ''], + ['final.target', ''], + ['getty.target', '', + 'multi-user.target.wants/'], + ['graphical.target', '', + 'runlevel5.target default.target'], + ['halt.target', ''], + ['hibernate.target', 'ENABLE_HIBERNATE'], + ['hybrid-sleep.target', 'ENABLE_HIBERNATE'], + ['initrd-fs.target', ''], + ['initrd-root-device.target', ''], + ['initrd-root-fs.target', ''], + ['initrd-switch-root.target', ''], + ['initrd.target', ''], + ['kexec.target', ''], + ['ldconfig.service', 'ENABLE_LDCONFIG', + 'sysinit.target.wants/'], + ['local-fs-pre.target', ''], + ['local-fs.target', ''], + ['machine.slice', 'ENABLE_MACHINED'], + ['machines.target', 'ENABLE_MACHINED', + join_paths(pkgsysconfdir, 'system/multi-user.target.wants/')], + ['multi-user.target', '', + 'runlevel2.target runlevel3.target runlevel4.target'], + ['network-online.target', ''], + ['network-pre.target', ''], + ['network.target', ''], + ['nss-lookup.target', ''], + ['nss-user-lookup.target', ''], + ['paths.target', ''], + ['poweroff.target', '', + 'runlevel0.target'], + ['printer.target', ''], + ['proc-sys-fs-binfmt_misc.automount', 'ENABLE_BINFMT', + 'sysinit.target.wants/'], + ['proc-sys-fs-binfmt_misc.mount', 'ENABLE_BINFMT'], + ['reboot.target', '', + 'runlevel6.target ctrl-alt-del.target'], + ['remote-fs-pre.target', ''], + ['remote-fs.target', '', + join_paths(pkgsysconfdir, 'system/multi-user.target.wants/')], + ['rescue.target', '', + 'runlevel1.target'], + ['rpcbind.target', ''], + ['shutdown.target', ''], + ['sigpwr.target', ''], + ['sleep.target', ''], + ['slices.target', ''], + ['smartcard.target', ''], + ['sockets.target', ''], + ['sound.target', ''], + ['suspend.target', ''], + ['swap.target', ''], ++ ['delayed.target', ''], + ['sys-fs-fuse-connections.mount', '', + 'sysinit.target.wants/'], + ['sys-kernel-config.mount', '', + 'sysinit.target.wants/'], + ['sys-kernel-debug.mount', '', + 'sysinit.target.wants/'], + ['sysinit.target', ''], + ['syslog.socket', ''], + ['system-update.target', ''], + ['system.slice', ''], + ['systemd-ask-password-console.path', '', + 'sysinit.target.wants/'], + ['systemd-ask-password-wall.path', '', + 'multi-user.target.wants/'], + ['systemd-coredump.socket', 'ENABLE_COREDUMP', + 'sockets.target.wants/'], + ['systemd-initctl.socket', '', + 'sockets.target.wants/'], + ['systemd-journal-gatewayd.socket', 'ENABLE_REMOTE HAVE_MICROHTTPD'], + ['systemd-journal-remote.socket', 'ENABLE_REMOTE HAVE_MICROHTTPD'], + ['systemd-journald-audit.socket', '', + 'sockets.target.wants/'], + ['systemd-journald-dev-log.socket', '', + 'sockets.target.wants/'], + ['systemd-journald.socket', '', + 'sockets.target.wants/'], + ['systemd-networkd.socket', '', + join_paths(pkgsysconfdir, 'system/sockets.target.wants/')], + ['systemd-rfkill.socket', 'ENABLE_RFKILL'], + ['systemd-tmpfiles-clean.timer', '', + 'timers.target.wants/'], + ['systemd-udevd-control.socket', '', + 'sockets.target.wants/'], + ['systemd-udevd-kernel.socket', '', + 'sockets.target.wants/'], + ['time-sync.target', ''], + ['timers.target', ''], + ['umount.target', ''], + ['user.slice', ''], + ['var-lib-machines.mount', 'ENABLE_MACHINED', - 'remote-fs.target.wants/ machines.target.wants/'], ++ 'remote-fs.target.wants/ machines.target.wants/ local-fs.target.wants/'], ++ ['busnames.target', ''], ++ ['org.freedesktop.locale1.busname', '', 'busnames.target.wants/'], ++ ['org.freedesktop.login1.busname', '', 'busnames.target.wants/'], ++ ['org.freedesktop.systemd1.busname', '', 'busnames.target.wants/'], + ] + + in_units = [ + ['debug-shell.service', ''], + ['emergency.service', ''], + ['halt-local.service', 'HAVE_SYSV_COMPAT'], + ['initrd-cleanup.service', ''], + ['initrd-parse-etc.service', ''], + ['initrd-switch-root.service', ''], + ['initrd-udevadm-cleanup-db.service', ''], + ['kmod-static-nodes.service', 'HAVE_KMOD ENABLE_TMPFILES', + 'sysinit.target.wants/'], + ['quotaon.service', 'ENABLE_QUOTACHECK'], + ['rc-local.service', 'HAVE_SYSV_COMPAT'], + ['rescue.service', ''], + ['system-update-cleanup.service', ''], + ['systemd-ask-password-console.service', ''], + ['systemd-ask-password-wall.service', ''], + ['systemd-backlight@.service', 'ENABLE_BACKLIGHT'], + ['systemd-binfmt.service', 'ENABLE_BINFMT', + 'sysinit.target.wants/'], + ['systemd-coredump@.service', 'ENABLE_COREDUMP'], + ['systemd-exit.service', ''], + ['systemd-firstboot.service', 'ENABLE_FIRSTBOOT', + 'sysinit.target.wants/'], + ['systemd-fsck-root.service', ''], + ['systemd-fsck@.service', ''], + ['systemd-halt.service', ''], + ['systemd-hibernate-resume@.service', 'ENABLE_HIBERNATE'], + ['systemd-hibernate.service', 'ENABLE_HIBERNATE'], + ['systemd-hybrid-sleep.service', 'ENABLE_HIBERNATE'], + ['systemd-hostnamed.service', 'ENABLE_HOSTNAMED', + 'dbus-org.freedesktop.hostname1.service'], + ['systemd-hwdb-update.service', 'ENABLE_HWDB', + 'sysinit.target.wants/'], + ['systemd-importd.service', 'ENABLE_IMPORTD', + 'dbus-org.freedesktop.import1.service'], + ['systemd-initctl.service', ''], + ['systemd-journal-catalog-update.service', '', + 'sysinit.target.wants/'], + ['systemd-journal-flush.service', '', + 'sysinit.target.wants/'], + ['systemd-journal-gatewayd.service', 'ENABLE_REMOTE HAVE_MICROHTTPD'], + ['systemd-journal-remote.service', 'ENABLE_REMOTE HAVE_MICROHTTPD'], + ['systemd-journal-upload.service', 'ENABLE_REMOTE HAVE_LIBCURL'], + ['systemd-journald.service', '', + 'sysinit.target.wants/'], + ['systemd-kexec.service', ''], + ['systemd-localed.service', 'ENABLE_LOCALED', + 'dbus-org.freedesktop.locale1.service'], + ['systemd-logind.service', 'ENABLE_LOGIND', + 'multi-user.target.wants/ dbus-org.freedesktop.login1.service'], + ['systemd-machine-id-commit.service', '', + 'sysinit.target.wants/'], + ['systemd-machined.service', 'ENABLE_MACHINED', + 'dbus-org.freedesktop.machine1.service'], + ['systemd-modules-load.service', 'HAVE_KMOD', + 'sysinit.target.wants/'], + ['systemd-networkd-wait-online.service', 'ENABLE_NETWORKD', + join_paths(pkgsysconfdir, 'system/network-online.target.wants/')], + ['systemd-nspawn@.service', ''], + ['systemd-poweroff.service', ''], + ['systemd-quotacheck.service', 'ENABLE_QUOTACHECK'], + ['systemd-random-seed.service', 'ENABLE_RANDOMSEED', + 'sysinit.target.wants/'], + ['systemd-reboot.service', ''], + ['systemd-remount-fs.service', '', + 'local-fs.target.wants/'], + ['systemd-rfkill.service', 'ENABLE_RFKILL'], + ['systemd-suspend.service', ''], + ['systemd-sysctl.service', '', + 'sysinit.target.wants/'], + ['systemd-sysusers.service', 'ENABLE_SYSUSERS', + 'sysinit.target.wants/'], + ['systemd-timedated.service', 'ENABLE_TIMEDATED', + 'dbus-org.freedesktop.timedate1.service'], + ['systemd-timesyncd.service', 'ENABLE_TIMESYNCD', + join_paths(pkgsysconfdir, 'system/sysinit.target.wants/')], + ['systemd-tmpfiles-clean.service', 'ENABLE_TMPFILES'], + ['systemd-tmpfiles-setup-dev.service', 'ENABLE_TMPFILES', + 'sysinit.target.wants/'], + ['systemd-tmpfiles-setup.service', 'ENABLE_TMPFILES', + 'sysinit.target.wants/'], + ['systemd-udev-settle.service', ''], + ['systemd-udev-trigger.service', '', + 'sysinit.target.wants/'], + ['systemd-udevd.service', '', + 'sysinit.target.wants/'], + ['systemd-update-done.service', '', + 'sysinit.target.wants/'], + ['systemd-update-utmp-runlevel.service', 'HAVE_UTMP HAVE_SYSV_COMPAT', + 'multi-user.target.wants/ graphical.target.wants/ rescue.target.wants/'], + ['systemd-update-utmp.service', 'HAVE_UTMP', + 'sysinit.target.wants/'], + ['systemd-user-sessions.service', '', + 'multi-user.target.wants/'], - ['systemd-vconsole-setup.service', 'ENABLE_VCONSOLE'], ++ ['systemd-vconsole-setup.service', 'ENABLE_VCONSOLE', ++ 'sysinit.target.wants/'], + ['systemd-volatile-root.service', ''], ++ ['booting-done.service', '', ++ 'delayed.target.wants/'], ++ ['system-delayed-target-done.service', '', ++ 'delayed.target.wants/'], ++ ['system-default-target-done.service', '', 'graphical.target.wants/'], ++ ['system-delayed-target-trigger.service', '', 'graphical.target.wants/'], + ] + + m4_units = [ + ['getty@.service', '', + 'autovt@.service ' + + join_paths(pkgsysconfdir, 'system/getty.target.wants/getty@tty1.service')], + ['serial-getty@.service', ''], + ['tmp.mount', '', + 'local-fs.target.wants/'], + ] + + m4_in_units = [ + ['console-getty.service', ''], + ['container-getty@.service', ''], + ['systemd-networkd.service', 'ENABLE_NETWORKD', + join_paths(pkgsysconfdir, 'system/dbus-org.freedesktop.network1.service') + ' ' + + join_paths(pkgsysconfdir, 'system/multi-user.target.wants/')], + ['systemd-resolved.service', 'ENABLE_RESOLVED', + join_paths(pkgsysconfdir, 'system/dbus-org.freedesktop.resolve1.service') + ' ' + + join_paths(pkgsysconfdir, 'system/multi-user.target.wants/')], + ['user@.service', ''], + ] + + foreach tuple : m4_in_units + file = tuple[0] + + gen = configure_file( + input : file + '.m4.in', + output : file + '.m4', + configuration : substs) + + m4_units += [[file, tuple.get(1, ''), tuple.get(2, ''), gen]] + endforeach + + foreach tuple : in_units + file = tuple[0] + + # we do this here because install_data does not accept custom_target output + conds = tuple[1].split(' ') + install = ((conds.get(0, '') == '' or conf.get(conds[0], false)) and + (conds.get(1, '') == '' or conf.get(conds[1], false))) + + gen1 = configure_file( + input : file + '.in', + output : file + '.tmp', + configuration : substs) + gen2 = custom_target( + file, + input : gen1, + output : file, + command : [sed, '/^## /d', '@INPUT@'], + capture : true, + install : install, + install_dir : systemunitdir) + + if install and tuple.length() > 2 + foreach target : tuple[2].split() + meson.add_install_script('meson-add-wants.sh', systemunitdir, target, file) + endforeach + endif + endforeach + + foreach tuple : m4_units + file = tuple[0] + input = tuple.get(3, file + '.m4') + + # we do this here because install_data does not accept custom_target output + conds = tuple[1].split(' ') + install = ((conds.get(0, '') == '' or conf.get(conds[0], false)) and + (conds.get(1, '') == '' or conf.get(conds[1], false))) + + custom_target( + file, + input : input, + output: file, + command : [m4, '-P'] + m4_defines + ['@INPUT@'], + capture : true, + install : install, + install_dir : systemunitdir) + + if tuple.length() > 2 and install + foreach target : tuple[2].split() + meson.add_install_script('meson-add-wants.sh', systemunitdir, target, file) + endforeach + endif + endforeach + + foreach tuple : units + file = tuple[0] + input = tuple.get(3, file) + + conds = tuple[1].split(' ') + install = ((conds.get(0, '') == '' or conf.get(conds[0], false)) and + (conds.get(1, '') == '' or conf.get(conds[1], false))) + + if install + install_data(input, + install_dir : systemunitdir) + + if tuple.length() > 2 + foreach target : tuple[2].split() + meson.add_install_script( + 'meson-add-wants.sh', systemunitdir, target, file) + endforeach + endif + endif + endforeach + + ############################################################ + + meson.add_install_script(meson_make_symlink, + join_paths(pkgsysconfdir, 'user'), + join_paths(sysconfdir, 'xdg/systemd/user')) + meson.add_install_script(meson_make_symlink, + join_paths(dbussystemservicedir, 'org.freedesktop.systemd1.service'), + join_paths(dbussessionservicedir, 'org.freedesktop.systemd1.service')) + if conf.get('HAVE_SYSV_COMPAT', false) + foreach i : [1, 2, 3, 4, 5] + meson.add_install_script( + 'sh', '-c', + mkdir_p + .format(join_paths(systemunitdir, 'runlevel@0@.target.wants'.format(i)))) + endforeach + endif + + subdir('user') diff --cc units/system-default-target-done.service.in index 9ce2cd8,0000000..97364cd mode 100644,000000..100644 --- a/units/system-default-target-done.service.in +++ b/units/system-default-target-done.service.in @@@ -1,16 -1,0 +1,16 @@@ +[Unit] +Description=System Default Target Done Service +After=graphical.target +DefaultDependencies=no +RefuseManualStart=yes +RefuseManualStop=yes + +[Service] +Type=oneshot +User=system_fw +Group=system_fw - ExecStart=/usr/bin/touch /run/systemd/system/graphical.target.done ++ExecStart=@rootbindir@/touch /run/systemd/system/graphical.target.done +RemainAfterExit=yes +SecureBits=keep-caps +Capabilities=cap_dac_override=i +SmackProcessLabel=System diff --cc units/system-delayed-target-done.service.in index 0000000,0000000..7bfdea3 new file mode 100644 --- /dev/null +++ b/units/system-delayed-target-done.service.in @@@ -1,0 -1,0 +1,16 @@@ ++[Unit] ++Description=System Delayed Target Done Service ++After=delayed.target ++DefaultDependencies=no ++RefuseManualStart=yes ++RefuseManualStop=yes ++ ++[Service] ++Type=oneshot ++User=system_fw ++Group=system_fw ++ExecStart=@rootbindir@/touch /run/systemd/system/delayed.target.done ++RemainAfterExit=yes ++SecureBits=keep-caps ++Capabilities=cap_dac_override=i ++SmackProcessLabel=System diff --cc units/system-delayed-target-trigger.service.in index e98808e,0000000..6467ff7 mode 100644,000000..100644 --- a/units/system-delayed-target-trigger.service.in +++ b/units/system-delayed-target-trigger.service.in @@@ -1,17 -1,0 +1,17 @@@ +[Unit] +Description=System Delayed Target Trigger Service +After=basic.target +Wants=wait-mount@opt-usr.service +After=wait-mount@opt-usr.service +DefaultDependencies=no +RefuseManualStart=yes +RefuseManualStop=yes + +[Service] +# At least one service must remain, and systemd will not enter the Startupfinished state. +# So this unit, which is oneshot type, becomes that one service. +Type=oneshot - ExecStart=/usr/bin/wait-default-target.sh System - ExecStart=/usr/bin/systemctl --no-block start delayed.target ++ExecStart=@rootbindir@/wait-default-target.sh System ++ExecStart=@rootbindir@/systemctl --no-block start delayed.target +RemainAfterExit=yes +SmackProcessLabel=System diff --cc units/systemd-ask-password-console.service.in index 68b7710,adaa60d..2c53ff8 --- a/units/systemd-ask-password-console.service.in +++ b/units/systemd-ask-password-console.service.in @@@ -16,4 -16,4 +16,5 @@@ ConditionPathExists=!/run/plymouth/pi [Service] ExecStart=@rootbindir@/systemd-tty-ask-password-agent --watch --console +SmackProcessLabel=System + SystemCallArchitectures=native diff --cc units/systemd-ask-password-wall.service.in index e1d8ccd,be38002..e6d1333 --- a/units/systemd-ask-password-wall.service.in +++ b/units/systemd-ask-password-wall.service.in @@@ -13,4 -13,4 +13,5 @@@ After=systemd-user-sessions.servic [Service] ExecStartPre=-@SYSTEMCTL@ stop systemd-ask-password-console.path systemd-ask-password-console.service systemd-ask-password-plymouth.path systemd-ask-password-plymouth.service ExecStart=@rootbindir@/systemd-tty-ask-password-agent --wall +SmackProcessLabel=System + SystemCallArchitectures=native diff --cc units/systemd-hostnamed.service.in index 4b59ecf,d29e9ff..801648c --- a/units/systemd-hostnamed.service.in +++ b/units/systemd-hostnamed.service.in @@@ -18,7 -18,15 +18,16 @@@ CapabilityBoundingSet=CAP_SYS_ADMI PrivateTmp=yes PrivateDevices=yes PrivateNetwork=yes - ProtectSystem=yes - MemoryDenyWriteExecute=yes - SystemCallFilter=~@clock @cpu-emulation @debug @keyring @module @mount @obsolete @raw-io +SmackProcessLabel=System + ProtectSystem=strict + ProtectHome=yes + ProtectControlGroups=yes + ProtectKernelTunables=yes + ProtectKernelModules=yes + MemoryDenyWriteExecute=yes + RestrictRealtime=yes + RestrictNamespaces=yes + RestrictAddressFamilies=AF_UNIX + SystemCallFilter=~@clock @cpu-emulation @debug @keyring @module @mount @obsolete @raw-io @reboot @swap + SystemCallArchitectures=native + ReadWritePaths=/etc diff --cc units/systemd-initctl.service.in index 192f3cd,5505309..2ff668f --- a/units/systemd-initctl.service.in +++ b/units/systemd-initctl.service.in @@@ -11,6 -11,6 +11,7 @@@ Documentation=man:systemd-initctl.servi DefaultDependencies=no [Service] - ExecStart=@rootlibexecdir@/systemd-initctl NotifyAccess=all +SmackProcessLabel=System + ExecStart=@rootlibexecdir@/systemd-initctl + SystemCallArchitectures=native diff --cc units/systemd-journald.service.in index f9522ca,66b7c6a..685e470 --- a/units/systemd-journald.service.in +++ b/units/systemd-journald.service.in @@@ -19,14 -19,16 +19,17 @@@ Sockets=systemd-journald.socket systemd ExecStart=@rootlibexecdir@/systemd-journald Restart=always RestartSec=0 - NotifyAccess=all StandardOutput=null +SmackProcessLabel=System - CapabilityBoundingSet=CAP_SYS_ADMIN CAP_DAC_OVERRIDE CAP_SYS_PTRACE CAP_SYSLOG CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_CHOWN CAP_DAC_READ_SEARCH CAP_FOWNER CAP_SETUID CAP_SETGID CAP_MAC_OVERRIDE WatchdogSec=3min FileDescriptorStoreMax=1024 + CapabilityBoundingSet=CAP_SYS_ADMIN CAP_DAC_OVERRIDE CAP_SYS_PTRACE CAP_SYSLOG CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_CHOWN CAP_DAC_READ_SEARCH CAP_FOWNER CAP_SETUID CAP_SETGID CAP_MAC_OVERRIDE MemoryDenyWriteExecute=yes - SystemCallFilter=~@clock @cpu-emulation @debug @keyring @module @mount @obsolete @raw-io + RestrictRealtime=yes + RestrictNamespaces=yes + RestrictAddressFamilies=AF_UNIX AF_NETLINK + SystemCallFilter=~@clock @cpu-emulation @debug @keyring @module @mount @obsolete @raw-io @reboot @swap + SystemCallArchitectures=native # Increase the default a bit in order to allow many simultaneous # services being run since we keep one fd open per service. Also, when diff --cc units/systemd-localed.service.in index e61266d,90a9138..a19f412 --- a/units/systemd-localed.service.in +++ b/units/systemd-localed.service.in @@@ -18,8 -18,15 +18,16 @@@ CapabilityBoundingSet PrivateTmp=yes PrivateDevices=yes PrivateNetwork=yes - ProtectSystem=yes + ProtectSystem=strict ProtectHome=yes + ProtectControlGroups=yes + ProtectKernelTunables=yes + ProtectKernelModules=yes MemoryDenyWriteExecute=yes - SystemCallFilter=~@clock @cpu-emulation @debug @keyring @module @mount @obsolete @raw-io +SmackProcessLabel=System + RestrictRealtime=yes + RestrictNamespaces=yes + RestrictAddressFamilies=AF_UNIX + SystemCallFilter=~@clock @cpu-emulation @debug @keyring @module @mount @obsolete @raw-io @reboot @swap + SystemCallArchitectures=native + ReadWritePaths=/etc diff --cc units/systemd-logind.service.in index 3ec499f,bb4a23e..f07d367 --- a/units/systemd-logind.service.in +++ b/units/systemd-logind.service.in @@@ -23,11 -23,15 +23,16 @@@ ExecStart=@rootlibexecdir@/systemd-logi Restart=always RestartSec=0 BusName=org.freedesktop.login1 - CapabilityBoundingSet=CAP_SYS_ADMIN CAP_MAC_ADMIN CAP_AUDIT_CONTROL CAP_CHOWN CAP_KILL CAP_DAC_READ_SEARCH CAP_DAC_OVERRIDE CAP_FOWNER CAP_SYS_TTY_CONFIG WatchdogSec=3min + CapabilityBoundingSet=CAP_SYS_ADMIN CAP_MAC_ADMIN CAP_AUDIT_CONTROL CAP_CHOWN CAP_KILL CAP_DAC_READ_SEARCH CAP_DAC_OVERRIDE CAP_FOWNER CAP_SYS_TTY_CONFIG MemoryDenyWriteExecute=yes - SystemCallFilter=~@clock @cpu-emulation @debug @keyring @module @obsolete @raw-io +SmackProcessLabel=System::Privileged + RestrictRealtime=yes + RestrictNamespaces=yes + RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6 + SystemCallFilter=~@clock @cpu-emulation @debug @keyring @module @obsolete @raw-io @reboot @swap + SystemCallArchitectures=native + FileDescriptorStoreMax=512 # Increase the default a bit in order to allow many simultaneous # logins since we keep one fd open per session. diff --cc units/systemd-machined.service.in index 9fb765c,a4f86aa..1de7e2a --- a/units/systemd-machined.service.in +++ b/units/systemd-machined.service.in @@@ -15,11 -16,13 +16,14 @@@ RequiresMountsFor=/var/lib/machine [Service] ExecStart=@rootlibexecdir@/systemd-machined BusName=org.freedesktop.machine1 - CapabilityBoundingSet=CAP_KILL CAP_SYS_PTRACE CAP_SYS_ADMIN CAP_SETGID CAP_SYS_CHROOT CAP_DAC_READ_SEARCH CAP_DAC_OVERRIDE CAP_CHOWN CAP_FOWNER CAP_FSETID CAP_MKNOD WatchdogSec=3min + CapabilityBoundingSet=CAP_KILL CAP_SYS_PTRACE CAP_SYS_ADMIN CAP_SETGID CAP_SYS_CHROOT CAP_DAC_READ_SEARCH CAP_DAC_OVERRIDE CAP_CHOWN CAP_FOWNER CAP_FSETID CAP_MKNOD MemoryDenyWriteExecute=yes - SystemCallFilter=~@clock @cpu-emulation @debug @keyring @module @obsolete @raw-io +SmackProcessLabel=System + RestrictRealtime=yes + RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6 + SystemCallFilter=~@clock @cpu-emulation @debug @keyring @module @obsolete @raw-io @reboot @swap + SystemCallArchitectures=native # Note that machined cannot be placed in a mount namespace, since it # needs access to the host's mount namespace in order to implement the diff --cc units/systemd-nspawn@.service.in index 71c47f5,5e80054..8b2cd98 --- a/units/systemd-nspawn@.service.in +++ b/units/systemd-nspawn@.service.in @@@ -20,12 -21,11 +21,12 @@@ RestartForceExitStatus=13 SuccessExitStatus=133 Slice=machine.slice Delegate=yes +SmackProcessLabel=System TasksMax=16384 - # Enforce a strict device policy, similar to the one nspawn configures - # when it allocates its own scope unit. Make sure to keep these - # policies in sync if you change them! + ## Enforce a strict device policy, similar to the one nspawn configures + ## when it allocates its own scope unit. Make sure to keep these + ## policies in sync if you change them! DevicePolicy=closed DeviceAllow=/dev/net/tun rwm DeviceAllow=char-pts rw diff --cc units/systemd-udevd.service.in index da7f19b,fc037b5..4572641 --- a/units/systemd-udevd.service.in +++ b/units/systemd-udevd.service.in @@@ -24,5 -24,8 +24,9 @@@ ExecStart=@rootlibexecdir@/systemd-udev KillMode=mixed WatchdogSec=3min TasksMax=infinity +SmackProcessLabel=System::Privileged + MountFlags=slave + MemoryDenyWriteExecute=yes + RestrictRealtime=yes + RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6 + SystemCallArchitectures=native diff --cc units/systemd-vconsole-setup.service.in index bd56d91,8bb75c6..2cec3bb --- a/units/systemd-vconsole-setup.service.in +++ b/units/systemd-vconsole-setup.service.in @@@ -15,6 -14,4 +14,5 @@@ ConditionPathExists=/dev/tty [Service] Type=oneshot - RemainAfterExit=yes ExecStart=@rootlibexecdir@/systemd-vconsole-setup +SmackProcessLabel=System diff --cc units/user/meson.build index 0000000,b507144..253d7bb mode 000000,100644..100644 --- a/units/user/meson.build +++ b/units/user/meson.build @@@ -1,0 -1,33 +1,44 @@@ + units = [ + 'basic.target', - 'bluetooth.target', ++ 'busnames.target', + 'default.target', + 'exit.target', + 'graphical-session-pre.target', + 'graphical-session.target', + 'paths.target', + 'printer.target', + 'shutdown.target', + 'smartcard.target', + 'sockets.target', + 'sound.target', + 'timers.target', + ] + ++units += [ ++ 'delayed.target', ++ 'user-delayed-target-trigger.service', ++ 'user-default-target-done.service', ++ 'user-delayed-target-done.service', ++] ++ + foreach file : units + install_data(file, + install_dir : userunitdir) + endforeach + ++meson.add_install_script('../meson-add-wants.sh', userunitdir, 'default.target.wants/', 'user-delayed-target-trigger.service') ++meson.add_install_script('../meson-add-wants.sh', userunitdir, 'default.target.wants/', 'user-default-target-done.service') ++meson.add_install_script('../meson-add-wants.sh', userunitdir, 'delayed.target.wants/', 'user-delayed-target-done.service') ++ + in_units = [ + 'systemd-exit.service', + ] + + foreach file : in_units + gen = configure_file( + input : file + '.in', + output : file, + configuration : substs) + install_data(gen, + install_dir : userunitdir) + endforeach diff --cc units/user@.service.m4.in index a625c2d,1beb901..33f11e1 --- a/units/user@.service.m4.in +++ b/units/user@.service.m4.in @@@ -20,8 -18,4 +20,9 @@@ Slice=user-%i.slic KillMode=mixed Delegate=yes TasksMax=infinity +Environment=DBUS_SESSION_BUS_ADDRESS=kernel:path=/sys/fs/kdbus/%i-user/bus;unix:path=/run/user/%i/bus +Environment=XDG_RUNTIME_DIR=/run/user/%i +Capabilities=cap_sys_admin,cap_mac_admin,cap_setgid,cap_dac_override=i +SecureBits=keep-caps +TimeoutStartSec=infinity + TimeoutStopSec=120s