-# SPDX-License-Identifier: LGPL-2.1+
+# SPDX-License-Identifier: LGPL-2.1-or-later
project('systemd', 'c',
- version : '246',
+ version : '247',
license : 'LGPLv2+',
default_options: [
'c_std=gnu99',
meson_version : '>= 0.46',
)
-libsystemd_version = '0.29.0'
+libsystemd_version = '0.30.0'
libudev_version = '1.7.0'
# We need the same data in two different formats, ugh!
project_source_root).stdout().strip()
conf.set_quoted('RELATIVE_SOURCE_PATH', relative_source_path)
-conf.set10('DEVELOPER_MODE', get_option('mode') == 'developer',
- description : 'enable additional checks only suitable in development')
+conf.set('BUILD_MODE', 'BUILD_MODE_' + get_option('mode').to_upper(),
+ description : 'tailor build to development or release builds')
want_ossfuzz = get_option('oss-fuzz')
want_libfuzzer = get_option('llvm-fuzz')
rootlibdir = join_paths(rootprefixdir, libdir.split('/')[-1])
endif
+install_sysconfdir = get_option('install-sysconfdir')
# Dirs of external packages
pkgconfigdatadir = get_option('pkgconfigdatadir') == '' ? join_paths(datadir, 'pkgconfig') : get_option('pkgconfigdatadir')
pkgconfiglibdir = get_option('pkgconfiglibdir') == '' ? join_paths(libdir, 'pkgconfig') : get_option('pkgconfiglibdir')
conf.set_quoted('RC_LOCAL_PATH', get_option('rc-local'))
conf.set('ANSI_OK_COLOR', 'ANSI_' + get_option('ok-color').underscorify().to_upper())
+conf.set10('ENABLE_FEXECVE', get_option('fexecve'))
conf.set_quoted('USER_CONFIG_UNIT_DIR', join_paths(pkgsysconfdir, 'user'))
conf.set_quoted('USER_DATA_UNIT_DIR', userunitdir)
conf.set_quoted('CERTIFICATE_ROOT', get_option('certificate-root'))
conf.set_quoted('CATALOG_DATABASE', join_paths(catalogstatedir, 'database'))
-conf.set_quoted('SYSTEMD_CGROUP_AGENT_PATH', join_paths(rootlibexecdir, 'systemd-cgroups-agent'))
conf.set_quoted('SYSTEMD_BINARY_PATH', join_paths(rootlibexecdir, 'systemd'))
+conf.set_quoted('SYSTEMD_CGROUPS_AGENT_PATH', join_paths(rootlibexecdir, 'systemd-cgroups-agent'))
conf.set_quoted('SYSTEMD_FSCK_PATH', join_paths(rootlibexecdir, 'systemd-fsck'))
-conf.set_quoted('SYSTEMD_MAKEFS_PATH', join_paths(rootlibexecdir, 'systemd-makefs'))
conf.set_quoted('SYSTEMD_GROWFS_PATH', join_paths(rootlibexecdir, 'systemd-growfs'))
+conf.set_quoted('SYSTEMD_MAKEFS_PATH', join_paths(rootlibexecdir, 'systemd-makefs'))
conf.set_quoted('SYSTEMD_SHUTDOWN_BINARY_PATH', join_paths(rootlibexecdir, 'systemd-shutdown'))
conf.set_quoted('SYSTEMCTL_BINARY_PATH', join_paths(rootbindir, 'systemctl'))
conf.set_quoted('SYSTEMD_TTY_ASK_PASSWORD_AGENT_BINARY_PATH', join_paths(rootbindir, 'systemd-tty-ask-password-agent'))
#include <sys/stat.h>
#include <unistd.h>'''],
['explicit_bzero' , '''#include <string.h>'''],
- ['reallocarray', '''#include <malloc.h>'''],
+ ['reallocarray', '''#include <stdlib.h>'''],
['set_mempolicy', '''#include <stdlib.h>
#include <unistd.h>'''],
['get_mempolicy', '''#include <stdlib.h>
#include <signal.h>
#include <sys/wait.h>'''],
['mallinfo', '''#include <malloc.h>'''],
+ ['execveat', '''#include <unistd.h>'''],
['close_range', '''#include <unistd.h>'''],
]
endif
conf.set_quoted('FALLBACK_HOSTNAME', fallback_hostname)
-conf.set10('ENABLE_COMPAT_GATEWAY_HOSTNAME', get_option('compat-gateway-hostname'))
-gateway_hostnames = ['_gateway'] + (conf.get('ENABLE_COMPAT_GATEWAY_HOSTNAME') == 1 ? ['gateway'] : [])
-
default_hierarchy = get_option('default-hierarchy')
conf.set_quoted('DEFAULT_HIERARCHY_NAME', default_hierarchy,
description : 'default cgroup hierarchy as string')
have and cc.has_function('crypt_set_metadata_size', dependencies : libcryptsetup))
conf.set10('HAVE_CRYPT_ACTIVATE_BY_SIGNED_KEY',
have and cc.has_function('crypt_activate_by_signed_key', dependencies : libcryptsetup))
+ conf.set10('HAVE_CRYPT_TOKEN_MAX',
+ have and cc.has_function('crypt_token_max', dependencies : libcryptsetup))
else
have = false
libcryptsetup = []
libcurl = []
endif
conf.set10('HAVE_LIBCURL', have)
+conf.set10('CURL_NO_OLDIES', get_option('mode') == 'developer')
want_libidn = get_option('libidn')
want_libidn2 = get_option('libidn2')
want_qrencode = get_option('qrencode')
if want_qrencode != 'false' and not skip_deps
libqrencode = dependency('libqrencode',
+ version : '>= 4',
required : want_qrencode == 'true')
have = libqrencode.found()
else
endif
conf.set10('HAVE_LIBFIDO2', have)
+want_tpm2 = get_option('tpm2')
+if want_tpm2 != 'false' and not skip_deps
+ tpm2 = dependency('tss2-esys tss2-rc tss2-mu',
+ required : want_tpm2 == 'true')
+ have = tpm2.found()
+else
+ have = false
+ tpm2 = []
+endif
+conf.set10('HAVE_TPM2', have)
+
want_elfutils = get_option('elfutils')
if want_elfutils != 'false' and not skip_deps
libdw = dependency('libdw',
else
have = have == 'true'
if have and get_option('mode') != 'developer'
- error('oomd is not available in release mode (yet)')
+ warning('oomd is not ready for release mode (yet)')
endif
endif
conf.set10('ENABLE_OOMD', have)
+substs.set10('ENABLE_OOMD', have)
want_remote = get_option('remote')
if want_remote != 'false'
'ima',
'initrd',
'compat-mutable-uid-boundaries',
+ 'nscd',
'ldconfig',
'localed',
'logind',
'networkd',
'nss-myhostname',
'nss-systemd',
- 'oomd',
'portabled',
'pstore',
'quotacheck',
includes = include_directories('src/basic',
'src/boot',
+ 'src/core',
'src/home',
- 'src/shared',
- 'src/systemd',
'src/journal',
'src/journal-remote',
- 'src/nspawn',
- 'src/resolve',
- 'src/timesync',
- 'src/time-wait-sync',
- 'src/login',
- 'src/udev',
- 'src/libudev',
- 'src/core',
- 'src/shutdown',
- 'src/xdg-autostart-generator',
+ 'src/libsystemd-network',
'src/libsystemd/sd-bus',
'src/libsystemd/sd-device',
'src/libsystemd/sd-event',
'src/libsystemd/sd-netlink',
'src/libsystemd/sd-network',
'src/libsystemd/sd-resolve',
- 'src/libsystemd-network',
+ 'src/login',
+ 'src/nspawn',
+ 'src/resolve',
+ 'src/shared',
+ 'src/shutdown',
+ 'src/systemd',
+ 'src/time-wait-sync',
+ 'src/timesync',
+ 'src/udev',
+ 'src/xdg-autostart-generator',
'.')
add_project_arguments('-include', 'config.h', language : 'c')
subdir('po')
subdir('catalog')
+subdir('src/libudev')
subdir('src/systemd')
subdir('src/basic')
subdir('src/libsystemd')
# usually, but not always, installed in /bin.
public_programs = []
-subdir('src/libudev')
subdir('src/shared')
subdir('src/core')
subdir('src/shutdown')
libcrypt,
libopenssl,
libfdisk,
- libp11kit,
- libfido2],
+ libp11kit],
install_rpath : rootlibexecdir,
install : true,
install_dir : rootlibexecdir)
libcrypt,
libopenssl,
libp11kit,
- libfido2,
libdl],
install_rpath : rootlibexecdir,
install : true,
if conf.get('HAVE_LIBCRYPTSETUP') == 1
systemd_cryptsetup_sources = files('''
- src/cryptsetup/cryptsetup-pkcs11.h
+ src/cryptsetup/cryptsetup-fido2.h
src/cryptsetup/cryptsetup-keyfile.c
src/cryptsetup/cryptsetup-keyfile.h
+ src/cryptsetup/cryptsetup-pkcs11.h
+ src/cryptsetup/cryptsetup-tpm2.h
src/cryptsetup/cryptsetup.c
'''.split())
systemd_cryptsetup_sources += files('src/cryptsetup/cryptsetup-pkcs11.c')
endif
+ if conf.get('HAVE_LIBFIDO2') == 1
+ systemd_cryptsetup_sources += files('src/cryptsetup/cryptsetup-fido2.c')
+ endif
+
+ if conf.get('HAVE_TPM2') == 1
+ systemd_cryptsetup_sources += files('src/cryptsetup/cryptsetup-tpm2.c')
+ endif
+
executable(
'systemd-cryptsetup',
systemd_cryptsetup_sources,
install_rpath : rootlibexecdir,
install : true,
install_dir : systemgeneratordir)
+
+ systemd_cryptenroll_sources = files('''
+ src/cryptenroll/cryptenroll-fido2.h
+ src/cryptenroll/cryptenroll-list.c
+ src/cryptenroll/cryptenroll-list.h
+ src/cryptenroll/cryptenroll-password.c
+ src/cryptenroll/cryptenroll-password.h
+ src/cryptenroll/cryptenroll-pkcs11.h
+ src/cryptenroll/cryptenroll-recovery.c
+ src/cryptenroll/cryptenroll-recovery.h
+ src/cryptenroll/cryptenroll-tpm2.h
+ src/cryptenroll/cryptenroll-wipe.c
+ src/cryptenroll/cryptenroll-wipe.h
+ src/cryptenroll/cryptenroll.c
+ src/cryptenroll/cryptenroll.h
+'''.split())
+
+ if conf.get('HAVE_P11KIT') == 1 and conf.get('HAVE_OPENSSL') == 1
+ systemd_cryptenroll_sources += files('src/cryptenroll/cryptenroll-pkcs11.c')
+ endif
+
+ if conf.get('HAVE_LIBFIDO2') == 1
+ systemd_cryptenroll_sources += files('src/cryptenroll/cryptenroll-fido2.c')
+ endif
+
+ if conf.get('HAVE_TPM2') == 1
+ systemd_cryptenroll_sources += files('src/cryptenroll/cryptenroll-tpm2.c')
+ endif
+
+ executable(
+ 'systemd-cryptenroll',
+ systemd_cryptenroll_sources,
+ include_directories : includes,
+ link_with : [libshared],
+ dependencies : [libcryptsetup,
+ libdl,
+ libopenssl,
+ libp11kit],
+ install_rpath : rootlibexecdir,
+ install : true,
+ install_dir : bindir)
endif
if conf.get('HAVE_SYSV_COMPAT') == 1
meson.add_install_script('sh', '-c',
mkdir_p.format(binfmtdir))
- meson.add_install_script('sh', '-c',
- mkdir_p.format(join_paths(sysconfdir, 'binfmt.d')))
+ if install_sysconfdir
+ meson.add_install_script('sh', '-c',
+ mkdir_p.format(join_paths(sysconfdir, 'binfmt.d')))
+ endif
endif
if conf.get('ENABLE_REPART') == 1
install : true,
install_dir : rootlibexecdir)
-install_data('src/sleep/sleep.conf',
- install_dir : pkgsysconfdir)
+if install_sysconfdir
+ install_data('src/sleep/sleep.conf',
+ install_dir : pkgsysconfdir)
+endif
public_programs += executable(
'systemd-sysctl',
'src/hwdb/hwdb.c',
'src/libsystemd/sd-hwdb/hwdb-internal.h',
include_directories : includes,
- link_with : [libudev_static],
+ link_with : udev_link_with,
install_rpath : udev_rpath,
install : true,
install_dir : rootbindir)
udevadm_sources,
c_args : '-DLOG_REALM=LOG_REALM_UDEV',
include_directories : includes,
- link_with : [libudev_core,
- libsystemd_network,
- libudev_static],
+ link_with : [libudevd_core],
dependencies : [versiondep,
threads,
libkmod,
meson.add_install_script('sh', '-c',
mkdir_p.format(modulesloaddir))
- meson.add_install_script('sh', '-c',
- mkdir_p.format(join_paths(sysconfdir, 'modules-load.d')))
+ if install_sysconfdir
+ meson.add_install_script('sh', '-c',
+ mkdir_p.format(join_paths(sysconfdir, 'modules-load.d')))
+ endif
endif
public_programs += executable(
include_directories : network_include_dir,
link_with : [libnetworkd_core,
libsystemd_network,
- libudev_static,
networkd_link_with],
dependencies : [threads],
install_rpath : rootlibexecdir,
type = tuple.length() >= 5 ? tuple[4] : ''
defs = tuple.length() >= 6 ? tuple[5] : []
incs = tuple.length() >= 7 ? tuple[6] : includes
+ parallel = tuple.length() >= 8 ? tuple[7] : true
timeout = 30
name = sources[0].split('/')[-1].split('.')[0]
exe = executable(
'test-libudev-sym',
test_libudev_sym_c,
- include_directories : includes,
+ include_directories : libudev_includes,
c_args : '-Wno-deprecated-declarations',
link_with : [libudev],
build_by_default : want_tests != 'false',
exe = executable(
'test-libudev-static-sym',
test_libudev_sym_c,
- include_directories : includes,
+ include_directories : libudev_includes,
c_args : '-Wno-deprecated-declarations',
link_with : [install_libudev_static],
build_by_default : want_tests != 'false' and static_libudev_pic,
fuzzer_exes = []
-if get_option('tests') != 'false'
- foreach tuple : fuzzers
- sources = tuple[0]
- link_with = tuple[1].length() > 0 ? tuple[1] : [libshared]
- dependencies = tuple[2]
- defs = tuple.length() >= 4 ? tuple[3] : []
- incs = tuple.length() >= 5 ? tuple[4] : includes
- link_args = []
-
- if want_ossfuzz
+foreach tuple : fuzzers
+ sources = tuple[0]
+ link_with = tuple[1].length() > 0 ? tuple[1] : [libshared]
+ dependencies = tuple[2]
+ defs = tuple.length() >= 4 ? tuple[3] : []
+ incs = tuple.length() >= 5 ? tuple[4] : includes
+ link_args = []
+
+ if want_ossfuzz
+ dependencies += fuzzing_engine
+ elif want_libfuzzer
+ if fuzzing_engine.found()
dependencies += fuzzing_engine
- elif want_libfuzzer
- if fuzzing_engine.found()
- dependencies += fuzzing_engine
- else
- link_args += ['-fsanitize=fuzzer']
- endif
else
- sources += 'src/fuzz/fuzz-main.c'
+ link_args += ['-fsanitize=fuzzer']
endif
+ else
+ sources += 'src/fuzz/fuzz-main.c'
+ endif
- name = sources[0].split('/')[-1].split('.')[0]
+ name = sources[0].split('/')[-1].split('.')[0]
- fuzzer_exes += executable(
- name,
- sources,
- include_directories : [incs, include_directories('src/fuzz')],
- link_with : link_with,
- dependencies : dependencies,
- c_args : defs,
- link_args: link_args,
- install : false)
- endforeach
-endif
+ fuzzer_exes += executable(
+ name,
+ sources,
+ include_directories : [incs, include_directories('src/fuzz')],
+ link_with : link_with,
+ dependencies : dependencies,
+ c_args : defs,
+ link_args: link_args,
+ install : false,
+ build_by_default : fuzz_tests or fuzzer_build)
+endforeach
run_target(
'fuzzers',
install_subdir('factory/etc',
install_dir : factorydir)
-install_data('xorg/50-systemd-user.sh',
- install_dir : xinitrcdir)
+if install_sysconfdir
+ install_data('xorg/50-systemd-user.sh',
+ install_dir : xinitrcdir)
+endif
install_data('modprobe.d/systemd.conf',
install_dir : modprobedir)
install_data('LICENSE.GPL2',
if name != prev
if want_tests == 'false'
message('Not compiling @0@ because tests is set to false'.format(name))
- elif slow_tests or fuzz_tests
+ elif fuzz_tests
exe = custom_target(
name,
output : name,
'@OUTPUT@'],
build_by_default : true)
else
- message('Not compiling @0@ because slow-tests/fuzz-tests is set to false'.format(name))
+ message('Not compiling @0@ because fuzz-tests is set to false'.format(name))
endif
endif
prev = name
- if want_tests != 'false' and (slow_tests or fuzz_tests)
- test('@0@:@1@:@2@'.format(b, c, sanitizer),
+ if fuzz_tests
+ test('@0@_@1@_@2@'.format(b, c, sanitizer),
env,
env : ['UBSAN_OPTIONS=print_stacktrace=1:print_summary=1:halt_on_error=1'],
timeout : 60,
if git.found()
all_files = run_command(
+ 'env', '-u', 'GIT_WORK_TREE',
git,
- ['--git-dir=@0@/.git'.format(project_source_root),
- 'ls-files',
- ':/*.[ch]'])
+ '--git-dir=@0@/.git'.format(project_source_root),
+ 'ls-files', ':/*.[ch]')
+
all_files = files(all_files.stdout().split())
custom_target(
'nobody user name: @0@'.format(nobody_user),
'nobody group name: @0@'.format(nobody_group),
'fallback hostname: @0@'.format(get_option('fallback-hostname')),
- 'symbolic gateway hostnames: @0@'.format(', '.join(gateway_hostnames)),
'default DNSSEC mode: @0@'.format(default_dnssec),
'default DNS-over-TLS mode: @0@'.format(default_dns_over_tls),
['libfdisk'],
['p11kit'],
['libfido2'],
+ ['tpm2'],
['AUDIT'],
['IMA'],
['AppArmor'],
['idn'],
['initrd'],
['compat-mutable-uid-boundaries'],
+ ['nscd'],
['libidn2'],
['libidn'],
['libiptc'],
['link-timesyncd-shared', get_option('link-timesyncd-shared')],
['kernel-install', get_option('kernel-install')],
['systemd-analyze', conf.get('ENABLE_ANALYZE') == 1],
+ ['fexecve'],
]
if tuple.length() >= 2