diff --git a/.github/workflows/build_test.sh b/.github/workflows/build_test.sh
index 8471ea181e..bdcb71ba9c 100755
--- a/.github/workflows/build_test.sh
+++ b/.github/workflows/build_test.sh
@@ -46,9 +46,9 @@ PACKAGES=(
mount
net-tools
perl
- python-lxml
python3-evdev
python3-lxml
+ python3-jinja2
python3-pip
python3-pyparsing
python3-setuptools
diff --git a/.github/workflows/mkosi.yml b/.github/workflows/mkosi.yml
index 2c9630dec8..c7508a5bd9 100644
--- a/.github/workflows/mkosi.yml
+++ b/.github/workflows/mkosi.yml
@@ -27,7 +27,7 @@ jobs:
- uses: systemd/mkosi@v9
- name: Install
- run: sudo apt-get update && sudo apt-get install --no-install-recommends python3-pexpect
+ run: sudo apt-get update && sudo apt-get install --no-install-recommends python3-pexpect python3-jinja2
- name: Symlink
run: ln -s .mkosi/mkosi.${{ matrix.distro }} mkosi.default
diff --git a/.lgtm.yml b/.lgtm.yml
index 79512df980..93f8b1c0f4 100644
--- a/.lgtm.yml
+++ b/.lgtm.yml
@@ -9,6 +9,7 @@ extraction:
- libfdisk-dev
- libp11-kit-dev
- libssl-dev
+ - python3-jinja2
python:
python_setup:
version: 3
diff --git a/.mkosi/mkosi.arch b/.mkosi/mkosi.arch
index 867a869e1a..9782a7d872 100644
--- a/.mkosi/mkosi.arch
+++ b/.mkosi/mkosi.arch
@@ -35,12 +35,12 @@ BuildPackages=
libxkbcommon
libxslt
lz4
- m4
meson
pam
pkgconfig
python
python-lxml
+ python-jinja
qrencode
rsync
xz
diff --git a/.mkosi/mkosi.debian b/.mkosi/mkosi.debian
index b1173a67dc..0d37937aea 100644
--- a/.mkosi/mkosi.debian
+++ b/.mkosi/mkosi.debian
@@ -46,11 +46,11 @@ BuildPackages=
libtss2-dev
libxkbcommon-dev
libzstd-dev
- m4
meson
pkg-config
python3
python3-lxml
+ python3-jinja2
tree
uuid-dev
xsltproc
diff --git a/.mkosi/mkosi.fedora b/.mkosi/mkosi.fedora
index a069d8c84e..540c85c026 100644
--- a/.mkosi/mkosi.fedora
+++ b/.mkosi/mkosi.fedora
@@ -45,7 +45,6 @@ BuildPackages=
libzstd-devel
lz4
lz4-devel
- m4
meson
ninja-build
openssl-devel
@@ -55,6 +54,7 @@ BuildPackages=
pkgconfig
python3-devel
python3-lxml
+ python3dist(jinja2)
qrencode-devel
rpm
tpm2-tss-devel
diff --git a/.mkosi/mkosi.opensuse b/.mkosi/mkosi.opensuse
index 15f70a4352..bf05f8dd72 100644
--- a/.mkosi/mkosi.opensuse
+++ b/.mkosi/mkosi.opensuse
@@ -30,13 +30,13 @@ BuildPackages=
libseccomp-devel
libselinux-devel
libxslt-tools
- m4
meson
pam-devel
pciutils-devel
pcre-devel
python3
python3-lxml
+ python3-jinja2
qrencode-devel
system-user-nobody
systemd-sysvinit
diff --git a/.mkosi/mkosi.ubuntu b/.mkosi/mkosi.ubuntu
index dd1036fc85..32447c8b38 100644
--- a/.mkosi/mkosi.ubuntu
+++ b/.mkosi/mkosi.ubuntu
@@ -49,11 +49,11 @@ BuildPackages=
libxkbcommon-dev
libxtables-dev
libzstd-dev
- m4
meson
pkg-config
python3
python3-lxml
+ python3-jinja2
tree
tzdata
uuid-dev
diff --git a/.semaphore/semaphore-runner.sh b/.semaphore/semaphore-runner.sh
index a21d5d88e0..e7dbcb2ac1 100755
--- a/.semaphore/semaphore-runner.sh
+++ b/.semaphore/semaphore-runner.sh
@@ -57,7 +57,7 @@ for phase in "${PHASES[@]}"; do
echo "deb http://archive.ubuntu.com/ubuntu $UBUNTU_RELEASE-backports main restricted universe multiverse" | sudo tee -a /etc/apt/sources.list.d/backports.list
sudo apt-get -q update
sudo apt-get install -y -t "$UBUNTU_RELEASE-backports" lxc
- sudo apt-get install -y python3-debian git dpkg-dev fakeroot
+ sudo apt-get install -y python3-debian git dpkg-dev fakeroot python3-jinja2
[ -d $AUTOPKGTEST_DIR ] || git clone --quiet --depth=1 https://salsa.debian.org/ci-team/autopkgtest.git "$AUTOPKGTEST_DIR"
diff --git a/README b/README
index 955dc11e1b..a2b19d656d 100644
--- a/README
+++ b/README
@@ -190,11 +190,12 @@ REQUIREMENTS:
gperf
docbook-xsl (optional, required for documentation)
xsltproc (optional, required for documentation)
+ python-jinja2
python-lxml (optional, required to build the indices)
python >= 3.5
meson >= 0.46 (>= 0.49 is required to build position-independent executables)
ninja
- gcc, awk, sed, grep, m4, and similar tools
+ gcc, awk, sed, grep, and similar tools
clang >= 10.0, llvm >= 10.0 (optional, required to build BPF programs
from source code in C)
diff --git a/docs/HACKING.md b/docs/HACKING.md
index 6306eee139..4374ba097d 100644
--- a/docs/HACKING.md
+++ b/docs/HACKING.md
@@ -106,13 +106,31 @@ And after that, head over to your repo on GitHub and click "Compare & pull reque
Happy hacking!
+## Templating engines in .in files
+
+Some source files are generated during build. We use two templating engines:
+* meson's `configure_file()` directive uses syntax with `@VARIABLE@`.
+
+ See https://mesonbuild.com/Reference-manual.html#configure_file for
+ details.
+
+* most files are rendered using jinja2, with `{{VARIABLE}}` and `{% if … %}`,
+ `{% elif … %}`, `{% else … %}`, `{% endif … %}` blocks. `{# … #}` is a
+ jinja2 comment, i.e. that block will not be visible in the rendered
+ output. `{% raw %} … {% endraw %}` creates a block where the jinja2 syntax
+ is not interpreted.
+
+ See https://jinja2docs.readthedocs.io/en/stable/templates.html#synopsis
+ for details.
+
+Please note that files for both template engines use the `.in` extension.
## Developer and release modes
In the default meson configuration (`-Dmode=developer`), certain checks are
enabled that are suitable when hacking on systemd (such as internal
-documentation consistency checks). Those are not useful when compiling for code
-for distribution and can be disabled by setting `-Dmode=release`.
+documentation consistency checks). Those are not useful when compiling for
+distribution and can be disabled by setting `-Dmode=release`.
## Fuzzers
diff --git a/docs/sysvinit/README.in b/docs/sysvinit/README.in
index de5d80d902..32e21a84c9 100644
--- a/docs/sysvinit/README.in
+++ b/docs/sysvinit/README.in
@@ -1,4 +1,4 @@
-You are looking for the traditional init scripts in @SYSTEM_SYSVINIT_PATH@,
+You are looking for the traditional init scripts in {{ SYSTEM_SYSVINIT_PATH }},
and they are gone?
Here's an explanation on what's going on:
@@ -15,7 +15,7 @@ service, respectively. For further details, please refer to
systemctl(1).
Note that traditional init scripts continue to function on a systemd
-system. An init script @SYSTEM_SYSVINIT_PATH@/foobar is implicitly mapped
+system. An init script {{ SYSTEM_SYSVINIT_PATH }}/foobar is implicitly mapped
into a service unit foobar.service during system initialization.
Thank you!
diff --git a/docs/sysvinit/meson.build b/docs/sysvinit/meson.build
index 261bd68ca3..0a1935388a 100644
--- a/docs/sysvinit/meson.build
+++ b/docs/sysvinit/meson.build
@@ -1,11 +1,10 @@
# SPDX-License-Identifier: LGPL-2.1-or-later
-file = configure_file(
+custom_target(
+ 'README',
input : 'README.in',
output : 'README',
- configuration : substs)
-
-if conf.get('HAVE_SYSV_COMPAT') == 1
- install_data(file,
- install_dir : sysvinit_path)
-endif
+ command : [meson_render_jinja2, config_h, '@INPUT@'],
+ capture : true,
+ install : conf.get('HAVE_SYSV_COMPAT') == 1,
+ install_dir : sysvinit_path)
diff --git a/man/custom-entities.ent.in b/man/custom-entities.ent.in
index 8e494c7371..1659ac34d5 100644
--- a/man/custom-entities.ent.in
+++ b/man/custom-entities.ent.in
@@ -1,15 +1,15 @@
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/man/meson.build b/man/meson.build
index 2e3b858f4f..ff36d26cb4 100644
--- a/man/meson.build
+++ b/man/meson.build
@@ -26,10 +26,12 @@ custom_man_xsl = files('custom-man.xsl')
custom_html_xsl = files('custom-html.xsl')
xslt_cmd = [xsltproc, '-o', '@OUTPUT0@'] + xsltproc_flags
-custom_entities_ent = configure_file(
+custom_entities_ent = custom_target(
+ 'custom-entities.ent',
input : 'custom-entities.ent.in',
output : 'custom-entities.ent',
- configuration : conf)
+ command : [meson_render_jinja2, config_h, '@INPUT@'],
+ capture : true)
man_pages = []
html_pages = []
@@ -60,7 +62,7 @@ foreach tuple : xsltproc.found() ? manpages : []
input : xml,
output : [man] + manaliases,
command : xslt_cmd + [custom_man_xsl, '@INPUT@'],
- depend_files : custom_entities_ent,
+ depends : custom_entities_ent,
install : want_man,
install_dir : mandirn)
man_pages += p1
@@ -85,8 +87,7 @@ foreach tuple : xsltproc.found() ? manpages : []
input : xml,
output : html,
command : xslt_cmd + [custom_html_xsl, '@INPUT@'],
- depend_files : custom_entities_ent,
- depends : p2,
+ depends : [custom_entities_ent, p2],
install : want_html,
install_dir : join_paths(docdir, 'html'))
html_pages += p3
@@ -163,8 +164,7 @@ foreach tuple : xsltproc.found() ? [['systemd.directives', '7', systemd_directiv
input : xml,
output : html,
command : xslt_cmd + [custom_html_xsl, '@INPUT@'],
- depend_files : custom_entities_ent,
- depends : p2,
+ depends : [custom_entities_ent, p2],
install : want_html and have_lxml,
install_dir : join_paths(docdir, 'html'))
html_pages += p3
@@ -200,12 +200,15 @@ endif
############################################################
+buildroot_substs = configuration_data()
+buildroot_substs.set_quoted('BUILD_ROOT', project_build_root)
+
configure_file(
input : 'man.in',
output : 'man',
- configuration : substs)
+ configuration : buildroot_substs)
configure_file(
input : 'html.in',
output : 'html',
- configuration : substs)
+ configuration : buildroot_substs)
diff --git a/man/systemd-environment-d-generator.xml b/man/systemd-environment-d-generator.xml
index a9b6b987de..a85ef49428 100644
--- a/man/systemd-environment-d-generator.xml
+++ b/man/systemd-environment-d-generator.xml
@@ -25,7 +25,7 @@
- &userenvgeneratordir;/30-systemd-environment-d-generator
+ &USER_ENV_GENERATOR_DIR;/30-systemd-environment-d-generator
diff --git a/man/systemd.environment-generator.xml b/man/systemd.environment-generator.xml
index 663d7dcddf..856f6a641b 100644
--- a/man/systemd.environment-generator.xml
+++ b/man/systemd.environment-generator.xml
@@ -25,31 +25,31 @@
- &systemenvgeneratordir;/some-generator
+ &SYSTEM_ENV_GENERATOR_DIR;/some-generator
- &userenvgeneratordir;/some-generator
+ &USER_ENV_GENERATOR_DIR;/some-generator
/run/systemd/system-environment-generators/*
/etc/systemd/system-environment-generators/*
/usr/local/lib/systemd/system-environment-generators/*
-&systemenvgeneratordir;/*
+&SYSTEM_ENV_GENERATOR_DIR;/*
/run/systemd/user-environment-generators/*
/etc/systemd/user-environment-generators/*
/usr/local/lib/systemd/user-environment-generators/*
-&userenvgeneratordir;/*
+&USER_ENV_GENERATOR_DIR;/*
Description
Generators are small executables that live in
- &systemenvgeneratordir;/ and other directories listed above.
+ &SYSTEM_ENV_GENERATOR_DIR;/ and other directories listed above.
systemd1 will
execute those binaries very early at the startup of each manager and at configuration
reload time, before running the generators described in
@@ -116,7 +116,7 @@
Debugging a generator
SYSTEMD_LOG_LEVEL=debug VAR_A=something VAR_B="something else" \
-&systemenvgeneratordir;/path-to-generator
+&SYSTEM_ENV_GENERATOR_DIR;/path-to-generator
diff --git a/man/systemd.generator.xml b/man/systemd.generator.xml
index 9c622ed44c..fb521726e3 100644
--- a/man/systemd.generator.xml
+++ b/man/systemd.generator.xml
@@ -34,20 +34,20 @@
/run/systemd/system-generators/*
/etc/systemd/system-generators/*
/usr/local/lib/systemd/system-generators/*
-&systemgeneratordir;/*
+&SYSTEM_GENERATOR_DIR;/*
/run/systemd/user-generators/*
/etc/systemd/user-generators/*
/usr/local/lib/systemd/user-generators/*
-&usergeneratordir;/*
+&USER_GENERATOR_DIR;/*
Description
- Generators are small executables placed in &systemgeneratordir;/ and other
+ Generators are small executables placed in &SYSTEM_GENERATOR_DIR;/ and other
directories listed above.
systemd1 will execute
these binaries very early at bootup and at configuration reload time — before unit files are
@@ -294,7 +294,7 @@
Debugging a generator
dir=$(mktemp -d)
-SYSTEMD_LOG_LEVEL=debug &systemgeneratordir;/systemd-fstab-generator \
+SYSTEMD_LOG_LEVEL=debug &SYSTEM_GENERATOR_DIR;/systemd-fstab-generator \
"$dir" "$dir" "$dir"
find $dir
diff --git a/meson.build b/meson.build
index a8bbeacd85..8b1871523f 100644
--- a/meson.build
+++ b/meson.build
@@ -16,19 +16,11 @@ project('systemd', 'c',
libsystemd_version = '0.31.0'
libudev_version = '1.7.1'
-# We need the same data in two different formats, ugh!
-# Also, for hysterical reasons, we use different variable
-# names, sometimes. Not all variables are included in every
-# set. Ugh, ugh, ugh!
conf = configuration_data()
-conf.set('PROJECT_VERSION', meson.project_version(),
+conf.set_quoted('PROJECT_URL', 'https://www.freedesktop.org/wiki/Software/systemd')
+conf.set('PROJECT_VERSION', meson.project_version(),
description : 'Numerical project version (used where a simple number is expected)')
-substs = configuration_data()
-substs.set('PROJECT_URL', 'https://www.freedesktop.org/wiki/Software/systemd')
-substs.set('PROJECT_VERSION', meson.project_version(),
- description : 'Numerical project version (used where a simple number is expected)')
-
# This is to be used instead of meson.source_root(), as the latter will return
# the wrong result when systemd is being built as a meson subproject
project_source_root = meson.current_source_dir()
@@ -219,106 +211,77 @@ endif
memory_accounting_default = get_option('memory-accounting-default')
status_unit_format_default = get_option('status-unit-format-default')
+conf.set_quoted('BINFMT_DIR', binfmtdir)
+conf.set_quoted('BOOTLIBDIR', bootlibdir)
+conf.set_quoted('CATALOG_DATABASE', join_paths(catalogstatedir, 'database'))
+conf.set_quoted('CERTIFICATE_ROOT', get_option('certificate-root'))
+conf.set_quoted('DOCUMENT_ROOT', join_paths(pkgdatadir, 'gatewayd'))
+conf.set_quoted('ENVIRONMENT_DIR', environmentdir)
+conf.set_quoted('INCLUDE_DIR', includedir)
+conf.set_quoted('LIBDIR', libdir)
+conf.set_quoted('MODPROBE_DIR', modprobedir)
+conf.set_quoted('MODULESLOAD_DIR', modulesloaddir)
conf.set_quoted('PKGSYSCONFDIR', pkgsysconfdir)
+conf.set_quoted('POLKIT_AGENT_BINARY_PATH', join_paths(bindir, 'pkttyagent'))
+conf.set_quoted('PREFIX', prefixdir)
+conf.set_quoted('RANDOM_SEED', join_paths(randomseeddir, 'random-seed'))
+conf.set_quoted('RANDOM_SEED_DIR', randomseeddir)
+conf.set_quoted('RC_LOCAL_PATH', get_option('rc-local'))
+conf.set_quoted('ROOTBINDIR', rootbindir)
+conf.set_quoted('ROOTLIBDIR', rootlibdir)
+conf.set_quoted('ROOTLIBEXECDIR', rootlibexecdir)
+conf.set_quoted('ROOTPREFIX', rootprefixdir)
+conf.set_quoted('ROOTPREFIX_NOSLASH', rootprefixdir_noslash)
+conf.set_quoted('SYSCONF_DIR', sysconfdir)
+conf.set_quoted('SYSCTL_DIR', sysctldir)
+conf.set_quoted('SYSTEMCTL_BINARY_PATH', join_paths(rootbindir, 'systemctl'))
+conf.set_quoted('SYSTEMD_BINARY_PATH', join_paths(rootlibexecdir, 'systemd'))
+conf.set_quoted('SYSTEMD_CATALOG_DIR', catalogdir)
+conf.set_quoted('SYSTEMD_CGROUPS_AGENT_PATH', join_paths(rootlibexecdir, 'systemd-cgroups-agent'))
+conf.set_quoted('SYSTEMD_CRYPTSETUP_PATH', join_paths(rootlibexecdir, 'systemd-cryptsetup'))
+conf.set_quoted('SYSTEMD_EXPORT_PATH', join_paths(rootlibexecdir, 'systemd-export'))
+conf.set_quoted('SYSTEMD_FSCK_PATH', join_paths(rootlibexecdir, 'systemd-fsck'))
+conf.set_quoted('SYSTEMD_GROWFS_PATH', join_paths(rootlibexecdir, 'systemd-growfs'))
+conf.set_quoted('SYSTEMD_HOMEWORK_PATH', join_paths(rootlibexecdir, 'systemd-homework'))
+conf.set_quoted('SYSTEMD_IMPORT_FS_PATH', join_paths(rootlibexecdir, 'systemd-import-fs'))
+conf.set_quoted('SYSTEMD_IMPORT_PATH', join_paths(rootlibexecdir, 'systemd-import'))
+conf.set_quoted('SYSTEMD_KBD_MODEL_MAP', join_paths(pkgdatadir, 'kbd-model-map'))
+conf.set_quoted('SYSTEMD_LANGUAGE_FALLBACK_MAP', join_paths(pkgdatadir, 'language-fallback-map'))
+conf.set_quoted('SYSTEMD_MAKEFS_PATH', join_paths(rootlibexecdir, 'systemd-makefs'))
+conf.set_quoted('SYSTEMD_PULL_PATH', join_paths(rootlibexecdir, 'systemd-pull'))
+conf.set_quoted('SYSTEMD_SHUTDOWN_BINARY_PATH', join_paths(rootlibexecdir, 'systemd-shutdown'))
+conf.set_quoted('SYSTEMD_STDIO_BRIDGE_BINARY_PATH', join_paths(bindir, 'systemd-stdio-bridge'))
+conf.set_quoted('SYSTEMD_TEST_DATA', join_paths(testsdir, 'testdata'))
+conf.set_quoted('SYSTEMD_TTY_ASK_PASSWORD_AGENT_BINARY_PATH', join_paths(rootbindir, 'systemd-tty-ask-password-agent'))
+conf.set_quoted('SYSTEMD_USERWORK_PATH', join_paths(rootlibexecdir, 'systemd-userwork'))
+conf.set_quoted('SYSTEMD_VERITYSETUP_PATH', join_paths(rootlibexecdir, 'systemd-veritysetup'))
conf.set_quoted('SYSTEM_CONFIG_UNIT_DIR', join_paths(pkgsysconfdir, 'system'))
-conf.set_quoted('SYSTEM_DATA_UNIT_PATH', systemunitdir)
+conf.set_quoted('SYSTEM_DATA_UNIT_DIR', systemunitdir)
+conf.set_quoted('SYSTEM_ENV_GENERATOR_DIR', systemenvgeneratordir)
+conf.set_quoted('SYSTEM_GENERATOR_DIR', systemgeneratordir)
+conf.set_quoted('SYSTEM_PRESET_DIR', systempresetdir)
+conf.set_quoted('SYSTEM_SHUTDOWN_PATH', systemshutdowndir)
+conf.set_quoted('SYSTEM_SLEEP_PATH', systemsleepdir)
conf.set_quoted('SYSTEM_SYSVINIT_PATH', sysvinit_path)
conf.set_quoted('SYSTEM_SYSVRCND_PATH', sysvrcnd_path)
-conf.set_quoted('RC_LOCAL_PATH', get_option('rc-local'))
+conf.set_quoted('SYSUSERS_DIR', sysusersdir)
+conf.set_quoted('TMPFILES_DIR', tmpfilesdir)
+conf.set_quoted('UDEVLIBEXECDIR', udevlibexecdir)
+conf.set_quoted('UDEV_HWDB_DIR', udevhwdbdir)
+conf.set_quoted('UDEV_RULES_DIR', udevrulesdir)
+conf.set_quoted('USER_CONFIG_UNIT_DIR', join_paths(pkgsysconfdir, 'user'))
+conf.set_quoted('USER_DATA_UNIT_DIR', userunitdir)
+conf.set_quoted('USER_ENV_GENERATOR_DIR', userenvgeneratordir)
+conf.set_quoted('USER_GENERATOR_DIR', usergeneratordir)
+conf.set_quoted('USER_KEYRING_PATH', join_paths(pkgsysconfdir, 'import-pubring.gpg'))
+conf.set_quoted('USER_PRESET_DIR', userpresetdir)
+conf.set_quoted('VENDOR_KEYRING_PATH', join_paths(rootlibexecdir, 'import-pubring.gpg'))
conf.set('ANSI_OK_COLOR', 'ANSI_' + get_option('ok-color').underscorify().to_upper())
conf.set10('ENABLE_FEXECVE', get_option('fexecve'))
-
-conf.set_quoted('USER_CONFIG_UNIT_DIR', join_paths(pkgsysconfdir, 'user'))
-conf.set_quoted('USER_DATA_UNIT_DIR', userunitdir)
-conf.set_quoted('CERTIFICATE_ROOT', get_option('certificate-root'))
-conf.set_quoted('CATALOG_DATABASE', join_paths(catalogstatedir, 'database'))
-conf.set_quoted('SYSTEMD_BINARY_PATH', join_paths(rootlibexecdir, 'systemd'))
-conf.set_quoted('SYSTEMD_CGROUPS_AGENT_PATH', join_paths(rootlibexecdir, 'systemd-cgroups-agent'))
-conf.set_quoted('SYSTEMD_FSCK_PATH', join_paths(rootlibexecdir, 'systemd-fsck'))
-conf.set_quoted('SYSTEMD_GROWFS_PATH', join_paths(rootlibexecdir, 'systemd-growfs'))
-conf.set_quoted('SYSTEMD_MAKEFS_PATH', join_paths(rootlibexecdir, 'systemd-makefs'))
-conf.set_quoted('SYSTEMD_SHUTDOWN_BINARY_PATH', join_paths(rootlibexecdir, 'systemd-shutdown'))
-conf.set_quoted('SYSTEMCTL_BINARY_PATH', join_paths(rootbindir, 'systemctl'))
-conf.set_quoted('SYSTEMD_TTY_ASK_PASSWORD_AGENT_BINARY_PATH', join_paths(rootbindir, 'systemd-tty-ask-password-agent'))
-conf.set_quoted('SYSTEMD_STDIO_BRIDGE_BINARY_PATH', join_paths(bindir, 'systemd-stdio-bridge'))
-conf.set_quoted('ROOTPREFIX', rootprefixdir)
-conf.set_quoted('ROOTPREFIX_NOSLASH', rootprefixdir_noslash)
-conf.set_quoted('RANDOM_SEED_DIR', randomseeddir)
-conf.set_quoted('RANDOM_SEED', join_paths(randomseeddir, 'random-seed'))
-conf.set_quoted('SYSTEMD_CRYPTSETUP_PATH', join_paths(rootlibexecdir, 'systemd-cryptsetup'))
-conf.set_quoted('SYSTEMD_VERITYSETUP_PATH', join_paths(rootlibexecdir, 'systemd-veritysetup'))
-conf.set_quoted('SYSTEM_GENERATOR_DIR', systemgeneratordir)
-conf.set_quoted('USER_GENERATOR_DIR', usergeneratordir)
-conf.set_quoted('SYSTEM_ENV_GENERATOR_DIR', systemenvgeneratordir)
-conf.set_quoted('USER_ENV_GENERATOR_DIR', userenvgeneratordir)
-conf.set_quoted('SYSTEM_SHUTDOWN_PATH', systemshutdowndir)
-conf.set_quoted('SYSTEM_SLEEP_PATH', systemsleepdir)
-conf.set_quoted('SYSTEMD_KBD_MODEL_MAP', join_paths(pkgdatadir, 'kbd-model-map'))
-conf.set_quoted('SYSTEMD_LANGUAGE_FALLBACK_MAP', join_paths(pkgdatadir, 'language-fallback-map'))
-conf.set_quoted('SYSTEMD_TEST_DATA', join_paths(testsdir, 'testdata'))
-conf.set_quoted('SYSTEMD_CATALOG_DIR', catalogdir)
-conf.set_quoted('UDEVLIBEXECDIR', udevlibexecdir)
-conf.set_quoted('POLKIT_AGENT_BINARY_PATH', join_paths(bindir, 'pkttyagent'))
-conf.set_quoted('LIBDIR', libdir)
-conf.set_quoted('ROOTLIBDIR', rootlibdir)
-conf.set_quoted('ROOTLIBEXECDIR', rootlibexecdir)
-conf.set_quoted('BOOTLIBDIR', bootlibdir)
-conf.set_quoted('SYSTEMD_PULL_PATH', join_paths(rootlibexecdir, 'systemd-pull'))
-conf.set_quoted('SYSTEMD_IMPORT_PATH', join_paths(rootlibexecdir, 'systemd-import'))
-conf.set_quoted('SYSTEMD_IMPORT_FS_PATH', join_paths(rootlibexecdir, 'systemd-import-fs'))
-conf.set_quoted('SYSTEMD_EXPORT_PATH', join_paths(rootlibexecdir, 'systemd-export'))
-conf.set_quoted('VENDOR_KEYRING_PATH', join_paths(rootlibexecdir, 'import-pubring.gpg'))
-conf.set_quoted('USER_KEYRING_PATH', join_paths(pkgsysconfdir, 'import-pubring.gpg'))
-conf.set_quoted('DOCUMENT_ROOT', join_paths(pkgdatadir, 'gatewayd'))
-conf.set_quoted('SYSTEMD_HOMEWORK_PATH', join_paths(rootlibexecdir, 'systemd-homework'))
-conf.set_quoted('SYSTEMD_USERWORK_PATH', join_paths(rootlibexecdir, 'systemd-userwork'))
conf.set10('MEMORY_ACCOUNTING_DEFAULT', memory_accounting_default)
-conf.set_quoted('MEMORY_ACCOUNTING_DEFAULT_YES_NO', memory_accounting_default ? 'yes' : 'no')
conf.set('STATUS_UNIT_FORMAT_DEFAULT', 'STATUS_UNIT_FORMAT_' + status_unit_format_default.to_upper())
-
-substs.set('prefix', prefixdir)
-substs.set('rootprefix', rootprefixdir)
-substs.set('rootprefix_noslash', rootprefixdir_noslash)
-substs.set('exec_prefix', prefixdir)
-substs.set('libdir', libdir)
-substs.set('rootlibdir', rootlibdir)
-substs.set('includedir', includedir)
-substs.set('sysconfdir', sysconfdir)
-substs.set('bindir', bindir)
-substs.set('rootbindir', rootbindir)
-substs.set('rootlibexecdir', rootlibexecdir)
-substs.set('systemunitdir', systemunitdir)
-substs.set('userunitdir', userunitdir)
-substs.set('systempresetdir', systempresetdir)
-substs.set('userpresetdir', userpresetdir)
-substs.set('udevhwdbdir', udevhwdbdir)
-substs.set('udevrulesdir', udevrulesdir)
-substs.set('udevlibexecdir', udevlibexecdir)
-substs.set('environmentdir', environmentdir)
-substs.set('catalogdir', catalogdir)
-substs.set('tmpfilesdir', tmpfilesdir)
-substs.set('sysusersdir', sysusersdir)
-substs.set('sysctldir', sysctldir)
-substs.set('binfmtdir', binfmtdir)
-substs.set('modulesloaddir', modulesloaddir)
-substs.set('modprobedir', modprobedir)
-substs.set('systemgeneratordir', systemgeneratordir)
-substs.set('usergeneratordir', usergeneratordir)
-substs.set('systemenvgeneratordir', systemenvgeneratordir)
-substs.set('userenvgeneratordir', userenvgeneratordir)
-substs.set('systemshutdowndir', systemshutdowndir)
-substs.set('systemsleepdir', systemsleepdir)
-substs.set('CERTIFICATEROOT', get_option('certificate-root'))
-substs.set('RANDOM_SEED', join_paths(randomseeddir, 'random-seed'))
-substs.set('SYSTEM_SYSVINIT_PATH', sysvinit_path)
-substs.set('SYSTEM_SYSVRCND_PATH', sysvrcnd_path)
-substs.set('SYSTEMD_TEST_DATA', join_paths(testsdir, 'testdata'))
-substs.set('RC_LOCAL_PATH', get_option('rc-local'))
-substs.set('MEMORY_ACCOUNTING_DEFAULT', memory_accounting_default ? 'yes' : 'no')
-substs.set('STATUS_UNIT_FORMAT_DEFAULT', status_unit_format_default)
-substs.set('HIGH_RLIMIT_NOFILE', conf.get('HIGH_RLIMIT_NOFILE'))
-substs.set('BUILD_ROOT', project_build_root)
+conf.set_quoted('STATUS_UNIT_FORMAT_DEFAULT_STR', status_unit_format_default)
#####################################################################
@@ -605,7 +568,6 @@ echo = find_program('echo')
test = find_program('test')
sed = find_program('sed')
awk = find_program('awk')
-m4 = find_program('m4')
stat = find_program('stat')
ln = find_program('ln')
git = find_program('git', required : false)
@@ -644,7 +606,6 @@ foreach prog : progs
endif
name = prog.length() > 2 ? prog[2] : prog[0].to_upper()
conf.set_quoted(name, path)
- substs.set(name, path)
endforeach
conf.set_quoted('TELINIT', get_option('telinit-path'))
@@ -655,6 +616,12 @@ endif
############################################################
+if run_command('python3', '-c', 'import jinja2').returncode() != 0
+ error('python3 jinja2 missing')
+endif
+
+############################################################
+
gperf = find_program('gperf')
gperf_test_format = '''
@@ -754,7 +721,6 @@ foreach tuple : [['system-alloc-uid-min', 'SYS_UID_MIN', 1], # Also see login.d
endif
endif
conf.set(tuple[0].underscorify().to_upper(), v)
- substs.set(tuple[0].underscorify().to_upper(), v)
endforeach
if conf.get('SYSTEM_ALLOC_UID_MIN') >= conf.get('SYSTEM_UID_MAX')
error('Invalid uid allocation range')
@@ -767,15 +733,11 @@ dynamic_uid_min = get_option('dynamic-uid-min')
dynamic_uid_max = get_option('dynamic-uid-max')
conf.set('DYNAMIC_UID_MIN', dynamic_uid_min)
conf.set('DYNAMIC_UID_MAX', dynamic_uid_max)
-substs.set('dynamicuidmin', dynamic_uid_min)
-substs.set('dynamicuidmax', dynamic_uid_max)
container_uid_base_min = get_option('container-uid-base-min')
container_uid_base_max = get_option('container-uid-base-max')
conf.set('CONTAINER_UID_BASE_MIN', container_uid_base_min)
conf.set('CONTAINER_UID_BASE_MAX', container_uid_base_max)
-substs.set('containeruidbasemin', container_uid_base_min)
-substs.set('containeruidbasemax', container_uid_base_max)
nobody_user = get_option('nobody-user')
nobody_group = get_option('nobody-group')
@@ -827,39 +789,32 @@ endif
conf.set_quoted('NOBODY_USER_NAME', nobody_user)
conf.set_quoted('NOBODY_GROUP_NAME', nobody_group)
-substs.set('NOBODY_USER_NAME', nobody_user)
-substs.set('NOBODY_GROUP_NAME', nobody_group)
tty_gid = get_option('tty-gid')
conf.set('TTY_GID', tty_gid)
-substs.set('TTY_GID', tty_gid)
# Ensure provided GID argument is numeric, otherwise fall back to default assignment
users_gid = get_option('users-gid')
-substs.set('USERS_GID', users_gid < 0 ? '-' : users_gid)
+conf.set('USERS_GID', users_gid < 0 ? '-' : users_gid)
conf.set10('ENABLE_ADM_GROUP', get_option('adm-group'))
conf.set10('ENABLE_WHEEL_GROUP', get_option('wheel-group'))
dev_kvm_mode = get_option('dev-kvm-mode')
-substs.set('DEV_KVM_MODE', dev_kvm_mode)
+conf.set_quoted('DEV_KVM_MODE', dev_kvm_mode) # FIXME: convert to 0o… notation
conf.set10('DEV_KVM_UACCESS', dev_kvm_mode != '0666')
group_render_mode = get_option('group-render-mode')
-substs.set('GROUP_RENDER_MODE', group_render_mode)
+conf.set_quoted('GROUP_RENDER_MODE', group_render_mode)
conf.set10('GROUP_RENDER_UACCESS', group_render_mode != '0666')
kill_user_processes = get_option('default-kill-user-processes')
conf.set10('KILL_USER_PROCESSES', kill_user_processes)
-conf.set_quoted('KILL_USER_PROCESSES_YES_NO', kill_user_processes ? 'yes' : 'no')
-substs.set('KILL_USER_PROCESSES', kill_user_processes ? 'yes' : 'no')
dns_servers = get_option('dns-servers')
conf.set_quoted('DNS_SERVERS', dns_servers)
-substs.set('DNS_SERVERS', dns_servers)
ntp_servers = get_option('ntp-servers')
conf.set_quoted('NTP_SERVERS', ntp_servers)
-substs.set('NTP_SERVERS', ntp_servers)
default_locale = get_option('default-locale')
if default_locale == ''
@@ -873,24 +828,18 @@ endif
conf.set_quoted('SYSTEMD_DEFAULT_LOCALE', default_locale)
localegen_path = get_option('localegen-path')
-have = false
-writable = ''
if localegen_path != ''
conf.set_quoted('LOCALEGEN_PATH', localegen_path)
- have = true
- writable = ' /usr/lib/locale'
endif
-substs.set('SERVICE_LOCALEGEN_WRITABLE', writable)
-conf.set10('HAVE_LOCALEGEN', have)
+conf.set10('HAVE_LOCALEGEN', localegen_path != '')
conf.set_quoted('GETTEXT_PACKAGE', meson.project_name())
service_watchdog = get_option('service-watchdog')
watchdog_value = service_watchdog == '' ? '' : 'WatchdogSec=' + service_watchdog
-substs.set('SERVICE_WATCHDOG', watchdog_value)
+conf.set_quoted('SERVICE_WATCHDOG', watchdog_value)
-substs.set('SUSHELL', get_option('debug-shell'))
-substs.set('DEBUGTTY', get_option('debug-tty'))
+conf.set_quoted('SUSHELL', get_option('debug-shell'))
conf.set_quoted('DEBUGTTY', get_option('debug-tty'))
enable_debug_hashmap = false
@@ -1029,10 +978,8 @@ else
endif
conf.set10('HAVE_APPARMOR', have)
-smack_run_label = get_option('smack-run-label')
-if smack_run_label != ''
- conf.set_quoted('SMACK_RUN_LABEL', smack_run_label)
-endif
+conf.set10('HAVE_SMACK_RUN_LABEL', get_option('smack-run-label') != '')
+conf.set_quoted('SMACK_RUN_LABEL', get_option('smack-run-label'))
want_polkit = get_option('polkit')
install_polkit = false
@@ -1405,7 +1352,7 @@ if default_dnssec != 'no' and conf.get('HAVE_GCRYPT') == 0
endif
conf.set('DEFAULT_DNSSEC_MODE',
'DNSSEC_' + default_dnssec.underscorify().to_upper())
-substs.set('DEFAULT_DNSSEC_MODE', default_dnssec)
+conf.set_quoted('DEFAULT_DNSSEC_MODE_STR', default_dnssec)
dns_over_tls = get_option('dns-over-tls')
if dns_over_tls != 'false'
@@ -1446,17 +1393,17 @@ if default_dns_over_tls != 'no' and conf.get('ENABLE_DNS_OVER_TLS') == 0
endif
conf.set('DEFAULT_DNS_OVER_TLS_MODE',
'DNS_OVER_TLS_' + default_dns_over_tls.underscorify().to_upper())
-substs.set('DEFAULT_DNS_OVER_TLS_MODE', default_dns_over_tls)
+conf.set_quoted('DEFAULT_DNS_OVER_TLS_MODE_STR', default_dns_over_tls)
default_mdns = get_option('default-mdns')
conf.set('DEFAULT_MDNS_MODE',
'RESOLVE_SUPPORT_' + default_mdns.to_upper())
-substs.set('DEFAULT_MDNS_MODE', default_mdns)
+conf.set_quoted('DEFAULT_MDNS_MODE_STR', default_mdns)
default_llmnr = get_option('default-llmnr')
conf.set('DEFAULT_LLMNR_MODE',
'RESOLVE_SUPPORT_' + default_llmnr.to_upper())
-substs.set('DEFAULT_LLMNR_MODE', default_llmnr)
+conf.set_quoted('DEFAULT_LLMNR_MODE_STR', default_llmnr)
want_repart = get_option('repart')
if want_repart != 'false'
@@ -1502,7 +1449,6 @@ conf.set10('ENABLE_PAM_HOME', have)
have = get_option('oomd')
conf.set10('ENABLE_OOMD', have)
-substs.set10('ENABLE_OOMD', have)
want_remote = get_option('remote')
if want_remote != 'false'
@@ -1564,7 +1510,6 @@ foreach term : ['analyze',
have = get_option(term)
name = 'ENABLE_' + term.underscorify().to_upper()
conf.set10(name, have)
- substs.set10(name, have)
endforeach
enable_sysusers = conf.get('ENABLE_SYSUSERS') == 1
@@ -1640,7 +1585,7 @@ generate_gperfs = find_program('tools/generate-gperfs.py')
make_autosuspend_rules_py = find_program('tools/make-autosuspend-rules.py')
make_directive_index_py = find_program('tools/make-directive-index.py')
make_man_index_py = find_program('tools/make-man-index.py')
-meson_apply_m4 = find_program('tools/meson-apply-m4.sh')
+meson_render_jinja2 = find_program('tools/meson-render-jinja2.py')
update_dbus_docs_py = find_program('tools/update-dbus-docs.py')
update_hwdb_sh = find_program('tools/update-hwdb.sh')
update_hwdb_autosuspend_sh = find_program('tools/update-hwdb-autosuspend.sh')
@@ -3702,7 +3647,7 @@ custom_target(
'cd @0@ && '.format(meson.build_root()) +
'python3 @0@/tools/update-man-rules.py $(find @0@ -wholename "*/man/*.xml") >t && '.format(project_source_root) +
'mv t @0@/man/rules/meson.build'.format(meson.current_source_dir())],
- depend_files : custom_entities_ent)
+ depends : custom_entities_ent)
############################################################
watchdog_opt = service_watchdog == '' ? 'disabled' : service_watchdog
@@ -3734,7 +3679,7 @@ status = [
'debug shell: @0@ @ @1@'.format(get_option('debug-shell'),
get_option('debug-tty')),
'TTY GID: @0@'.format(tty_gid),
- 'users GID: @0@'.format(substs.get('USERS_GID')),
+ 'users GID: @0@'.format(conf.get('USERS_GID')),
'system UIDs: <=@0@ (alloc >=@1@)'.format(conf.get('SYSTEM_UID_MAX'),
conf.get('SYSTEM_ALLOC_UID_MIN')),
'system GIDs: <=@0@ (alloc >=@1@)'.format(conf.get('SYSTEM_GID_MAX'),
diff --git a/rules.d/50-udev-default.rules.in b/rules.d/50-udev-default.rules.in
index 3304e32bb6..18a3cf46bf 100644
--- a/rules.d/50-udev-default.rules.in
+++ b/rules.d/50-udev-default.rules.in
@@ -36,8 +36,8 @@ SUBSYSTEM=="dvb", GROUP="video"
SUBSYSTEM=="media", GROUP="video"
SUBSYSTEM=="cec", GROUP="video"
-SUBSYSTEM=="drm", KERNEL=="renderD*", GROUP="render", MODE="@GROUP_RENDER_MODE@"
-SUBSYSTEM=="kfd", GROUP="render", MODE="@GROUP_RENDER_MODE@"
+SUBSYSTEM=="drm", KERNEL=="renderD*", GROUP="render", MODE="{{GROUP_RENDER_MODE}}"
+SUBSYSTEM=="kfd", GROUP="render", MODE="{{GROUP_RENDER_MODE}}"
SUBSYSTEM=="misc", KERNEL=="sgx_enclave", GROUP="sgx", MODE="0660"
@@ -89,14 +89,14 @@ KERNEL=="tun", MODE="0666", OPTIONS+="static_node=net/tun"
KERNEL=="fuse", MODE="0666", OPTIONS+="static_node=fuse"
# The static_node is required on s390x and ppc (they are using MODULE_ALIAS)
-KERNEL=="kvm", GROUP="kvm", MODE="@DEV_KVM_MODE@", OPTIONS+="static_node=kvm"
+KERNEL=="kvm", GROUP="kvm", MODE="{{DEV_KVM_MODE}}", OPTIONS+="static_node=kvm"
KERNEL=="vfio", MODE="0666", OPTIONS+="static_node=vfio/vfio"
KERNEL=="vsock", MODE="0666"
-KERNEL=="vhost-vsock", GROUP="kvm", MODE="@DEV_KVM_MODE@", OPTIONS+="static_node=vhost-vsock"
+KERNEL=="vhost-vsock", GROUP="kvm", MODE="{{DEV_KVM_MODE}}", OPTIONS+="static_node=vhost-vsock"
-KERNEL=="vhost-net", GROUP="kvm", MODE="@DEV_KVM_MODE@", OPTIONS+="static_node=vhost-net"
+KERNEL=="vhost-net", GROUP="kvm", MODE="{{DEV_KVM_MODE}}", OPTIONS+="static_node=vhost-net"
KERNEL=="udmabuf", GROUP="kvm"
diff --git a/rules.d/64-btrfs.rules.in b/rules.d/64-btrfs.rules.in
index aad29afb8b..df6e12a5dd 100644
--- a/rules.d/64-btrfs.rules.in
+++ b/rules.d/64-btrfs.rules.in
@@ -12,6 +12,6 @@ IMPORT{builtin}="btrfs ready $devnode"
ENV{ID_BTRFS_READY}=="0", ENV{SYSTEMD_READY}="0"
# reconsider pending devices in case when multidevice volume awaits
-ENV{ID_BTRFS_READY}=="1", RUN+="@rootbindir@/udevadm trigger -s block -p ID_BTRFS_READY=0"
+ENV{ID_BTRFS_READY}=="1", RUN+="{{ROOTBINDIR}}/udevadm trigger -s block -p ID_BTRFS_READY=0"
LABEL="btrfs_end"
diff --git a/rules.d/99-systemd.rules.in b/rules.d/99-systemd.rules.in
index be972f90fb..25b8a590a6 100644
--- a/rules.d/99-systemd.rules.in
+++ b/rules.d/99-systemd.rules.in
@@ -57,7 +57,7 @@ SUBSYSTEM=="usb", ENV{DEVTYPE}=="usb_device", ENV{ID_USB_INTERFACES}=="*:0701??:
SUBSYSTEM=="udc", ACTION=="add", TAG+="systemd", ENV{SYSTEMD_WANTS}+="usb-gadget.target"
# Apply sysctl variables to network devices (and only to those) as they appear.
-ACTION=="add", SUBSYSTEM=="net", KERNEL!="lo", RUN+="@rootlibexecdir@/systemd-sysctl --prefix=/net/ipv4/conf/$name --prefix=/net/ipv4/neigh/$name --prefix=/net/ipv6/conf/$name --prefix=/net/ipv6/neigh/$name"
+ACTION=="add", SUBSYSTEM=="net", KERNEL!="lo", RUN+="{{ROOTLIBEXECDIR}}/systemd-sysctl --prefix=/net/ipv4/conf/$name --prefix=/net/ipv4/neigh/$name --prefix=/net/ipv6/conf/$name --prefix=/net/ipv6/neigh/$name"
# Pull in backlight save/restore for all backlight devices and
# keyboard backlights
diff --git a/rules.d/meson.build b/rules.d/meson.build
index 4bbba09fd5..598649a562 100644
--- a/rules.d/meson.build
+++ b/rules.d/meson.build
@@ -42,18 +42,17 @@ install_data(rules,
all_rules = rules
-rules_in = '''
- 50-udev-default.rules
- 64-btrfs.rules
- 99-systemd.rules
-'''.split()
+rules_in = ['50-udev-default.rules',
+ '64-btrfs.rules',
+ '99-systemd.rules']
foreach file : rules_in
- gen = configure_file(
+ all_rules += custom_target(
+ file,
input : file + '.in',
- output : file,
- configuration : substs)
- install_data(gen,
- install_dir : udevrulesdir)
- all_rules += gen
+ output: file,
+ command : [meson_render_jinja2, config_h, '@INPUT@'],
+ capture : true,
+ install : true,
+ install_dir : udevrulesdir)
endforeach
diff --git a/shell-completion/bash/meson.build b/shell-completion/bash/meson.build
index 1afa7977e6..c26b413d92 100644
--- a/shell-completion/bash/meson.build
+++ b/shell-completion/bash/meson.build
@@ -10,45 +10,45 @@ if bashcompletiondir == ''
endif
endif
-if bashcompletiondir != 'no'
- bash_systemctl = configure_file(
- input : 'systemctl.in',
- output : 'systemctl',
- configuration : substs)
+custom_target(
+ 'systemctl',
+ input : 'systemctl.in',
+ output : 'systemctl',
+ command : [meson_render_jinja2, config_h, '@INPUT@'],
+ capture : true,
+ install : bashcompletiondir != 'no',
+ install_dir : bashcompletiondir)
- items = [['busctl', ''],
- ['journalctl', ''],
- ['systemd-analyze', ''],
- ['systemd-cat', ''],
- ['systemd-cgls', ''],
- ['systemd-cgtop', ''],
- ['systemd-delta', ''],
- ['systemd-detect-virt', ''],
- ['systemd-id128', ''],
- ['systemd-nspawn', ''],
- ['systemd-path', ''],
- ['systemd-run', ''],
- ['udevadm', ''],
- ['kernel-install', ''],
- [bash_systemctl, ''],
- ['bootctl', 'ENABLE_EFI'],
- ['coredumpctl', 'ENABLE_COREDUMP'],
- ['homectl', 'ENABLE_HOMED'],
- ['hostnamectl', 'ENABLE_HOSTNAMED'],
- ['localectl', 'ENABLE_LOCALED'],
- ['loginctl', 'ENABLE_LOGIND'],
- ['machinectl', 'ENABLE_MACHINED'],
- ['networkctl', 'ENABLE_NETWORKD'],
- ['portablectl', 'ENABLE_PORTABLED'],
- ['resolvectl', 'ENABLE_RESOLVE'],
- ['systemd-resolve', 'ENABLE_RESOLVE'],
- ['timedatectl', 'ENABLE_TIMEDATED'],
- ]
+items = [['busctl', ''],
+ ['journalctl', ''],
+ ['systemd-analyze', ''],
+ ['systemd-cat', ''],
+ ['systemd-cgls', ''],
+ ['systemd-cgtop', ''],
+ ['systemd-delta', ''],
+ ['systemd-detect-virt', ''],
+ ['systemd-id128', ''],
+ ['systemd-nspawn', ''],
+ ['systemd-path', ''],
+ ['systemd-run', ''],
+ ['udevadm', ''],
+ ['kernel-install', ''],
+ ['bootctl', 'ENABLE_EFI'],
+ ['coredumpctl', 'ENABLE_COREDUMP'],
+ ['homectl', 'ENABLE_HOMED'],
+ ['hostnamectl', 'ENABLE_HOSTNAMED'],
+ ['localectl', 'ENABLE_LOCALED'],
+ ['loginctl', 'ENABLE_LOGIND'],
+ ['machinectl', 'ENABLE_MACHINED'],
+ ['networkctl', 'ENABLE_NETWORKD'],
+ ['portablectl', 'ENABLE_PORTABLED'],
+ ['resolvectl', 'ENABLE_RESOLVE'],
+ ['systemd-resolve', 'ENABLE_RESOLVE'],
+ ['timedatectl', 'ENABLE_TIMEDATED']]
- foreach item : items
- if item[1] == '' or conf.get(item[1]) == 1
- install_data(item[0],
- install_dir : bashcompletiondir)
- endif
- endforeach
-endif
+foreach item : items
+ if bashcompletiondir != 'no' and (item[1] == '' or conf.get(item[1]) == 1)
+ install_data(item[0],
+ install_dir : bashcompletiondir)
+ endif
+endforeach
diff --git a/shell-completion/bash/systemctl.in b/shell-completion/bash/systemctl.in
index c25a8d94c2..e6e6ca0d7e 100644
--- a/shell-completion/bash/systemctl.in
+++ b/shell-completion/bash/systemctl.in
@@ -11,7 +11,7 @@ __systemctl() {
}
__systemd_properties() {
- @rootlibexecdir@/systemd --dump-bus-properties
+ {{ROOTLIBEXECDIR}}/systemd --dump-bus-properties
}
__contains_word () {
@@ -21,6 +21,7 @@ __contains_word () {
done
}
+{% raw -%}
__filter_units_by_properties () {
local mode=$1 properties=$2; shift 2
local units=("$@")
@@ -50,6 +51,7 @@ __filter_units_by_properties () {
echo $names
fi
}
+{% endraw %}
__get_all_units () { { __systemctl $1 list-unit-files "$2*"; __systemctl $1 list-units --all "$2*"; } \
| { while read -r a b; do echo " $a"; done; }; }
diff --git a/shell-completion/zsh/_systemctl.in b/shell-completion/zsh/_systemctl.in
index 5e82ef7e1f..9eb1ad1037 100644
--- a/shell-completion/zsh/_systemctl.in
+++ b/shell-completion/zsh/_systemctl.in
@@ -433,7 +433,7 @@ done
if ( [[ ${+_sys_all_properties} -eq 0 ]] || _cache_invalid SYS_ALL_PROPERTIES$_sys_service_mgr ) ||
! _retrieve_cache SYS_ALL_PROPERTIES$_sys_service_mgr;
then
- _sys_all_properties=( ${${(M)${(f)"$(@rootlibexecdir@/systemd --dump-bus-properties)"}}} )
+ _sys_all_properties=( ${${(M)${(f)"$({{ROOTLIBEXECDIR}}/systemd --dump-bus-properties)"}}} )
_store_cache SYS_ALL_PROPERTIES$_sys_service_mgr _sys_all_properties
fi
_values -s , "${_sys_all_properties[@]}"
diff --git a/shell-completion/zsh/meson.build b/shell-completion/zsh/meson.build
index 4fff13357f..f5f9b0f993 100644
--- a/shell-completion/zsh/meson.build
+++ b/shell-completion/zsh/meson.build
@@ -5,44 +5,44 @@ if zshcompletiondir == ''
zshcompletiondir = join_paths(datadir, 'zsh/site-functions')
endif
-if zshcompletiondir != 'no'
- zsh_systemctl = configure_file(
- input : '_systemctl.in',
- output : '_systemctl',
- configuration : substs)
+custom_target(
+ '_systemctl',
+ input : '_systemctl.in',
+ output : '_systemctl',
+ command : [meson_render_jinja2, config_h, '@INPUT@'],
+ capture : true,
+ install : zshcompletiondir != 'no',
+ install_dir : zshcompletiondir)
- items = [['_busctl', ''],
- ['_journalctl', ''],
- ['_systemd-analyze', ''],
- ['_systemd-delta', ''],
- ['_systemd-nspawn', ''],
- ['_systemd', ''],
- ['_systemd-path', ''],
- ['_systemd-run', ''],
- ['_udevadm', ''],
- ['_kernel-install', ''],
- ['_sd_hosts_or_user_at_host', ''],
- ['_sd_outputmodes', ''],
- ['_sd_unit_files', ''],
- ['_sd_machines', ''],
- [zsh_systemctl, ''],
- ['_bootctl', 'ENABLE_EFI'],
- ['_coredumpctl', 'ENABLE_COREDUMP'],
- ['_hostnamectl', 'ENABLE_HOSTNAMED'],
- ['_localectl', 'ENABLE_LOCALED'],
- ['_loginctl', 'ENABLE_LOGIND'],
- ['_machinectl', 'ENABLE_MACHINED'],
- ['_networkctl', 'ENABLE_NETWORKD'],
- ['_systemd-inhibit', 'ENABLE_LOGIND'],
- ['_resolvectl', 'ENABLE_RESOLVE'],
- ['_systemd-tmpfiles', 'ENABLE_TMPFILES'],
- ['_timedatectl', 'ENABLE_TIMEDATED'],
- ]
+items = [['_busctl', ''],
+ ['_journalctl', ''],
+ ['_systemd-analyze', ''],
+ ['_systemd-delta', ''],
+ ['_systemd-nspawn', ''],
+ ['_systemd', ''],
+ ['_systemd-path', ''],
+ ['_systemd-run', ''],
+ ['_udevadm', ''],
+ ['_kernel-install', ''],
+ ['_sd_hosts_or_user_at_host', ''],
+ ['_sd_outputmodes', ''],
+ ['_sd_unit_files', ''],
+ ['_sd_machines', ''],
+ ['_bootctl', 'ENABLE_EFI'],
+ ['_coredumpctl', 'ENABLE_COREDUMP'],
+ ['_hostnamectl', 'ENABLE_HOSTNAMED'],
+ ['_localectl', 'ENABLE_LOCALED'],
+ ['_loginctl', 'ENABLE_LOGIND'],
+ ['_machinectl', 'ENABLE_MACHINED'],
+ ['_networkctl', 'ENABLE_NETWORKD'],
+ ['_systemd-inhibit', 'ENABLE_LOGIND'],
+ ['_resolvectl', 'ENABLE_RESOLVE'],
+ ['_systemd-tmpfiles', 'ENABLE_TMPFILES'],
+ ['_timedatectl', 'ENABLE_TIMEDATED']]
- foreach item : items
- if item[1] == '' or conf.get(item[1]) == 1
- install_data(item[0],
- install_dir : zshcompletiondir)
- endif
- endforeach
-endif
+foreach item : items
+ if zshcompletiondir != 'no' and (item[1] == '' or conf.get(item[1]) == 1)
+ install_data(item[0],
+ install_dir : zshcompletiondir)
+ endif
+endforeach
diff --git a/src/basic/fileio.c b/src/basic/fileio.c
index 93d8547b32..dabdf5b517 100644
--- a/src/basic/fileio.c
+++ b/src/basic/fileio.c
@@ -1391,7 +1391,7 @@ int rename_and_apply_smack_floor_label(const char *from, const char *to) {
if (rename(from, to) < 0)
return -errno;
-#ifdef SMACK_RUN_LABEL
+#if HAVE_SMACK_RUN_LABEL
r = mac_smack_apply(to, SMACK_ATTR_ACCESS, SMACK_FLOOR_LABEL);
if (r < 0)
return r;
diff --git a/src/basic/path-lookup.c b/src/basic/path-lookup.c
index e53c2302b1..ba5c2c47b9 100644
--- a/src/basic/path-lookup.c
+++ b/src/basic/path-lookup.c
@@ -622,7 +622,7 @@ int lookup_paths_init(
STRV_IFNOTNULL(runtime_attached),
STRV_IFNOTNULL(generator),
"/usr/local/lib/systemd/system",
- SYSTEM_DATA_UNIT_PATH,
+ SYSTEM_DATA_UNIT_DIR,
"/usr/lib/systemd/system",
STRV_IFNOTNULL(flags & LOOKUP_PATHS_SPLIT_USR ? "/lib/systemd/system" : NULL),
STRV_IFNOTNULL(generator_late));
diff --git a/src/boot/bless-boot-generator.c b/src/boot/bless-boot-generator.c
index 001c85a238..44a14f027d 100644
--- a/src/boot/bless-boot-generator.c
+++ b/src/boot/bless-boot-generator.c
@@ -62,7 +62,7 @@ int main(int argc, char *argv[]) {
* even emergency.target. */
p = strjoina(arg_dest, "/" SPECIAL_BASIC_TARGET ".wants/systemd-bless-boot.service");
(void) mkdir_parents(p, 0755);
- if (symlink(SYSTEM_DATA_UNIT_PATH "/systemd-bless-boot.service", p) < 0) {
+ if (symlink(SYSTEM_DATA_UNIT_DIR "/systemd-bless-boot.service", p) < 0) {
log_error_errno(errno, "Failed to create symlink '%s': %m", p);
return EXIT_FAILURE;
}
diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build
index 6b6c493026..ad549fb65a 100644
--- a/src/boot/efi/meson.build
+++ b/src/boot/efi/meson.build
@@ -104,8 +104,8 @@ if have_gnu_efi
if get_option('sbat-distro') != ''
efi_conf.set_quoted('SBAT_PROJECT', meson.project_name())
- efi_conf.set_quoted('PROJECT_VERSION', substs.get('PROJECT_VERSION'))
- efi_conf.set_quoted('PROJECT_URL', substs.get('PROJECT_URL'))
+ efi_conf.set_quoted('PROJECT_VERSION', meson.project_version())
+ efi_conf.set('PROJECT_URL', conf.get('PROJECT_URL'))
if get_option('sbat-distro-generation') < 1
error('SBAT Distro Generation must be a positive integer')
endif
diff --git a/src/core/load-fragment-gperf.gperf.m4 b/src/core/load-fragment-gperf.gperf.in
similarity index 50%
rename from src/core/load-fragment-gperf.gperf.m4
rename to src/core/load-fragment-gperf.gperf.in
index 7c3c1c9095..98ece8054c 100644
--- a/src/core/load-fragment-gperf.gperf.m4
+++ b/src/core/load-fragment-gperf.gperf.in
@@ -1,4 +1,238 @@
-m4_dnl SPDX-License-Identifier: LGPL-2.1-or-later
+{# SPDX-License-Identifier: LGPL-2.1-or-later #}
+
+{%- macro EXEC_CONTEXT_CONFIG_ITEMS(type) -%}
+{# Define the context options only once #}
+{{type}}.WorkingDirectory, config_parse_working_directory, 0, offsetof({{type}}, exec_context)
+{{type}}.RootDirectory, config_parse_unit_path_printf, true, offsetof({{type}}, exec_context.root_directory)
+{{type}}.RootImage, config_parse_unit_path_printf, true, offsetof({{type}}, exec_context.root_image)
+{{type}}.RootImageOptions, config_parse_root_image_options, 0, offsetof({{type}}, exec_context)
+{{type}}.RootHash, config_parse_exec_root_hash, 0, offsetof({{type}}, exec_context)
+{{type}}.RootHashSignature, config_parse_exec_root_hash_sig, 0, offsetof({{type}}, exec_context)
+{{type}}.RootVerity, config_parse_unit_path_printf, true, offsetof({{type}}, exec_context.root_verity)
+{{type}}.ExtensionImages, config_parse_extension_images, 0, offsetof({{type}}, exec_context)
+{{type}}.MountImages, config_parse_mount_images, 0, offsetof({{type}}, exec_context)
+{{type}}.User, config_parse_user_group_compat, 0, offsetof({{type}}, exec_context.user)
+{{type}}.Group, config_parse_user_group_compat, 0, offsetof({{type}}, exec_context.group)
+{{type}}.SupplementaryGroups, config_parse_user_group_strv_compat, 0, offsetof({{type}}, exec_context.supplementary_groups)
+{{type}}.Nice, config_parse_exec_nice, 0, offsetof({{type}}, exec_context)
+{{type}}.OOMScoreAdjust, config_parse_exec_oom_score_adjust, 0, offsetof({{type}}, exec_context)
+{{type}}.CoredumpFilter, config_parse_exec_coredump_filter, 0, offsetof({{type}}, exec_context)
+{{type}}.IOSchedulingClass, config_parse_exec_io_class, 0, offsetof({{type}}, exec_context)
+{{type}}.IOSchedulingPriority, config_parse_exec_io_priority, 0, offsetof({{type}}, exec_context)
+{{type}}.CPUSchedulingPolicy, config_parse_exec_cpu_sched_policy, 0, offsetof({{type}}, exec_context)
+{{type}}.CPUSchedulingPriority, config_parse_exec_cpu_sched_prio, 0, offsetof({{type}}, exec_context)
+{{type}}.CPUSchedulingResetOnFork, config_parse_bool, 0, offsetof({{type}}, exec_context.cpu_sched_reset_on_fork)
+{{type}}.CPUAffinity, config_parse_exec_cpu_affinity, 0, offsetof({{type}}, exec_context)
+{{type}}.NUMAPolicy, config_parse_numa_policy, 0, offsetof({{type}}, exec_context.numa_policy.type)
+{{type}}.NUMAMask, config_parse_numa_mask, 0, offsetof({{type}}, exec_context.numa_policy)
+{{type}}.UMask, config_parse_mode, 0, offsetof({{type}}, exec_context.umask)
+{{type}}.Environment, config_parse_environ, 0, offsetof({{type}}, exec_context.environment)
+{{type}}.EnvironmentFile, config_parse_unit_env_file, 0, offsetof({{type}}, exec_context.environment_files)
+{{type}}.PassEnvironment, config_parse_pass_environ, 0, offsetof({{type}}, exec_context.pass_environment)
+{{type}}.UnsetEnvironment, config_parse_unset_environ, 0, offsetof({{type}}, exec_context.unset_environment)
+{{type}}.DynamicUser, config_parse_bool, true, offsetof({{type}}, exec_context.dynamic_user)
+{{type}}.RemoveIPC, config_parse_bool, 0, offsetof({{type}}, exec_context.remove_ipc)
+{{type}}.StandardInput, config_parse_exec_input, 0, offsetof({{type}}, exec_context)
+{{type}}.StandardOutput, config_parse_exec_output, 0, offsetof({{type}}, exec_context)
+{{type}}.StandardError, config_parse_exec_output, 0, offsetof({{type}}, exec_context)
+{{type}}.StandardInputText, config_parse_exec_input_text, 0, offsetof({{type}}, exec_context)
+{{type}}.StandardInputData, config_parse_exec_input_data, 0, offsetof({{type}}, exec_context)
+{{type}}.TTYPath, config_parse_unit_path_printf, 0, offsetof({{type}}, exec_context.tty_path)
+{{type}}.TTYReset, config_parse_bool, 0, offsetof({{type}}, exec_context.tty_reset)
+{{type}}.TTYVHangup, config_parse_bool, 0, offsetof({{type}}, exec_context.tty_vhangup)
+{{type}}.TTYVTDisallocate, config_parse_bool, 0, offsetof({{type}}, exec_context.tty_vt_disallocate)
+{{type}}.SyslogIdentifier, config_parse_unit_string_printf, 0, offsetof({{type}}, exec_context.syslog_identifier)
+{{type}}.SyslogFacility, config_parse_log_facility, 0, offsetof({{type}}, exec_context.syslog_priority)
+{{type}}.SyslogLevel, config_parse_log_level, 0, offsetof({{type}}, exec_context.syslog_priority)
+{{type}}.SyslogLevelPrefix, config_parse_bool, 0, offsetof({{type}}, exec_context.syslog_level_prefix)
+{{type}}.LogLevelMax, config_parse_log_level, 0, offsetof({{type}}, exec_context.log_level_max)
+{{type}}.LogRateLimitIntervalSec, config_parse_sec, 0, offsetof({{type}}, exec_context.log_ratelimit_interval_usec)
+{{type}}.LogRateLimitBurst, config_parse_unsigned, 0, offsetof({{type}}, exec_context.log_ratelimit_burst)
+{{type}}.LogExtraFields, config_parse_log_extra_fields, 0, offsetof({{type}}, exec_context)
+{{type}}.Capabilities, config_parse_warn_compat, DISABLED_LEGACY, offsetof({{type}}, exec_context)
+{{type}}.SecureBits, config_parse_exec_secure_bits, 0, offsetof({{type}}, exec_context.secure_bits)
+{{type}}.CapabilityBoundingSet, config_parse_capability_set, 0, offsetof({{type}}, exec_context.capability_bounding_set)
+{{type}}.AmbientCapabilities, config_parse_capability_set, 0, offsetof({{type}}, exec_context.capability_ambient_set)
+{{type}}.TimerSlackNSec, config_parse_nsec, 0, offsetof({{type}}, exec_context.timer_slack_nsec)
+{{type}}.NoNewPrivileges, config_parse_bool, 0, offsetof({{type}}, exec_context.no_new_privileges)
+{{type}}.KeyringMode, config_parse_exec_keyring_mode, 0, offsetof({{type}}, exec_context.keyring_mode)
+{{type}}.ProtectProc, config_parse_protect_proc, 0, offsetof({{type}}, exec_context.protect_proc)
+{{type}}.ProcSubset, config_parse_proc_subset, 0, offsetof({{type}}, exec_context.proc_subset)
+{% if HAVE_SECCOMP %}
+{{type}}.SystemCallFilter, config_parse_syscall_filter, 0, offsetof({{type}}, exec_context)
+{{type}}.SystemCallArchitectures, config_parse_syscall_archs, 0, offsetof({{type}}, exec_context.syscall_archs)
+{{type}}.SystemCallErrorNumber, config_parse_syscall_errno, 0, offsetof({{type}}, exec_context)
+{{type}}.SystemCallLog, config_parse_syscall_log, 0, offsetof({{type}}, exec_context)
+{{type}}.MemoryDenyWriteExecute, config_parse_bool, 0, offsetof({{type}}, exec_context.memory_deny_write_execute)
+{{type}}.RestrictNamespaces, config_parse_restrict_namespaces, 0, offsetof({{type}}, exec_context)
+{{type}}.RestrictRealtime, config_parse_bool, 0, offsetof({{type}}, exec_context.restrict_realtime)
+{{type}}.RestrictSUIDSGID, config_parse_bool, 0, offsetof({{type}}, exec_context.restrict_suid_sgid)
+{{type}}.RestrictAddressFamilies, config_parse_address_families, 0, offsetof({{type}}, exec_context)
+{{type}}.LockPersonality, config_parse_bool, 0, offsetof({{type}}, exec_context.lock_personality)
+{% else %}
+{{type}}.SystemCallFilter, config_parse_warn_compat, DISABLED_CONFIGURATION, 0
+{{type}}.SystemCallArchitectures, config_parse_warn_compat, DISABLED_CONFIGURATION, 0
+{{type}}.SystemCallErrorNumber, config_parse_warn_compat, DISABLED_CONFIGURATION, 0
+{{type}}.SystemCallLog, config_parse_warn_compat, DISABLED_CONFIGURATION, 0
+{{type}}.MemoryDenyWriteExecute, config_parse_warn_compat, DISABLED_CONFIGURATION, 0
+{{type}}.RestrictNamespaces, config_parse_warn_compat, DISABLED_CONFIGURATION, 0
+{{type}}.RestrictRealtime, config_parse_warn_compat, DISABLED_CONFIGURATION, 0
+{{type}}.RestrictSUIDSGID, config_parse_warn_compat, DISABLED_CONFIGURATION, 0
+{{type}}.RestrictAddressFamilies, config_parse_warn_compat, DISABLED_CONFIGURATION, 0
+{{type}}.LockPersonality, config_parse_warn_compat, DISABLED_CONFIGURATION, 0
+{% endif %}
+{{type}}.LimitCPU, config_parse_rlimit, RLIMIT_CPU, offsetof({{type}}, exec_context.rlimit)
+{{type}}.LimitFSIZE, config_parse_rlimit, RLIMIT_FSIZE, offsetof({{type}}, exec_context.rlimit)
+{{type}}.LimitDATA, config_parse_rlimit, RLIMIT_DATA, offsetof({{type}}, exec_context.rlimit)
+{{type}}.LimitSTACK, config_parse_rlimit, RLIMIT_STACK, offsetof({{type}}, exec_context.rlimit)
+{{type}}.LimitCORE, config_parse_rlimit, RLIMIT_CORE, offsetof({{type}}, exec_context.rlimit)
+{{type}}.LimitRSS, config_parse_rlimit, RLIMIT_RSS, offsetof({{type}}, exec_context.rlimit)
+{{type}}.LimitNOFILE, config_parse_rlimit, RLIMIT_NOFILE, offsetof({{type}}, exec_context.rlimit)
+{{type}}.LimitAS, config_parse_rlimit, RLIMIT_AS, offsetof({{type}}, exec_context.rlimit)
+{{type}}.LimitNPROC, config_parse_rlimit, RLIMIT_NPROC, offsetof({{type}}, exec_context.rlimit)
+{{type}}.LimitMEMLOCK, config_parse_rlimit, RLIMIT_MEMLOCK, offsetof({{type}}, exec_context.rlimit)
+{{type}}.LimitLOCKS, config_parse_rlimit, RLIMIT_LOCKS, offsetof({{type}}, exec_context.rlimit)
+{{type}}.LimitSIGPENDING, config_parse_rlimit, RLIMIT_SIGPENDING, offsetof({{type}}, exec_context.rlimit)
+{{type}}.LimitMSGQUEUE, config_parse_rlimit, RLIMIT_MSGQUEUE, offsetof({{type}}, exec_context.rlimit)
+{{type}}.LimitNICE, config_parse_rlimit, RLIMIT_NICE, offsetof({{type}}, exec_context.rlimit)
+{{type}}.LimitRTPRIO, config_parse_rlimit, RLIMIT_RTPRIO, offsetof({{type}}, exec_context.rlimit)
+{{type}}.LimitRTTIME, config_parse_rlimit, RLIMIT_RTTIME, offsetof({{type}}, exec_context.rlimit)
+{{type}}.ReadWriteDirectories, config_parse_namespace_path_strv, 0, offsetof({{type}}, exec_context.read_write_paths)
+{{type}}.ReadOnlyDirectories, config_parse_namespace_path_strv, 0, offsetof({{type}}, exec_context.read_only_paths)
+{{type}}.InaccessibleDirectories, config_parse_namespace_path_strv, 0, offsetof({{type}}, exec_context.inaccessible_paths)
+{{type}}.ReadWritePaths, config_parse_namespace_path_strv, 0, offsetof({{type}}, exec_context.read_write_paths)
+{{type}}.ReadOnlyPaths, config_parse_namespace_path_strv, 0, offsetof({{type}}, exec_context.read_only_paths)
+{{type}}.InaccessiblePaths, config_parse_namespace_path_strv, 0, offsetof({{type}}, exec_context.inaccessible_paths)
+{{type}}.ExecPaths, config_parse_namespace_path_strv, 0, offsetof({{type}}, exec_context.exec_paths)
+{{type}}.NoExecPaths, config_parse_namespace_path_strv, 0, offsetof({{type}}, exec_context.no_exec_paths)
+{{type}}.BindPaths, config_parse_bind_paths, 0, offsetof({{type}}, exec_context)
+{{type}}.BindReadOnlyPaths, config_parse_bind_paths, 0, offsetof({{type}}, exec_context)
+{{type}}.TemporaryFileSystem, config_parse_temporary_filesystems, 0, offsetof({{type}}, exec_context)
+{{type}}.PrivateTmp, config_parse_bool, 0, offsetof({{type}}, exec_context.private_tmp)
+{{type}}.PrivateDevices, config_parse_bool, 0, offsetof({{type}}, exec_context.private_devices)
+{{type}}.ProtectKernelTunables, config_parse_bool, 0, offsetof({{type}}, exec_context.protect_kernel_tunables)
+{{type}}.ProtectKernelModules, config_parse_bool, 0, offsetof({{type}}, exec_context.protect_kernel_modules)
+{{type}}.ProtectKernelLogs, config_parse_bool, 0, offsetof({{type}}, exec_context.protect_kernel_logs)
+{{type}}.ProtectClock, config_parse_bool, 0, offsetof({{type}}, exec_context.protect_clock)
+{{type}}.ProtectControlGroups, config_parse_bool, 0, offsetof({{type}}, exec_context.protect_control_groups)
+{{type}}.NetworkNamespacePath, config_parse_unit_path_printf, 0, offsetof({{type}}, exec_context.network_namespace_path)
+{{type}}.IPCNamespacePath, config_parse_unit_path_printf, 0, offsetof({{type}}, exec_context.ipc_namespace_path)
+{{type}}.LogNamespace, config_parse_log_namespace, 0, offsetof({{type}}, exec_context)
+{{type}}.PrivateNetwork, config_parse_bool, 0, offsetof({{type}}, exec_context.private_network)
+{{type}}.PrivateUsers, config_parse_bool, 0, offsetof({{type}}, exec_context.private_users)
+{{type}}.PrivateMounts, config_parse_bool, 0, offsetof({{type}}, exec_context.private_mounts)
+{{type}}.PrivateIPC, config_parse_bool, 0, offsetof({{type}}, exec_context.private_ipc)
+{{type}}.ProtectSystem, config_parse_protect_system, 0, offsetof({{type}}, exec_context.protect_system)
+{{type}}.ProtectHome, config_parse_protect_home, 0, offsetof({{type}}, exec_context.protect_home)
+{{type}}.MountFlags, config_parse_exec_mount_flags, 0, offsetof({{type}}, exec_context.mount_flags)
+{{type}}.MountAPIVFS, config_parse_exec_mount_apivfs, 0, offsetof({{type}}, exec_context)
+{{type}}.Personality, config_parse_personality, 0, offsetof({{type}}, exec_context.personality)
+{{type}}.RuntimeDirectoryPreserve, config_parse_runtime_preserve_mode, 0, offsetof({{type}}, exec_context.runtime_directory_preserve_mode)
+{{type}}.RuntimeDirectoryMode, config_parse_mode, 0, offsetof({{type}}, exec_context.directories[EXEC_DIRECTORY_RUNTIME].mode)
+{{type}}.RuntimeDirectory, config_parse_exec_directories, 0, offsetof({{type}}, exec_context.directories[EXEC_DIRECTORY_RUNTIME].paths)
+{{type}}.StateDirectoryMode, config_parse_mode, 0, offsetof({{type}}, exec_context.directories[EXEC_DIRECTORY_STATE].mode)
+{{type}}.StateDirectory, config_parse_exec_directories, 0, offsetof({{type}}, exec_context.directories[EXEC_DIRECTORY_STATE].paths)
+{{type}}.CacheDirectoryMode, config_parse_mode, 0, offsetof({{type}}, exec_context.directories[EXEC_DIRECTORY_CACHE].mode)
+{{type}}.CacheDirectory, config_parse_exec_directories, 0, offsetof({{type}}, exec_context.directories[EXEC_DIRECTORY_CACHE].paths)
+{{type}}.LogsDirectoryMode, config_parse_mode, 0, offsetof({{type}}, exec_context.directories[EXEC_DIRECTORY_LOGS].mode)
+{{type}}.LogsDirectory, config_parse_exec_directories, 0, offsetof({{type}}, exec_context.directories[EXEC_DIRECTORY_LOGS].paths)
+{{type}}.ConfigurationDirectoryMode, config_parse_mode, 0, offsetof({{type}}, exec_context.directories[EXEC_DIRECTORY_CONFIGURATION].mode)
+{{type}}.ConfigurationDirectory, config_parse_exec_directories, 0, offsetof({{type}}, exec_context.directories[EXEC_DIRECTORY_CONFIGURATION].paths)
+{{type}}.SetCredential, config_parse_set_credential, 0, offsetof({{type}}, exec_context)
+{{type}}.LoadCredential, config_parse_load_credential, 0, offsetof({{type}}, exec_context)
+{{type}}.TimeoutCleanSec, config_parse_sec, 0, offsetof({{type}}, exec_context.timeout_clean_usec)
+{% if HAVE_PAM %}
+{{type}}.PAMName, config_parse_unit_string_printf, 0, offsetof({{type}}, exec_context.pam_name)
+{% else %}
+{{type}}.PAMName, config_parse_warn_compat, DISABLED_CONFIGURATION, 0
+{% endif %}
+{{type}}.IgnoreSIGPIPE, config_parse_bool, 0, offsetof({{type}}, exec_context.ignore_sigpipe)
+{{type}}.UtmpIdentifier, config_parse_unit_string_printf, 0, offsetof({{type}}, exec_context.utmp_id)
+{{type}}.UtmpMode, config_parse_exec_utmp_mode, 0, offsetof({{type}}, exec_context.utmp_mode)
+{% if HAVE_SELINUX %}
+{{type}}.SELinuxContext, config_parse_exec_selinux_context, 0, offsetof({{type}}, exec_context)
+{% else %}
+{{type}}.SELinuxContext, config_parse_warn_compat, DISABLED_CONFIGURATION, 0
+{% endif %}
+{% if HAVE_APPARMOR %}
+{{type}}.AppArmorProfile, config_parse_exec_apparmor_profile, 0, offsetof({{type}}, exec_context)
+{% else %}
+{{type}}.AppArmorProfile, config_parse_warn_compat, DISABLED_CONFIGURATION, 0
+{% endif %}
+{% if ENABLE_SMACK %}
+{{type}}.SmackProcessLabel, config_parse_exec_smack_process_label, 0, offsetof({{type}}, exec_context)
+{% else %}
+{{type}}.SmackProcessLabel, config_parse_warn_compat, DISABLED_CONFIGURATION, 0
+{% endif %}
+{{type}}.ProtectHostname, config_parse_bool, 0, offsetof({{type}}, exec_context.protect_hostname)
+{%- endmacro -%}
+
+{%- macro KILL_CONTEXT_CONFIG_ITEMS(type) -%}
+{{type}}.SendSIGKILL, config_parse_bool, 0, offsetof({{type}}, kill_context.send_sigkill)
+{{type}}.SendSIGHUP, config_parse_bool, 0, offsetof({{type}}, kill_context.send_sighup)
+{{type}}.KillMode, config_parse_kill_mode, 0, offsetof({{type}}, kill_context.kill_mode)
+{{type}}.KillSignal, config_parse_signal, 0, offsetof({{type}}, kill_context.kill_signal)
+{{type}}.RestartKillSignal, config_parse_signal, 0, offsetof({{type}}, kill_context.restart_kill_signal)
+{{type}}.FinalKillSignal, config_parse_signal, 0, offsetof({{type}}, kill_context.final_kill_signal)
+{{type}}.WatchdogSignal, config_parse_signal, 0, offsetof({{type}}, kill_context.watchdog_signal)
+{%- endmacro -%}
+
+{%- macro CGROUP_CONTEXT_CONFIG_ITEMS(type) -%}
+{{type}}.Slice, config_parse_unit_slice, 0, 0
+{{type}}.AllowedCPUs, config_parse_allowed_cpus, 0, offsetof({{type}}, cgroup_context)
+{{type}}.AllowedMemoryNodes, config_parse_allowed_mems, 0, offsetof({{type}}, cgroup_context)
+{{type}}.CPUAccounting, config_parse_bool, 0, offsetof({{type}}, cgroup_context.cpu_accounting)
+{{type}}.CPUWeight, config_parse_cg_weight, 0, offsetof({{type}}, cgroup_context.cpu_weight)
+{{type}}.StartupCPUWeight, config_parse_cg_weight, 0, offsetof({{type}}, cgroup_context.startup_cpu_weight)
+{{type}}.CPUShares, config_parse_cpu_shares, 0, offsetof({{type}}, cgroup_context.cpu_shares)
+{{type}}.StartupCPUShares, config_parse_cpu_shares, 0, offsetof({{type}}, cgroup_context.startup_cpu_shares)
+{{type}}.CPUQuota, config_parse_cpu_quota, 0, offsetof({{type}}, cgroup_context)
+{{type}}.CPUQuotaPeriodSec, config_parse_sec_def_infinity, 0, offsetof({{type}}, cgroup_context.cpu_quota_period_usec)
+{{type}}.MemoryAccounting, config_parse_bool, 0, offsetof({{type}}, cgroup_context.memory_accounting)
+{{type}}.MemoryMin, config_parse_memory_limit, 0, offsetof({{type}}, cgroup_context)
+{{type}}.DefaultMemoryMin, config_parse_memory_limit, 0, offsetof({{type}}, cgroup_context)
+{{type}}.DefaultMemoryLow, config_parse_memory_limit, 0, offsetof({{type}}, cgroup_context)
+{{type}}.MemoryLow, config_parse_memory_limit, 0, offsetof({{type}}, cgroup_context)
+{{type}}.MemoryHigh, config_parse_memory_limit, 0, offsetof({{type}}, cgroup_context)
+{{type}}.MemoryMax, config_parse_memory_limit, 0, offsetof({{type}}, cgroup_context)
+{{type}}.MemorySwapMax, config_parse_memory_limit, 0, offsetof({{type}}, cgroup_context)
+{{type}}.MemoryLimit, config_parse_memory_limit, 0, offsetof({{type}}, cgroup_context)
+{{type}}.DeviceAllow, config_parse_device_allow, 0, offsetof({{type}}, cgroup_context)
+{{type}}.DevicePolicy, config_parse_device_policy, 0, offsetof({{type}}, cgroup_context.device_policy)
+{{type}}.IOAccounting, config_parse_bool, 0, offsetof({{type}}, cgroup_context.io_accounting)
+{{type}}.IOWeight, config_parse_cg_weight, 0, offsetof({{type}}, cgroup_context.io_weight)
+{{type}}.StartupIOWeight, config_parse_cg_weight, 0, offsetof({{type}}, cgroup_context.startup_io_weight)
+{{type}}.IODeviceWeight, config_parse_io_device_weight, 0, offsetof({{type}}, cgroup_context)
+{{type}}.IOReadBandwidthMax, config_parse_io_limit, 0, offsetof({{type}}, cgroup_context)
+{{type}}.IOWriteBandwidthMax, config_parse_io_limit, 0, offsetof({{type}}, cgroup_context)
+{{type}}.IOReadIOPSMax, config_parse_io_limit, 0, offsetof({{type}}, cgroup_context)
+{{type}}.IOWriteIOPSMax, config_parse_io_limit, 0, offsetof({{type}}, cgroup_context)
+{{type}}.IODeviceLatencyTargetSec, config_parse_io_device_latency, 0, offsetof({{type}}, cgroup_context)
+{{type}}.BlockIOAccounting, config_parse_bool, 0, offsetof({{type}}, cgroup_context.blockio_accounting)
+{{type}}.BlockIOWeight, config_parse_blockio_weight, 0, offsetof({{type}}, cgroup_context.blockio_weight)
+{{type}}.StartupBlockIOWeight, config_parse_blockio_weight, 0, offsetof({{type}}, cgroup_context.startup_blockio_weight)
+{{type}}.BlockIODeviceWeight, config_parse_blockio_device_weight, 0, offsetof({{type}}, cgroup_context)
+{{type}}.BlockIOReadBandwidth, config_parse_blockio_bandwidth, 0, offsetof({{type}}, cgroup_context)
+{{type}}.BlockIOWriteBandwidth, config_parse_blockio_bandwidth, 0, offsetof({{type}}, cgroup_context)
+{{type}}.TasksAccounting, config_parse_bool, 0, offsetof({{type}}, cgroup_context.tasks_accounting)
+{{type}}.TasksMax, config_parse_tasks_max, 0, offsetof({{type}}, cgroup_context.tasks_max)
+{{type}}.Delegate, config_parse_delegate, 0, offsetof({{type}}, cgroup_context)
+{{type}}.DisableControllers, config_parse_disable_controllers, 0, offsetof({{type}}, cgroup_context)
+{{type}}.IPAccounting, config_parse_bool, 0, offsetof({{type}}, cgroup_context.ip_accounting)
+{{type}}.IPAddressAllow, config_parse_ip_address_access, 0, offsetof({{type}}, cgroup_context.ip_address_allow)
+{{type}}.IPAddressDeny, config_parse_ip_address_access, 0, offsetof({{type}}, cgroup_context.ip_address_deny)
+{{type}}.IPIngressFilterPath, config_parse_ip_filter_bpf_progs, 0, offsetof({{type}}, cgroup_context.ip_filters_ingress)
+{{type}}.IPEgressFilterPath, config_parse_ip_filter_bpf_progs, 0, offsetof({{type}}, cgroup_context.ip_filters_egress)
+{{type}}.ManagedOOMSwap, config_parse_managed_oom_mode, 0, offsetof({{type}}, cgroup_context.moom_swap)
+{{type}}.ManagedOOMMemoryPressure, config_parse_managed_oom_mode, 0, offsetof({{type}}, cgroup_context.moom_mem_pressure)
+{{type}}.ManagedOOMMemoryPressureLimit, config_parse_managed_oom_mem_pressure_limit, 0, offsetof({{type}}, cgroup_context.moom_mem_pressure_limit)
+{{type}}.ManagedOOMPreference, config_parse_managed_oom_preference, 0, offsetof({{type}}, cgroup_context.moom_preference)
+{{type}}.NetClass, config_parse_warn_compat, DISABLED_LEGACY, 0
+{{type}}.BPFProgram, config_parse_bpf_foreign_program, 0, offsetof({{type}}, cgroup_context)
+{{type}}.SocketBindAllow, config_parse_cgroup_socket_bind, 0, offsetof({{type}}, cgroup_context.socket_bind_allow)
+{{type}}.SocketBindDeny, config_parse_cgroup_socket_bind, 0, offsetof({{type}}, cgroup_context.socket_bind_deny)
+{%- endmacro -%}
+
%{
#if __GNUC__ >= 7
_Pragma("GCC diagnostic ignored \"-Wimplicit-fallthrough\"")
@@ -19,226 +253,6 @@ struct ConfigPerfItem;
%struct-type
%includes
%%
-m4_dnl Define the context options only once
-m4_define(`EXEC_CONTEXT_CONFIG_ITEMS',
-`$1.WorkingDirectory, config_parse_working_directory, 0, offsetof($1, exec_context)
-$1.RootDirectory, config_parse_unit_path_printf, true, offsetof($1, exec_context.root_directory)
-$1.RootImage, config_parse_unit_path_printf, true, offsetof($1, exec_context.root_image)
-$1.RootImageOptions, config_parse_root_image_options, 0, offsetof($1, exec_context)
-$1.RootHash, config_parse_exec_root_hash, 0, offsetof($1, exec_context)
-$1.RootHashSignature, config_parse_exec_root_hash_sig, 0, offsetof($1, exec_context)
-$1.RootVerity, config_parse_unit_path_printf, true, offsetof($1, exec_context.root_verity)
-$1.ExtensionImages, config_parse_extension_images, 0, offsetof($1, exec_context)
-$1.MountImages, config_parse_mount_images, 0, offsetof($1, exec_context)
-$1.User, config_parse_user_group_compat, 0, offsetof($1, exec_context.user)
-$1.Group, config_parse_user_group_compat, 0, offsetof($1, exec_context.group)
-$1.SupplementaryGroups, config_parse_user_group_strv_compat, 0, offsetof($1, exec_context.supplementary_groups)
-$1.Nice, config_parse_exec_nice, 0, offsetof($1, exec_context)
-$1.OOMScoreAdjust, config_parse_exec_oom_score_adjust, 0, offsetof($1, exec_context)
-$1.CoredumpFilter, config_parse_exec_coredump_filter, 0, offsetof($1, exec_context)
-$1.IOSchedulingClass, config_parse_exec_io_class, 0, offsetof($1, exec_context)
-$1.IOSchedulingPriority, config_parse_exec_io_priority, 0, offsetof($1, exec_context)
-$1.CPUSchedulingPolicy, config_parse_exec_cpu_sched_policy, 0, offsetof($1, exec_context)
-$1.CPUSchedulingPriority, config_parse_exec_cpu_sched_prio, 0, offsetof($1, exec_context)
-$1.CPUSchedulingResetOnFork, config_parse_bool, 0, offsetof($1, exec_context.cpu_sched_reset_on_fork)
-$1.CPUAffinity, config_parse_exec_cpu_affinity, 0, offsetof($1, exec_context)
-$1.NUMAPolicy, config_parse_numa_policy, 0, offsetof($1, exec_context.numa_policy.type)
-$1.NUMAMask, config_parse_numa_mask, 0, offsetof($1, exec_context.numa_policy)
-$1.UMask, config_parse_mode, 0, offsetof($1, exec_context.umask)
-$1.Environment, config_parse_environ, 0, offsetof($1, exec_context.environment)
-$1.EnvironmentFile, config_parse_unit_env_file, 0, offsetof($1, exec_context.environment_files)
-$1.PassEnvironment, config_parse_pass_environ, 0, offsetof($1, exec_context.pass_environment)
-$1.UnsetEnvironment, config_parse_unset_environ, 0, offsetof($1, exec_context.unset_environment)
-$1.DynamicUser, config_parse_bool, true, offsetof($1, exec_context.dynamic_user)
-$1.RemoveIPC, config_parse_bool, 0, offsetof($1, exec_context.remove_ipc)
-$1.StandardInput, config_parse_exec_input, 0, offsetof($1, exec_context)
-$1.StandardOutput, config_parse_exec_output, 0, offsetof($1, exec_context)
-$1.StandardError, config_parse_exec_output, 0, offsetof($1, exec_context)
-$1.StandardInputText, config_parse_exec_input_text, 0, offsetof($1, exec_context)
-$1.StandardInputData, config_parse_exec_input_data, 0, offsetof($1, exec_context)
-$1.TTYPath, config_parse_unit_path_printf, 0, offsetof($1, exec_context.tty_path)
-$1.TTYReset, config_parse_bool, 0, offsetof($1, exec_context.tty_reset)
-$1.TTYVHangup, config_parse_bool, 0, offsetof($1, exec_context.tty_vhangup)
-$1.TTYVTDisallocate, config_parse_bool, 0, offsetof($1, exec_context.tty_vt_disallocate)
-$1.SyslogIdentifier, config_parse_unit_string_printf, 0, offsetof($1, exec_context.syslog_identifier)
-$1.SyslogFacility, config_parse_log_facility, 0, offsetof($1, exec_context.syslog_priority)
-$1.SyslogLevel, config_parse_log_level, 0, offsetof($1, exec_context.syslog_priority)
-$1.SyslogLevelPrefix, config_parse_bool, 0, offsetof($1, exec_context.syslog_level_prefix)
-$1.LogLevelMax, config_parse_log_level, 0, offsetof($1, exec_context.log_level_max)
-$1.LogRateLimitIntervalSec, config_parse_sec, 0, offsetof($1, exec_context.log_ratelimit_interval_usec)
-$1.LogRateLimitBurst, config_parse_unsigned, 0, offsetof($1, exec_context.log_ratelimit_burst)
-$1.LogExtraFields, config_parse_log_extra_fields, 0, offsetof($1, exec_context)
-$1.Capabilities, config_parse_warn_compat, DISABLED_LEGACY, offsetof($1, exec_context)
-$1.SecureBits, config_parse_exec_secure_bits, 0, offsetof($1, exec_context.secure_bits)
-$1.CapabilityBoundingSet, config_parse_capability_set, 0, offsetof($1, exec_context.capability_bounding_set)
-$1.AmbientCapabilities, config_parse_capability_set, 0, offsetof($1, exec_context.capability_ambient_set)
-$1.TimerSlackNSec, config_parse_nsec, 0, offsetof($1, exec_context.timer_slack_nsec)
-$1.NoNewPrivileges, config_parse_bool, 0, offsetof($1, exec_context.no_new_privileges)
-$1.KeyringMode, config_parse_exec_keyring_mode, 0, offsetof($1, exec_context.keyring_mode)
-$1.ProtectProc, config_parse_protect_proc, 0, offsetof($1, exec_context.protect_proc)
-$1.ProcSubset, config_parse_proc_subset, 0, offsetof($1, exec_context.proc_subset)
-m4_ifdef(`HAVE_SECCOMP',
-`$1.SystemCallFilter, config_parse_syscall_filter, 0, offsetof($1, exec_context)
-$1.SystemCallArchitectures, config_parse_syscall_archs, 0, offsetof($1, exec_context.syscall_archs)
-$1.SystemCallErrorNumber, config_parse_syscall_errno, 0, offsetof($1, exec_context)
-$1.SystemCallLog, config_parse_syscall_log, 0, offsetof($1, exec_context)
-$1.MemoryDenyWriteExecute, config_parse_bool, 0, offsetof($1, exec_context.memory_deny_write_execute)
-$1.RestrictNamespaces, config_parse_restrict_namespaces, 0, offsetof($1, exec_context)
-$1.RestrictRealtime, config_parse_bool, 0, offsetof($1, exec_context.restrict_realtime)
-$1.RestrictSUIDSGID, config_parse_bool, 0, offsetof($1, exec_context.restrict_suid_sgid)
-$1.RestrictAddressFamilies, config_parse_address_families, 0, offsetof($1, exec_context)
-$1.LockPersonality, config_parse_bool, 0, offsetof($1, exec_context.lock_personality)',
-`$1.SystemCallFilter, config_parse_warn_compat, DISABLED_CONFIGURATION, 0
-$1.SystemCallArchitectures, config_parse_warn_compat, DISABLED_CONFIGURATION, 0
-$1.SystemCallErrorNumber, config_parse_warn_compat, DISABLED_CONFIGURATION, 0
-$1.SystemCallLog, config_parse_warn_compat, DISABLED_CONFIGURATION, 0
-$1.MemoryDenyWriteExecute, config_parse_warn_compat, DISABLED_CONFIGURATION, 0
-$1.RestrictNamespaces, config_parse_warn_compat, DISABLED_CONFIGURATION, 0
-$1.RestrictRealtime, config_parse_warn_compat, DISABLED_CONFIGURATION, 0
-$1.RestrictSUIDSGID, config_parse_warn_compat, DISABLED_CONFIGURATION, 0
-$1.RestrictAddressFamilies, config_parse_warn_compat, DISABLED_CONFIGURATION, 0
-$1.LockPersonality, config_parse_warn_compat, DISABLED_CONFIGURATION, 0')
-$1.LimitCPU, config_parse_rlimit, RLIMIT_CPU, offsetof($1, exec_context.rlimit)
-$1.LimitFSIZE, config_parse_rlimit, RLIMIT_FSIZE, offsetof($1, exec_context.rlimit)
-$1.LimitDATA, config_parse_rlimit, RLIMIT_DATA, offsetof($1, exec_context.rlimit)
-$1.LimitSTACK, config_parse_rlimit, RLIMIT_STACK, offsetof($1, exec_context.rlimit)
-$1.LimitCORE, config_parse_rlimit, RLIMIT_CORE, offsetof($1, exec_context.rlimit)
-$1.LimitRSS, config_parse_rlimit, RLIMIT_RSS, offsetof($1, exec_context.rlimit)
-$1.LimitNOFILE, config_parse_rlimit, RLIMIT_NOFILE, offsetof($1, exec_context.rlimit)
-$1.LimitAS, config_parse_rlimit, RLIMIT_AS, offsetof($1, exec_context.rlimit)
-$1.LimitNPROC, config_parse_rlimit, RLIMIT_NPROC, offsetof($1, exec_context.rlimit)
-$1.LimitMEMLOCK, config_parse_rlimit, RLIMIT_MEMLOCK, offsetof($1, exec_context.rlimit)
-$1.LimitLOCKS, config_parse_rlimit, RLIMIT_LOCKS, offsetof($1, exec_context.rlimit)
-$1.LimitSIGPENDING, config_parse_rlimit, RLIMIT_SIGPENDING, offsetof($1, exec_context.rlimit)
-$1.LimitMSGQUEUE, config_parse_rlimit, RLIMIT_MSGQUEUE, offsetof($1, exec_context.rlimit)
-$1.LimitNICE, config_parse_rlimit, RLIMIT_NICE, offsetof($1, exec_context.rlimit)
-$1.LimitRTPRIO, config_parse_rlimit, RLIMIT_RTPRIO, offsetof($1, exec_context.rlimit)
-$1.LimitRTTIME, config_parse_rlimit, RLIMIT_RTTIME, offsetof($1, exec_context.rlimit)
-$1.ReadWriteDirectories, config_parse_namespace_path_strv, 0, offsetof($1, exec_context.read_write_paths)
-$1.ReadOnlyDirectories, config_parse_namespace_path_strv, 0, offsetof($1, exec_context.read_only_paths)
-$1.InaccessibleDirectories, config_parse_namespace_path_strv, 0, offsetof($1, exec_context.inaccessible_paths)
-$1.ReadWritePaths, config_parse_namespace_path_strv, 0, offsetof($1, exec_context.read_write_paths)
-$1.ReadOnlyPaths, config_parse_namespace_path_strv, 0, offsetof($1, exec_context.read_only_paths)
-$1.InaccessiblePaths, config_parse_namespace_path_strv, 0, offsetof($1, exec_context.inaccessible_paths)
-$1.ExecPaths, config_parse_namespace_path_strv, 0, offsetof($1, exec_context.exec_paths)
-$1.NoExecPaths, config_parse_namespace_path_strv, 0, offsetof($1, exec_context.no_exec_paths)
-$1.BindPaths, config_parse_bind_paths, 0, offsetof($1, exec_context)
-$1.BindReadOnlyPaths, config_parse_bind_paths, 0, offsetof($1, exec_context)
-$1.TemporaryFileSystem, config_parse_temporary_filesystems, 0, offsetof($1, exec_context)
-$1.PrivateTmp, config_parse_bool, 0, offsetof($1, exec_context.private_tmp)
-$1.PrivateDevices, config_parse_bool, 0, offsetof($1, exec_context.private_devices)
-$1.ProtectKernelTunables, config_parse_bool, 0, offsetof($1, exec_context.protect_kernel_tunables)
-$1.ProtectKernelModules, config_parse_bool, 0, offsetof($1, exec_context.protect_kernel_modules)
-$1.ProtectKernelLogs, config_parse_bool, 0, offsetof($1, exec_context.protect_kernel_logs)
-$1.ProtectClock, config_parse_bool, 0, offsetof($1, exec_context.protect_clock)
-$1.ProtectControlGroups, config_parse_bool, 0, offsetof($1, exec_context.protect_control_groups)
-$1.NetworkNamespacePath, config_parse_unit_path_printf, 0, offsetof($1, exec_context.network_namespace_path)
-$1.IPCNamespacePath, config_parse_unit_path_printf, 0, offsetof($1, exec_context.ipc_namespace_path)
-$1.LogNamespace, config_parse_log_namespace, 0, offsetof($1, exec_context)
-$1.PrivateNetwork, config_parse_bool, 0, offsetof($1, exec_context.private_network)
-$1.PrivateUsers, config_parse_bool, 0, offsetof($1, exec_context.private_users)
-$1.PrivateMounts, config_parse_bool, 0, offsetof($1, exec_context.private_mounts)
-$1.PrivateIPC, config_parse_bool, 0, offsetof($1, exec_context.private_ipc)
-$1.ProtectSystem, config_parse_protect_system, 0, offsetof($1, exec_context.protect_system)
-$1.ProtectHome, config_parse_protect_home, 0, offsetof($1, exec_context.protect_home)
-$1.MountFlags, config_parse_exec_mount_flags, 0, offsetof($1, exec_context.mount_flags)
-$1.MountAPIVFS, config_parse_exec_mount_apivfs, 0, offsetof($1, exec_context)
-$1.Personality, config_parse_personality, 0, offsetof($1, exec_context.personality)
-$1.RuntimeDirectoryPreserve, config_parse_runtime_preserve_mode, 0, offsetof($1, exec_context.runtime_directory_preserve_mode)
-$1.RuntimeDirectoryMode, config_parse_mode, 0, offsetof($1, exec_context.directories[EXEC_DIRECTORY_RUNTIME].mode)
-$1.RuntimeDirectory, config_parse_exec_directories, 0, offsetof($1, exec_context.directories[EXEC_DIRECTORY_RUNTIME].paths)
-$1.StateDirectoryMode, config_parse_mode, 0, offsetof($1, exec_context.directories[EXEC_DIRECTORY_STATE].mode)
-$1.StateDirectory, config_parse_exec_directories, 0, offsetof($1, exec_context.directories[EXEC_DIRECTORY_STATE].paths)
-$1.CacheDirectoryMode, config_parse_mode, 0, offsetof($1, exec_context.directories[EXEC_DIRECTORY_CACHE].mode)
-$1.CacheDirectory, config_parse_exec_directories, 0, offsetof($1, exec_context.directories[EXEC_DIRECTORY_CACHE].paths)
-$1.LogsDirectoryMode, config_parse_mode, 0, offsetof($1, exec_context.directories[EXEC_DIRECTORY_LOGS].mode)
-$1.LogsDirectory, config_parse_exec_directories, 0, offsetof($1, exec_context.directories[EXEC_DIRECTORY_LOGS].paths)
-$1.ConfigurationDirectoryMode, config_parse_mode, 0, offsetof($1, exec_context.directories[EXEC_DIRECTORY_CONFIGURATION].mode)
-$1.ConfigurationDirectory, config_parse_exec_directories, 0, offsetof($1, exec_context.directories[EXEC_DIRECTORY_CONFIGURATION].paths)
-$1.SetCredential, config_parse_set_credential, 0, offsetof($1, exec_context)
-$1.LoadCredential, config_parse_load_credential, 0, offsetof($1, exec_context)
-$1.TimeoutCleanSec, config_parse_sec, 0, offsetof($1, exec_context.timeout_clean_usec)
-$1.ProtectHostname, config_parse_bool, 0, offsetof($1, exec_context.protect_hostname)
-m4_ifdef(`HAVE_PAM',
-`$1.PAMName, config_parse_unit_string_printf, 0, offsetof($1, exec_context.pam_name)',
-`$1.PAMName, config_parse_warn_compat, DISABLED_CONFIGURATION, 0')
-$1.IgnoreSIGPIPE, config_parse_bool, 0, offsetof($1, exec_context.ignore_sigpipe)
-$1.UtmpIdentifier, config_parse_unit_string_printf, 0, offsetof($1, exec_context.utmp_id)
-$1.UtmpMode, config_parse_exec_utmp_mode, 0, offsetof($1, exec_context.utmp_mode)
-m4_ifdef(`HAVE_SELINUX',
-`$1.SELinuxContext, config_parse_exec_selinux_context, 0, offsetof($1, exec_context)',
-`$1.SELinuxContext, config_parse_warn_compat, DISABLED_CONFIGURATION, 0')
-m4_ifdef(`HAVE_APPARMOR',
-`$1.AppArmorProfile, config_parse_exec_apparmor_profile, 0, offsetof($1, exec_context)',
-`$1.AppArmorProfile, config_parse_warn_compat, DISABLED_CONFIGURATION, 0')
-m4_ifdef(`ENABLE_SMACK',
-`$1.SmackProcessLabel, config_parse_exec_smack_process_label, 0, offsetof($1, exec_context)',
-`$1.SmackProcessLabel, config_parse_warn_compat, DISABLED_CONFIGURATION, 0')'
-)m4_dnl
-m4_define(`KILL_CONTEXT_CONFIG_ITEMS',
-`$1.SendSIGKILL, config_parse_bool, 0, offsetof($1, kill_context.send_sigkill)
-$1.SendSIGHUP, config_parse_bool, 0, offsetof($1, kill_context.send_sighup)
-$1.KillMode, config_parse_kill_mode, 0, offsetof($1, kill_context.kill_mode)
-$1.KillSignal, config_parse_signal, 0, offsetof($1, kill_context.kill_signal)
-$1.RestartKillSignal, config_parse_signal, 0, offsetof($1, kill_context.restart_kill_signal)
-$1.FinalKillSignal, config_parse_signal, 0, offsetof($1, kill_context.final_kill_signal)
-$1.WatchdogSignal, config_parse_signal, 0, offsetof($1, kill_context.watchdog_signal)'
-)m4_dnl
-m4_define(`CGROUP_CONTEXT_CONFIG_ITEMS',
-`$1.Slice, config_parse_unit_slice, 0, 0
-$1.AllowedCPUs, config_parse_allowed_cpus, 0, offsetof($1, cgroup_context)
-$1.AllowedMemoryNodes, config_parse_allowed_mems, 0, offsetof($1, cgroup_context)
-$1.CPUAccounting, config_parse_bool, 0, offsetof($1, cgroup_context.cpu_accounting)
-$1.CPUWeight, config_parse_cg_weight, 0, offsetof($1, cgroup_context.cpu_weight)
-$1.StartupCPUWeight, config_parse_cg_weight, 0, offsetof($1, cgroup_context.startup_cpu_weight)
-$1.CPUShares, config_parse_cpu_shares, 0, offsetof($1, cgroup_context.cpu_shares)
-$1.StartupCPUShares, config_parse_cpu_shares, 0, offsetof($1, cgroup_context.startup_cpu_shares)
-$1.CPUQuota, config_parse_cpu_quota, 0, offsetof($1, cgroup_context)
-$1.CPUQuotaPeriodSec, config_parse_sec_def_infinity, 0, offsetof($1, cgroup_context.cpu_quota_period_usec)
-$1.MemoryAccounting, config_parse_bool, 0, offsetof($1, cgroup_context.memory_accounting)
-$1.MemoryMin, config_parse_memory_limit, 0, offsetof($1, cgroup_context)
-$1.DefaultMemoryMin, config_parse_memory_limit, 0, offsetof($1, cgroup_context)
-$1.DefaultMemoryLow, config_parse_memory_limit, 0, offsetof($1, cgroup_context)
-$1.MemoryLow, config_parse_memory_limit, 0, offsetof($1, cgroup_context)
-$1.MemoryHigh, config_parse_memory_limit, 0, offsetof($1, cgroup_context)
-$1.MemoryMax, config_parse_memory_limit, 0, offsetof($1, cgroup_context)
-$1.MemorySwapMax, config_parse_memory_limit, 0, offsetof($1, cgroup_context)
-$1.MemoryLimit, config_parse_memory_limit, 0, offsetof($1, cgroup_context)
-$1.DeviceAllow, config_parse_device_allow, 0, offsetof($1, cgroup_context)
-$1.DevicePolicy, config_parse_device_policy, 0, offsetof($1, cgroup_context.device_policy)
-$1.IOAccounting, config_parse_bool, 0, offsetof($1, cgroup_context.io_accounting)
-$1.IOWeight, config_parse_cg_weight, 0, offsetof($1, cgroup_context.io_weight)
-$1.StartupIOWeight, config_parse_cg_weight, 0, offsetof($1, cgroup_context.startup_io_weight)
-$1.IODeviceWeight, config_parse_io_device_weight, 0, offsetof($1, cgroup_context)
-$1.IOReadBandwidthMax, config_parse_io_limit, 0, offsetof($1, cgroup_context)
-$1.IOWriteBandwidthMax, config_parse_io_limit, 0, offsetof($1, cgroup_context)
-$1.IOReadIOPSMax, config_parse_io_limit, 0, offsetof($1, cgroup_context)
-$1.IOWriteIOPSMax, config_parse_io_limit, 0, offsetof($1, cgroup_context)
-$1.IODeviceLatencyTargetSec, config_parse_io_device_latency, 0, offsetof($1, cgroup_context)
-$1.BlockIOAccounting, config_parse_bool, 0, offsetof($1, cgroup_context.blockio_accounting)
-$1.BlockIOWeight, config_parse_blockio_weight, 0, offsetof($1, cgroup_context.blockio_weight)
-$1.StartupBlockIOWeight, config_parse_blockio_weight, 0, offsetof($1, cgroup_context.startup_blockio_weight)
-$1.BlockIODeviceWeight, config_parse_blockio_device_weight, 0, offsetof($1, cgroup_context)
-$1.BlockIOReadBandwidth, config_parse_blockio_bandwidth, 0, offsetof($1, cgroup_context)
-$1.BlockIOWriteBandwidth, config_parse_blockio_bandwidth, 0, offsetof($1, cgroup_context)
-$1.TasksAccounting, config_parse_bool, 0, offsetof($1, cgroup_context.tasks_accounting)
-$1.TasksMax, config_parse_tasks_max, 0, offsetof($1, cgroup_context.tasks_max)
-$1.Delegate, config_parse_delegate, 0, offsetof($1, cgroup_context)
-$1.DisableControllers, config_parse_disable_controllers, 0, offsetof($1, cgroup_context)
-$1.IPAccounting, config_parse_bool, 0, offsetof($1, cgroup_context.ip_accounting)
-$1.IPAddressAllow, config_parse_ip_address_access, 0, offsetof($1, cgroup_context.ip_address_allow)
-$1.IPAddressDeny, config_parse_ip_address_access, 0, offsetof($1, cgroup_context.ip_address_deny)
-$1.IPIngressFilterPath, config_parse_ip_filter_bpf_progs, 0, offsetof($1, cgroup_context.ip_filters_ingress)
-$1.IPEgressFilterPath, config_parse_ip_filter_bpf_progs, 0, offsetof($1, cgroup_context.ip_filters_egress)
-$1.ManagedOOMSwap, config_parse_managed_oom_mode, 0, offsetof($1, cgroup_context.moom_swap)
-$1.ManagedOOMMemoryPressure, config_parse_managed_oom_mode, 0, offsetof($1, cgroup_context.moom_mem_pressure)
-$1.ManagedOOMMemoryPressureLimit, config_parse_managed_oom_mem_pressure_limit, 0, offsetof($1, cgroup_context.moom_mem_pressure_limit)
-$1.ManagedOOMPreference, config_parse_managed_oom_preference, 0, offsetof($1, cgroup_context.moom_preference)
-$1.NetClass, config_parse_warn_compat, DISABLED_LEGACY, 0
-$1.BPFProgram, config_parse_bpf_foreign_program, 0, offsetof($1, cgroup_context)
-$1.SocketBindAllow, config_parse_cgroup_socket_bind, 0, offsetof($1, cgroup_context.socket_bind_allow)
-$1.SocketBindDeny, config_parse_cgroup_socket_bind, 0, offsetof($1, cgroup_context.socket_bind_deny)'
-)m4_dnl
Unit.Description, config_parse_unit_string_printf, 0, offsetof(Unit, description)
Unit.Documentation, config_parse_documentation, 0, offsetof(Unit, documentation)
Unit.SourcePath, config_parse_unit_path_printf, 0, offsetof(Unit, source_path)
@@ -266,7 +280,7 @@ Unit.RefuseManualStop, config_parse_bool,
Unit.AllowIsolate, config_parse_bool, 0, offsetof(Unit, allow_isolate)
Unit.DefaultDependencies, config_parse_bool, 0, offsetof(Unit, default_dependencies)
Unit.OnFailureJobMode, config_parse_job_mode, 0, offsetof(Unit, on_failure_job_mode)
-m4_dnl The following is a legacy alias name for compatibility
+{# The following is a legacy alias name for compatibility #}
Unit.OnFailureIsolate, config_parse_job_mode_isolate, 0, offsetof(Unit, on_failure_job_mode)
Unit.IgnoreOnIsolate, config_parse_bool, 0, offsetof(Unit, ignore_on_isolate)
Unit.IgnoreOnSnapshot, config_parse_warn_compat, DISABLED_LEGACY, 0
@@ -275,7 +289,7 @@ Unit.JobRunningTimeoutSec, config_parse_job_running_timeout_sec,
Unit.JobTimeoutAction, config_parse_emergency_action, 0, offsetof(Unit, job_timeout_action)
Unit.JobTimeoutRebootArgument, config_parse_unit_string_printf, 0, offsetof(Unit, job_timeout_reboot_arg)
Unit.StartLimitIntervalSec, config_parse_sec, 0, offsetof(Unit, start_ratelimit.interval)
-m4_dnl The following is a legacy alias name for compatibility
+{# The following is a legacy alias name for compatibility #}
Unit.StartLimitInterval, config_parse_sec, 0, offsetof(Unit, start_ratelimit.interval)
Unit.StartLimitBurst, config_parse_unsigned, 0, offsetof(Unit, start_ratelimit.burst)
Unit.StartLimitAction, config_parse_emergency_action, 0, offsetof(Unit, start_limit_action)
@@ -338,7 +352,6 @@ Unit.AssertUser, config_parse_unit_condition_string,
Unit.AssertGroup, config_parse_unit_condition_string, CONDITION_GROUP, offsetof(Unit, asserts)
Unit.AssertControlGroupController, config_parse_unit_condition_string, CONDITION_CONTROL_GROUP_CONTROLLER, offsetof(Unit, asserts)
Unit.CollectMode, config_parse_collect_mode, 0, offsetof(Unit, collect_mode)
-m4_dnl
Service.PIDFile, config_parse_pid_file, 0, offsetof(Service, pid_file)
Service.ExecCondition, config_parse_exec, SERVICE_EXEC_CONDITION, offsetof(Service, exec_command)
Service.ExecStartPre, config_parse_exec, SERVICE_EXEC_START_PRE, offsetof(Service, exec_command)
@@ -356,7 +369,7 @@ Service.TimeoutStartFailureMode, config_parse_service_timeout_failure_mo
Service.TimeoutStopFailureMode, config_parse_service_timeout_failure_mode, 0, offsetof(Service, timeout_stop_failure_mode)
Service.RuntimeMaxSec, config_parse_sec, 0, offsetof(Service, runtime_max_usec)
Service.WatchdogSec, config_parse_sec, 0, offsetof(Service, watchdog_usec)
-m4_dnl The following five only exist for compatibility, they moved into Unit, see above
+{# The following five only exist for compatibility, they moved into Unit, see above #}
Service.StartLimitInterval, config_parse_sec, 0, offsetof(Unit, start_ratelimit.interval)
Service.StartLimitBurst, config_parse_unsigned, 0, offsetof(Unit, start_ratelimit.burst)
Service.StartLimitAction, config_parse_emergency_action, 0, offsetof(Unit, start_limit_action)
@@ -382,10 +395,9 @@ Service.BusPolicy, config_parse_warn_compat,
Service.USBFunctionDescriptors, config_parse_unit_path_printf, 0, offsetof(Service, usb_function_descriptors)
Service.USBFunctionStrings, config_parse_unit_path_printf, 0, offsetof(Service, usb_function_strings)
Service.OOMPolicy, config_parse_oom_policy, 0, offsetof(Service, oom_policy)
-EXEC_CONTEXT_CONFIG_ITEMS(Service)m4_dnl
-CGROUP_CONTEXT_CONFIG_ITEMS(Service)m4_dnl
-KILL_CONTEXT_CONFIG_ITEMS(Service)m4_dnl
-m4_dnl
+{{ EXEC_CONTEXT_CONFIG_ITEMS('Service') }}
+{{ CGROUP_CONTEXT_CONFIG_ITEMS('Service') }}
+{{ KILL_CONTEXT_CONFIG_ITEMS('Service') }}
Socket.ListenStream, config_parse_socket_listen, SOCKET_SOCKET, 0
Socket.ListenDatagram, config_parse_socket_listen, SOCKET_SOCKET, 0
Socket.ListenSequentialPacket, config_parse_socket_listen, SOCKET_SOCKET, 0
@@ -442,20 +454,23 @@ Socket.FileDescriptorName, config_parse_fdname,
Socket.Service, config_parse_socket_service, 0, 0
Socket.TriggerLimitIntervalSec, config_parse_sec, 0, offsetof(Socket, trigger_limit.interval)
Socket.TriggerLimitBurst, config_parse_unsigned, 0, offsetof(Socket, trigger_limit.burst)
-m4_ifdef(`ENABLE_SMACK',
-`Socket.SmackLabel, config_parse_unit_string_printf, 0, offsetof(Socket, smack)
+{% if ENABLE_SMACK %}
+Socket.SmackLabel, config_parse_unit_string_printf, 0, offsetof(Socket, smack)
Socket.SmackLabelIPIn, config_parse_unit_string_printf, 0, offsetof(Socket, smack_ip_in)
-Socket.SmackLabelIPOut, config_parse_unit_string_printf, 0, offsetof(Socket, smack_ip_out)',
-`Socket.SmackLabel, config_parse_warn_compat, DISABLED_CONFIGURATION, 0
+Socket.SmackLabelIPOut, config_parse_unit_string_printf, 0, offsetof(Socket, smack_ip_out)
+{% else %}
+Socket.SmackLabel, config_parse_warn_compat, DISABLED_CONFIGURATION, 0
Socket.SmackLabelIPIn, config_parse_warn_compat, DISABLED_CONFIGURATION, 0
-Socket.SmackLabelIPOut, config_parse_warn_compat, DISABLED_CONFIGURATION, 0')
-m4_ifdef(`HAVE_SELINUX',
-`Socket.SELinuxContextFromNet, config_parse_bool, 0, offsetof(Socket, selinux_context_from_net)',
-`Socket.SELinuxContextFromNet, config_parse_warn_compat, DISABLED_CONFIGURATION, 0')
-EXEC_CONTEXT_CONFIG_ITEMS(Socket)m4_dnl
-CGROUP_CONTEXT_CONFIG_ITEMS(Socket)m4_dnl
-KILL_CONTEXT_CONFIG_ITEMS(Socket)m4_dnl
-m4_dnl
+Socket.SmackLabelIPOut, config_parse_warn_compat, DISABLED_CONFIGURATION, 0
+{% endif %}
+{% if HAVE_SELINUX %}
+Socket.SELinuxContextFromNet, config_parse_bool, 0, offsetof(Socket, selinux_context_from_net)
+{% else %}
+Socket.SELinuxContextFromNet, config_parse_warn_compat, DISABLED_CONFIGURATION, 0
+{% endif %}
+{{ EXEC_CONTEXT_CONFIG_ITEMS('Socket') }}
+{{ CGROUP_CONTEXT_CONFIG_ITEMS('Socket') }}
+{{ KILL_CONTEXT_CONFIG_ITEMS('Socket') }}
Mount.What, config_parse_unit_string_printf, 0, offsetof(Mount, parameters_fragment.what)
Mount.Where, config_parse_unit_path_printf, 0, offsetof(Mount, where)
Mount.Options, config_parse_unit_string_printf, 0, offsetof(Mount, parameters_fragment.options)
@@ -466,22 +481,19 @@ Mount.SloppyOptions, config_parse_bool,
Mount.LazyUnmount, config_parse_bool, 0, offsetof(Mount, lazy_unmount)
Mount.ForceUnmount, config_parse_bool, 0, offsetof(Mount, force_unmount)
Mount.ReadWriteOnly, config_parse_bool, 0, offsetof(Mount, read_write_only)
-EXEC_CONTEXT_CONFIG_ITEMS(Mount)m4_dnl
-CGROUP_CONTEXT_CONFIG_ITEMS(Mount)m4_dnl
-KILL_CONTEXT_CONFIG_ITEMS(Mount)m4_dnl
-m4_dnl
+{{ EXEC_CONTEXT_CONFIG_ITEMS('Mount') }}
+{{ CGROUP_CONTEXT_CONFIG_ITEMS('Mount') }}
+{{ KILL_CONTEXT_CONFIG_ITEMS('Mount') }}
Automount.Where, config_parse_unit_path_printf, 0, offsetof(Automount, where)
Automount.DirectoryMode, config_parse_mode, 0, offsetof(Automount, directory_mode)
Automount.TimeoutIdleSec, config_parse_sec_fix_0, 0, offsetof(Automount, timeout_idle_usec)
-m4_dnl
Swap.What, config_parse_unit_path_printf, 0, offsetof(Swap, parameters_fragment.what)
Swap.Priority, config_parse_swap_priority, 0, 0
Swap.Options, config_parse_unit_string_printf, 0, offsetof(Swap, parameters_fragment.options)
Swap.TimeoutSec, config_parse_sec_fix_0, 0, offsetof(Swap, timeout_usec)
-EXEC_CONTEXT_CONFIG_ITEMS(Swap)m4_dnl
-CGROUP_CONTEXT_CONFIG_ITEMS(Swap)m4_dnl
-KILL_CONTEXT_CONFIG_ITEMS(Swap)m4_dnl
-m4_dnl
+{{ EXEC_CONTEXT_CONFIG_ITEMS('Swap') }}
+{{ CGROUP_CONTEXT_CONFIG_ITEMS('Swap') }}
+{{ KILL_CONTEXT_CONFIG_ITEMS('Swap') }}
Timer.OnCalendar, config_parse_timer, TIMER_CALENDAR, 0
Timer.OnActiveSec, config_parse_timer, TIMER_ACTIVE, 0
Timer.OnBootSec, config_parse_timer, TIMER_BOOT, 0
@@ -497,7 +509,6 @@ Timer.FixedRandomDelay, config_parse_bool,
Timer.AccuracySec, config_parse_sec, 0, offsetof(Timer, accuracy_usec)
Timer.RandomizedDelaySec, config_parse_sec, 0, offsetof(Timer, random_usec)
Timer.Unit, config_parse_trigger_unit, 0, 0
-m4_dnl
Path.PathExists, config_parse_path_spec, 0, 0
Path.PathExistsGlob, config_parse_path_spec, 0, 0
Path.PathChanged, config_parse_path_spec, 0, 0
@@ -506,14 +517,12 @@ Path.DirectoryNotEmpty, config_parse_path_spec,
Path.Unit, config_parse_trigger_unit, 0, 0
Path.MakeDirectory, config_parse_bool, 0, offsetof(Path, make_directory)
Path.DirectoryMode, config_parse_mode, 0, offsetof(Path, directory_mode)
-m4_dnl
-CGROUP_CONTEXT_CONFIG_ITEMS(Slice)m4_dnl
-m4_dnl
-CGROUP_CONTEXT_CONFIG_ITEMS(Scope)m4_dnl
-KILL_CONTEXT_CONFIG_ITEMS(Scope)m4_dnl
+{{ CGROUP_CONTEXT_CONFIG_ITEMS('Slice') }}
+{{ CGROUP_CONTEXT_CONFIG_ITEMS('Scope') }}
+{{ KILL_CONTEXT_CONFIG_ITEMS('Scope') }}
Scope.RuntimeMaxSec, config_parse_sec, 0, offsetof(Scope, runtime_max_usec)
Scope.TimeoutStopSec, config_parse_sec, 0, offsetof(Scope, timeout_stop_usec)
-m4_dnl The [Install] section is ignored here.
+{# The [Install] section is ignored here #}
Install.Alias, NULL, 0, 0
Install.WantedBy, NULL, 0, 0
Install.RequiredBy, NULL, 0, 0
diff --git a/src/core/meson.build b/src/core/meson.build
index c5c9e8cbe8..e93d17a43a 100644
--- a/src/core/meson.build
+++ b/src/core/meson.build
@@ -132,9 +132,9 @@ endif
load_fragment_gperf_gperf = custom_target(
'load-fragment-gperf.gperf',
- input : 'load-fragment-gperf.gperf.m4',
+ input : 'load-fragment-gperf.gperf.in',
output: 'load-fragment-gperf.gperf',
- command : [meson_apply_m4, config_h, '@INPUT@'],
+ command : [meson_render_jinja2, config_h, '@INPUT@'],
capture : true)
load_fragment_gperf_c = custom_target(
@@ -174,21 +174,23 @@ core_includes = [includes, include_directories('.')]
systemd_sources = files('main.c')
-in_files = [['system.conf', pkgsysconfdir],
- ['user.conf', pkgsysconfdir],
- ['systemd.pc', pkgconfigdatadir]]
+in_files = [['system.conf', pkgsysconfdir],
+ ['user.conf', pkgsysconfdir],
+ ['systemd.pc', pkgconfigdatadir],
+ ['org.freedesktop.systemd1.policy', polkitpolicydir]]
foreach item : in_files
file = item[0]
dir = item[1]
- if install_sysconfdir_samples or dir != pkgsysconfdir
- configure_file(
- input : file + '.in',
- output : file,
- configuration : substs,
- install_dir : dir == 'no' ? '' : dir)
- endif
+ custom_target(
+ file,
+ input : file + '.in',
+ output: file,
+ command : [meson_render_jinja2, config_h, '@INPUT@'],
+ capture : true,
+ install : dir != 'no',
+ install_dir : dir)
endforeach
install_data('org.freedesktop.systemd1.conf',
@@ -196,13 +198,6 @@ install_data('org.freedesktop.systemd1.conf',
install_data('org.freedesktop.systemd1.service',
install_dir : dbussystemservicedir)
-policy = configure_file(
- input : 'org.freedesktop.systemd1.policy.in',
- output : 'org.freedesktop.systemd1.policy',
- configuration : substs)
-install_data(policy,
- install_dir : polkitpolicydir)
-
meson.add_install_script('sh', '-c', mkdir_p.format(systemshutdowndir))
meson.add_install_script('sh', '-c', mkdir_p.format(systemsleepdir))
meson.add_install_script('sh', '-c', mkdir_p.format(systemgeneratordir))
diff --git a/src/core/org.freedesktop.systemd1.policy.in b/src/core/org.freedesktop.systemd1.policy.in
index a6d40d7e8f..74721c516f 100644
--- a/src/core/org.freedesktop.systemd1.policy.in
+++ b/src/core/org.freedesktop.systemd1.policy.in
@@ -26,7 +26,7 @@
no
auth_admin_keep
- @rootlibexecdir@/systemd-reply-password
+ {{ROOTLIBEXECDIR}}/systemd-reply-password
diff --git a/src/core/system.conf.in b/src/core/system.conf.in
index 97325d1811..e88280bd0a 100644
--- a/src/core/system.conf.in
+++ b/src/core/system.conf.in
@@ -37,7 +37,7 @@
#NoNewPrivileges=no
#SystemCallArchitectures=
#TimerSlackNSec=
-#StatusUnitFormat=@STATUS_UNIT_FORMAT_DEFAULT@
+#StatusUnitFormat={{STATUS_UNIT_FORMAT_DEFAULT_STR}}
#DefaultTimerAccuracySec=1min
#DefaultStandardOutput=journal
#DefaultStandardError=inherit
@@ -52,7 +52,7 @@
#DefaultIOAccounting=no
#DefaultIPAccounting=no
#DefaultBlockIOAccounting=no
-#DefaultMemoryAccounting=@MEMORY_ACCOUNTING_DEFAULT@
+#DefaultMemoryAccounting={{ 'yes' if MEMORY_ACCOUNTING_DEFAULT else 'no' }}
#DefaultTasksAccounting=yes
#DefaultTasksMax=15%
#DefaultLimitCPU=
@@ -61,7 +61,7 @@
#DefaultLimitSTACK=
#DefaultLimitCORE=
#DefaultLimitRSS=
-#DefaultLimitNOFILE=1024:@HIGH_RLIMIT_NOFILE@
+#DefaultLimitNOFILE=1024:{{HIGH_RLIMIT_NOFILE}}
#DefaultLimitAS=
#DefaultLimitNPROC=
#DefaultLimitMEMLOCK=
diff --git a/src/core/systemd.pc.in b/src/core/systemd.pc.in
index b5cc8f94a5..fc0f8c34fa 100644
--- a/src/core/systemd.pc.in
+++ b/src/core/systemd.pc.in
@@ -12,9 +12,9 @@
# shall have underscores.
prefix=/usr
-root_prefix=@rootprefix_noslash@
+root_prefix={{ROOTPREFIX_NOSLASH}}
rootprefix=${root_prefix}
-sysconf_dir=@sysconfdir@
+sysconf_dir={{SYSCONF_DIR}}
sysconfdir=${sysconf_dir}
systemd_util_dir=${root_prefix}/lib/systemd
@@ -80,22 +80,22 @@ modulesloaddir=${modules_load_dir}
catalog_dir=${prefix}/lib/systemd/catalog
catalogdir=${catalog_dir}
-system_uid_max=@SYSTEM_UID_MAX@
+system_uid_max={{SYSTEM_UID_MAX}}
systemuidmax=${system_uid_max}
-system_gid_max=@SYSTEM_GID_MAX@
+system_gid_max={{SYSTEM_GID_MAX}}
systemgidmax=${system_gid_max}
-dynamic_uid_min=@dynamicuidmin@
+dynamic_uid_min={{DYNAMIC_UID_MIN}}
dynamicuidmin=${dynamic_uid_min}
-dynamic_uid_max=@dynamicuidmax@
+dynamic_uid_max={{DYNAMIC_UID_MAX}}
dynamicuidmax=${dynamic_uid_max}
-container_uid_base_min=@containeruidbasemin@
+container_uid_base_min={{CONTAINER_UID_BASE_MIN}}
containeruidbasemin=${container_uid_base_min}
-container_uid_base_max=@containeruidbasemax@
+container_uid_base_max={{CONTAINER_UID_BASE_MAX}}
containeruidbasemax=${container_uid_base_max}
Name: systemd
Description: systemd System and Service Manager
-URL: @PROJECT_URL@
-Version: @PROJECT_VERSION@
+URL: {{PROJECT_URL}}
+Version: {{PROJECT_VERSION}}
diff --git a/src/core/user.conf.in b/src/core/user.conf.in
index 5f0ca4cb02..e0a7703525 100644
--- a/src/core/user.conf.in
+++ b/src/core/user.conf.in
@@ -20,7 +20,7 @@
#LogTime=no
#SystemCallArchitectures=
#TimerSlackNSec=
-#StatusUnitFormat=@STATUS_UNIT_FORMAT_DEFAULT@
+#StatusUnitFormat={{STATUS_UNIT_FORMAT_DEFAULT_STR}}
#DefaultTimerAccuracySec=1min
#DefaultStandardOutput=inherit
#DefaultStandardError=inherit
diff --git a/src/debug-generator/debug-generator.c b/src/debug-generator/debug-generator.c
index d9fccea5c9..a8f3422dd4 100644
--- a/src/debug-generator/debug-generator.c
+++ b/src/debug-generator/debug-generator.c
@@ -134,7 +134,7 @@ static int generate_wants_symlinks(void) {
if (!p)
return log_oom();
- f = path_join(SYSTEM_DATA_UNIT_PATH, *u);
+ f = path_join(SYSTEM_DATA_UNIT_DIR, *u);
if (!f)
return log_oom();
diff --git a/src/fstab-generator/fstab-generator.c b/src/fstab-generator/fstab-generator.c
index c0ded48d97..1d8ee93013 100644
--- a/src/fstab-generator/fstab-generator.c
+++ b/src/fstab-generator/fstab-generator.c
@@ -881,7 +881,7 @@ static int add_volatile_root(void) {
return 0;
return generator_add_symlink(arg_dest, SPECIAL_INITRD_ROOT_FS_TARGET, "requires",
- SYSTEM_DATA_UNIT_PATH "/" SPECIAL_VOLATILE_ROOT_SERVICE);
+ SYSTEM_DATA_UNIT_DIR "/" SPECIAL_VOLATILE_ROOT_SERVICE);
}
static int add_volatile_var(void) {
diff --git a/src/getty-generator/getty-generator.c b/src/getty-generator/getty-generator.c
index 2f26214ec3..aa5a0a6ddb 100644
--- a/src/getty-generator/getty-generator.c
+++ b/src/getty-generator/getty-generator.c
@@ -28,7 +28,7 @@ static int add_symlink(const char *fservice, const char *tservice) {
assert(fservice);
assert(tservice);
- from = strjoina(SYSTEM_DATA_UNIT_PATH "/", fservice);
+ from = strjoina(SYSTEM_DATA_UNIT_DIR "/", fservice);
to = strjoina(arg_dest, "/getty.target.wants/", tservice);
mkdir_parents_label(to, 0755);
diff --git a/src/hibernate-resume/hibernate-resume-generator.c b/src/hibernate-resume/hibernate-resume-generator.c
index b1e5452bb0..5e986db2b0 100644
--- a/src/hibernate-resume/hibernate-resume-generator.c
+++ b/src/hibernate-resume/hibernate-resume-generator.c
@@ -85,7 +85,7 @@ static int process_resume(void) {
return log_oom();
mkdir_parents_label(lnk, 0755);
- if (symlink(SYSTEM_DATA_UNIT_PATH "/systemd-hibernate-resume@.service", lnk) < 0)
+ if (symlink(SYSTEM_DATA_UNIT_DIR "/systemd-hibernate-resume@.service", lnk) < 0)
return log_error_errno(errno, "Failed to create symlink %s: %m", lnk);
r = unit_name_from_path(arg_resume_device, ".device", &device_unit);
diff --git a/src/journal-remote/journal-remote.conf.in b/src/journal-remote/journal-remote.conf.in
index 4c1b78ebc1..648aa1ba11 100644
--- a/src/journal-remote/journal-remote.conf.in
+++ b/src/journal-remote/journal-remote.conf.in
@@ -15,6 +15,6 @@
[Remote]
# Seal=false
# SplitMode=host
-# ServerKeyFile=@CERTIFICATEROOT@/private/journal-remote.pem
-# ServerCertificateFile=@CERTIFICATEROOT@/certs/journal-remote.pem
-# TrustedCertificateFile=@CERTIFICATEROOT@/ca/trusted.pem
+# ServerKeyFile={{CERTIFICATE_ROOT}}/private/journal-remote.pem
+# ServerCertificateFile={{CERTIFICATE_ROOT}}/certs/journal-remote.pem
+# TrustedCertificateFile={{CERTIFICATE_ROOT}}/ca/trusted.pem
diff --git a/src/journal-remote/journal-upload.conf.in b/src/journal-remote/journal-upload.conf.in
index 29b623bdfa..94471e4a00 100644
--- a/src/journal-remote/journal-upload.conf.in
+++ b/src/journal-remote/journal-upload.conf.in
@@ -14,6 +14,6 @@
[Upload]
# URL=
-# ServerKeyFile=@CERTIFICATEROOT@/private/journal-upload.pem
-# ServerCertificateFile=@CERTIFICATEROOT@/certs/journal-upload.pem
-# TrustedCertificateFile=@CERTIFICATEROOT@/ca/trusted.pem
+# ServerKeyFile={{CERTIFICATE_ROOT}}/private/journal-upload.pem
+# ServerCertificateFile={{CERTIFICATE_ROOT}}/certs/journal-upload.pem
+# TrustedCertificateFile={{CERTIFICATE_ROOT}}/ca/trusted.pem
diff --git a/src/journal-remote/meson.build b/src/journal-remote/meson.build
index c42d85bc4b..d516fbabf7 100644
--- a/src/journal-remote/meson.build
+++ b/src/journal-remote/meson.build
@@ -42,27 +42,25 @@ systemd_journal_gatewayd_sources = files('''
microhttpd-util.c
'''.split())
-if conf.get('ENABLE_REMOTE') ==1 and conf.get('HAVE_LIBCURL') == 1
- journal_upload_conf = configure_file(
- input : 'journal-upload.conf.in',
- output : 'journal-upload.conf',
- configuration : substs)
- if install_sysconfdir
- install_data(journal_upload_conf,
- install_dir : pkgsysconfdir)
- endif
-endif
+in_files = [
+ ['journal-upload.conf',
+ conf.get('ENABLE_REMOTE') == 1 and conf.get('HAVE_LIBCURL') == 1 and install_sysconfdir_samples],
+ ['journal-remote.conf',
+ conf.get('ENABLE_REMOTE') == 1 and conf.get('HAVE_MICROHTTPD') == 1 and install_sysconfdir_samples]]
+
+foreach tuple : in_files
+ file = tuple[0]
+ custom_target(
+ file,
+ input : file + '.in',
+ output: file,
+ command : [meson_render_jinja2, config_h, '@INPUT@'],
+ capture : true,
+ install : tuple[1],
+ install_dir : pkgsysconfdir)
+endforeach
if conf.get('ENABLE_REMOTE') == 1 and conf.get('HAVE_MICROHTTPD') == 1
- journal_remote_conf = configure_file(
- input : 'journal-remote.conf.in',
- output : 'journal-remote.conf',
- configuration : substs)
- if install_sysconfdir_samples
- install_data(journal_remote_conf,
- install_dir : pkgsysconfdir)
- endif
-
install_data('browse.html',
install_dir : join_paths(pkgdatadir, 'gatewayd'))
diff --git a/src/libsystemd/libsystemd.pc.in b/src/libsystemd/libsystemd.pc.in
index 74f33b70e6..da6e4e667e 100644
--- a/src/libsystemd/libsystemd.pc.in
+++ b/src/libsystemd/libsystemd.pc.in
@@ -7,14 +7,14 @@
# the Free Software Foundation; either version 2.1 of the License, or
# (at your option) any later version.
-prefix=@prefix@
-exec_prefix=@exec_prefix@
-libdir=@rootlibdir@
-includedir=@includedir@
+prefix={{PREFIX}}
+exec_prefix={{PREFIX}}
+libdir={{ROOTLIBDIR}}
+includedir={{INCLUDE_DIR}}
Name: systemd
Description: systemd Library
-URL: @PROJECT_URL@
-Version: @PROJECT_VERSION@
+URL: {{PROJECT_URL}}
+Version: {{PROJECT_VERSION}}
Libs: -L${libdir} -lsystemd
Cflags: -I${includedir}
diff --git a/src/libsystemd/meson.build b/src/libsystemd/meson.build
index f55bdcd1a5..5af8b75af2 100644
--- a/src/libsystemd/meson.build
+++ b/src/libsystemd/meson.build
@@ -177,11 +177,14 @@ libsystemd_sym_path = join_paths(meson.current_source_dir(), 'libsystemd.sym')
static_libsystemd = get_option('static-libsystemd')
static_libsystemd_pic = static_libsystemd == 'true' or static_libsystemd == 'pic'
-configure_file(
+custom_target(
+ 'libsystemd.pc',
input : 'libsystemd.pc.in',
output : 'libsystemd.pc',
- configuration : substs,
- install_dir : pkgconfiglibdir == 'no' ? '' : pkgconfiglibdir)
+ command : [meson_render_jinja2, config_h, '@INPUT@'],
+ capture : true,
+ install : pkgconfiglibdir != 'no',
+ install_dir : pkgconfiglibdir)
############################################################
diff --git a/src/libsystemd/sd-path/sd-path.c b/src/libsystemd/sd-path/sd-path.c
index 61ed7cb2da..4fe0903c1d 100644
--- a/src/libsystemd/sd-path/sd-path.c
+++ b/src/libsystemd/sd-path/sd-path.c
@@ -325,7 +325,7 @@ static int get_path(uint64_t type, char **buffer, const char **ret) {
return 0;
case SD_PATH_SYSTEMD_SYSTEM_UNIT:
- *ret = SYSTEM_DATA_UNIT_PATH;
+ *ret = SYSTEM_DATA_UNIT_DIR;
return 0;
case SD_PATH_SYSTEMD_SYSTEM_PRESET:
diff --git a/src/libudev/libudev.pc.in b/src/libudev/libudev.pc.in
index b657b7d068..89028aaa6b 100644
--- a/src/libudev/libudev.pc.in
+++ b/src/libudev/libudev.pc.in
@@ -7,13 +7,13 @@
# the Free Software Foundation; either version 2.1 of the License, or
# (at your option) any later version.
-prefix=@prefix@
-exec_prefix=@exec_prefix@
-libdir=@rootlibdir@
-includedir=@includedir@
+prefix={{PREFIX}}
+exec_prefix={{PREFIX}}
+libdir={{ROOTLIBDIR}}
+includedir={{INCLUDE_DIR}}
Name: libudev
Description: Library to access udev device information
-Version: @PROJECT_VERSION@
+Version: {{PROJECT_VERSION}}
Libs: -L${libdir} -ludev
Cflags: -I${includedir}
diff --git a/src/libudev/meson.build b/src/libudev/meson.build
index b3ffb8b10a..61e7cc20a6 100644
--- a/src/libudev/meson.build
+++ b/src/libudev/meson.build
@@ -39,11 +39,14 @@ libudev_static = static_library(
static_libudev = get_option('static-libudev')
static_libudev_pic = static_libudev == 'true' or static_libudev == 'pic'
-configure_file(
+custom_target(
+ 'libudev.pc',
input : 'libudev.pc.in',
output : 'libudev.pc',
- configuration : substs,
- install_dir : pkgconfiglibdir == 'no' ? '' : pkgconfiglibdir)
+ command : [meson_render_jinja2, config_h, '@INPUT@'],
+ capture : true,
+ install : pkgconfiglibdir != 'no',
+ install_dir : pkgconfiglibdir)
############################################################
diff --git a/src/login/70-uaccess.rules.m4 b/src/login/70-uaccess.rules.in
similarity index 93%
rename from src/login/70-uaccess.rules.m4
rename to src/login/70-uaccess.rules.in
index 8d5fa47bf3..56e1087fef 100644
--- a/src/login/70-uaccess.rules.m4
+++ b/src/login/70-uaccess.rules.in
@@ -41,14 +41,14 @@ SUBSYSTEM=="firewire", TEST=="units", ENV{IEEE1394_UNIT_FUNCTION_VIDEO}=="1", TA
# DRI video devices
SUBSYSTEM=="drm", KERNEL=="card*", TAG+="uaccess"
-m4_ifdef(`GROUP_RENDER_UACCESS',``
+{% if GROUP_RENDER_UACCESS %}
# DRI render nodes
-SUBSYSTEM=="drm", KERNEL=="renderD*", TAG+="uaccess"''
-)m4_dnl
-m4_ifdef(`DEV_KVM_UACCESS',``
+SUBSYSTEM=="drm", KERNEL=="renderD*", TAG+="uaccess"
+{% endif %}
+{% if DEV_KVM_UACCESS %}
# KVM
-SUBSYSTEM=="misc", KERNEL=="kvm", TAG+="uaccess"''
-)m4_dnl
+SUBSYSTEM=="misc", KERNEL=="kvm", TAG+="uaccess"
+{% endif %}
# smart-card readers
ENV{ID_SMARTCARD_READER}=="?*", TAG+="uaccess"
diff --git a/src/login/71-seat.rules.in b/src/login/71-seat.rules.in
index 3ccd52415f..809467c6c8 100644
--- a/src/login/71-seat.rules.in
+++ b/src/login/71-seat.rules.in
@@ -59,9 +59,11 @@ SUBSYSTEM=="pci", ATTRS{vendor}=="0x1ab8", ATTRS{device}=="0x4005", TAG+="seat",
# the child if we notice that the parent wasn't recognized yet.
# Match parent
+{% raw -%}
SUBSYSTEM=="usb", ATTR{idVendor}=="058f", ATTR{idProduct}=="6254", \
ATTR{%k.2/idVendor}=="17e9", ATTR{%k.2/idProduct}=="401a", ATTR{%k.2/product}=="mimo inc", \
ENV{ID_AUTOSEAT}="1", ENV{ID_AVOID_LOOP}="1"
+{% endraw %}
# Match child, look for parent's ID_AVOID_LOOP
SUBSYSTEM=="usb", ATTR{idVendor}=="17e9", ATTR{idProduct}=="401a", ATTR{product}=="mimo inc", \
@@ -72,11 +74,11 @@ SUBSYSTEM=="usb", ATTR{idVendor}=="17e9", ATTR{idProduct}=="401a", ATTR{product}
SUBSYSTEM=="usb", ATTR{idVendor}=="17e9", ATTR{idProduct}=="401a", ATTR{product}=="mimo inc", \
ATTR{../idVendor}=="058f", ATTR{../idProduct}=="6254", \
ENV{ID_AVOID_LOOP}=="", \
- RUN+="@rootbindir@/udevadm trigger --parent-match=%p/.."
+ RUN+="{{ROOTBINDIR}}/udevadm trigger --parent-match=%p/.."
TAG=="seat", ENV{ID_PATH}=="", IMPORT{builtin}="path_id"
TAG=="seat", ENV{ID_FOR_SEAT}=="", ENV{ID_PATH_TAG}!="", ENV{ID_FOR_SEAT}="$env{SUBSYSTEM}-$env{ID_PATH_TAG}"
-SUBSYSTEM=="input", ATTR{name}=="Wiebetech LLC Wiebetech", RUN+="@rootbindir@/loginctl lock-sessions"
+SUBSYSTEM=="input", ATTR{name}=="Wiebetech LLC Wiebetech", RUN+="{{ROOTBINDIR}}/loginctl lock-sessions"
LABEL="seat_end"
diff --git a/src/login/73-seat-late.rules.m4 b/src/login/73-seat-late.rules.in
similarity index 86%
rename from src/login/73-seat-late.rules.m4
rename to src/login/73-seat-late.rules.in
index e56cd61603..7cda2b08ce 100644
--- a/src/login/73-seat-late.rules.m4
+++ b/src/login/73-seat-late.rules.in
@@ -13,8 +13,8 @@ ENV{ID_SEAT}=="", ENV{ID_AUTOSEAT}=="1", ENV{ID_FOR_SEAT}!="", ENV{ID_SEAT}="sea
ENV{ID_SEAT}=="", IMPORT{parent}="ID_SEAT"
ENV{ID_SEAT}!="", TAG+="$env{ID_SEAT}"
-m4_ifdef(`HAVE_ACL',``
-TAG=="uaccess", ENV{MAJOR}!="", RUN{builtin}+="uaccess"''
-)m4_dnl
+{% if HAVE_ACL %}
+TAG=="uaccess", ENV{MAJOR}!="", RUN{builtin}+="uaccess"
+{% endif %}
LABEL="seat_late_end"
diff --git a/src/login/logind.conf.in b/src/login/logind.conf.in
index 564868e7ae..27ba77ce79 100644
--- a/src/login/logind.conf.in
+++ b/src/login/logind.conf.in
@@ -17,7 +17,7 @@
[Login]
#NAutoVTs=6
#ReserveVT=6
-#KillUserProcesses=@KILL_USER_PROCESSES@
+#KillUserProcesses={{ "yes" if KILL_USER_PROCESSES else "no" }}
#KillOnlyUsers=
#KillExcludeUsers=root
#InhibitDelayMaxSec=5
diff --git a/src/login/meson.build b/src/login/meson.build
index 156c391d8a..8c20e6be65 100644
--- a/src/login/meson.build
+++ b/src/login/meson.build
@@ -65,58 +65,35 @@ user_runtime_dir_sources = files('''
pam_systemd_sym = 'src/login/pam_systemd.sym'
pam_systemd_c = files('pam_systemd.c')
-if conf.get('ENABLE_LOGIND') == 1
- logind_conf = configure_file(
- input : 'logind.conf.in',
- output : 'logind.conf',
- configuration : substs)
- if install_sysconfdir_samples
- install_data(logind_conf,
- install_dir : pkgsysconfdir)
- endif
+enable_logind = conf.get('ENABLE_LOGIND') == 1
+in_files = [
+ ['logind.conf', pkgsysconfdir, enable_logind],
+ ['70-uaccess.rules', udevrulesdir, enable_logind and conf.get('HAVE_ACL') == 1],
+ ['71-seat.rules', udevrulesdir, enable_logind],
+ ['73-seat-late.rules', udevrulesdir, enable_logind],
+ ['systemd-user', pamconfdir, enable_logind and pamconfdir != 'no']]
+foreach tuple : in_files
+ file = tuple[0]
+ custom_target(
+ file,
+ input : file + '.in',
+ output: file,
+ command : [meson_render_jinja2, config_h, '@INPUT@'],
+ capture : true,
+ install : tuple[2],
+ install_dir : tuple[1])
+endforeach
+
+if enable_logind
install_data('org.freedesktop.login1.conf',
install_dir : dbuspolicydir)
install_data('org.freedesktop.login1.service',
install_dir : dbussystemservicedir)
install_data('org.freedesktop.login1.policy',
install_dir : polkitpolicydir)
-
- install_data('70-power-switch.rules', install_dir : udevrulesdir)
-
- seat_rules = configure_file(
- input : '71-seat.rules.in',
- output : '71-seat.rules',
- configuration : substs)
- install_data(seat_rules,
+ install_data('70-power-switch.rules',
install_dir : udevrulesdir)
-
- custom_target(
- '70-uaccess.rules',
- input : '70-uaccess.rules.m4',
- output: '70-uaccess.rules',
- command : [meson_apply_m4, config_h, '@INPUT@'],
- capture : true,
- install : conf.get('HAVE_ACL') == 1,
- install_dir : udevrulesdir)
-
- custom_target(
- '73-seat-late.rules',
- input : '73-seat-late.rules.m4',
- output: '73-seat-late.rules',
- command : [meson_apply_m4, config_h, '@INPUT@'],
- capture : true,
- install : true,
- install_dir : udevrulesdir)
-
- custom_target(
- 'systemd-user',
- input : 'systemd-user.m4',
- output: 'systemd-user',
- command : [meson_apply_m4, config_h, '@INPUT@'],
- capture : true,
- install : pamconfdir != 'no',
- install_dir : pamconfdir)
endif
############################################################
diff --git a/src/login/systemd-user.m4 b/src/login/systemd-user.in
similarity index 79%
rename from src/login/systemd-user.m4
rename to src/login/systemd-user.in
index f6313f79fe..343aec4a01 100644
--- a/src/login/systemd-user.m4
+++ b/src/login/systemd-user.in
@@ -2,19 +2,19 @@
#
# Used by systemd --user instances.
-m4_ifdef(`ENABLE_HOMED',
+{% if ENABLE_HOMED %}
-account sufficient pam_systemd_home.so
-)m4_dnl
+{% endif %}
account sufficient pam_unix.so
account required pam_permit.so
-m4_ifdef(`HAVE_SELINUX',
+{% if HAVE_SELINUX %}
session required pam_selinux.so close
session required pam_selinux.so nottys open
-)m4_dnl
+{% endif %}
session required pam_loginuid.so
session optional pam_keyinit.so force revoke
-m4_ifdef(`ENABLE_HOMED',
+{% if ENABLE_HOMED %}
-session optional pam_systemd_home.so
-)m4_dnl
+{% endif %}
session optional pam_systemd.so
diff --git a/src/modules-load/modules-load.c b/src/modules-load/modules-load.c
index b57d806fab..b2a41a7e75 100644
--- a/src/modules-load/modules-load.c
+++ b/src/modules-load/modules-load.c
@@ -186,9 +186,7 @@ static int run(int argc, char *argv[]) {
r = 0;
if (argc > optind) {
- int i;
-
- for (i = optind; i < argc; i++) {
+ for (int i = optind; i < argc; i++) {
k = apply_file(ctx, argv[i], false);
if (k < 0 && r == 0)
r = k;
diff --git a/src/rc-local-generator/rc-local-generator.c b/src/rc-local-generator/rc-local-generator.c
index ad8dfabb54..99cffee3ec 100644
--- a/src/rc-local-generator/rc-local-generator.c
+++ b/src/rc-local-generator/rc-local-generator.c
@@ -24,7 +24,7 @@ static int add_symlink(const char *service, const char *where) {
assert(service);
assert(where);
- from = strjoina(SYSTEM_DATA_UNIT_PATH "/", service);
+ from = strjoina(SYSTEM_DATA_UNIT_DIR "/", service);
to = strjoina(arg_dest, "/", where, ".wants/", service);
(void) mkdir_parents_label(to, 0755);
diff --git a/src/resolve/meson.build b/src/resolve/meson.build
index b1d97736a3..1f9b8af4f3 100644
--- a/src/resolve/meson.build
+++ b/src/resolve/meson.build
@@ -158,20 +158,19 @@ if conf.get('ENABLE_RESOLVE') == 1
install_dir : dbussystemservicedir)
install_data('org.freedesktop.resolve1.policy',
install_dir : polkitpolicydir)
-
- resolved_conf = configure_file(
- input : 'resolved.conf.in',
- output : 'resolved.conf',
- configuration : substs)
- if install_sysconfdir_samples
- install_data(resolved_conf,
- install_dir : pkgsysconfdir)
- endif
-
install_data('resolv.conf',
install_dir : rootlibexecdir)
endif
+custom_target(
+ 'resolved.conf',
+ input : 'resolved.conf.in',
+ output : 'resolved.conf',
+ command : [meson_render_jinja2, config_h, '@INPUT@'],
+ capture : true,
+ install : conf.get('ENABLE_RESOLVE') == 1 and install_sysconfdir_samples,
+ install_dir : pkgsysconfdir)
+
############################################################
tests += [
diff --git a/src/resolve/resolved.conf.in b/src/resolve/resolved.conf.in
index 4f3421dd4b..6d4176df52 100644
--- a/src/resolve/resolved.conf.in
+++ b/src/resolve/resolved.conf.in
@@ -20,12 +20,12 @@
# Google: 8.8.8.8#dns.google 8.8.4.4#dns.google 2001:4860:4860::8888#dns.google 2001:4860:4860::8844#dns.google
# Quad9: 9.9.9.9#dns.quad9.net 149.112.112.112#dns.quad9.net 2620:fe::fe#dns.quad9.net 2620:fe::9#dns.quad9.net
#DNS=
-#FallbackDNS=@DNS_SERVERS@
+#FallbackDNS={{DNS_SERVERS}}
#Domains=
-#DNSSEC=@DEFAULT_DNSSEC_MODE@
-#DNSOverTLS=@DEFAULT_DNS_OVER_TLS_MODE@
-#MulticastDNS=@DEFAULT_MDNS_MODE@
-#LLMNR=@DEFAULT_LLMNR_MODE@
+#DNSSEC={{DEFAULT_DNSSEC_MODE_STR}}
+#DNSOverTLS={{DEFAULT_DNS_OVER_TLS_MODE_STR}}
+#MulticastDNS={{DEFAULT_MDNS_MODE_STR}}
+#LLMNR={{DEFAULT_LLMNR_MODE_STR}}
#Cache=yes
#CacheFromLocalhost=no
#DNSStubListener=yes
diff --git a/src/rpm/macros.systemd.in b/src/rpm/macros.systemd.in
index 244c274d29..3a0169a85f 100644
--- a/src/rpm/macros.systemd.in
+++ b/src/rpm/macros.systemd.in
@@ -5,25 +5,25 @@
# RPM macros for packages installing systemd unit files
-%_systemd_util_dir @rootlibexecdir@
-%_unitdir @systemunitdir@
-%_userunitdir @userunitdir@
-%_presetdir @systempresetdir@
-%_userpresetdir @userpresetdir@
-%_udevhwdbdir @udevhwdbdir@
-%_udevrulesdir @udevrulesdir@
-%_journalcatalogdir @catalogdir@
-%_binfmtdir @binfmtdir@
-%_sysctldir @sysctldir@
-%_sysusersdir @sysusersdir@
-%_tmpfilesdir @tmpfilesdir@
-%_environmentdir @environmentdir@
-%_modulesloaddir @modulesloaddir@
-%_modprobedir @modprobedir@
-%_systemdgeneratordir @systemgeneratordir@
-%_systemdusergeneratordir @usergeneratordir@
-%_systemd_system_env_generator_dir @systemenvgeneratordir@
-%_systemd_user_env_generator_dir @userenvgeneratordir@
+%_systemd_util_dir {{ROOTLIBEXECDIR}}
+%_unitdir {{SYSTEM_DATA_UNIT_DIR}}
+%_userunitdir {{USER_DATA_UNIT_DIR}}
+%_presetdir {{SYSTEM_PRESET_DIR}}
+%_userpresetdir {{USER_PRESET_DIR}}
+%_udevhwdbdir {{UDEV_HWDB_DIR}}
+%_udevrulesdir {{UDEV_RULES_DIR}}
+%_journalcatalogdir {{SYSTEMD_CATALOG_DIR}}
+%_binfmtdir {{BINFMT_DIR}}
+%_sysctldir {{SYSCTL_DIR}}
+%_sysusersdir {{SYSUSERS_DIR}}
+%_tmpfilesdir {{TMPFILES_DIR}}
+%_environmentdir {{ENVIRONMENT_DIR}}
+%_modulesloaddir {{MODULESLOAD_DIR}}
+%_modprobedir {{MODPROBE_DIR}}
+%_systemdgeneratordir {{SYSTEM_GENERATOR_DIR}}
+%_systemdusergeneratordir {{USER_GENERATOR_DIR}}
+%_systemd_system_env_generator_dir {{SYSTEM_ENV_GENERATOR_DIR}}
+%_systemd_user_env_generator_dir {{USER_ENV_GENERATOR_DIR}}
# Because we had one release with a typo...
# This is temporary (Remove after systemd 240 is released)
@@ -46,9 +46,9 @@ OrderWithRequires(postun): systemd \
%systemd_post() \
%{expand:%%{?__systemd_someargs_%#:%%__systemd_someargs_%# systemd_post}} \
-if [ $1 -eq 1 ] && [ -x @bindir@/systemctl ]; then \
+if [ $1 -eq 1 ] && [ -x %{_bindir}/systemctl ]; then \
# Initial installation \
- @bindir@/systemctl --no-reload preset %{?*} || : \
+ %{_bindir}/systemctl --no-reload preset %{?*} || : \
fi \
%{nil}
@@ -56,21 +56,21 @@ fi \
%systemd_preun() \
%{expand:%%{?__systemd_someargs_%#:%%__systemd_someargs_%# systemd_preun}} \
-if [ $1 -eq 0 ] && [ -x @bindir@/systemctl ]; then \
+if [ $1 -eq 0 ] && [ -x %{_bindir}/systemctl ]; then \
# Package removal, not upgrade \
if [ -d /run/systemd/system ]; then \
- @bindir@/systemctl --no-reload disable --now %{?*} || : \
+ %{_bindir}/systemctl --no-reload disable --now %{?*} || : \
else \
- @bindir@/systemctl --no-reload disable %{?*} || : \
+ %{_bindir}/systemctl --no-reload disable %{?*} || : \
fi \
fi \
%{nil}
%systemd_user_preun() \
%{expand:%%{?__systemd_someargs_%#:%%__systemd_someargs_%# systemd_user_preun}} \
-if [ $1 -eq 0 ] && [ -x @bindir@/systemctl ]; then \
+if [ $1 -eq 0 ] && [ -x %{_bindir}/systemctl ]; then \
# Package removal, not upgrade \
- @bindir@/systemctl --global disable %{?*} || : \
+ %{_bindir}/systemctl --global disable %{?*} || : \
fi \
%{nil}
@@ -84,10 +84,10 @@ fi \
%systemd_postun_with_restart() \
%{expand:%%{?__systemd_someargs_%#:%%__systemd_someargs_%# systemd_postun_with_restart}} \
-if [ $1 -ge 1 ] && [ -x @bindir@/systemctl ]; then \
+if [ $1 -ge 1 ] && [ -x %{_bindir}/systemctl ]; then \
# Package upgrade, not uninstall \
for unit in %{?*}; do \
- @bindir@/systemctl set-property $unit Markers=+needs-restart || : \
+ %{_bindir}/systemctl set-property $unit Markers=+needs-restart || : \
done \
fi \
%{nil}
@@ -105,17 +105,17 @@ fi \
# Deprecated. Use %tmpfiles_create_package instead
%tmpfiles_create() \
%{expand:%%{?__systemd_someargs_%#:%%__systemd_someargs_%# tmpfiles_create}} \
-[ -x @bindir@/systemd-tmpfiles ] && @bindir@/systemd-tmpfiles --create %{?*} || : \
+[ -x %{_bindir}/systemd-tmpfiles ] && %{_bindir}/systemd-tmpfiles --create %{?*} || : \
%{nil}
# Deprecated. Use %sysusers_create_package instead
%sysusers_create() \
%{expand:%%{?__systemd_someargs_%#:%%__systemd_someargs_%# sysusers_create}} \
-[ -x @bindir@/systemd-sysusers ] && @bindir@/systemd-sysusers %{?*} || : \
+[ -x %{_bindir}/systemd-sysusers ] && %{_bindir}/systemd-sysusers %{?*} || : \
%{nil}
%sysusers_create_inline() \
-[ -x @bindir@/systemd-sysusers ] && @bindir@/systemd-sysusers - < -- @systemunitdir@ /etc/systemd/system
+%transfiletriggerin -P 900900 -p -- {{SYSTEM_DATA_UNIT_DIR}} /etc/systemd/system
-- This script will run after any package is initially installed or
-- upgraded. We care about the case where a package is initially
-- installed, because other cases are covered by the *un scriptlets,
@@ -29,7 +29,7 @@ if posix.access("/run/systemd/system") then
end
end
-%transfiletriggerpostun -P 1000100 -p -- @systemunitdir@ /etc/systemd/system
+%transfiletriggerpostun -P 1000100 -p -- {{SYSTEM_DATA_UNIT_DIR}} /etc/systemd/system
-- On removal, we need to run daemon-reload after any units have been
-- removed.
-- On upgrade, we need to run daemon-reload after any new unit files
@@ -44,7 +44,7 @@ if posix.access("/run/systemd/system") then
end
end
-%transfiletriggerpostun -P 10000 -p -- @systemunitdir@ /etc/systemd/system
+%transfiletriggerpostun -P 10000 -p -- {{SYSTEM_DATA_UNIT_DIR}} /etc/systemd/system
-- We restart remaining services that should be restarted here.
if posix.access("/run/systemd/system") then
pid = posix.fork()
@@ -55,8 +55,8 @@ if posix.access("/run/systemd/system") then
end
end
-%transfiletriggerin -P 100700 -p -- @sysusersdir@
--- This script will process files installed in @sysusersdir@ to create
+%transfiletriggerin -P 100700 -p -- {{SYSUSERS_DIR}}
+-- This script will process files installed in {{SYSUSERS_DIR}} to create
-- specified users automatically. The priority is set such that it
-- will run before the tmpfiles file trigger.
if posix.access("/run/systemd/system") then
@@ -68,9 +68,9 @@ if posix.access("/run/systemd/system") then
end
end
-%transfiletriggerin -P 1000700 udev -p -- @udevhwdbdir@
+%transfiletriggerin -P 1000700 udev -p -- {{UDEV_HWDB_DIR}}
-- This script will automatically invoke hwdb update if files have been
--- installed or updated in @udevhwdbdir@.
+-- installed or updated in {{UDEV_HWDB_DIR}}.
if posix.access("/run/systemd/system") then
pid = posix.fork()
if pid == 0 then
@@ -80,9 +80,9 @@ if posix.access("/run/systemd/system") then
end
end
-%transfiletriggerin -P 1000700 -p -- @catalogdir@
+%transfiletriggerin -P 1000700 -p -- {{SYSTEMD_CATALOG_DIR}}
-- This script will automatically invoke journal catalog update if files
--- have been installed or updated in @catalogdir@.
+-- have been installed or updated in {{SYSTEMD_CATALOG_DIR}}.
if posix.access("/run/systemd/system") then
pid = posix.fork()
if pid == 0 then
@@ -92,20 +92,20 @@ if posix.access("/run/systemd/system") then
end
end
-%transfiletriggerin -P 1000700 -p -- @binfmtdir@
+%transfiletriggerin -P 1000700 -p -- {{BINFMT_DIR}}
-- This script will automatically apply binfmt rules if files have been
--- installed or updated in @binfmtdir@.
+-- installed or updated in {{BINFMT_DIR}}.
if posix.access("/run/systemd/system") then
pid = posix.fork()
if pid == 0 then
- assert(posix.exec("@rootlibexecdir@/systemd-binfmt"))
+ assert(posix.exec("{{ROOTLIBEXECDIR}}/systemd-binfmt"))
elseif pid > 0 then
posix.wait(pid)
end
end
-%transfiletriggerin -P 1000600 -p -- @tmpfilesdir@
--- This script will process files installed in @tmpfilesdir@ to create
+%transfiletriggerin -P 1000600 -p -- {{TMPFILES_DIR}}
+-- This script will process files installed in {{TMPFILES_DIR}} to create
-- tmpfiles automatically. The priority is set such that it will run
-- after the sysusers file trigger, but before any other triggers.
if posix.access("/run/systemd/system") then
@@ -117,9 +117,9 @@ if posix.access("/run/systemd/system") then
end
end
-%transfiletriggerin -P 1000600 udev -p -- @udevrulesdir@
+%transfiletriggerin -P 1000600 udev -p -- {{UDEV_RULES_DIR}}
-- This script will automatically update udev with new rules if files
--- have been installed or updated in @udevrulesdir@.
+-- have been installed or updated in {{UDEV_RULES_DIR}}.
if posix.access("/run/systemd/system") then
pid = posix.fork()
if pid == 0 then
@@ -129,13 +129,13 @@ if posix.access("/run/systemd/system") then
end
end
-%transfiletriggerin -P 1000500 -p -- @sysctldir@
+%transfiletriggerin -P 1000500 -p -- {{SYSCTL_DIR}}
-- This script will automatically apply sysctl rules if files have been
--- installed or updated in @sysctldir@.
+-- installed or updated in {{SYSCTL_DIR}}.
if posix.access("/run/systemd/system") then
pid = posix.fork()
if pid == 0 then
- assert(posix.exec("@rootlibexecdir@/systemd-sysctl"))
+ assert(posix.exec("{{ROOTLIBEXECDIR}}/systemd-sysctl"))
elseif pid > 0 then
posix.wait(pid)
end
diff --git a/src/rpm/triggers.systemd.sh.in b/src/rpm/triggers.systemd.sh.in
index 0080040de4..22abad9812 100644
--- a/src/rpm/triggers.systemd.sh.in
+++ b/src/rpm/triggers.systemd.sh.in
@@ -9,7 +9,7 @@
#
# Minimum rpm version supported: 4.14.0
-%transfiletriggerin -P 900900 -- @systemunitdir@ /etc/systemd/system
+%transfiletriggerin -P 900900 -- {{SYSTEM_DATA_UNIT_DIR}} /etc/systemd/system
# This script will run after any package is initially installed or
# upgraded. We care about the case where a package is initially
# installed, because other cases are covered by the *un scriptlets,
@@ -19,7 +19,7 @@ if test -d "/run/systemd/system"; then
%{_bindir}/systemctl reload-or-restart --marked || :
fi
-%transfiletriggerpostun -P 1000100 -- @systemunitdir@ /etc/systemd/system
+%transfiletriggerpostun -P 1000100 -- {{SYSTEM_DATA_UNIT_DIR}} /etc/systemd/system
# On removal, we need to run daemon-reload after any units have been
# removed.
# On upgrade, we need to run daemon-reload after any new unit files
@@ -29,61 +29,61 @@ if test -d "/run/systemd/system"; then
%{_bindir}/systemctl daemon-reload || :
fi
-%transfiletriggerpostun -P 10000 -- @systemunitdir@ /etc/systemd/system
+%transfiletriggerpostun -P 10000 -- {{SYSTEM_DATA_UNIT_DIR}} /etc/systemd/system
# We restart remaining services that should be restarted here.
if test -d "/run/systemd/system"; then
%{_bindir}/systemctl reload-or-restart --marked || :
fi
-%transfiletriggerin -P 1000700 -- @sysusersdir@
-# This script will process files installed in @sysusersdir@ to create
+%transfiletriggerin -P 1000700 -- {{SYSUSERS_DIR}}
+# This script will process files installed in {{SYSUSERS_DIR}} to create
# specified users automatically. The priority is set such that it
# will run before the tmpfiles file trigger.
if test -d "/run/systemd/system"; then
%{_bindir}/systemd-sysusers || :
fi
-%transfiletriggerin -P 1000700 udev -- @udevhwdbdir@
+%transfiletriggerin -P 1000700 udev -- {{UDEV_HWDB_DIR}}
# This script will automatically invoke hwdb update if files have been
-# installed or updated in @udevhwdbdir@.
+# installed or updated in {{UDEV_HWDB_DIR}}.
if test -d "/run/systemd/system"; then
%{_bindir}/systemd-hwdb update || :
fi
-%transfiletriggerin -P 1000700 -- @catalogdir@
+%transfiletriggerin -P 1000700 -- {{SYSTEMD_CATALOG_DIR}}
# This script will automatically invoke journal catalog update if files
-# have been installed or updated in @catalogdir@.
+# have been installed or updated in {{SYSTEMD_CATALOG_DIR}}.
if test -d "/run/systemd/system"; then
%{_bindir}/journalctl --update-catalog || :
fi
-%transfiletriggerin -P 1000700 -- @binfmtdir@
+%transfiletriggerin -P 1000700 -- {{BINFMT_DIR}}
# This script will automatically apply binfmt rules if files have been
-# installed or updated in @binfmtdir@.
+# installed or updated in {{BINFMT_DIR}}.
if test -d "/run/systemd/system"; then
# systemd-binfmt might fail if binfmt_misc kernel module is not loaded
# during install
- @rootlibexecdir@/systemd-binfmt || :
+ {{ROOTLIBEXECDIR}}/systemd-binfmt || :
fi
-%transfiletriggerin -P 1000600 -- @tmpfilesdir@
-# This script will process files installed in @tmpfilesdir@ to create
+%transfiletriggerin -P 1000600 -- {{TMPFILES_DIR}}
+# This script will process files installed in {{TMPFILES_DIR}} to create
# tmpfiles automatically. The priority is set such that it will run
# after the sysusers file trigger, but before any other triggers.
if test -d "/run/systemd/system"; then
%{_bindir}/systemd-tmpfiles --create || :
fi
-%transfiletriggerin -P 1000600 udev -- @udevrulesdir@
+%transfiletriggerin -P 1000600 udev -- {{UDEV_RULES_DIR}}
# This script will automatically update udev with new rules if files
-# have been installed or updated in @udevrulesdir@.
+# have been installed or updated in {{UDEV_RULES_DIR}}.
if test -e /run/udev/control; then
%{_bindir}/udevadm control --reload || :
fi
-%transfiletriggerin -P 1000500 -- @sysctldir@
+%transfiletriggerin -P 1000500 -- {{SYSCTL_DIR}}
# This script will automatically apply sysctl rules if files have been
-# installed or updated in @sysctldir@.
+# installed or updated in {{SYSCTL_DIR}}.
if test -d "/run/systemd/system"; then
- @rootlibexecdir@/systemd-sysctl || :
+ {{ROOTLIBEXECDIR}}/systemd-sysctl || :
fi
diff --git a/src/shared/generator.c b/src/shared/generator.c
index 4be1dd4ff4..3967edfa06 100644
--- a/src/shared/generator.c
+++ b/src/shared/generator.c
@@ -185,7 +185,7 @@ int generator_write_fsck_deps(
lnk = strjoina(dir, "/" SPECIAL_LOCAL_FS_TARGET ".wants/" SPECIAL_FSCK_ROOT_SERVICE);
(void) mkdir_parents(lnk, 0755);
- if (symlink(SYSTEM_DATA_UNIT_PATH "/" SPECIAL_FSCK_ROOT_SERVICE, lnk) < 0)
+ if (symlink(SYSTEM_DATA_UNIT_DIR "/" SPECIAL_FSCK_ROOT_SERVICE, lnk) < 0)
return log_error_errno(errno, "Failed to create symlink %s: %m", lnk);
} else {
@@ -561,7 +561,7 @@ int generator_hook_up_growfs(
int generator_enable_remount_fs_service(const char *dir) {
/* Pull in systemd-remount-fs.service */
return generator_add_symlink(dir, SPECIAL_LOCAL_FS_TARGET, "wants",
- SYSTEM_DATA_UNIT_PATH "/" SPECIAL_REMOUNT_FS_SERVICE);
+ SYSTEM_DATA_UNIT_DIR "/" SPECIAL_REMOUNT_FS_SERVICE);
}
int generator_write_blockdev_dependency(
diff --git a/src/shared/install.c b/src/shared/install.c
index 407de0af5e..119980663f 100644
--- a/src/shared/install.c
+++ b/src/shared/install.c
@@ -247,7 +247,7 @@ static int path_is_vendor_or_generator(const LookupPaths *p, const char *path) {
if (path_is_generator(p, rpath))
return true;
- return path_equal(rpath, SYSTEM_DATA_UNIT_PATH);
+ return path_equal(rpath, SYSTEM_DATA_UNIT_DIR);
}
static const char* config_path_from_flags(const LookupPaths *paths, UnitFileFlags flags) {
diff --git a/src/system-update-generator/system-update-generator.c b/src/system-update-generator/system-update-generator.c
index 26874cf877..fc5aaa9bac 100644
--- a/src/system-update-generator/system-update-generator.c
+++ b/src/system-update-generator/system-update-generator.c
@@ -30,7 +30,7 @@ static int generate_symlink(void) {
}
p = strjoina(arg_dest, "/" SPECIAL_DEFAULT_TARGET);
- if (symlink(SYSTEM_DATA_UNIT_PATH "/system-update.target", p) < 0)
+ if (symlink(SYSTEM_DATA_UNIT_DIR "/system-update.target", p) < 0)
return log_error_errno(errno, "Failed to create symlink %s: %m", p);
return 1;
diff --git a/src/timesync/meson.build b/src/timesync/meson.build
index 30d2a0caee..ec80b16e82 100644
--- a/src/timesync/meson.build
+++ b/src/timesync/meson.build
@@ -34,15 +34,16 @@ libtimesyncd_core = static_library(
include_directories : includes,
link_with : [timesyncd_link_with])
+custom_target(
+ 'timesyncd.conf',
+ input : 'timesyncd.conf.in',
+ output : 'timesyncd.conf',
+ command : [meson_render_jinja2, config_h, '@INPUT@'],
+ capture : true,
+ install : conf.get('ENABLE_TIMESYNCD') == 1 and install_sysconfdir_samples,
+ install_dir : pkgsysconfdir)
+
if conf.get('ENABLE_TIMESYNCD') == 1
- timesyncd_conf = configure_file(
- input : 'timesyncd.conf.in',
- output : 'timesyncd.conf',
- configuration : substs)
- if install_sysconfdir_samples
- install_data(timesyncd_conf,
- install_dir : pkgsysconfdir)
- endif
install_data('org.freedesktop.timesync1.conf',
install_dir : dbuspolicydir)
install_data('org.freedesktop.timesync1.service',
diff --git a/src/timesync/timesyncd.conf.in b/src/timesync/timesyncd.conf.in
index 8a2c33e17c..d5f29e1598 100644
--- a/src/timesync/timesyncd.conf.in
+++ b/src/timesync/timesyncd.conf.in
@@ -14,7 +14,7 @@
[Time]
#NTP=
-#FallbackNTP=@NTP_SERVERS@
+#FallbackNTP={{NTP_SERVERS}}
#RootDistanceMaxSec=5
#PollIntervalMinSec=32
#PollIntervalMaxSec=2048
diff --git a/src/udev/meson.build b/src/udev/meson.build
index fd74e28682..53787fa125 100644
--- a/src/udev/meson.build
+++ b/src/udev/meson.build
@@ -158,11 +158,14 @@ if install_sysconfdir_samples
install_dir : join_paths(sysconfdir, 'udev'))
endif
-configure_file(
+custom_target(
+ 'udev.pc',
input : 'udev.pc.in',
output : 'udev.pc',
- configuration : substs,
- install_dir : pkgconfigdatadir == 'no' ? '' : pkgconfigdatadir)
+ command : [meson_render_jinja2, config_h, '@INPUT@'],
+ capture : true,
+ install : pkgconfigdatadir != 'no',
+ install_dir : pkgconfigdatadir)
if install_sysconfdir
meson.add_install_script('sh', '-c',
diff --git a/src/udev/udev.pc.in b/src/udev/udev.pc.in
index 05caca0ca9..cbf76939c9 100644
--- a/src/udev/udev.pc.in
+++ b/src/udev/udev.pc.in
@@ -9,7 +9,7 @@
Name: udev
Description: udev
-Version: @PROJECT_VERSION@
+Version: {{PROJECT_VERSION}}
-udev_dir=@udevlibexecdir@
+udev_dir={{UDEVLIBEXECDIR}}
udevdir=${udev_dir}
diff --git a/src/vconsole/90-vconsole.rules.in b/src/vconsole/90-vconsole.rules.in
index a16988c38c..845785492b 100644
--- a/src/vconsole/90-vconsole.rules.in
+++ b/src/vconsole/90-vconsole.rules.in
@@ -9,4 +9,4 @@
# Each vtcon keeps its own state of fonts.
#
-ACTION=="add", SUBSYSTEM=="vtconsole", KERNEL=="vtcon*", RUN+="@rootlibexecdir@/systemd-vconsole-setup"
+ACTION=="add", SUBSYSTEM=="vtconsole", KERNEL=="vtcon*", RUN+="{{ROOTLIBEXECDIR}}/systemd-vconsole-setup"
diff --git a/src/vconsole/meson.build b/src/vconsole/meson.build
index 695ef0239d..dea4121f1a 100644
--- a/src/vconsole/meson.build
+++ b/src/vconsole/meson.build
@@ -1,10 +1,10 @@
# SPDX-License-Identifier: LGPL-2.1-or-later
-if conf.get('ENABLE_VCONSOLE') == 1
- vconsole_rules = configure_file(
- input : '90-vconsole.rules.in',
- output : '90-vconsole.rules',
- configuration : substs)
- install_data(vconsole_rules,
- install_dir : udevrulesdir)
-endif
+custom_target(
+ '90-vconsole.rules',
+ input : '90-vconsole.rules.in',
+ output : '90-vconsole.rules',
+ command : [meson_render_jinja2, config_h, '@INPUT@'],
+ capture : true,
+ install : conf.get('ENABLE_VCONSOLE') == 1,
+ install_dir : udevrulesdir)
diff --git a/sysctl.d/50-coredump.conf.in b/sysctl.d/50-coredump.conf.in
index 2ffc1cb0fb..5fb551a8cf 100644
--- a/sysctl.d/50-coredump.conf.in
+++ b/sysctl.d/50-coredump.conf.in
@@ -13,7 +13,7 @@
# the core dump.
#
# See systemd-coredump(8) and core(5).
-kernel.core_pattern=|@rootlibexecdir@/systemd-coredump %P %u %g %s %t %c %h
+kernel.core_pattern=|{{ROOTLIBEXECDIR}}/systemd-coredump %P %u %g %s %t %c %h
# Allow 16 coredumps to be dispatched in parallel by the kernel.
# We collect metadata from /proc/%P/, and thus need to make sure the crashed
diff --git a/sysctl.d/meson.build b/sysctl.d/meson.build
index 7e3482af62..6f3db59554 100644
--- a/sysctl.d/meson.build
+++ b/sysctl.d/meson.build
@@ -5,8 +5,6 @@ install_data(
'50-default.conf',
install_dir : sysctldir)
-in_files = []
-
# Kernel determines PID_MAX_LIMIT by
# #define PID_MAX_LIMIT (CONFIG_BASE_SMALL ? PAGE_SIZE * 8 : \
# (sizeof(long) > 4 ? 4 * 1024 * 1024 : PID_MAX_DEFAULT))
@@ -14,18 +12,14 @@ if cc.sizeof('long') > 4
install_data('50-pid-max.conf', install_dir : sysctldir)
endif
-if conf.get('ENABLE_COREDUMP') == 1
- in_files += ['50-coredump.conf']
-endif
-
-foreach file : in_files
- gen = configure_file(
- input : file + '.in',
- output : file,
- configuration : substs)
- install_data(gen,
- install_dir : sysctldir)
-endforeach
+custom_target(
+ '50-coredump.conf',
+ input : '50-coredump.conf.in',
+ output : '50-coredump.conf',
+ command : [meson_render_jinja2, config_h, '@INPUT@'],
+ capture : true,
+ install : conf.get('ENABLE_COREDUMP') == 1,
+ install_dir : sysctldir)
if install_sysconfdir
meson.add_install_script('sh', '-c',
diff --git a/sysusers.d/basic.conf.in b/sysusers.d/basic.conf.in
index 4be0bd869e..9da0251421 100644
--- a/sysusers.d/basic.conf.in
+++ b/sysusers.d/basic.conf.in
@@ -9,7 +9,7 @@
u root 0 "Super User" /root
# The nobody user for NFS file systems
-u @NOBODY_USER_NAME@ 65534 "Nobody" -
+u {{NOBODY_USER_NAME}} 65534 "Nobody" -
# Administrator group: can *see* more than normal users
g adm - - -
@@ -19,7 +19,7 @@ g wheel - - -
# Access to certain kernel and userspace facilities
g kmem - - -
-g tty @TTY_GID@ - -
+g tty {{TTY_GID}} - -
g utmp - - -
# Hardware access groups
@@ -36,4 +36,4 @@ g tape - - -
g video - - -
# Default group for normal users
-g users @USERS_GID@ - -
+g users {{USERS_GID}} - -
diff --git a/sysusers.d/meson.build b/sysusers.d/meson.build
index ef809a4f44..894d1840bc 100644
--- a/sysusers.d/meson.build
+++ b/sysusers.d/meson.build
@@ -4,32 +4,19 @@ if enable_sysusers
install_data('README', install_dir : sysusersdir)
endif
-in_files = ['basic.conf']
+in_files = [['basic.conf', enable_sysusers],
+ ['systemd.conf', enable_sysusers],
+ ['systemd-remote.conf', enable_sysusers and
+ conf.get('ENABLE_REMOTE') == 1 and conf.get('HAVE_MICROHTTPD') == 1]]
-foreach file : in_files
- gen = configure_file(
- input : file + '.in',
- output : file,
- configuration : substs)
- if enable_sysusers
- install_data(gen,
- install_dir : sysusersdir)
- endif
-endforeach
-
-m4_files = ['systemd.conf']
-
-if conf.get('ENABLE_REMOTE') == 1 and conf.get('HAVE_MICROHTTPD') == 1
- m4_files += ['systemd-remote.conf']
-endif
-
-foreach file : m4_files
+foreach tuple : in_files
+ file = tuple[0]
custom_target(
- 'sysusers.d_' + file,
- input : file + '.m4',
+ file,
+ input : file + '.in',
output: file,
- command : [meson_apply_m4, config_h, '@INPUT@'],
+ command : [meson_render_jinja2, config_h, '@INPUT@'],
capture : true,
- install : enable_sysusers,
+ install : tuple[1],
install_dir : sysusersdir)
endforeach
diff --git a/sysusers.d/systemd-remote.conf.m4 b/sysusers.d/systemd-remote.conf.in
similarity index 90%
rename from sysusers.d/systemd-remote.conf.m4
rename to sysusers.d/systemd-remote.conf.in
index 988917672b..dae1077225 100644
--- a/sysusers.d/systemd-remote.conf.m4
+++ b/sysusers.d/systemd-remote.conf.in
@@ -5,6 +5,6 @@
# the Free Software Foundation; either version 2.1 of the License, or
# (at your option) any later version.
-m4_ifdef(`HAVE_MICROHTTPD',
+{% if HAVE_MICROHTTPD %}
u systemd-journal-remote - "systemd Journal Remote"
-)m4_dnl
+{% endif %}
diff --git a/sysusers.d/systemd.conf.m4 b/sysusers.d/systemd.conf.in
similarity index 75%
rename from sysusers.d/systemd.conf.m4
rename to sysusers.d/systemd.conf.in
index fdfdcf553c..9905eb596c 100644
--- a/sysusers.d/systemd.conf.m4
+++ b/sysusers.d/systemd.conf.in
@@ -6,18 +6,18 @@
# (at your option) any later version.
g systemd-journal - -
-m4_ifdef(`ENABLE_NETWORKD',
+{% if ENABLE_NETWORKD %}
u systemd-network - "systemd Network Management"
-)m4_dnl
-m4_ifdef(`ENABLE_OOMD',
+{% endif %}
+{% if ENABLE_OOMD %}
u systemd-oom - "systemd Userspace OOM Killer"
-)m4_dnl
-m4_ifdef(`ENABLE_RESOLVE',
+{% endif %}
+{% if ENABLE_RESOLVE %}
u systemd-resolve - "systemd Resolver"
-)m4_dnl
-m4_ifdef(`ENABLE_TIMESYNCD',
+{% endif %}
+{% if ENABLE_TIMESYNCD %}
u systemd-timesync - "systemd Time Synchronization"
-)m4_dnl
-m4_ifdef(`ENABLE_COREDUMP',
+{% endif %}
+{% if ENABLE_COREDUMP %}
u systemd-coredump - "systemd Core Dumper"
-)m4_dnl
+{% endif %}
diff --git a/test/TEST-06-SELINUX/test.sh b/test/TEST-06-SELINUX/test.sh
index 978c930b71..421e1fe52d 100755
--- a/test/TEST-06-SELINUX/test.sh
+++ b/test/TEST-06-SELINUX/test.sh
@@ -48,7 +48,7 @@ test_append_files() {
cp systemd_test.fc "$workspace/systemd-test-module"
dracut_install -o sesearch
dracut_install runcon
- dracut_install checkmodule semodule semodule_package m4 make load_policy sefcontext_compile
+ dracut_install checkmodule semodule semodule_package make load_policy sefcontext_compile
dracut_install -o /usr/libexec/selinux/hll/pp # Fedora/RHEL/...
dracut_install -o /usr/lib/selinux/hll/pp # Debian/Ubuntu/...
)
diff --git a/test/meson.build b/test/meson.build
index b1d5bf9a85..47c7f4d49a 100644
--- a/test/meson.build
+++ b/test/meson.build
@@ -65,7 +65,7 @@ hwdb_test_sh = find_program('hwdb-test.sh')
test_sysusers_sh = configure_file(
input : 'test-sysusers.sh.in',
output : 'test-sysusers.sh',
- configuration : substs)
+ configuration : conf)
if install_tests and conf.get('ENABLE_SYSUSERS') == 1
install_data(test_sysusers_sh,
install_dir : testsdir)
diff --git a/test/mkosi.default.networkd-test b/test/mkosi.default.networkd-test
index e728e16aa5..fc9a5d3134 100644
--- a/test/mkosi.default.networkd-test
+++ b/test/mkosi.default.networkd-test
@@ -52,7 +52,6 @@ BuildPackages=
libxslt
lz4
lz4-devel
- m4
meson
ninja-build
pam-devel
diff --git a/tmpfiles.d/etc.conf.m4 b/tmpfiles.d/etc.conf.in
similarity index 84%
rename from tmpfiles.d/etc.conf.m4
rename to tmpfiles.d/etc.conf.in
index f82e0b82ce..2323fd8cd8 100644
--- a/tmpfiles.d/etc.conf.m4
+++ b/tmpfiles.d/etc.conf.in
@@ -9,14 +9,14 @@
L /etc/os-release - - - - ../usr/lib/os-release
L+ /etc/mtab - - - - ../proc/self/mounts
-m4_ifdef(`HAVE_SMACK_RUN_LABEL',
+{% if HAVE_SMACK_RUN_LABEL %}
t /etc/mtab - - - - security.SMACK64=_
-)m4_dnl
-m4_ifdef(`ENABLE_RESOLVE',
+{% endif %}
+{% if ENABLE_RESOLVE %}
L! /etc/resolv.conf - - - - ../run/systemd/resolve/stub-resolv.conf
-)m4_dnl
+{% endif %}
C! /etc/nsswitch.conf - - - -
-m4_ifdef(`HAVE_PAM',
+{% if HAVE_PAM %}
C! /etc/pam.d - - - -
-)m4_dnl
+{% endif %}
C! /etc/issue - - - -
diff --git a/tmpfiles.d/meson.build b/tmpfiles.d/meson.build
index d5d4bbc9ea..a8aaacaf29 100644
--- a/tmpfiles.d/meson.build
+++ b/tmpfiles.d/meson.build
@@ -26,34 +26,21 @@ foreach pair : files
endif
endforeach
-in_files = ['static-nodes-permissions.conf']
-
-foreach file : in_files
- gen = configure_file(
- input : file + '.in',
- output : file,
- configuration : substs)
- if enable_tmpfiles
- install_data(gen,
- install_dir : tmpfilesdir)
- endif
-endforeach
-
-m4_files = ['etc.conf',
+in_files = ['etc.conf',
+ 'static-nodes-permissions.conf',
'systemd.conf',
'var.conf']
-foreach file : m4_files
- if enable_tmpfiles
- custom_target(
- 'tmpfiles.d_' + file,
- input : file + '.m4',
- output: file,
- command : [meson_apply_m4, config_h, '@INPUT@'],
- capture : true,
- install : true,
- install_dir : tmpfilesdir)
- endif
+foreach file : in_files
+ custom_target(
+ # XXX: workaround for old meson. Drop when upgrading.
+ 'tmpfiles+' + file,
+ input : file + '.in',
+ output: file,
+ command : [meson_render_jinja2, config_h, '@INPUT@'],
+ capture : true,
+ install : enable_tmpfiles,
+ install_dir : tmpfilesdir)
endforeach
if enable_tmpfiles and install_sysconfdir
diff --git a/tmpfiles.d/static-nodes-permissions.conf.in b/tmpfiles.d/static-nodes-permissions.conf.in
index e5aa8fdb20..f77312a71c 100644
--- a/tmpfiles.d/static-nodes-permissions.conf.in
+++ b/tmpfiles.d/static-nodes-permissions.conf.in
@@ -14,6 +14,6 @@ z /dev/snd/timer 0660 - audio -
z /dev/loop-control 0660 - disk -
z /dev/net/tun 0666 - - -
z /dev/fuse 0666 - - -
-z /dev/kvm @DEV_KVM_MODE@ - kvm -
-z /dev/vhost-net @DEV_KVM_MODE@ - kvm -
-z /dev/vhost-vsock @DEV_KVM_MODE@ - kvm -
+z /dev/kvm {{DEV_KVM_MODE}} - kvm -
+z /dev/vhost-net {{DEV_KVM_MODE}} - kvm -
+z /dev/vhost-vsock {{DEV_KVM_MODE}} - kvm -
diff --git a/tmpfiles.d/systemd.conf.m4 b/tmpfiles.d/systemd.conf.in
similarity index 87%
rename from tmpfiles.d/systemd.conf.m4
rename to tmpfiles.d/systemd.conf.in
index 11d87d275b..9b2357cd31 100644
--- a/tmpfiles.d/systemd.conf.m4
+++ b/tmpfiles.d/systemd.conf.in
@@ -8,9 +8,9 @@
# See tmpfiles.d(5) for details
d /run/user 0755 root root -
-m4_ifdef(`ENABLE_UTMP',
+{% if ENABLE_UTMP %}
F! /run/utmp 0664 root utmp -
-)m4_dnl
+{% endif %}
d /run/systemd/ask-password 0755 root root -
d /run/systemd/seats 0755 root root -
@@ -18,53 +18,51 @@ d /run/systemd/sessions 0755 root root -
d /run/systemd/users 0755 root root -
d /run/systemd/machines 0755 root root -
d /run/systemd/shutdown 0755 root root -
-m4_ifdef(`ENABLE_NETWORKD',
+{% if ENABLE_NETWORKD %}
d /run/systemd/netif 0755 systemd-network systemd-network -
d /run/systemd/netif/links 0755 systemd-network systemd-network -
d /run/systemd/netif/leases 0755 systemd-network systemd-network -
d /run/systemd/netif/lldp 0755 systemd-network systemd-network -
-)m4_dnl
+{% endif %}
d /run/log 0755 root root -
z /run/log/journal 2755 root systemd-journal - -
Z /run/log/journal/%m ~2750 root systemd-journal - -
-m4_ifdef(`HAVE_ACL',`m4_dnl
-m4_ifdef(`ENABLE_ADM_GROUP',`m4_dnl
-m4_ifdef(`ENABLE_WHEEL_GROUP',``
+{% if HAVE_ACL %}
+{% if ENABLE_ADM_GROUP and ENABLE_WHEEL_GROUP %}
a+ /run/log/journal - - - - d:group::r-x,d:group:adm:r-x,d:group:wheel:r-x,group::r-x,group:adm:r-x,group:wheel:r-x
a+ /run/log/journal/%m - - - - d:group:adm:r-x,d:group:wheel:r-x,group:adm:r-x,group:wheel:r-x
a+ /run/log/journal/%m/*.journal* - - - - group:adm:r--,group:wheel:r--
-'',``
+{% elif ENABLE_ADM_GROUP %}
a+ /run/log/journal - - - - d:group::r-x,d:group:adm:r-x,group::r-x,group:adm:r-x
a+ /run/log/journal/%m - - - - d:group:adm:r-x,group:adm:r-x
a+ /run/log/journal/%m/*.journal* - - - - group:adm:r--
-'')',`m4_dnl
-m4_ifdef(`ENABLE_WHEEL_GROUP',``
+{% elif ENABLE_WHEEL_GROUP %}
a+ /run/log/journal - - - - d:group::r-x,d:group:wheel:r-x,group::r-x,group:wheel:r-x
a+ /run/log/journal/%m - - - - d:group:wheel:r-x,group:wheel:r-x
a+ /run/log/journal/%m/*.journal* - - - - group:wheel:r--
-'')')')m4_dnl
+{% endif %}
+{% endif %}
z /var/log/journal 2755 root systemd-journal - -
z /var/log/journal/%m 2755 root systemd-journal - -
z /var/log/journal/%m/system.journal 0640 root systemd-journal - -
-m4_ifdef(`HAVE_ACL',`m4_dnl
-m4_ifdef(`ENABLE_ADM_GROUP',`m4_dnl
-m4_ifdef(`ENABLE_WHEEL_GROUP',``
+{% if HAVE_ACL %}
+{% if ENABLE_ADM_GROUP and ENABLE_WHEEL_GROUP %}
a+ /var/log/journal - - - - d:group::r-x,d:group:adm:r-x,d:group:wheel:r-x,group::r-x,group:adm:r-x,group:wheel:r-x
a+ /var/log/journal/%m - - - - d:group:adm:r-x,d:group:wheel:r-x,group:adm:r-x,group:wheel:r-x
a+ /var/log/journal/%m/system.journal - - - - group:adm:r--,group:wheel:r--
-'', ``
+{% elif ENABLE_ADM_GROUP %}
a+ /var/log/journal - - - - d:group::r-x,d:group:adm:r-x,group::r-x,group:adm:r-x
a+ /var/log/journal/%m - - - - d:group:adm:r-x,group:adm:r-x
a+ /var/log/journal/%m/system.journal - - - - group:adm:r--
-'')',`m4_dnl
-m4_ifdef(`ENABLE_WHEEL_GROUP',``
+{% elif ENABLE_WHEEL_GROUP %}
a+ /var/log/journal - - - - d:group::r-x,d:group:wheel:r-x,group::r-x,group:wheel:r-x
a+ /var/log/journal/%m - - - - d:group:wheel:r-x,group:wheel:r-x
a+ /var/log/journal/%m/system.journal - - - - group:wheel:r--
-'')')')m4_dnl
+{% endif %}
+{% endif %}
d /var/lib/systemd 0755 root root -
d /var/lib/systemd/coredump 0755 root root 3d
diff --git a/tmpfiles.d/var.conf.m4 b/tmpfiles.d/var.conf.in
similarity index 94%
rename from tmpfiles.d/var.conf.m4
rename to tmpfiles.d/var.conf.in
index 0e2c50966d..557dd20ce9 100644
--- a/tmpfiles.d/var.conf.m4
+++ b/tmpfiles.d/var.conf.in
@@ -12,11 +12,11 @@ q /var 0755 - - -
L /var/run - - - - ../run
d /var/log 0755 - - -
-m4_ifdef(`ENABLE_UTMP',
+{% if ENABLE_UTMP %}
f /var/log/wtmp 0664 root utmp -
f /var/log/btmp 0660 root utmp -
f /var/log/lastlog 0664 root utmp -
-)m4_dnl
+{% endif %}
d /var/cache 0755 - - -
diff --git a/tools/meson-apply-m4.sh b/tools/meson-apply-m4.sh
deleted file mode 100755
index 6c5726a7d5..0000000000
--- a/tools/meson-apply-m4.sh
+++ /dev/null
@@ -1,21 +0,0 @@
-#!/usr/bin/env bash
-# SPDX-License-Identifier: LGPL-2.1-or-later
-set -eu
-
-CONFIG="${1:?Missing path to config.h}"
-TARGET="${2:?Missing target m4 file}"
-
-if [ ! -f "$CONFIG" ]; then
- echo "$CONFIG not found."
- exit 2
-fi
-
-if [ ! -f "$TARGET" ]; then
- echo "$TARGET not found."
- exit 3
-fi
-
-DEFINES=()
-mapfile -t DEFINES < <(awk '$1 == "#define" && $3 == "1" { printf "-D%s\n", $2 }' "$CONFIG")
-
-m4 -P "${DEFINES[@]}" "$TARGET"
diff --git a/tools/meson-render-jinja2.py b/tools/meson-render-jinja2.py
new file mode 100755
index 0000000000..063cb0eb27
--- /dev/null
+++ b/tools/meson-render-jinja2.py
@@ -0,0 +1,28 @@
+#!/usr/bin/env python3
+# SPDX-License-Identifier: LGPL-2.1+
+
+import jinja2
+import re
+import sys
+
+def parse_config_h(filename):
+ # Parse config.h file generated by meson.
+ ans = {}
+ for line in open(filename):
+ m = re.match(r'#define\s+(\w+)\s+(.*)', line)
+ if not m:
+ continue
+ a, b = m.groups()
+ if b and b[0] in '0123456789"':
+ b = eval(b)
+ ans[a] = b
+ return ans
+
+def render(filename, defines):
+ text = open(filename).read()
+ template = jinja2.Template(text, trim_blocks=True, undefined=jinja2.StrictUndefined)
+ return template.render(defines)
+
+if __name__ == '__main__':
+ defines = parse_config_h(sys.argv[1])
+ print(render(sys.argv[2], defines))
diff --git a/units/console-getty.service.m4 b/units/console-getty.service.in
similarity index 93%
rename from units/console-getty.service.m4
rename to units/console-getty.service.in
index d61a490be3..bb67541dce 100644
--- a/units/console-getty.service.m4
+++ b/units/console-getty.service.in
@@ -11,9 +11,9 @@
Description=Console Getty
Documentation=man:agetty(8) man:systemd-getty-generator(8)
After=systemd-user-sessions.service plymouth-quit-wait.service
-m4_ifdef(`HAVE_SYSV_COMPAT',
+{% if HAVE_SYSV_COMPAT %}
After=rc-local.service getty-pre.target
-)m4_dnl
+{% endif %}
Before=getty.target
# OCI containers may be run without a console
@@ -30,9 +30,9 @@ UtmpIdentifier=cons
TTYPath=/dev/console
TTYReset=yes
TTYVHangup=yes
-m4_ifdef(`ENABLE_LOGIND',,
+{% if not ENABLE_LOGIND %}
KillMode=process
-)m4_dnl
+{% endif %}
IgnoreSIGPIPE=no
SendSIGHUP=yes
diff --git a/units/container-getty@.service.m4 b/units/container-getty@.service.in
similarity index 94%
rename from units/container-getty@.service.m4
rename to units/container-getty@.service.in
index 92307a3ccb..ed1eb7bde1 100644
--- a/units/container-getty@.service.m4
+++ b/units/container-getty@.service.in
@@ -12,9 +12,9 @@ Description=Container Getty on /dev/pts/%I
Documentation=man:agetty(8) man:systemd-getty-generator(8)
Documentation=man:machinectl(1)
After=systemd-user-sessions.service plymouth-quit-wait.service
-m4_ifdef(`HAVE_SYSV_COMPAT',
+{% if HAVE_SYSV_COMPAT %}
After=rc-local.service getty-pre.target
-)m4_dnl
+{% endif %}
Before=getty.target
IgnoreOnIsolate=yes
ConditionPathExists=/dev/pts/%I
@@ -36,8 +36,8 @@ UtmpIdentifier=pts/%I
TTYPath=/dev/pts/%I
TTYReset=yes
TTYVHangup=yes
-m4_ifdef(`ENABLE_LOGIND',,
+{% if not ENABLE_LOGIND %}
KillMode=process
-)m4_dnl
+{% endif %}
IgnoreSIGPIPE=no
SendSIGHUP=yes
diff --git a/units/debug-shell.service.in b/units/debug-shell.service.in
index 5b4de84eac..1588bb9596 100644
--- a/units/debug-shell.service.in
+++ b/units/debug-shell.service.in
@@ -8,19 +8,19 @@
# (at your option) any later version.
[Unit]
-Description=Early root shell on @DEBUGTTY@ FOR DEBUGGING ONLY
+Description=Early root shell on {{DEBUGTTY}} FOR DEBUGGING ONLY
Documentation=man:systemd-debug-generator(8)
DefaultDependencies=no
IgnoreOnIsolate=yes
-ConditionPathExists=@DEBUGTTY@
+ConditionPathExists={{DEBUGTTY}}
[Service]
Environment=TERM=linux
-ExecStart=@SUSHELL@
+ExecStart={{SUSHELL}}
Restart=always
RestartSec=0
StandardInput=tty
-TTYPath=@DEBUGTTY@
+TTYPath={{DEBUGTTY}}
TTYReset=yes
TTYVHangup=yes
KillMode=process
diff --git a/units/emergency.service.in b/units/emergency.service.in
index 9418f5e717..a126ad9bb1 100644
--- a/units/emergency.service.in
+++ b/units/emergency.service.in
@@ -19,8 +19,8 @@ Before=rescue.service
[Service]
Environment=HOME=/root
WorkingDirectory=-/root
-ExecStartPre=-@rootbindir@/plymouth --wait quit
-ExecStart=-@rootlibexecdir@/systemd-sulogin-shell emergency
+ExecStartPre=-{{ROOTBINDIR}}/plymouth --wait quit
+ExecStart=-{{ROOTLIBEXECDIR}}/systemd-sulogin-shell emergency
Type=idle
StandardInput=tty-force
StandardOutput=inherit
diff --git a/units/getty@.service.m4 b/units/getty@.service.in
similarity index 96%
rename from units/getty@.service.m4
rename to units/getty@.service.in
index 4c21002619..78deb7cffe 100644
--- a/units/getty@.service.m4
+++ b/units/getty@.service.in
@@ -12,9 +12,9 @@ Description=Getty on %I
Documentation=man:agetty(8) man:systemd-getty-generator(8)
Documentation=http://0pointer.de/blog/projects/serial-console.html
After=systemd-user-sessions.service plymouth-quit-wait.service getty-pre.target
-m4_ifdef(`HAVE_SYSV_COMPAT',
+{% if HAVE_SYSV_COMPAT %}
After=rc-local.service
-)m4_dnl
+{% endif %}
# If additional gettys are spawned during boot then we should make
# sure that this is synchronized before getty.target, even though
@@ -47,9 +47,9 @@ TTYPath=/dev/%I
TTYReset=yes
TTYVHangup=yes
TTYVTDisallocate=yes
-m4_ifdef(`ENABLE_LOGIND',,
+{% if not ENABLE_LOGIND %}
KillMode=process
-)m4_dnl
+{% endif %}
IgnoreSIGPIPE=no
SendSIGHUP=yes
diff --git a/units/kmod-static-nodes.service.in b/units/kmod-static-nodes.service.in
index f4170d6a99..fd5e6d7ca6 100644
--- a/units/kmod-static-nodes.service.in
+++ b/units/kmod-static-nodes.service.in
@@ -17,4 +17,4 @@ ConditionFileNotEmpty=/lib/modules/%v/modules.devname
[Service]
Type=oneshot
RemainAfterExit=yes
-ExecStart=@KMOD@ static-nodes --format=tmpfiles --output=/run/tmpfiles.d/static-nodes.conf
+ExecStart={{KMOD}} static-nodes --format=tmpfiles --output=/run/tmpfiles.d/static-nodes.conf
diff --git a/units/meson.build b/units/meson.build
index 01850a8247..17e9ead9c1 100644
--- a/units/meson.build
+++ b/units/meson.build
@@ -165,13 +165,18 @@ units = [
]
in_units = [
+ ['console-getty.service', ''],
+ ['container-getty@.service', ''],
['debug-shell.service', ''],
['emergency.service', ''],
+ ['getty@.service', '',
+ 'autovt@.service'],
['kmod-static-nodes.service', 'HAVE_KMOD ENABLE_TMPFILES',
'sysinit.target.wants/'],
['quotaon.service', 'ENABLE_QUOTACHECK'],
['rc-local.service', 'HAVE_SYSV_COMPAT'],
['rescue.service', ''],
+ ['serial-getty@.service', ''],
['systemd-backlight@.service', 'ENABLE_BACKLIGHT'],
['systemd-binfmt.service', 'ENABLE_BINFMT',
'sysinit.target.wants/'],
@@ -247,14 +252,6 @@ in_units = [
['user@.service', ''],
]
-m4_units = [
- ['console-getty.service', ''],
- ['container-getty@.service', ''],
- ['getty@.service', '',
- 'autovt@.service '],
- ['serial-getty@.service', ''],
-]
-
add_wants = []
foreach tuple : in_units
@@ -265,15 +262,11 @@ foreach tuple : in_units
install = ((conds.get(0, '') == '' or conf.get(conds[0]) == 1) and
(conds.get(1, '') == '' or conf.get(conds[1]) == 1))
- gen1 = configure_file(
- input : file + '.in',
- output : file + '.tmp',
- configuration : substs)
- gen2 = custom_target(
+ custom_target(
file,
- input : gen1,
+ input : file + '.in',
output : file,
- command : [sed, '/^## /d', '@INPUT@'],
+ command : [meson_render_jinja2, config_h, '@INPUT@'],
capture : true,
install : install,
install_dir : systemunitdir)
@@ -285,31 +278,6 @@ foreach tuple : in_units
endif
endforeach
-foreach tuple : m4_units
- file = tuple[0]
- input = tuple.get(3, file + '.m4')
-
- # we do this here because install_data does not accept custom_target output
- conds = tuple[1].split(' ')
- install = ((conds.get(0, '') == '' or conf.get(conds[0]) == 1) and
- (conds.get(1, '') == '' or conf.get(conds[1]) == 1))
-
- custom_target(
- file,
- input : input,
- output: file,
- command : [meson_apply_m4, config_h, '@INPUT@'],
- capture : true,
- install : install,
- install_dir : systemunitdir)
-
- if tuple.length() > 2 and install
- foreach target : tuple[2].split()
- add_wants += [systemunitdir, target, file]
- endforeach
- endif
-endforeach
-
foreach tuple : units
file = tuple[0]
input = tuple.get(3, file)
diff --git a/units/quotaon.service.in b/units/quotaon.service.in
index fa6b4c8239..ffabebfafe 100644
--- a/units/quotaon.service.in
+++ b/units/quotaon.service.in
@@ -13,9 +13,9 @@ Documentation=man:quotaon(8)
DefaultDependencies=no
After=systemd-quotacheck.service
Before=remote-fs.target shutdown.target
-ConditionPathExists=@QUOTAON@
+ConditionPathExists={{QUOTAON}}
[Service]
Type=oneshot
RemainAfterExit=yes
-ExecStart=@QUOTAON@ -aug
+ExecStart={{QUOTAON}} -aug
diff --git a/units/rc-local.service.in b/units/rc-local.service.in
index f7ce98f18e..55e83dfe00 100644
--- a/units/rc-local.service.in
+++ b/units/rc-local.service.in
@@ -8,16 +8,16 @@
# (at your option) any later version.
# This unit gets pulled automatically into multi-user.target by
-# systemd-rc-local-generator if @RC_LOCAL_PATH@ is executable.
+# systemd-rc-local-generator if {{RC_LOCAL_PATH}} is executable.
[Unit]
-Description=@RC_LOCAL_PATH@ Compatibility
+Description={{RC_LOCAL_PATH}} Compatibility
Documentation=man:systemd-rc-local-generator(8)
-ConditionFileIsExecutable=@RC_LOCAL_PATH@
+ConditionFileIsExecutable={{RC_LOCAL_PATH}}
After=network.target
[Service]
Type=forking
-ExecStart=@RC_LOCAL_PATH@ start
+ExecStart={{RC_LOCAL_PATH}} start
TimeoutSec=0
RemainAfterExit=yes
GuessMainPID=no
diff --git a/units/rescue.service.in b/units/rescue.service.in
index 2018516003..74b933726e 100644
--- a/units/rescue.service.in
+++ b/units/rescue.service.in
@@ -18,8 +18,8 @@ Before=shutdown.target
[Service]
Environment=HOME=/root
WorkingDirectory=-/root
-ExecStartPre=-@rootbindir@/plymouth --wait quit
-ExecStart=-@rootlibexecdir@/systemd-sulogin-shell rescue
+ExecStartPre=-{{ROOTBINDIR}}/plymouth --wait quit
+ExecStart=-{{ROOTLIBEXECDIR}}/systemd-sulogin-shell rescue
Type=idle
StandardInput=tty-force
StandardOutput=inherit
diff --git a/units/serial-getty@.service.m4 b/units/serial-getty@.service.in
similarity index 95%
rename from units/serial-getty@.service.m4
rename to units/serial-getty@.service.in
index 72c1df590d..bb7af3105d 100644
--- a/units/serial-getty@.service.m4
+++ b/units/serial-getty@.service.in
@@ -13,9 +13,9 @@ Documentation=man:agetty(8) man:systemd-getty-generator(8)
Documentation=http://0pointer.de/blog/projects/serial-console.html
BindsTo=dev-%i.device
After=dev-%i.device systemd-user-sessions.service plymouth-quit-wait.service getty-pre.target
-m4_ifdef(`HAVE_SYSV_COMPAT',
+{% if HAVE_SYSV_COMPAT %}
After=rc-local.service
-)m4_dnl
+{% endif %}
# If additional gettys are spawned during boot then we should make
# sure that this is synchronized before getty.target, even though
@@ -40,9 +40,9 @@ UtmpIdentifier=%I
TTYPath=/dev/%I
TTYReset=yes
TTYVHangup=yes
-m4_ifdef(`ENABLE_LOGIND',,
+{% if not ENABLE_LOGIND %}
KillMode=process
-)m4_dnl
+{% endif %}
IgnoreSIGPIPE=no
SendSIGHUP=yes
diff --git a/units/systemd-backlight@.service.in b/units/systemd-backlight@.service.in
index 317aa38745..4830a6a217 100644
--- a/units/systemd-backlight@.service.in
+++ b/units/systemd-backlight@.service.in
@@ -17,7 +17,7 @@ Before=sysinit.target shutdown.target
[Service]
Type=oneshot
RemainAfterExit=yes
-ExecStart=@rootlibexecdir@/systemd-backlight load %i
-ExecStop=@rootlibexecdir@/systemd-backlight save %i
+ExecStart={{ROOTLIBEXECDIR}}/systemd-backlight load %i
+ExecStop={{ROOTLIBEXECDIR}}/systemd-backlight save %i
TimeoutSec=90s
StateDirectory=systemd/backlight
diff --git a/units/systemd-binfmt.service.in b/units/systemd-binfmt.service.in
index ca76750c0a..fdafce7ff7 100644
--- a/units/systemd-binfmt.service.in
+++ b/units/systemd-binfmt.service.in
@@ -27,6 +27,6 @@ ConditionDirectoryNotEmpty=|/run/binfmt.d
[Service]
Type=oneshot
RemainAfterExit=yes
-ExecStart=@rootlibexecdir@/systemd-binfmt
-ExecStop=@rootlibexecdir@/systemd-binfmt --unregister
+ExecStart={{ROOTLIBEXECDIR}}/systemd-binfmt
+ExecStop={{ROOTLIBEXECDIR}}/systemd-binfmt --unregister
TimeoutSec=90s
diff --git a/units/systemd-bless-boot.service.in b/units/systemd-bless-boot.service.in
index 601588fc61..557f77b16f 100644
--- a/units/systemd-bless-boot.service.in
+++ b/units/systemd-bless-boot.service.in
@@ -19,4 +19,4 @@ Before=shutdown.target
[Service]
Type=oneshot
RemainAfterExit=yes
-ExecStart=@rootlibexecdir@/systemd-bless-boot good
+ExecStart={{ROOTLIBEXECDIR}}/systemd-bless-boot good
diff --git a/units/systemd-boot-check-no-failures.service.in b/units/systemd-boot-check-no-failures.service.in
index 1bf74c2129..47f182226b 100644
--- a/units/systemd-boot-check-no-failures.service.in
+++ b/units/systemd-boot-check-no-failures.service.in
@@ -18,7 +18,7 @@ Before=shutdown.target
[Service]
Type=oneshot
RemainAfterExit=yes
-ExecStart=@rootlibexecdir@/systemd-boot-check-no-failures
+ExecStart={{ROOTLIBEXECDIR}}/systemd-boot-check-no-failures
[Install]
RequiredBy=boot-complete.target
diff --git a/units/systemd-coredump@.service.in b/units/systemd-coredump@.service.in
index 219f207835..6bf2817a8c 100644
--- a/units/systemd-coredump@.service.in
+++ b/units/systemd-coredump@.service.in
@@ -17,7 +17,7 @@ Requires=systemd-journald.socket
Before=shutdown.target
[Service]
-ExecStart=-@rootlibexecdir@/systemd-coredump
+ExecStart=-{{ROOTLIBEXECDIR}}/systemd-coredump
IPAddressDeny=any
LockPersonality=yes
MemoryDenyWriteExecute=yes
diff --git a/units/systemd-fsck-root.service.in b/units/systemd-fsck-root.service.in
index c4a2948120..6897f13159 100644
--- a/units/systemd-fsck-root.service.in
+++ b/units/systemd-fsck-root.service.in
@@ -18,5 +18,5 @@ ConditionPathIsReadWrite=!/
[Service]
Type=oneshot
RemainAfterExit=yes
-ExecStart=@rootlibexecdir@/systemd-fsck
+ExecStart={{ROOTLIBEXECDIR}}/systemd-fsck
TimeoutSec=0
diff --git a/units/systemd-fsck@.service.in b/units/systemd-fsck@.service.in
index 6d9c9aba69..06b91aea39 100644
--- a/units/systemd-fsck@.service.in
+++ b/units/systemd-fsck@.service.in
@@ -19,5 +19,5 @@ Before=systemd-quotacheck.service shutdown.target
[Service]
Type=oneshot
RemainAfterExit=yes
-ExecStart=@rootlibexecdir@/systemd-fsck %f
+ExecStart={{ROOTLIBEXECDIR}}/systemd-fsck %f
TimeoutSec=0
diff --git a/units/systemd-hibernate-resume@.service.in b/units/systemd-hibernate-resume@.service.in
index 85e0c88169..142bb339e1 100644
--- a/units/systemd-hibernate-resume@.service.in
+++ b/units/systemd-hibernate-resume@.service.in
@@ -19,4 +19,4 @@ AssertPathExists=/etc/initrd-release
[Service]
Type=oneshot
-ExecStart=@rootlibexecdir@/systemd-hibernate-resume %f
+ExecStart={{ROOTLIBEXECDIR}}/systemd-hibernate-resume %f
diff --git a/units/systemd-hibernate.service.in b/units/systemd-hibernate.service.in
index 30965411ff..ad5343f93c 100644
--- a/units/systemd-hibernate.service.in
+++ b/units/systemd-hibernate.service.in
@@ -16,4 +16,4 @@ After=sleep.target
[Service]
Type=oneshot
-ExecStart=@rootlibexecdir@/systemd-sleep hibernate
+ExecStart={{ROOTLIBEXECDIR}}/systemd-sleep hibernate
diff --git a/units/systemd-homed.service.in b/units/systemd-homed.service.in
index 5ac53ca9dc..678bbab65c 100644
--- a/units/systemd-homed.service.in
+++ b/units/systemd-homed.service.in
@@ -20,10 +20,10 @@ CapabilityBoundingSet=CAP_SYS_ADMIN CAP_CHOWN CAP_DAC_OVERRIDE CAP_FOWNER CAP_FS
DeviceAllow=/dev/loop-control rw
DeviceAllow=/dev/mapper/control rw
DeviceAllow=block-* rw
-ExecStart=@rootlibexecdir@/systemd-homed
+ExecStart={{ROOTLIBEXECDIR}}/systemd-homed
IPAddressDeny=any
KillMode=mixed
-LimitNOFILE=@HIGH_RLIMIT_NOFILE@
+LimitNOFILE={{HIGH_RLIMIT_NOFILE}}
LockPersonality=yes
MemoryDenyWriteExecute=yes
NoNewPrivileges=yes
@@ -34,7 +34,7 @@ StateDirectory=systemd/home
SystemCallArchitectures=native
SystemCallErrorNumber=EPERM
SystemCallFilter=@system-service @mount
-@SERVICE_WATCHDOG@
+{{SERVICE_WATCHDOG}}
[Install]
WantedBy=multi-user.target
diff --git a/units/systemd-hostnamed.service.in b/units/systemd-hostnamed.service.in
index 222700564e..75652e626e 100644
--- a/units/systemd-hostnamed.service.in
+++ b/units/systemd-hostnamed.service.in
@@ -17,7 +17,7 @@ Documentation=man:org.freedesktop.resolve1(5)
[Service]
BusName=org.freedesktop.hostname1
CapabilityBoundingSet=CAP_SYS_ADMIN
-ExecStart=@rootlibexecdir@/systemd-hostnamed
+ExecStart={{ROOTLIBEXECDIR}}/systemd-hostnamed
IPAddressDeny=any
LockPersonality=yes
MemoryDenyWriteExecute=yes
@@ -40,4 +40,4 @@ RestrictSUIDSGID=yes
SystemCallArchitectures=native
SystemCallErrorNumber=EPERM
SystemCallFilter=@system-service sethostname
-@SERVICE_WATCHDOG@
+{{SERVICE_WATCHDOG}}
diff --git a/units/systemd-hwdb-update.service.in b/units/systemd-hwdb-update.service.in
index 57398e5214..a09fe8aa52 100644
--- a/units/systemd-hwdb-update.service.in
+++ b/units/systemd-hwdb-update.service.in
@@ -15,7 +15,7 @@ Conflicts=shutdown.target
After=systemd-remount-fs.service
Before=sysinit.target shutdown.target systemd-update-done.service
ConditionNeedsUpdate=/etc
-ConditionPathExists=|!@udevlibexecdir@/hwdb.bin
+ConditionPathExists=|!{{UDEVLIBEXECDIR}}/hwdb.bin
ConditionPathExists=|/etc/udev/hwdb.bin
ConditionDirectoryNotEmpty=|/etc/udev/hwdb.d/
diff --git a/units/systemd-hybrid-sleep.service.in b/units/systemd-hybrid-sleep.service.in
index 6fe37daacd..5fbd99fb74 100644
--- a/units/systemd-hybrid-sleep.service.in
+++ b/units/systemd-hybrid-sleep.service.in
@@ -16,4 +16,4 @@ After=sleep.target
[Service]
Type=oneshot
-ExecStart=@rootlibexecdir@/systemd-sleep hybrid-sleep
+ExecStart={{ROOTLIBEXECDIR}}/systemd-sleep hybrid-sleep
diff --git a/units/systemd-importd.service.in b/units/systemd-importd.service.in
index afe395687d..da31b2dc20 100644
--- a/units/systemd-importd.service.in
+++ b/units/systemd-importd.service.in
@@ -13,7 +13,7 @@ Documentation=man:systemd-importd.service(8)
Documentation=man:org.freedesktop.import1(5)
[Service]
-ExecStart=@rootlibexecdir@/systemd-importd
+ExecStart={{ROOTLIBEXECDIR}}/systemd-importd
BusName=org.freedesktop.import1
KillMode=mixed
CapabilityBoundingSet=CAP_CHOWN CAP_FOWNER CAP_FSETID CAP_MKNOD CAP_SETFCAP CAP_SYS_ADMIN CAP_SETPCAP CAP_DAC_OVERRIDE
@@ -27,4 +27,4 @@ SystemCallFilter=@system-service @mount
SystemCallErrorNumber=EPERM
SystemCallArchitectures=native
LockPersonality=yes
-@SERVICE_WATCHDOG@
+{{SERVICE_WATCHDOG}}
diff --git a/units/systemd-initctl.service.in b/units/systemd-initctl.service.in
index 6367433682..efac5c4b11 100644
--- a/units/systemd-initctl.service.in
+++ b/units/systemd-initctl.service.in
@@ -13,7 +13,7 @@ Documentation=man:systemd-initctl.service(8)
DefaultDependencies=no
[Service]
-ExecStart=@rootlibexecdir@/systemd-initctl
+ExecStart={{ROOTLIBEXECDIR}}/systemd-initctl
NoNewPrivileges=yes
NotifyAccess=all
SystemCallArchitectures=native
diff --git a/units/systemd-journal-gatewayd.service.in b/units/systemd-journal-gatewayd.service.in
index 7944d6fd9a..81c53fa01f 100644
--- a/units/systemd-journal-gatewayd.service.in
+++ b/units/systemd-journal-gatewayd.service.in
@@ -14,7 +14,7 @@ Requires=systemd-journal-gatewayd.socket
[Service]
DynamicUser=yes
-ExecStart=@rootlibexecdir@/systemd-journal-gatewayd
+ExecStart={{ROOTLIBEXECDIR}}/systemd-journal-gatewayd
LockPersonality=yes
MemoryDenyWriteExecute=yes
PrivateDevices=yes
@@ -35,7 +35,7 @@ User=systemd-journal-gateway
# If there are many split up journal files we need a lot of fds to access them
# all in parallel.
-LimitNOFILE=@HIGH_RLIMIT_NOFILE@
+LimitNOFILE={{HIGH_RLIMIT_NOFILE}}
[Install]
Also=systemd-journal-gatewayd.socket
diff --git a/units/systemd-journal-remote.service.in b/units/systemd-journal-remote.service.in
index e48df81e70..d8f28f252c 100644
--- a/units/systemd-journal-remote.service.in
+++ b/units/systemd-journal-remote.service.in
@@ -13,7 +13,7 @@ Documentation=man:systemd-journal-remote(8) man:journal-remote.conf(5)
Requires=systemd-journal-remote.socket
[Service]
-ExecStart=@rootlibexecdir@/systemd-journal-remote --listen-https=-3 --output=/var/log/journal/remote/
+ExecStart={{ROOTLIBEXECDIR}}/systemd-journal-remote --listen-https=-3 --output=/var/log/journal/remote/
LockPersonality=yes
LogsDirectory=journal/remote
MemoryDenyWriteExecute=yes
@@ -36,11 +36,11 @@ RestrictRealtime=yes
RestrictSUIDSGID=yes
SystemCallArchitectures=native
User=systemd-journal-remote
-@SERVICE_WATCHDOG@
+{{SERVICE_WATCHDOG}}
# If there are many split up journal files we need a lot of fds to access them
# all in parallel.
-LimitNOFILE=@HIGH_RLIMIT_NOFILE@
+LimitNOFILE={{HIGH_RLIMIT_NOFILE}}
[Install]
Also=systemd-journal-remote.socket
diff --git a/units/systemd-journal-upload.service.in b/units/systemd-journal-upload.service.in
index ba6b6e7344..e4359a80e4 100644
--- a/units/systemd-journal-upload.service.in
+++ b/units/systemd-journal-upload.service.in
@@ -15,7 +15,7 @@ After=network-online.target
[Service]
DynamicUser=yes
-ExecStart=@rootlibexecdir@/systemd-journal-upload --save-state
+ExecStart={{ROOTLIBEXECDIR}}/systemd-journal-upload --save-state
LockPersonality=yes
MemoryDenyWriteExecute=yes
PrivateDevices=yes
@@ -33,11 +33,11 @@ StateDirectory=systemd/journal-upload
SupplementaryGroups=systemd-journal
SystemCallArchitectures=native
User=systemd-journal-upload
-@SERVICE_WATCHDOG@
+{{SERVICE_WATCHDOG}}
# If there are many split up journal files we need a lot of fds to access them
# all in parallel.
-LimitNOFILE=@HIGH_RLIMIT_NOFILE@
+LimitNOFILE={{HIGH_RLIMIT_NOFILE}}
[Install]
WantedBy=multi-user.target
diff --git a/units/systemd-journald.service.in b/units/systemd-journald.service.in
index c743254137..cd17b6b4e7 100644
--- a/units/systemd-journald.service.in
+++ b/units/systemd-journald.service.in
@@ -17,7 +17,7 @@ Before=sysinit.target
[Service]
DeviceAllow=char-* rw
-ExecStart=@rootlibexecdir@/systemd-journald
+ExecStart={{ROOTLIBEXECDIR}}/systemd-journald
FileDescriptorStoreMax=4224
IPAddressDeny=any
LockPersonality=yes
@@ -39,7 +39,7 @@ SystemCallArchitectures=native
SystemCallErrorNumber=EPERM
SystemCallFilter=@system-service
Type=notify
-@SERVICE_WATCHDOG@
+{{SERVICE_WATCHDOG}}
# In case you're wondering why CAP_SYS_PTRACE is needed, access to
# /proc//exe requires this capability. Thus if this capability is missing
@@ -48,4 +48,4 @@ CapabilityBoundingSet=CAP_SYS_ADMIN CAP_DAC_OVERRIDE CAP_SYS_PTRACE CAP_SYSLOG C
# If there are many split up journal files we need a lot of fds to access them
# all in parallel.
-LimitNOFILE=@HIGH_RLIMIT_NOFILE@
+LimitNOFILE={{HIGH_RLIMIT_NOFILE}}
diff --git a/units/systemd-journald@.service.in b/units/systemd-journald@.service.in
index 14a217d025..2863691c2d 100644
--- a/units/systemd-journald@.service.in
+++ b/units/systemd-journald@.service.in
@@ -16,7 +16,7 @@ After=systemd-journald@%i.socket systemd-journald-varlink@%i.socket
[Service]
CapabilityBoundingSet=CAP_SYS_ADMIN CAP_DAC_OVERRIDE CAP_SYS_PTRACE CAP_CHOWN CAP_DAC_READ_SEARCH CAP_FOWNER CAP_SETUID CAP_SETGID CAP_MAC_OVERRIDE
DevicePolicy=closed
-ExecStart=@rootlibexecdir@/systemd-journald %i
+ExecStart={{ROOTLIBEXECDIR}}/systemd-journald %i
FileDescriptorStoreMax=4224
Group=systemd-journal
IPAddressDeny=any
@@ -37,8 +37,8 @@ SystemCallArchitectures=native
SystemCallErrorNumber=EPERM
SystemCallFilter=@system-service
Type=notify
-@SERVICE_WATCHDOG@
+{{SERVICE_WATCHDOG}}
# If there are many split up journal files we need a lot of fds to access them
# all in parallel.
-LimitNOFILE=@HIGH_RLIMIT_NOFILE@
+LimitNOFILE={{HIGH_RLIMIT_NOFILE}}
diff --git a/units/systemd-localed.service.in b/units/systemd-localed.service.in
index e60a173591..f9a92fef7b 100644
--- a/units/systemd-localed.service.in
+++ b/units/systemd-localed.service.in
@@ -17,7 +17,7 @@ Documentation=man:org.freedesktop.locale1(5)
[Service]
BusName=org.freedesktop.locale1
CapabilityBoundingSet=
-ExecStart=@rootlibexecdir@/systemd-localed
+ExecStart={{ROOTLIBEXECDIR}}/systemd-localed
IPAddressDeny=any
LockPersonality=yes
MemoryDenyWriteExecute=yes
@@ -33,7 +33,10 @@ ProtectKernelLogs=yes
ProtectKernelModules=yes
ProtectKernelTunables=yes
ProtectSystem=strict
-ReadWritePaths=/etc@SERVICE_LOCALEGEN_WRITABLE@
+ReadWritePaths=/etc
+{% if HAVE_LOCALEGEN %}
+ReadWritePaths=/usr/lib/locale
+{% endif %}
RestrictAddressFamilies=AF_UNIX
RestrictNamespaces=yes
RestrictRealtime=yes
@@ -41,4 +44,4 @@ RestrictSUIDSGID=yes
SystemCallArchitectures=native
SystemCallErrorNumber=EPERM
SystemCallFilter=@system-service
-@SERVICE_WATCHDOG@
+{{SERVICE_WATCHDOG}}
diff --git a/units/systemd-logind.service.in b/units/systemd-logind.service.in
index f131b60d4f..ab874253a4 100644
--- a/units/systemd-logind.service.in
+++ b/units/systemd-logind.service.in
@@ -30,7 +30,7 @@ DeviceAllow=char-drm rw
DeviceAllow=char-input rw
DeviceAllow=char-tty rw
DeviceAllow=char-vcs rw
-ExecStart=@rootlibexecdir@/systemd-logind
+ExecStart={{ROOTLIBEXECDIR}}/systemd-logind
FileDescriptorStoreMax=512
IPAddressDeny=any
LockPersonality=yes
@@ -58,8 +58,8 @@ StateDirectory=systemd/linger
SystemCallArchitectures=native
SystemCallErrorNumber=EPERM
SystemCallFilter=@system-service
-@SERVICE_WATCHDOG@
+{{SERVICE_WATCHDOG}}
# Increase the default a bit in order to allow many simultaneous logins since
# we keep one fd open per session.
-LimitNOFILE=@HIGH_RLIMIT_NOFILE@
+LimitNOFILE={{HIGH_RLIMIT_NOFILE}}
diff --git a/units/systemd-machined.service.in b/units/systemd-machined.service.in
index 56c9532659..e92f436dfd 100644
--- a/units/systemd-machined.service.in
+++ b/units/systemd-machined.service.in
@@ -19,7 +19,7 @@ RequiresMountsFor=/var/lib/machines
[Service]
BusName=org.freedesktop.machine1
CapabilityBoundingSet=CAP_KILL CAP_SYS_PTRACE CAP_SYS_ADMIN CAP_SETGID CAP_SYS_CHROOT CAP_DAC_READ_SEARCH CAP_DAC_OVERRIDE CAP_CHOWN CAP_FOWNER CAP_FSETID CAP_MKNOD
-ExecStart=@rootlibexecdir@/systemd-machined
+ExecStart={{ROOTLIBEXECDIR}}/systemd-machined
IPAddressDeny=any
LockPersonality=yes
MemoryDenyWriteExecute=yes
@@ -30,7 +30,7 @@ RestrictRealtime=yes
SystemCallArchitectures=native
SystemCallErrorNumber=EPERM
SystemCallFilter=@system-service @mount
-@SERVICE_WATCHDOG@
+{{SERVICE_WATCHDOG}}
# Note that machined cannot be placed in a mount namespace, since it
# needs access to the host's mount namespace in order to implement the
diff --git a/units/systemd-modules-load.service.in b/units/systemd-modules-load.service.in
index fdb5b3a41e..604d8712a0 100644
--- a/units/systemd-modules-load.service.in
+++ b/units/systemd-modules-load.service.in
@@ -25,5 +25,5 @@ ConditionKernelCommandLine=|rd.modules-load
[Service]
Type=oneshot
RemainAfterExit=yes
-ExecStart=@rootlibexecdir@/systemd-modules-load
+ExecStart={{ROOTLIBEXECDIR}}/systemd-modules-load
TimeoutSec=90s
diff --git a/units/systemd-network-generator.service.in b/units/systemd-network-generator.service.in
index bda8426191..2799de0844 100644
--- a/units/systemd-network-generator.service.in
+++ b/units/systemd-network-generator.service.in
@@ -17,7 +17,7 @@ Wants=network-pre.target
[Service]
Type=oneshot
RemainAfterExit=yes
-ExecStart=@rootlibexecdir@/systemd-network-generator
+ExecStart={{ROOTLIBEXECDIR}}/systemd-network-generator
[Install]
WantedBy=sysinit.target
diff --git a/units/systemd-networkd-wait-online.service.in b/units/systemd-networkd-wait-online.service.in
index d868e77775..10d8b08c8e 100644
--- a/units/systemd-networkd-wait-online.service.in
+++ b/units/systemd-networkd-wait-online.service.in
@@ -18,7 +18,7 @@ Before=network-online.target shutdown.target
[Service]
Type=oneshot
-ExecStart=@rootlibexecdir@/systemd-networkd-wait-online
+ExecStart={{ROOTLIBEXECDIR}}/systemd-networkd-wait-online
RemainAfterExit=yes
[Install]
diff --git a/units/systemd-networkd.service.in b/units/systemd-networkd.service.in
index d5b0a9b96e..9a40d2afa5 100644
--- a/units/systemd-networkd.service.in
+++ b/units/systemd-networkd.service.in
@@ -23,7 +23,7 @@ AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET
BusName=org.freedesktop.network1
CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW
DeviceAllow=char-* rw
-ExecStart=!!@rootlibexecdir@/systemd-networkd
+ExecStart=!!{{ROOTLIBEXECDIR}}/systemd-networkd
ExecReload=networkctl reload
LockPersonality=yes
MemoryDenyWriteExecute=yes
@@ -49,7 +49,7 @@ SystemCallErrorNumber=EPERM
SystemCallFilter=@system-service
Type=notify
User=systemd-network
-@SERVICE_WATCHDOG@
+{{SERVICE_WATCHDOG}}
[Install]
WantedBy=multi-user.target
diff --git a/units/systemd-nspawn@.service.in b/units/systemd-nspawn@.service.in
index a6551f9152..d7bae83ac2 100644
--- a/units/systemd-nspawn@.service.in
+++ b/units/systemd-nspawn@.service.in
@@ -26,11 +26,11 @@ SuccessExitStatus=133
Slice=machine.slice
Delegate=yes
TasksMax=16384
-@SERVICE_WATCHDOG@
+{{SERVICE_WATCHDOG}}
-# Enforce a strict device policy, similar to the one nspawn configures when it
-# allocates its own scope unit. Make sure to keep these policies in sync if you
-# change them!
+{# Enforce a strict device policy, similar to the one nspawn configures when it
+ # allocates its own scope unit. Make sure to keep these policies in sync if you
+ # change them! #}
DevicePolicy=closed
DeviceAllow=/dev/net/tun rwm
DeviceAllow=char-pts rw
diff --git a/units/systemd-oomd.service.in b/units/systemd-oomd.service.in
index f264a1bef0..0d2d409881 100644
--- a/units/systemd-oomd.service.in
+++ b/units/systemd-oomd.service.in
@@ -22,7 +22,7 @@ ConditionPathExists=/proc/pressure/memory
AmbientCapabilities=CAP_KILL CAP_DAC_OVERRIDE
BusName=org.freedesktop.oom1
CapabilityBoundingSet=CAP_KILL CAP_DAC_OVERRIDE
-ExecStart=@rootlibexecdir@/systemd-oomd
+ExecStart={{ROOTLIBEXECDIR}}/systemd-oomd
IPAddressDeny=any
LockPersonality=yes
MemoryDenyWriteExecute=yes
@@ -51,7 +51,7 @@ SystemCallErrorNumber=EPERM
SystemCallFilter=@system-service
Type=notify
User=systemd-oom
-@SERVICE_WATCHDOG@
+{{SERVICE_WATCHDOG}}
[Install]
WantedBy=multi-user.target
diff --git a/units/systemd-portabled.service.in b/units/systemd-portabled.service.in
index e00a0065e3..e0afe9eabe 100644
--- a/units/systemd-portabled.service.in
+++ b/units/systemd-portabled.service.in
@@ -13,7 +13,7 @@ Documentation=man:systemd-portabled.service(8)
RequiresMountsFor=/var/lib/portables
[Service]
-ExecStart=@rootlibexecdir@/systemd-portabled
+ExecStart={{ROOTLIBEXECDIR}}/systemd-portabled
BusName=org.freedesktop.portable1
CapabilityBoundingSet=CAP_KILL CAP_SYS_PTRACE CAP_SYS_ADMIN CAP_SETGID CAP_SYS_CHROOT CAP_DAC_READ_SEARCH CAP_DAC_OVERRIDE CAP_CHOWN CAP_FOWNER CAP_FSETID CAP_MKNOD
MemoryDenyWriteExecute=yes
@@ -26,4 +26,4 @@ SystemCallErrorNumber=EPERM
SystemCallArchitectures=native
LockPersonality=yes
IPAddressDeny=any
-@SERVICE_WATCHDOG@
+{{SERVICE_WATCHDOG}}
diff --git a/units/systemd-pstore.service.in b/units/systemd-pstore.service.in
index 624ee704d5..848e311e96 100644
--- a/units/systemd-pstore.service.in
+++ b/units/systemd-pstore.service.in
@@ -18,7 +18,7 @@ Before=sysinit.target shutdown.target
[Service]
Type=oneshot
-ExecStart=@rootlibexecdir@/systemd-pstore
+ExecStart={{ROOTLIBEXECDIR}}/systemd-pstore
RemainAfterExit=yes
StateDirectory=systemd/pstore
diff --git a/units/systemd-quotacheck.service.in b/units/systemd-quotacheck.service.in
index 3e10378a89..c3e936d220 100644
--- a/units/systemd-quotacheck.service.in
+++ b/units/systemd-quotacheck.service.in
@@ -13,10 +13,10 @@ Documentation=man:systemd-quotacheck.service(8)
DefaultDependencies=no
After=systemd-remount-fs.service
Before=remote-fs.target shutdown.target
-ConditionPathExists=@QUOTACHECK@
+ConditionPathExists={{QUOTACHECK}}
[Service]
Type=oneshot
RemainAfterExit=yes
-ExecStart=@rootlibexecdir@/systemd-quotacheck
+ExecStart={{ROOTLIBEXECDIR}}/systemd-quotacheck
TimeoutSec=0
diff --git a/units/systemd-random-seed.service.in b/units/systemd-random-seed.service.in
index a7d4acb898..5c542ec846 100644
--- a/units/systemd-random-seed.service.in
+++ b/units/systemd-random-seed.service.in
@@ -11,7 +11,7 @@
Description=Load/Save Random Seed
Documentation=man:systemd-random-seed.service(8) man:random(4)
DefaultDependencies=no
-RequiresMountsFor=@RANDOM_SEED@
+RequiresMountsFor={{RANDOM_SEED}}
Conflicts=shutdown.target
After=systemd-remount-fs.service
Before=first-boot-complete.target shutdown.target
@@ -21,8 +21,8 @@ ConditionVirtualization=!container
[Service]
Type=oneshot
RemainAfterExit=yes
-ExecStart=@rootlibexecdir@/systemd-random-seed load
-ExecStop=@rootlibexecdir@/systemd-random-seed save
+ExecStart={{ROOTLIBEXECDIR}}/systemd-random-seed load
+ExecStop={{ROOTLIBEXECDIR}}/systemd-random-seed save
# This service waits until the kernel's entropy pool is initialized, and may be
# used as ordering barrier for service that require an initialized entropy
diff --git a/units/systemd-remount-fs.service.in b/units/systemd-remount-fs.service.in
index 51985a793a..2abed1d0a9 100644
--- a/units/systemd-remount-fs.service.in
+++ b/units/systemd-remount-fs.service.in
@@ -20,4 +20,4 @@ Wants=local-fs-pre.target
[Service]
Type=oneshot
RemainAfterExit=yes
-ExecStart=@rootlibexecdir@/systemd-remount-fs
+ExecStart={{ROOTLIBEXECDIR}}/systemd-remount-fs
diff --git a/units/systemd-repart.service.in b/units/systemd-repart.service.in
index 4634d983c1..92e0a9b3cd 100644
--- a/units/systemd-repart.service.in
+++ b/units/systemd-repart.service.in
@@ -28,7 +28,7 @@ ConditionDirectoryNotEmpty=|/sysusr/usr/local/lib/repart.d
[Service]
Type=oneshot
RemainAfterExit=yes
-ExecStart=@rootbindir@/systemd-repart --dry-run=no
+ExecStart={{ROOTBINDIR}}/systemd-repart --dry-run=no
# The tool returns 77 if there's no existing GPT partition table
SuccessExitStatus=77
diff --git a/units/systemd-resolved.service.in b/units/systemd-resolved.service.in
index 29adb6bf21..00812fb26c 100644
--- a/units/systemd-resolved.service.in
+++ b/units/systemd-resolved.service.in
@@ -24,7 +24,7 @@ Wants=nss-lookup.target
AmbientCapabilities=CAP_SETPCAP CAP_NET_RAW CAP_NET_BIND_SERVICE
BusName=org.freedesktop.resolve1
CapabilityBoundingSet=CAP_SETPCAP CAP_NET_RAW CAP_NET_BIND_SERVICE
-ExecStart=!!@rootlibexecdir@/systemd-resolved
+ExecStart=!!{{ROOTLIBEXECDIR}}/systemd-resolved
LockPersonality=yes
MemoryDenyWriteExecute=yes
NoNewPrivileges=yes
@@ -51,7 +51,7 @@ SystemCallErrorNumber=EPERM
SystemCallFilter=@system-service
Type=notify
User=systemd-resolve
-@SERVICE_WATCHDOG@
+{{SERVICE_WATCHDOG}}
[Install]
WantedBy=multi-user.target
diff --git a/units/systemd-rfkill.service.in b/units/systemd-rfkill.service.in
index 40a80a0b39..56de1a1537 100644
--- a/units/systemd-rfkill.service.in
+++ b/units/systemd-rfkill.service.in
@@ -17,7 +17,7 @@ After=sys-devices-virtual-misc-rfkill.device
Before=shutdown.target
[Service]
-ExecStart=@rootlibexecdir@/systemd-rfkill
+ExecStart={{ROOTLIBEXECDIR}}/systemd-rfkill
NoNewPrivileges=yes
StateDirectory=systemd/rfkill
TimeoutSec=30s
diff --git a/units/systemd-suspend-then-hibernate.service.in b/units/systemd-suspend-then-hibernate.service.in
index 3f811e7e1a..bfa9051afa 100644
--- a/units/systemd-suspend-then-hibernate.service.in
+++ b/units/systemd-suspend-then-hibernate.service.in
@@ -16,4 +16,4 @@ After=sleep.target
[Service]
Type=oneshot
-ExecStart=@rootlibexecdir@/systemd-sleep suspend-then-hibernate
+ExecStart={{ROOTLIBEXECDIR}}/systemd-sleep suspend-then-hibernate
diff --git a/units/systemd-suspend.service.in b/units/systemd-suspend.service.in
index 40cc83e192..1ae32af5f7 100644
--- a/units/systemd-suspend.service.in
+++ b/units/systemd-suspend.service.in
@@ -16,4 +16,4 @@ After=sleep.target
[Service]
Type=oneshot
-ExecStart=@rootlibexecdir@/systemd-sleep suspend
+ExecStart={{ROOTLIBEXECDIR}}/systemd-sleep suspend
diff --git a/units/systemd-sysctl.service.in b/units/systemd-sysctl.service.in
index c4a34a81a2..44b8853521 100644
--- a/units/systemd-sysctl.service.in
+++ b/units/systemd-sysctl.service.in
@@ -19,5 +19,5 @@ ConditionPathIsReadWrite=/proc/sys/net/
[Service]
Type=oneshot
RemainAfterExit=yes
-ExecStart=@rootlibexecdir@/systemd-sysctl
+ExecStart={{ROOTLIBEXECDIR}}/systemd-sysctl
TimeoutSec=90s
diff --git a/units/systemd-time-wait-sync.service.in b/units/systemd-time-wait-sync.service.in
index 212d0e5a15..8ef3db0d5d 100644
--- a/units/systemd-time-wait-sync.service.in
+++ b/units/systemd-time-wait-sync.service.in
@@ -28,7 +28,7 @@ Conflicts=shutdown.target
[Service]
Type=oneshot
-ExecStart=@rootlibexecdir@/systemd-time-wait-sync
+ExecStart={{ROOTLIBEXECDIR}}/systemd-time-wait-sync
TimeoutStartSec=infinity
RemainAfterExit=yes
diff --git a/units/systemd-timedated.service.in b/units/systemd-timedated.service.in
index 6f476173b6..a8da138761 100644
--- a/units/systemd-timedated.service.in
+++ b/units/systemd-timedated.service.in
@@ -17,7 +17,7 @@ Documentation=man:org.freedesktop.timedate1(5)
BusName=org.freedesktop.timedate1
CapabilityBoundingSet=CAP_SYS_TIME
DeviceAllow=char-rtc r
-ExecStart=@rootlibexecdir@/systemd-timedated
+ExecStart={{ROOTLIBEXECDIR}}/systemd-timedated
IPAddressDeny=any
LockPersonality=yes
MemoryDenyWriteExecute=yes
@@ -39,4 +39,4 @@ RestrictSUIDSGID=yes
SystemCallArchitectures=native
SystemCallErrorNumber=EPERM
SystemCallFilter=@system-service @clock
-@SERVICE_WATCHDOG@
+{{SERVICE_WATCHDOG}}
diff --git a/units/systemd-timesyncd.service.in b/units/systemd-timesyncd.service.in
index 6226ab7a40..c606461091 100644
--- a/units/systemd-timesyncd.service.in
+++ b/units/systemd-timesyncd.service.in
@@ -26,7 +26,7 @@ CapabilityBoundingSet=CAP_SYS_TIME
# correct time to work, but we likely won't acquire that without NTP. Let's
# break this chicken-and-egg cycle here.
Environment=SYSTEMD_NSS_RESOLVE_VALIDATE=0
-ExecStart=!!@rootlibexecdir@/systemd-timesyncd
+ExecStart=!!{{ROOTLIBEXECDIR}}/systemd-timesyncd
LockPersonality=yes
MemoryDenyWriteExecute=yes
NoNewPrivileges=yes
@@ -53,7 +53,7 @@ SystemCallErrorNumber=EPERM
SystemCallFilter=@system-service @clock
Type=notify
User=systemd-timesync
-@SERVICE_WATCHDOG@
+{{SERVICE_WATCHDOG}}
[Install]
WantedBy=sysinit.target
diff --git a/units/systemd-udevd.service.in b/units/systemd-udevd.service.in
index f3458d98e6..c146b0f7f8 100644
--- a/units/systemd-udevd.service.in
+++ b/units/systemd-udevd.service.in
@@ -24,7 +24,7 @@ OOMScoreAdjust=-1000
Sockets=systemd-udevd-control.socket systemd-udevd-kernel.socket
Restart=always
RestartSec=0
-ExecStart=@rootlibexecdir@/systemd-udevd
+ExecStart={{ROOTLIBEXECDIR}}/systemd-udevd
ExecReload=udevadm control --reload --timeout 0
KillMode=mixed
TasksMax=infinity
@@ -40,4 +40,4 @@ SystemCallErrorNumber=EPERM
SystemCallArchitectures=native
LockPersonality=yes
IPAddressDeny=any
-@SERVICE_WATCHDOG@
+{{SERVICE_WATCHDOG}}
diff --git a/units/systemd-update-done.service.in b/units/systemd-update-done.service.in
index b4aa746673..53cc6dd621 100644
--- a/units/systemd-update-done.service.in
+++ b/units/systemd-update-done.service.in
@@ -20,4 +20,4 @@ ConditionNeedsUpdate=|/var
[Service]
Type=oneshot
RemainAfterExit=yes
-ExecStart=@rootlibexecdir@/systemd-update-done
+ExecStart={{ROOTLIBEXECDIR}}/systemd-update-done
diff --git a/units/systemd-update-utmp-runlevel.service.in b/units/systemd-update-utmp-runlevel.service.in
index 042145cc2c..4bfadd1abd 100644
--- a/units/systemd-update-utmp-runlevel.service.in
+++ b/units/systemd-update-utmp-runlevel.service.in
@@ -20,4 +20,4 @@ Before=shutdown.target
[Service]
Type=oneshot
-ExecStart=@rootlibexecdir@/systemd-update-utmp runlevel
+ExecStart={{ROOTLIBEXECDIR}}/systemd-update-utmp runlevel
diff --git a/units/systemd-update-utmp.service.in b/units/systemd-update-utmp.service.in
index e2fa2d83ba..89bfd63621 100644
--- a/units/systemd-update-utmp.service.in
+++ b/units/systemd-update-utmp.service.in
@@ -19,5 +19,5 @@ Before=sysinit.target shutdown.target
[Service]
Type=oneshot
RemainAfterExit=yes
-ExecStart=@rootlibexecdir@/systemd-update-utmp reboot
-ExecStop=@rootlibexecdir@/systemd-update-utmp shutdown
+ExecStart={{ROOTLIBEXECDIR}}/systemd-update-utmp reboot
+ExecStop={{ROOTLIBEXECDIR}}/systemd-update-utmp shutdown
diff --git a/units/systemd-user-sessions.service.in b/units/systemd-user-sessions.service.in
index b15a651682..adca848c2a 100644
--- a/units/systemd-user-sessions.service.in
+++ b/units/systemd-user-sessions.service.in
@@ -15,5 +15,5 @@ After=remote-fs.target nss-user-lookup.target network.target home.mount
[Service]
Type=oneshot
RemainAfterExit=yes
-ExecStart=@rootlibexecdir@/systemd-user-sessions start
-ExecStop=@rootlibexecdir@/systemd-user-sessions stop
+ExecStart={{ROOTLIBEXECDIR}}/systemd-user-sessions start
+ExecStop={{ROOTLIBEXECDIR}}/systemd-user-sessions stop
diff --git a/units/systemd-userdbd.service.in b/units/systemd-userdbd.service.in
index 9b36a17025..84dea04f55 100644
--- a/units/systemd-userdbd.service.in
+++ b/units/systemd-userdbd.service.in
@@ -17,9 +17,9 @@ DefaultDependencies=no
[Service]
CapabilityBoundingSet=CAP_DAC_READ_SEARCH
-ExecStart=@rootlibexecdir@/systemd-userdbd
+ExecStart={{ROOTLIBEXECDIR}}/systemd-userdbd
IPAddressDeny=any
-LimitNOFILE=@HIGH_RLIMIT_NOFILE@
+LimitNOFILE={{HIGH_RLIMIT_NOFILE}}
LockPersonality=yes
MemoryDenyWriteExecute=yes
NoNewPrivileges=yes
@@ -39,7 +39,7 @@ SystemCallArchitectures=native
SystemCallErrorNumber=EPERM
SystemCallFilter=@system-service
Type=notify
-@SERVICE_WATCHDOG@
+{{SERVICE_WATCHDOG}}
[Install]
Also=systemd-userdbd.socket
diff --git a/units/systemd-vconsole-setup.service.in b/units/systemd-vconsole-setup.service.in
index 45da056395..23f5ac2f50 100644
--- a/units/systemd-vconsole-setup.service.in
+++ b/units/systemd-vconsole-setup.service.in
@@ -17,4 +17,4 @@ ConditionPathExists=/dev/tty0
[Service]
Type=oneshot
RemainAfterExit=yes
-ExecStart=@rootlibexecdir@/systemd-vconsole-setup
+ExecStart={{ROOTLIBEXECDIR}}/systemd-vconsole-setup
diff --git a/units/systemd-volatile-root.service.in b/units/systemd-volatile-root.service.in
index 468d85f968..5a0ec89fd6 100644
--- a/units/systemd-volatile-root.service.in
+++ b/units/systemd-volatile-root.service.in
@@ -19,4 +19,4 @@ AssertPathExists=/etc/initrd-release
[Service]
Type=oneshot
RemainAfterExit=yes
-ExecStart=@rootlibexecdir@/systemd-volatile-root yes /sysroot
+ExecStart={{ROOTLIBEXECDIR}}/systemd-volatile-root yes /sysroot
diff --git a/units/user-runtime-dir@.service.in b/units/user-runtime-dir@.service.in
index ff23e01af8..61becff2c6 100644
--- a/units/user-runtime-dir@.service.in
+++ b/units/user-runtime-dir@.service.in
@@ -15,8 +15,8 @@ StopWhenUnneeded=yes
IgnoreOnIsolate=yes
[Service]
-ExecStart=@rootlibexecdir@/systemd-user-runtime-dir start %i
-ExecStop=@rootlibexecdir@/systemd-user-runtime-dir stop %i
+ExecStart={{ROOTLIBEXECDIR}}/systemd-user-runtime-dir start %i
+ExecStop={{ROOTLIBEXECDIR}}/systemd-user-runtime-dir stop %i
Type=oneshot
RemainAfterExit=yes
Slice=user-%i.slice
diff --git a/units/user/meson.build b/units/user/meson.build
index 337a92092d..850ac2c297 100644
--- a/units/user/meson.build
+++ b/units/user/meson.build
@@ -24,7 +24,7 @@ units = [
]
if conf.get('ENABLE_XDG_AUTOSTART') == 1
- units += [ 'xdg-desktop-autostart.target', ]
+ units += 'xdg-desktop-autostart.target'
endif
foreach file : units
diff --git a/units/user@.service.in b/units/user@.service.in
index 8c6c6d1157..fec9afe130 100644
--- a/units/user@.service.in
+++ b/units/user@.service.in
@@ -18,7 +18,7 @@ IgnoreOnIsolate=yes
User=%i
PAMName=systemd-user
Type=notify
-ExecStart=@rootlibexecdir@/systemd --user
+ExecStart={{ROOTLIBEXECDIR}}/systemd --user
Slice=user-%i.slice
KillMode=mixed
Delegate=pids memory