1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-23 21:35:11 +03:00
Commit Graph

207 Commits

Author SHA1 Message Date
Jan Janssen
7f9a0d6d74 meson: Drop skip-deps option
Now that we use meson feature options for our dependencies, we can just
rely on '--auto-features=disabled' to do the same. One benefit of this
is that specific features can still be force-enabled by overriding it
with the appropriate '-Dfeature=enabled' flag.

The two remaining uses for skip-deps can simply rely on their default
logic that sets the value to 'no' when the dependency is disabled.
2023-08-23 14:57:49 +02:00
Jan Janssen
1e73a64a7a meson: Convert more options to meson features
The semantics for libidn2 and pwquality have changed slightly: We will
pick a preferred one if both are enabled instead of making it an error.
2023-08-23 14:45:02 +02:00
Jan Janssen
847e5585b6 meson: Convert bpf-framework to meson feature 2023-08-23 14:45:02 +02:00
Jan Janssen
40e9c4e45d meson: Convert options to meson features (require)
These options use requre() to conveniently express their dependency
requirements.
2023-08-23 14:45:02 +02:00
Jan Janssen
101b59433b meson: Convert dbus to meson feature
Also, there is no need to conditionalize the get_variable() calls
because not-found dependencies will just return the passed default value
if provided.
2023-08-23 14:45:02 +02:00
Jan Janssen
a0c9ac9ae4 meson: Convert options to meson features (find_library fallback)
This uses a two-step approach to make sure we can fall back to
find_library(), while also skipping the detection if the features are
explicitly disabled.
2023-08-23 14:45:02 +02:00
Jan Janssen
9ee80846f8 meson: Convert fidsk to meson feature
By making this a disabler dependency, we can slightly simplify the code
and it als fixes the build for -Dfdisk=disabled as we failed to create a
fallback empty libshared_fdisk variable.
2023-08-23 14:45:02 +02:00
Jan Janssen
43abc59a27 meson: Use feature options
By using meson features we can replace the handcrafted dependency
auto-detection by just passing the value from get_option directly to the
required arg for dependency, find_library etc.
'auto' features make the dependency optional, 'enabled' requires it
while 'disabled' features will skip detection entirely.

Any skipped or not found dependency will just be a no-op when passed to
build steps and therefore we can also skip the creation of empty vars.

The use of skip_deps for these is dropped here as meson provides a way
to disable all optional features in one go by passing
'-Dauto_features=disabled'.
2023-08-23 14:45:02 +02:00
Luca Boccassi
b0d3095fd6 Drop split-usr and unmerged-usr support
As previously announced, execute order 66:

https://lists.freedesktop.org/archives/systemd-devel/2022-September/048352.html

The meson options split-usr, rootlibdir and rootprefix become no-ops
that print a warning if they are set to anything other than the
default values. We can remove them in a future release.
2023-07-28 19:34:03 +01:00
Egor Ignatov
1d8aae4327 shared: add libpasswdqc support
Co-authored-by: Dmitry V. Levin <ldv@altlinux.org>
Resolves: #15055
2023-07-06 10:59:41 +00:00
James Hilliard
4a7a13b5a0 bpf: stabilize GCC BPF support
Now that we have a GCC release which should support our bpf programs
lets set the minimum version and stabilize it.
2023-05-30 09:27:56 +09:00
Yu Watanabe
5571048919 meson: fix description for link-udev-shared option 2023-05-16 14:14:06 +08:00
Robert Scheck
c06d2e440c portable, meson: allow statically linked build
Build option "link-portabled-shared" to build a statically linked
systemd-portabled by using

  -Dlink-portabled-shared=false

on systems with full systemd stack except systemd-portabled, such
as CentOS/RHEL 9.
2023-05-15 13:30:04 +02:00
Jan Janssen
dfca5587cf tree-wide: Drop gnu-efi
This drops all mentions of gnu-efi and its manual build machinery. A
future commit will bring bootloader builds back. A new bootloader meson
option is now used to control whether to build sd-boot and its userspace
tooling.
2023-03-10 11:41:03 +01:00
Zbigniew Jędrzejewski-Szmek
50b35193ec meson: merge our two valgrind configuration conditions into one
Most of the support for valgrind was under HAVE_VALGRIND_VALGRIND_H, i.e. we
would enable if the valgrind headers were found. The operations then we be
conditionalized on RUNNING_UNDER_VALGRIND.

But in a few places we had code which was conditionalized on VALGRIND, i.e. the
config option. I noticed because I compiled with -Dvalgrind=true on a machine
that didn't have valgrind.h, and the build failed because
RUNNING_UNDER_VALGRIND was not defined. My first idea was to add a check that
the header is present if the option is set, but it seems better to just remove
the option. The code to support valgrind is trivial, and if we're
!RUNNING_UNDER_VALGRIND, it has negligible cost. And the case of running under
valgrind is always some special testing/debugging mode, so we should just do
those extra steps to make valgrind output cleaner. Removing the option makes
things simpler and we don't have to think if something should be covered by the
one or the other configuration bit.

I had a vague recollection that in some places we used -Dvalgrind=true not
for valgrind support, but to enable additional cleanup under other sanitizers.
But that code would fail to build without the valgrind headers anyway, so
I'm not sure if that was still used. If there are uses like that, we can
extend the condition for cleanup_pools().
2023-02-22 11:39:44 +01:00
Mike Yuan
f129d0e77c vconsole: allow setting default keymap through build option
Allow defining the default keymap to be used by
vconsole-setup through a build option. A template
vconsole.conf also gets populated by tmpfiles if
it doesn't exist.
2023-02-15 20:00:51 +00:00
Zbigniew Jędrzejewski-Szmek
e4c7b5f517 core: split system/user job timeouts and make them configurable
Config options are -Ddefault-timeout-sec= and -Ddefault-user-timeout-sec=.
Existing -Dupdate-helper-user-timeout= is renamed to -Dupdate-helper-user-timeout-sec=
for consistency. All three options take an integer value in seconds. The
renaming and type-change of the option is a small compat break, but it's just
at compile time and result in a clear error message. I also doubt that anyone was
actually using the option.

This commit separates the user manager timeouts, but keeps them unchanged at 90 s.
The timeout for the user manager is set to 4/3*user-timeout, which means that it
is still 120 s.

Fedora wants to experiment with lower timeouts, but doing this via a patch would
be annoying and more work than necessary. Let's make this easy to configure.
2023-02-01 11:52:29 +00:00
Jan Janssen
d84bdadb43 boot: Remove option TPM PCR compat option
It says remove in 2023; happy to oblige.
2023-01-09 09:52:55 +01:00
Zbigniew Jędrzejewski-Szmek
30ec2eaef5 meson,ukify: hook up ukify, add --version option
The option is added because we have a similar one for kernel-install. This
program requires python, and some people might want to skip it because of this.

The tool is installed in /usr/lib/systemd for now, since the interface might
change.

A template file is used, but there is no .in suffix.
The problem is that we'll later want to import the file as a module
for tests, but recent Python versions make it annoyingly hard to import
a module from a file without a .py suffix. imp.load_sources() works, but it
is deprecated and throws warnings.
importlib.machinery.SourceFileLoader().load_module() works, but is also
deprecated. And the documented replacements are a maze of twisted little
callbacks that result in an empty module.
So let's take the easy way out, and skip the suffix which makes it easy
to import the template as a module after adding the directory to sys.path.
2022-12-07 15:32:13 +01:00
Samuel Thibault
ede5a78f50 shutdown: Add Xen kexec support
In the Xen case, it's the hypervisor which manages kexec. We thus
have to ask it whether a kernel is loaded, instead of relying on
/sys/kernel/kexec_loaded.
2022-11-02 20:47:41 +01:00
Franck Bui
2306b4656a core: allow disabling system time correction if rtc returns time far in the future
There might be (embedded) systems that get never updated (things like
e.g. entertainment systems of trains, for example) and where the adjustment of
the system clock (introduced by b10abe4bba) would
do the wrong thing even if the difference between the systemd build time and
the rtc is 15 years or more.

This patch allows disabling the adjustment by setting
'clock-valid-range-usec-max' meson option to 0 or to a negative value.
2022-08-24 21:39:46 +01:00
Eli Schwartz
792d5e87b6 meson: fix type for many build options
Integers and booleans are supposed to be actual integers and booleans,
not strings describing their value, but Meson silently accepted either
one. It's still wrong to do it though, and other implementations of
Meson such as muon choke on it.
2022-07-30 13:58:22 +09:00
Yu Watanabe
a36be3e57f meson: use 0 for default uids, gids, and time epoch
0 UID and GID are special, and should not be acceptable for the settings.
Hence, we can handle 0 as unset.

Strictly speaking, time epoch with 0 is valid, but I guess no one use
0 as a valid value.
2022-07-30 13:58:12 +09:00
James Hilliard
0a0d489968 journalctl: allow statically linked build
The journalctl tool may be needed on cross compilation hosts in order
to run --update-catalog against a target rootfs.

To avoid reliability issues caused by shared linking allow journalctl
to be linked statically.
2022-07-29 09:22:54 +09:00
Łukasz Stelmach
aa5ae9711e smack: Add DefaultSmackProcessLabel to user.conf and system.conf
DefaultSmackProcessLabel tells systemd what label to assign to its child
process in case SmackProcessLabel is not set in the service file. By
default, when DefaultSmackProcessLabel is not set child processes inherit
label from systemd.

If DefaultSmackProcessLabel is set to "/" (which is an invalid character
for a SMACK label) the DEFAULT_SMACK_PROCESS_LABEL set during compilation
is ignored and systemd act as if the option was unset.
2022-07-12 22:47:32 +01:00
Zbigniew Jędrzejewski-Szmek
132b63bd31
Merge pull request #15205 from jlebon/pr/preset-all-firstboot
manager: optionally, do a full preset on first boot
2022-07-06 19:11:01 +02:00
Zbigniew Jędrzejewski-Szmek
e538d59367
Merge pull request #23683 from keszybz/status-format
Default to default-status-unit-format=name in developer mode
2022-06-10 14:11:53 +02:00
James Hilliard
76abad4d47 meson: add experimental bpf-gcc compiler support
Not fully working but should make it easier to clean up remaining
issues.
2022-06-10 14:01:19 +02:00
Zbigniew Jędrzejewski-Szmek
819c0dcbf5 meson: use status-unit-format-default=name in developer mode
I think developers are particularly unlikely to find the descriptions
useful, and would benefit from being able to copy&paste unit names.
Let's make this choice automatically.
2022-06-10 13:51:17 +02:00
Daan De Meyer
a22f518676 meson: Add nspawn-locale meson option
https://github.com/systemd/systemd/pull/23192 caused breakage in
Arch Linux's build tooling. Let's give users an opt-out aside from
reverting the patch. It's hardly any maintenance work on our side
and gives users an easy way to revert the locale change if needed.

Of course, by default we still pick C.UTF-8 if the option is not
specified.
2022-06-09 13:08:27 +09:00
Daan De Meyer
c9bd01ae90 meson: Switch default-locale default to C.UTF-8
We're already using C.UTF-8 as the default locale for nspawn. Let's
make the same change for the default-locale option instead of deciding
what to use based on the locale used by the host system. Users can
still override the locale using the default-locale option if needed.
2022-06-04 05:08:37 +09:00
Zbigniew Jędrzejewski-Szmek
011a03a3fa meson: turn on log-message-verification by default in developer builds
I'm not _quite_ convinced that this a good idea… I'm at least keeping
it separate to make it easy to revert ;)
2022-05-11 18:18:59 +02:00
Zbigniew Jędrzejewski-Szmek
b9ce5cf9ca Optionally call printf on LOG_MESSAGE() arguments
With an intentional mistake:

../src/login/logind-dbus.c: In function ‘bus_manager_log_shutdown’:
../src/login/logind-dbus.c:1542:39: error: format ‘%s’ expects a matching ‘char *’ argument [-Werror=format=]
 1542 |                           LOG_MESSAGE("%s %s", message),
      |                                       ^~~~~~~
2022-05-11 16:47:40 +02:00
Jonathan Lebon
93651582ae manager: optionally, do a full preset on first boot
A compile time option is added to select behaviour: by default
UNIT_FILE_PRESET_ENABLE_ONLY is still used, but the intent is to change to
UNIT_FILE_PRESET_FULL at some point in the future. Distros that want to
opt-in can use the config option to change the behaviour.

(The option is just a boolean: it would be possible to make it multi-valued,
and allow full, enable-only, disable-only, none. But so far nobody has asked
for this, and it's better not to complicate things needlessly.)

With the configuration option flipped, instead of only doing enablements,
perform a full preset on first boot. The reason is that although
`/etc/machine-id` might be missing, there may be other files provisioned in
`/etc` (in fact, this use case is mentioned in `log_execution_mode`). Some of
those possible files include enablement symlinks even if presets dictate it
should be disabled.

Such a seemingly contradictory situation occurs in {RHEL,Fedora} CoreOS,
where we ship `/etc` as if `preset-all` were called. However, we want to
allow users to disable default-enabled services via Ignition, which does
this by creating preset dropins before switchroot. (For why we do
`preset-all` at compose time, see:
https://github.com/coreos/fedora-coreos-config/pull/77).

For example, the composed FCOS image has a `enable zincati.service`
preset and an enablement for that in `/etc`, while at boot time when we
switch root, there may be a `disable zincati.service` preset with higher
precedence. In that case, we want systemd to disable the service.

This is essentially a revert of 304b3079a2. It seems like systemd
*used* to do this, but it was changed to try to make the container
workflow a bit faster.

Resolves: https://github.com/coreos/fedora-coreos-tracker/issues/392

Co-authored-by: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
2022-05-04 09:10:54 +02:00
Luca Boccassi
cd3c6322db compression: add build-time option to select default
Compression and decompression are controlled by the same build flag,
so if one wants to use, say, LZ4 to compress, ZSTD has to be disabled,
which means one loses the ability to read zstd-compressed journals.

Add a default-compression meson option, that allows to select any of
the available compression algorithms as the default.
2022-04-18 05:43:59 +09:00
Jan Janssen
c0e4459e09 meson: Add efi-cflags option 2022-04-07 18:39:18 +02:00
наб
53350c7bba Use new default-user-shell option instead of hard-coding bash in nspawn and user-record
Defaults to /bin/bash, no changes in the default configuration

The fallback shell for non-root users is as-specified,
and the interactive shell for nspawn sessions is started as
  exec(default-user-shell, "-" + basename(default-user-shell), ...)
before falling through to bash and sh
2022-03-28 14:24:46 +02:00
Lennart Poettering
43cc7a3ef4 sysupdate: add new component "sysupdate" 2022-03-19 00:13:55 +01:00
Lennart Poettering
4d32507f51 sd-boot: measure kernel cmdline into PCR 12 rather than 8
Apparently Grub is measuring all kinds of garbage into PCR 8. Since people
apparently chainload sd-boot from grub, let's thus stay away from PCR 8,
and use PCR 12 instead for the kernel command line.

As discussed here: #22635

Fixes: #22635
2022-03-16 17:44:32 +01:00
Evgeny Vereshchagin
678ba02033 meson: allow skipping optional dependencies
mostly to make sure that systemd is buildable without some dependencies
but other than that it should make it easier to build it with MSan without
having to compile all the dependencies with MSan.
2022-02-22 11:17:21 +00:00
Jan Janssen
52adf0e91e meson: Remove efi-cc option
Changing the efi compiler this way doesn't really work. The gnu-efi
header checks as well as supported compiler flag checks use the
regular cc that meson detects. Changing the compiler this way will
end up with bad compiler flags. For the very same reason, this does
not work with a cross-compiler without going through proper meson
cross-compilation steps either.

The proper way to build systemd-boot with a different compiler is to
use a different build folder and then just use the proper ninja build
target to only build the bootloader/stub.
2022-01-02 10:18:26 +01:00
Yu Watanabe
320848a6ba meson: move dbus-interfaces-dir 2021-12-28 22:52:24 +09:00
Zbigniew Jędrzejewski-Szmek
a2b0cd3f5a meson: allow specifying a custom "tag" for the private shared libaries
We have /usr/lib/systemd/libsystemd-{shared,core}-nnn.so. With this
path the 'nnn' part can be changed to something different. The idea
is that during a package build this will be set to the package version.

This way during in-place upgrades with the same major version both
the new and old libraries can cooexit. This should fix the issue
when systemd programs are called during package upgrades and fail
to exec because the expect different symbols in the library they
are linked to.

This should fix https://bugzilla.redhat.com/show_bug.cgi?id=1906010.
2021-12-25 15:18:50 +09:00
Robert Scheck
7964702007 boot, meson: allow statically linked build
Build option "link-boot-shared" to build a statically linked bootctl and
systemd-bless-boot by using

  -Dlink-boot-shared=false

on systems with full systemd stack except bootctl and systemd-bless-boot,
such as CentOS/RHEL 9.
2021-12-14 09:58:27 +09:00
Jan Janssen
1ad2c76d5d meson: Auto detect efi-ld 2021-12-11 11:29:30 +01:00
igo95862
e3c6892455 Export D-Bus interfaces to /usr/share/dbus-1/interfaces
Pass -Ddbus-interfaces-dir=no to meson to disable export

Interfaces from:
org.freedesktop.home1
org.freedesktop.hostname1
org.freedesktop.import1
org.freedesktop.locale1
org.freedesktop.LogControl1
org.freedesktop.login1
org.freedesktop.machine1
org.freedesktop.oom1
org.freedesktop.portable1
org.freedesktop.resolve1
org.freedesktop.systemd1
org.freedesktop.timedate1
2021-12-10 08:51:58 +01:00
Zbigniew Jędrzejewski-Szmek
3944ef20f5
Merge pull request #21264 from medhefgo/boot-lto
sd-boot: LTO support
2021-12-07 12:58:59 +01:00
Zbigniew Jędrzejewski-Szmek
57633d2376 meson: add config setting to select between openssl and gcrypt
This is not pretty, but it is supposed to be only a temporary measure.
2021-11-30 23:00:21 +01:00
Jan Janssen
fe330f02df sd-boot: Let the compiler invoke the linker for us
For LTO to work, the linker has to be called with some magic sauce arguments.
And the easiest way to get those is to just let the compiler to the job for us.
2021-11-29 14:24:56 +01:00
Jan Janssen
252b6b1bfd meson: Default to sbat-distro=auto
Any recent shim will refuse starting an image that does not have an sbat section
and will do so with a generic "Security Violation" message. And it is very easy
to forget passing -Dsbat-distro=auto to meson when creating a fresh build dir.

Adding sbat info when shim is not used or secure boot is disabled does not hurt
anyone, so default to auto. This still ensures to not add auto-detected info in
case we are cross building.
2021-11-28 16:20:54 +01:00