meson_version : '>= 0.60.0',
)
-libsystemd_version = '0.38.0'
-libudev_version = '1.7.8'
+libsystemd_version = '0.39.0'
+libudev_version = '1.7.9'
conf = configuration_data()
conf.set_quoted('PROJECT_URL', 'https://systemd.io/')
#####################################################################
# Try to install the git pre-commit hook
-add_git_hook_sh = find_program('tools/add-git-hook.sh', required : false)
-if add_git_hook_sh.found()
- git_hook = run_command(add_git_hook_sh, check : false)
+git_setup_sh = find_program('tools/git-setup.sh', required : false)
+if git_setup_sh.found()
+ git_hook = run_command(git_setup_sh, check : false)
if git_hook.returncode() == 0
message(git_hook.stdout().strip())
endif
sshdconfdir = sysconfdir / 'ssh/sshd_config.d'
endif
+sshdprivsepdir = get_option('sshdprivsepdir')
+conf.set10('CREATE_SSHDPRIVSEPDIR', sshdprivsepdir != 'no' and not sshdprivsepdir.startswith('/usr/'))
+conf.set('SSHDPRIVSEPDIR', sshdprivsepdir, description : 'SSH privilege separation directory')
+
libcryptsetup_plugins_dir = get_option('libcryptsetup-plugins-dir')
if libcryptsetup_plugins_dir == ''
libcryptsetup_plugins_dir = libdir / 'cryptsetup'
conf.set_quoted('INCLUDE_DIR', includedir)
conf.set_quoted('LIBDIR', libdir)
conf.set_quoted('LIBEXECDIR', libexecdir)
+conf.set_quoted('KERNEL_INSTALL_DIR', kernelinstalldir)
conf.set_quoted('MODPROBE_DIR', modprobedir)
conf.set_quoted('MODULESLOAD_DIR', modulesloaddir)
conf.set_quoted('PKGSYSCONFDIR', pkgsysconfdir)
conf.set_quoted('SYSTEMD_TTY_ASK_PASSWORD_AGENT_BINARY_PATH', bindir / 'systemd-tty-ask-password-agent')
conf.set_quoted('SYSTEMD_UPDATE_HELPER_PATH', libexecdir / 'systemd-update-helper')
conf.set_quoted('SYSTEMD_USERWORK_PATH', libexecdir / 'systemd-userwork')
+conf.set_quoted('SYSTEMD_MOUNTWORK_PATH', libexecdir / 'systemd-mountwork')
+conf.set_quoted('SYSTEMD_NSRESOURCEWORK_PATH', libexecdir / 'systemd-nsresourcework')
conf.set_quoted('SYSTEMD_VERITYSETUP_PATH', libexecdir / 'systemd-veritysetup')
conf.set_quoted('SYSTEM_CONFIG_UNIT_DIR', pkgsysconfdir / 'system')
conf.set_quoted('SYSTEM_DATA_UNIT_DIR', systemunitdir)
want_tests = get_option('tests')
slow_tests = want_tests != 'false' and get_option('slow-tests')
fuzz_tests = want_tests != 'false' and get_option('fuzz-tests')
+integration_tests = want_tests != 'false' and get_option('integration-tests')
install_tests = want_tests != 'false' and get_option('install-tests')
if add_languages('cpp', native : false, required : fuzzer_build)
error('POSIX caps headers not found')
endif
foreach header : ['crypt.h',
+ 'linux/ioprio.h',
'linux/memfd.h',
+ 'linux/time_types.h',
'linux/vm_sockets.h',
'sys/auxv.h',
+ 'sys/sdt.h',
'threads.h',
'valgrind/memcheck.h',
'valgrind/valgrind.h',
- 'linux/time_types.h',
- 'sys/sdt.h',
]
conf.set10('HAVE_' + header.underscorify().to_upper(),
endif
conf.set_quoted('FALLBACK_HOSTNAME', fallback_hostname)
-default_hierarchy = get_option('default-hierarchy')
-conf.set_quoted('DEFAULT_HIERARCHY_NAME', default_hierarchy,
- description : 'default cgroup hierarchy as string')
-if default_hierarchy == 'legacy'
- conf.set('DEFAULT_HIERARCHY', 'CGROUP_UNIFIED_NONE')
-elif default_hierarchy == 'hybrid'
- conf.set('DEFAULT_HIERARCHY', 'CGROUP_UNIFIED_SYSTEMD')
-else
- conf.set('DEFAULT_HIERARCHY', 'CGROUP_UNIFIED_ALL')
-endif
-
extra_net_naming_schemes = []
extra_net_naming_map = []
foreach scheme: get_option('extra-net-naming-schemes').split(',')
bpf_compiler = get_option('bpf-compiler')
libbpf = dependency('libbpf',
required : bpf_framework,
- version : bpf_compiler == 'gcc' ? '>= 1.0.0' : '>= 0.1.0')
+ version : bpf_compiler == 'gcc' ? '>= 1.4.0' : '>= 0.1.0')
conf.set10('HAVE_LIBBPF', libbpf.found())
if not libbpf.found()
version : '>= 15',
required : get_option('kmod'))
conf.set10('HAVE_KMOD', libkmod.found())
+libkmod_cflags = libkmod.partial_dependency(includes: true, compile_args: true)
libxenctrl = dependency('xencontrol',
version : '>= 4.9',
'crypt_reencrypt_init_by_passphrase',
'crypt_reencrypt',
'crypt_set_data_offset',
- 'crypt_set_keyring_to_link']
+ 'crypt_set_keyring_to_link',
+ 'crypt_resume_by_volume_key']
have_ident = have and cc.has_function(
ident,
prefix : '#include <libcryptsetup.h>',
# link to neither of the libs if one is not found
libgcrypt = []
libgpg_error = []
+ libgcrypt_cflags = []
+else
+ libgcrypt_cflags = libgcrypt.partial_dependency(includes: true, compile_args: true)
endif
conf.set10('HAVE_GCRYPT', have)
libxz = dependency('liblzma',
required : get_option('xz'))
conf.set10('HAVE_XZ', libxz.found())
+libxz_cflags = libxz.partial_dependency(includes: true, compile_args: true)
liblz4 = dependency('liblz4',
version : '>= 1.3.0',
required : get_option('lz4'))
conf.set10('HAVE_LZ4', liblz4.found())
+liblz4_cflags = liblz4.partial_dependency(includes: true, compile_args: true)
libzstd = dependency('libzstd',
version : '>= 1.4.0',
required : get_option('zstd'))
conf.set10('HAVE_ZSTD', libzstd.found())
+libzstd_cflags = libzstd.partial_dependency(includes: true, compile_args: true)
conf.set10('HAVE_COMPRESSION', libxz.found() or liblz4.found() or libzstd.found())
have = get_option('homed').require(
conf.get('HAVE_OPENSSL') == 1 and
conf.get('HAVE_LIBFDISK') == 1 and
- conf.get('HAVE_LIBCRYPTSETUP') == 1,
+ conf.get('HAVE_LIBCRYPTSETUP') == 1 and
+ conf.get('HAVE_CRYPT_RESUME_BY_VOLUME_KEY') == 1,
error_message : 'openssl, fdisk and libcryptsetup required').allowed()
conf.set10('ENABLE_HOMED', have)
feature = get_option('vmspawn').disable_auto_if(conf.get('BUILD_MODE_DEVELOPER') == 0)
conf.set10('ENABLE_VMSPAWN', feature.allowed())
+conf.set10('DEFAULT_MOUNTFSD_TRUSTED_DIRECTORIES', get_option('default-mountfsd-trusted-directories'))
+
foreach term : ['analyze',
'backlight',
'binfmt',
'localed',
'logind',
'machined',
+ 'mountfsd',
'networkd',
'nscd',
+ 'nsresourced',
'nss-myhostname',
'nss-systemd',
'oomd',
bpf_gcc_flags = [
'-std=gnu11',
'-fno-stack-protector',
+ '-fno-ssa-phiopt',
'-O2',
- '-mkernel=5.2',
'-mcpu=v3',
'-mco-re',
'-gbtf',
'-c',
]
+ # If c_args contains these flags copy them along with the values, in order to avoid breaking
+ # reproducible builds and other functionality
+ propagate_cflags = [
+ '-ffile-prefix-map=',
+ '-fdebug-prefix-map=',
+ '-fmacro-prefix-map=',
+ ]
+
+ foreach opt : c_args
+ foreach flag : propagate_cflags
+ if opt.startswith(flag)
+ bpf_clang_flags += [opt]
+ bpf_gcc_flags += [opt]
+ break
+ endif
+ endforeach
+ endforeach
+
# Generate defines that are appropriate to tell the compiler what architecture
# we're compiling for. By default we just map meson's cpu_family to __<cpu_family>__.
# This dictionary contains the exceptions where this doesn't work.
'riscv32' : ['-D__riscv', '-D__riscv_xlen=32'],
'riscv64' : ['-D__riscv', '-D__riscv_xlen=64'],
'x86' : ['-D__i386__'],
+ 's390x' : ['-D__s390__', '-D__s390x__'],
# For arm, assume hardware fp is available.
'arm' : ['-D__arm__', '-D__ARM_PCS_VFP'],
bpf_o_unstripped_cmd += ['-I.']
- if not meson.is_cross_build() and bpf_compiler == 'clang'
+ if not meson.is_cross_build()
target_triplet_cmd = run_command('gcc', '-dumpmachine', check: false)
if target_triplet_cmd.returncode() == 0
target_triplet = target_triplet_cmd.stdout().strip()
#####################################################################
+check_efi_alignment_py = find_program('tools/check-efi-alignment.py')
+
+#####################################################################
+
+use_provided_vmlinux_h = false
+use_generated_vmlinux_h = false
+provided_vmlinux_h_path = get_option('vmlinux-h-path')
+
+# For the more complex BPF programs we really want a vmlinux.h (which is arch
+# specific, but only somewhat bound to kernel version). Ideally the kernel
+# development headers would ship that, but right now they don't. Hence address
+# this in two ways:
+#
+# 1. Provide a vmlinux.h at build time
+# 2. Generate the file on the fly where possible (which requires /sys/ to be mounted)
+#
+# We generally prefer the former (to support reproducible builds), but will
+# fallback to the latter.
+
+if conf.get('BPF_FRAMEWORK') == 1
+ enable_vmlinux_h = get_option('vmlinux-h')
+
+ if enable_vmlinux_h == 'auto'
+ if provided_vmlinux_h_path != ''
+ use_provided_vmlinux_h = true
+ elif fs.exists('/sys/kernel/btf/vmlinux') and \
+ bpftool.found() and \
+ (host_machine.cpu_family() == build_machine.cpu_family()) and \
+ host_machine.cpu_family() in ['x86_64', 'aarch64']
+
+ # We will only generate a vmlinux.h from the running
+ # kernel if the host and build machine are of the same
+ # family. Also for now we focus on x86_64 and aarch64,
+ # since other archs don't seem to be ready yet.
+
+ use_generated_vmlinux_h = true
+ endif
+ elif enable_vmlinux_h == 'provided'
+ use_provided_vmlinux_h = true
+ elif enable_vmlinux_h == 'generated'
+ if not fs.exists('/sys/kernel/btf/vmlinux')
+ error('BTF data from kernel not available (/sys/kernel/btf/vmlinux missing), cannot generate vmlinux.h, but was asked to.')
+ endif
+ if not bpftool.found()
+ error('bpftool not available, cannot generate vmlinux.h, but was asked to.')
+ endif
+ use_generated_vmlinux_h = true
+ endif
+endif
+
+if use_provided_vmlinux_h
+ if not fs.exists(provided_vmlinux_h_path)
+ error('Path to provided vmlinux.h does not exist.')
+ endif
+ vmlinux_h_dependency = []
+ bpf_o_unstripped_cmd += ['-I' + fs.parent(provided_vmlinux_h_path)]
+ message('Using provided @0@'.format(provided_vmlinux_h_path))
+elif use_generated_vmlinux_h
+ vmlinux_h_dependency = custom_target(
+ 'vmlinux.h',
+ output: 'vmlinux.h',
+ command : [ bpftool, 'btf', 'dump', 'file', '/sys/kernel/btf/vmlinux', 'format', 'c' ],
+ capture : true)
+
+ bpf_o_unstripped_cmd += ['-I' + fs.parent(vmlinux_h_dependency.full_path())]
+ message('Using generated @0@'.format(vmlinux_h_dependency.full_path()))
+else
+ message('Using neither provided nor generated vmlinux.h, some features will not be available.')
+endif
+
+conf.set10('HAVE_VMLINUX_H', use_provided_vmlinux_h or use_generated_vmlinux_h)
+
+#####################################################################
+
check_version_history_py = find_program('tools/check-version-history.py')
elf2efi_py = find_program('tools/elf2efi.py')
export_dbus_interfaces_py = find_program('tools/dbus_exporter.py')
#####################################################################
version_tag = get_option('version-tag')
+if version_tag == ''
+ version_tag = meson.project_version()
+endif
+
+conf.set_quoted('VERSION_TAG', version_tag)
+
+vcs_tag = get_option('vcs-tag')
+command = ['sh', '-c',
+ vcs_tag and fs.exists(project_source_root / '.git') ?
+ 'echo "-g$(git -C . describe --abbrev=7 --match="" --always --dirty=^)"' : ':']
version_h = vcs_tag(
input : 'src/version/version.h.in',
output : 'version.h',
- command: [project_source_root / 'tools/meson-vcs-tag.sh',
- project_source_root,
- version_tag,
- ])
+ fallback : '',
+ command : command,
+)
shared_lib_tag = get_option('shared-lib-tag')
if shared_lib_tag == ''
userspace_c_args += ['-include', 'config.h']
-jinja2_cmdline = [meson_render_jinja2, config_h, version_h]
+jinja2_cmdline = [meson_render_jinja2, config_h]
userspace = declare_dependency(
compile_args : userspace_c_args,
include_directories : libsystemd_includes,
link_args : ['-shared',
'-Wl,--version-script=' + libsystemd_sym_path],
- link_with : [libbasic,
- libbasic_gcrypt,
- libbasic_compress],
+ link_with : [libbasic],
link_whole : [libsystemd_static],
dependencies : [librt,
threads,
'systemd',
libsystemd_sources,
basic_sources,
- basic_gcrypt_sources,
- basic_compress_sources,
fundamental_sources,
include_directories : libsystemd_includes,
build_by_default : static_libsystemd != 'false',
dependencies : [libblkid,
libcap,
libdl,
- libgcrypt,
- liblz4,
+ libgcrypt_cflags,
+ liblz4_cflags,
libmount,
libopenssl,
librt,
- libxz,
- libzstd,
+ libxz_cflags,
+ libzstd_cflags,
threads,
userspace],
c_args : libsystemd_c_args + (static_libsystemd_pic ? [] : ['-fno-PIC']))
subdir('src/login')
subdir('src/machine')
subdir('src/machine-id-setup')
+subdir('src/mountfsd')
subdir('src/modules-load')
subdir('src/mount')
subdir('src/network')
subdir('src/notify')
subdir('src/nspawn')
+subdir('src/nsresourced')
subdir('src/nss-myhostname')
subdir('src/nss-mymachines')
subdir('src/nss-resolve')
#####################################################################
+mkosi = find_program('mkosi', required : false)
+if integration_tests and not mkosi.found()
+ error('Could not find mkosi which is required to run the integration tests')
+endif
+
+mkosi_depends = public_programs
+
+foreach executable : ['systemd-journal-remote', 'systemd-measure']
+ if executable in executables_by_name
+ mkosi_depends += [executables_by_name[executable]]
+ endif
+endforeach
+
+if mkosi.found()
+ custom_target('mkosi',
+ build_always_stale : true,
+ build_by_default: false,
+ console : true,
+ output : '.',
+ command : [
+ 'mkosi',
+ '--directory', meson.current_source_dir(),
+ '--output-dir', meson.current_build_dir() / 'mkosi.output',
+ '--cache-dir', meson.current_build_dir() / 'mkosi.cache',
+ '--build-dir', meson.current_build_dir() / 'mkosi.builddir',
+ '--force',
+ '--debug',
+ 'build',
+ ],
+ depends : mkosi_depends,
+ )
+endif
+
+############################################################
+
subdir('rules.d')
subdir('test')
'LICENSE.LGPL2.1',
'NEWS',
'README',
- 'docs/_contributing/CODING_STYLE.md',
- 'docs/_concepts/DISTRO_PORTING.md',
- 'docs/_interfaces/ENVIRONMENT.md',
- 'docs/_contributing/HACKING.md',
- 'docs/_interfaces/TRANSIENT-SETTINGS.md',
- 'docs/_contributing/TRANSLATORS.md',
- 'docs/_groups/UIDS-GIDS.md',
+ 'docs/CODING_STYLE.md',
+ 'docs/DISTRO_PORTING.md',
+ 'docs/ENVIRONMENT.md',
+ 'docs/HACKING.md',
+ 'docs/TRANSIENT-SETTINGS.md',
+ 'docs/TRANSLATORS.md',
+ 'docs/UIDS-GIDS.md',
install_dir : docdir)
install_subdir('LICENSES',
'PAM modules directory' : pamlibdir,
'PAM configuration directory' : pamconfdir,
'ssh server configuration directory' : sshdconfdir,
+ 'ssh server privilege separation directory' : sshdprivsepdir,
'ssh client configuration directory' : sshconfdir,
'libcryptsetup plugins directory' : libcryptsetup_plugins_dir,
'RPM macros directory' : rpmmacrosdir,
'default LLMNR mode' : default_llmnr,
'default DNS servers' : dns_servers.split(' '),
'default NTP servers' : ntp_servers.split(' '),
- 'default cgroup hierarchy' : default_hierarchy,
- 'default net.naming-scheme value' : default_net_naming_scheme,
- 'default KillUserProcesses value' : kill_user_processes,
+ 'default net.naming_scheme= value': default_net_naming_scheme,
+ 'default KillUserProcesses= value': kill_user_processes,
'default locale' : default_locale,
'default nspawn locale' : nspawn_locale,
'default status unit format' : status_unit_format_default,