# SPDX-License-Identifier: LGPL-2.1+
-#
-# Copyright 2017 Zbigniew Jędrzejewski-Szmek
project('systemd', 'c',
- version : '238',
+ version : '239',
license : 'LGPLv2+',
default_options: [
'c_std=gnu99',
'sysconfdir=/etc',
'localstatedir=/var',
],
- meson_version : '>= 0.44',
+ meson_version : '>= 0.46',
)
-libsystemd_version = '0.22.0'
-libudev_version = '1.6.10'
+libsystemd_version = '0.23.0'
+libudev_version = '1.6.11'
# We need the same data in two different formats, ugh!
# Also, for hysterical reasons, we use different variable
'-Wold-style-definition',
'-Wpointer-arith',
'-Winit-self',
- '-Wdeclaration-after-statement',
'-Wfloat-equal',
'-Wsuggest-attribute=noreturn',
'-Werror=missing-prototypes',
'-Wstrict-aliasing=2',
'-Wwrite-strings',
'-Werror=overflow',
+ '-Werror=shift-count-overflow',
+ '-Werror=shift-overflow=2',
'-Wdate-time',
'-Wnested-externs',
'-ffast-math',
endif
add_project_arguments(cc.get_supported_arguments(possible_cc_flags), language : 'c')
+add_project_link_arguments(cc.get_supported_link_arguments(possible_link_flags), language : 'c')
# "negative" arguments: gcc on purpose does not return an error for "-Wno-"
-# arguments, just emits a warnings. So test for the "positive" version instead.
+# arguments, just emits a warning. So test for the "positive" version instead.
foreach arg : ['unused-parameter',
'missing-field-initializers',
'unused-result',
add_project_arguments('-Werror=shadow', language : 'c')
endif
-link_test_c = files('tools/meson-link-test.c')
-
-foreach arg : possible_link_flags
- have = run_command(check_compilation_sh,
- cc.cmd_array(), '-x', 'c', arg,
- '-include', link_test_c).returncode() == 0
- message('Linking with @0@ supported: @1@'.format(arg, have ? 'yes' : 'no'))
- if have
- add_project_link_arguments(arg, language : 'c')
- endif
-endforeach
-
cpp = ' '.join(cc.cmd_array()) + ' -E'
#####################################################################
#include <uchar.h>
#include <linux/ethtool.h>
#include <linux/fib_rules.h>
-#include <linux/stat.h>
#include <sys/stat.h>
'''
-# FIXME: key_serial_t is only defined in keyutils.h, this is bound to fail
foreach decl : ['char16_t',
'char32_t',
- 'key_serial_t',
'struct ethtool_link_settings',
'struct fib_rule_uid_range',
'struct statx',
]
# We get -1 if the size cannot be determined
- have = cc.sizeof(decl, prefix : decl_headers) > 0
+ have = cc.sizeof(decl, prefix : decl_headers, args : '-D_GNU_SOURCE') > 0
+
+ if decl == 'struct statx'
+ if have
+ want_linux_stat_h = false
+ else
+ have = cc.sizeof(decl,
+ prefix : decl_headers + '#include <linux/stat.h>',
+ args : '-D_GNU_SOURCE') > 0
+ want_linux_stat_h = have
+ endif
+ endif
+
conf.set10('HAVE_' + decl.underscorify().to_upper(), have)
endforeach
+conf.set10('WANT_LINUX_STAT_H', want_linux_stat_h)
+
foreach decl : [['IFLA_INET6_ADDR_GEN_MODE', 'linux/if_link.h'],
['IN6_ADDR_GEN_MODE_STABLE_PRIVACY', 'linux/if_link.h'],
['IFLA_VRF_TABLE', 'linux/if_link.h'],
endif
time_epoch = get_option('time-epoch')
-if time_epoch == ''
+if time_epoch == -1
NEWS = files('NEWS')
- time_epoch = run_command(stat, '-c', '%Y', NEWS).stdout()
+ time_epoch = run_command(stat, '-c', '%Y', NEWS).stdout().to_int()
endif
-time_epoch = time_epoch.to_int()
conf.set('TIME_EPOCH', time_epoch)
system_uid_max = get_option('system-uid-max')
-if system_uid_max == ''
+if system_uid_max == -1
system_uid_max = run_command(
awk,
'/^\s*SYS_UID_MAX\s+/ { uid=$2 } END { print uid }',
'/etc/login.defs').stdout().strip()
if system_uid_max == ''
- system_uid_max = '999'
+ system_uid_max = 999
+ else
+ system_uid_max = system_uid_max.to_int()
endif
endif
-system_uid_max = system_uid_max.to_int()
conf.set('SYSTEM_UID_MAX', system_uid_max)
substs.set('systemuidmax', system_uid_max)
-message('maximum system UID is @0@'.format(system_uid_max))
system_gid_max = get_option('system-gid-max')
-if system_gid_max == ''
+if system_gid_max == -1
system_gid_max = run_command(
awk,
'/^\s*SYS_GID_MAX\s+/ { gid=$2 } END { print gid }',
'/etc/login.defs').stdout().strip()
if system_gid_max == ''
- system_gid_max = '999'
+ system_gid_max = 999
+ else
+ system_gid_max = system_gid_max.to_int()
endif
endif
-system_gid_max = system_gid_max.to_int()
conf.set('SYSTEM_GID_MAX', system_gid_max)
substs.set('systemgidmax', system_gid_max)
-message('maximum system GID is @0@'.format(system_gid_max))
-dynamic_uid_min = get_option('dynamic-uid-min').to_int()
-dynamic_uid_max = get_option('dynamic-uid-max').to_int()
+dynamic_uid_min = get_option('dynamic-uid-min')
+dynamic_uid_max = get_option('dynamic-uid-max')
conf.set('DYNAMIC_UID_MIN', dynamic_uid_min)
conf.set('DYNAMIC_UID_MAX', dynamic_uid_max)
substs.set('dynamicuidmin', dynamic_uid_min)
substs.set('dynamicuidmax', dynamic_uid_max)
-container_uid_base_min = get_option('container-uid-base-min').to_int()
-container_uid_base_max = get_option('container-uid-base-max').to_int()
+container_uid_base_min = get_option('container-uid-base-min')
+container_uid_base_max = get_option('container-uid-base-max')
conf.set('CONTAINER_UID_BASE_MIN', container_uid_base_min)
conf.set('CONTAINER_UID_BASE_MAX', container_uid_base_max)
substs.set('containeruidbasemin', container_uid_base_min)
nobody_user = get_option('nobody-user')
nobody_group = get_option('nobody-group')
-getent_result = run_command('getent', 'passwd', '65534')
-if getent_result.returncode() == 0
- name = getent_result.stdout().split(':')[0]
- if name != nobody_user
- warning('\n' +
- 'The local user with the UID 65534 does not match the configured user name "@0@" of the nobody user (its name is @1@).\n'.format(nobody_user, name) +
- 'Your build will result in an user table setup that is incompatible with the local system.')
+if not meson.is_cross_build()
+ getent_result = run_command('getent', 'passwd', '65534')
+ if getent_result.returncode() == 0
+ name = getent_result.stdout().split(':')[0]
+ if name != nobody_user
+ warning('\n' +
+ 'The local user with the UID 65534 does not match the configured user name "@0@" of the nobody user (its name is @1@).\n'.format(nobody_user, name) +
+ 'Your build will result in an user table setup that is incompatible with the local system.')
+ endif
endif
-endif
-id_result = run_command('id', '-u', nobody_user)
-if id_result.returncode() == 0
- id = id_result.stdout().to_int()
- if id != 65534
- warning('\n' +
- 'The local user with the configured user name "@0@" of the nobody user does not have UID 65534 (it has @1@).\n'.format(nobody_user, id) +
- 'Your build will result in an user table setup that is incompatible with the local system.')
+ id_result = run_command('id', '-u', nobody_user)
+ if id_result.returncode() == 0
+ id = id_result.stdout().to_int()
+ if id != 65534
+ warning('\n' +
+ 'The local user with the configured user name "@0@" of the nobody user does not have UID 65534 (it has @1@).\n'.format(nobody_user, id) +
+ 'Your build will result in an user table setup that is incompatible with the local system.')
+ endif
endif
-endif
-getent_result = run_command('getent', 'group', '65534')
-if getent_result.returncode() == 0
- name = getent_result.stdout().split(':')[0]
- if name != nobody_group
- warning('\n' +
- 'The local group with the GID 65534 does not match the configured group name "@0@" of the nobody group (its name is @1@).\n'.format(nobody_group, name) +
- 'Your build will result in an group table setup that is incompatible with the local system.')
+ getent_result = run_command('getent', 'group', '65534')
+ if getent_result.returncode() == 0
+ name = getent_result.stdout().split(':')[0]
+ if name != nobody_group
+ warning('\n' +
+ 'The local group with the GID 65534 does not match the configured group name "@0@" of the nobody group (its name is @1@).\n'.format(nobody_group, name) +
+ 'Your build will result in an group table setup that is incompatible with the local system.')
+ endif
endif
-endif
-id_result = run_command('id', '-g', nobody_group)
-if id_result.returncode() == 0
- id = id_result.stdout().to_int()
- if id != 65534
- warning('\n' +
- 'The local group with the configured group name "@0@" of the nobody group does not have UID 65534 (it has @1@).\n'.format(nobody_group, id) +
- 'Your build will result in an group table setup that is incompatible with the local system.')
+ id_result = run_command('id', '-g', nobody_group)
+ if id_result.returncode() == 0
+ id = id_result.stdout().to_int()
+ if id != 65534
+ warning('\n' +
+ 'The local group with the configured group name "@0@" of the nobody group does not have UID 65534 (it has @1@).\n'.format(nobody_group, id) +
+ 'Your build will result in an group table setup that is incompatible with the local system.')
+ endif
endif
endif
if nobody_user != nobody_group and not (nobody_user == 'nobody' and nobody_group == 'nogroup')
substs.set('TTY_GID', tty_gid)
# Ensure provided GID argument is numeric, otherwise fallback to default assignment
-if get_option('users-gid') != ''
- users_gid = get_option('users-gid').to_int()
-else
- users_gid = '-'
-endif
-substs.set('USERS_GID', users_gid)
+users_gid = get_option('users-gid')
+substs.set('USERS_GID', users_gid < 0 ? '-' : users_gid)
conf.set10('ENABLE_ADM_GROUP', get_option('adm-group'))
conf.set10('ENABLE_WHEEL_GROUP', get_option('wheel-group'))
-substs.set('DEV_KVM_MODE', get_option('dev-kvm-mode'))
+dev_kvm_mode = get_option('dev-kvm-mode')
+substs.set('DEV_KVM_MODE', dev_kvm_mode)
+conf.set10('DEV_KVM_UACCESS', dev_kvm_mode != '0666')
substs.set('GROUP_RENDER_MODE', get_option('group-render-mode'))
kill_user_processes = get_option('default-kill-user-processes')
'DNSSEC_' + default_dnssec.underscorify().to_upper())
substs.set('DEFAULT_DNSSEC_MODE', default_dnssec)
+dns_over_tls = get_option('dns-over-tls')
+if dns_over_tls != 'false'
+ have = (conf.get('HAVE_GNUTLS') == 1 and
+ libgnutls.version().version_compare('>=3.5.3'))
+ if dns_over_tls == 'true' and not have
+ error('DNS-over-TLS support was requested, but dependencies are not available')
+ endif
+else
+ have = false
+endif
+conf.set10('ENABLE_DNS_OVER_TLS', have)
+
+default_dns_over_tls = get_option('default-dns-over-tls')
+if fuzzer_build
+ default_dns_over_tls = 'no'
+endif
+if default_dns_over_tls != 'no' and conf.get('ENABLE_DNS_OVER_TLS') == 0
+ message('default-dns-over-tls cannot be set to opportunistic when DNS-over-TLS support is disabled. Setting default-dns-over-tls to no.')
+ default_dns_over_tls = 'no'
+endif
+conf.set('DEFAULT_DNS_OVER_TLS_MODE',
+ 'DNS_OVER_TLS_' + default_dns_over_tls.underscorify().to_upper())
+substs.set('DEFAULT_DNS_OVER_TLS_MODE', default_dns_over_tls)
+
want_importd = get_option('importd')
if want_importd != 'false'
have = (conf.get('HAVE_LIBCURL') == 1 and
'networkd',
'timedated',
'timesyncd',
- 'myhostname',
'firstboot',
'randomseed',
'backlight',
'smack',
'gshadow',
'idn',
+ 'nss-myhostname',
'nss-systemd']
have = get_option(term)
name = 'ENABLE_' + term.underscorify().to_upper()
conf.set10(name, have)
endforeach
+foreach tuple : [['nss-mymachines', 'machined'],
+ ['nss-resolve', 'resolve']]
+ want = get_option(tuple[0])
+ if want != 'false'
+ have = get_option(tuple[1])
+ if want == 'true' and not have
+ error('@0@ is requested but @1@ is disabled'.format(tuple[0], tuple[1]))
+ endif
+ else
+ have = false
+ endif
+ name = 'ENABLE_' + tuple[0].underscorify().to_upper()
+ conf.set10(name, have)
+endforeach
+
+enable_nss = false
+foreach term : ['ENABLE_NSS_MYHOSTNAME',
+ 'ENABLE_NSS_MYMACHINES',
+ 'ENABLE_NSS_RESOLVE',
+ 'ENABLE_NSS_SYSTEMD']
+ if conf.get(term) == 1
+ enable_nss = true
+ endif
+endforeach
+conf.set10('ENABLE_NSS', enable_nss)
+
conf.set10('ENABLE_TIMEDATECTL', get_option('timedated') or get_option('timesyncd'))
want_tests = get_option('tests')
have = true
conf.set_quoted('EFI_MACHINE_TYPE_NAME', EFI_MACHINE_TYPE_NAME)
- conf.set('SD_TPM_PCR', get_option('tpm-pcrindex').to_int())
+ conf.set('SD_TPM_PCR', get_option('tpm-pcrindex'))
else
have = false
endif
'src/shared',
'src/systemd',
'src/journal',
+ 'src/journal-remote',
+ 'src/nspawn',
'src/resolve',
'src/timesync',
'src/time-wait-sync',
link_with : [libbasic],
dependencies : [libdl])
-foreach tuple : [['myhostname', 'ENABLE_MYHOSTNAME'],
+foreach tuple : [['myhostname', 'ENABLE_NSS_MYHOSTNAME'],
['systemd', 'ENABLE_NSS_SYSTEMD'],
- ['mymachines', 'ENABLE_MACHINED'],
- ['resolve', 'ENABLE_RESOLVE']]
+ ['mymachines', 'ENABLE_NSS_MYMACHINES'],
+ ['resolve', 'ENABLE_NSS_RESOLVE']]
condition = tuple[1] == '' or conf.get(tuple[1]) == 1
if condition
link_with : [libshared,
libbasic_gcrypt,
libsystemd_resolve_core],
- dependencies : [threads,
- libgpg_error,
- libm,
- libidn],
+ dependencies : systemd_resolved_dependencies,
install_rpath : rootlibexecdir,
install : true,
install_dir : rootlibexecdir)
install : true)
public_programs += [exe]
+
+if get_option('link-systemctl-shared')
+ systemctl_link_with = [libshared]
+else
+ systemctl_link_with = [libsystemd_static,
+ libshared_static,
+ libjournal_client,
+ libbasic_gcrypt]
+endif
+
exe = executable('systemctl', 'src/systemctl/systemctl.c',
include_directories : includes,
- link_with : [libshared],
+ link_with : systemctl_link_with,
dependencies : [threads,
libcap,
libselinux,
s_j_remote = executable('systemd-journal-remote',
systemd_journal_remote_sources,
include_directories : includes,
- link_with : [libshared],
+ link_with : [libshared,
+ libsystemd_journal_remote],
dependencies : [threads,
libmicrohttpd,
libgnutls,
'src/core/mount-setup.h',
'src/core/loopback-setup.c',
'src/core/loopback-setup.h',
- include_directories : [includes, include_directories('src/nspawn')],
- link_with : [libshared],
- dependencies : [libacl,
- libblkid,
- libseccomp,
- libselinux],
+ include_directories : includes,
+ link_with : [libnspawn_core,
+ libshared],
+ dependencies : [libblkid],
install_rpath : rootlibexecdir,
install : true)
public_programs += [exe]
sanitizer = tuple[0]
build = tuple[1]
- have = run_command(check_compilation_sh,
- cc.cmd_array(), '-x', 'c',
- '-fsanitize=@0@'.format(sanitizer),
- '-include', link_test_c).returncode() == 0
- message('@0@ sanitizer supported: @1@'.format(sanitizer, have ? 'yes' : 'no'))
-
- if have
+ if cc.has_link_argument('-fsanitize=@0@'.format(sanitizer))
prev = ''
foreach p : fuzz_regression_tests
b = p.split('/')[-2]
'debug shell: @0@ @ @1@'.format(get_option('debug-shell'),
get_option('debug-tty')),
'TTY GID: @0@'.format(tty_gid),
- 'users GID: @0@'.format(users_gid),
+ 'users GID: @0@'.format(substs.get('USERS_GID')),
'maximum system UID: @0@'.format(system_uid_max),
'maximum system GID: @0@'.format(system_gid_max),
'minimum dynamic UID: @0@'.format(dynamic_uid_min),
'symbolic gateway hostnames: @0@'.format(', '.join(gateway_hostnames)),
'default DNSSEC mode: @0@'.format(default_dnssec),
+ 'default DNS-over-TLS mode: @0@'.format(default_dns_over_tls),
'default cgroup hierarchy: @0@'.format(default_hierarchy),
'default KillUserProcesses setting: @0@'.format(kill_user_processes)]
['idn'],
['libidn2'],
['libidn'],
- ['nss-systemd'],
['libiptc'],
['elfutils'],
['binfmt'],
['localed'],
['networkd'],
['resolve'],
+ ['DNS-over-TLS'],
['coredump'],
['polkit'],
['legacy pkla', install_polkit_pkla],
['blkid'],
['dbus'],
['glib'],
- ['nss-myhostname', conf.get('ENABLE_MYHOSTNAME') == 1],
+ ['nss-myhostname', conf.get('ENABLE_NSS_MYHOSTNAME') == 1],
+ ['nss-mymachines', conf.get('ENABLE_NSS_MYMACHINES') == 1],
+ ['nss-resolve', conf.get('ENABLE_NSS_RESOLVE') == 1],
+ ['nss-systemd', conf.get('ENABLE_NSS_SYSTEMD') == 1],
['hwdb'],
['tpm'],
['man pages', want_man],