summaryrefslogtreecommitdiffstats
path: root/meson.build
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-10 20:49:52 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-10 20:49:52 +0000
commit55944e5e40b1be2afc4855d8d2baf4b73d1876b5 (patch)
tree33f869f55a1b149e9b7c2b7e201867ca5dd52992 /meson.build
parentInitial commit. (diff)
downloadsystemd-55944e5e40b1be2afc4855d8d2baf4b73d1876b5.tar.xz
systemd-55944e5e40b1be2afc4855d8d2baf4b73d1876b5.zip
Adding upstream version 255.4.upstream/255.4
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'meson.build')
-rw-r--r--meson.build2906
1 files changed, 2906 insertions, 0 deletions
diff --git a/meson.build b/meson.build
new file mode 100644
index 0000000..a577ac7
--- /dev/null
+++ b/meson.build
@@ -0,0 +1,2906 @@
+# SPDX-License-Identifier: LGPL-2.1-or-later
+
+project('systemd', 'c',
+ version : '255',
+ license : 'LGPLv2+',
+ default_options: [
+ 'c_std=gnu11',
+ 'prefix=/usr',
+ 'sysconfdir=/etc',
+ 'localstatedir=/var',
+ 'warning_level=2',
+ ],
+ meson_version : '>= 0.60.0',
+ )
+
+libsystemd_version = '0.38.0'
+libudev_version = '1.7.8'
+
+conf = configuration_data()
+conf.set_quoted('PROJECT_URL', 'https://systemd.io/')
+conf.set('PROJECT_VERSION', meson.project_version(),
+ description : 'Numerical project version (used where a simple number is expected)')
+
+# This is to be used instead of meson.source_root(), as the latter will return
+# the wrong result when systemd is being built as a meson subproject
+project_source_root = meson.current_source_dir()
+project_build_root = meson.current_build_dir()
+relative_source_path = run_command('realpath',
+ '--relative-to=@0@'.format(project_build_root),
+ project_source_root,
+ check : true).stdout().strip()
+conf.set_quoted('RELATIVE_SOURCE_PATH', relative_source_path)
+
+conf.set10('BUILD_MODE_DEVELOPER', get_option('mode') == 'developer',
+ description : 'tailor build to development or release builds')
+
+feature = get_option('log-message-verification')
+if feature.auto()
+ have = conf.get('BUILD_MODE_DEVELOPER') == 1
+else
+ have = feature.enabled()
+endif
+conf.set10('LOG_MESSAGE_VERIFICATION', have)
+
+want_ossfuzz = get_option('oss-fuzz')
+want_libfuzzer = get_option('llvm-fuzz')
+if want_ossfuzz and want_libfuzzer
+ error('only one of oss-fuzz or llvm-fuzz can be specified')
+endif
+
+fuzzer_build = want_ossfuzz or want_libfuzzer
+
+# If we're building *not* for actual fuzzing, allow input samples of any size
+# (for testing and for reproduction of issues discovered with previously-higher
+# limits).
+conf.set10('FUZZ_USE_SIZE_LIMIT', fuzzer_build)
+
+# We'll set this to '1' for EFI builds in a different place.
+conf.set10('SD_BOOT', false)
+
+# Create a title-less summary section early, so it ends up first in the output.
+# More items are added later after they have been detected.
+summary({'build mode' : get_option('mode')})
+
+#####################################################################
+
+# Try to install the git pre-commit hook
+add_git_hook_sh = find_program('tools/add-git-hook.sh', required : false)
+if add_git_hook_sh.found()
+ git_hook = run_command(add_git_hook_sh, check : false)
+ if git_hook.returncode() == 0
+ message(git_hook.stdout().strip())
+ endif
+endif
+
+#####################################################################
+
+fs = import('fs')
+if get_option('split-bin') == 'auto'
+ split_bin = not fs.is_symlink('/usr/sbin')
+else
+ split_bin = get_option('split-bin') == 'true'
+endif
+conf.set10('HAVE_SPLIT_BIN', split_bin,
+ description : 'bin and sbin directories are separate')
+
+have_standalone_binaries = get_option('standalone-binaries')
+
+sysvinit_path = get_option('sysvinit-path')
+sysvrcnd_path = get_option('sysvrcnd-path')
+conf.set10('HAVE_SYSV_COMPAT', sysvinit_path != '' and sysvrcnd_path != '',
+ description : 'SysV init scripts and rcN.d links are supported')
+conf.set10('CREATE_LOG_DIRS', get_option('create-log-dirs'))
+
+if get_option('hibernate') and not get_option('initrd')
+ error('hibernate depends on initrd')
+endif
+
+conf.set10('BUMP_PROC_SYS_FS_FILE_MAX', get_option('bump-proc-sys-fs-file-max'))
+conf.set10('BUMP_PROC_SYS_FS_NR_OPEN', get_option('bump-proc-sys-fs-nr-open'))
+conf.set('HIGH_RLIMIT_NOFILE', 512*1024)
+
+# Meson ignores the preceding arguments when joining paths if an absolute
+# component is encountered, so this should canonicalize various paths when they
+# are absolute or relative.
+prefixdir = get_option('prefix')
+if not prefixdir.startswith('/')
+ error('Prefix is not absolute: "@0@"'.format(prefixdir))
+endif
+
+prefixdir_noslash = '/' + prefixdir.strip('/')
+bindir = prefixdir / get_option('bindir')
+sbindir = prefixdir / (split_bin ? 'sbin' : 'bin')
+sbin_to_bin = split_bin ? '../bin/' : ''
+libdir = prefixdir / get_option('libdir')
+sysconfdir = prefixdir / get_option('sysconfdir')
+includedir = prefixdir / get_option('includedir')
+datadir = prefixdir / get_option('datadir')
+localstatedir = '/' / get_option('localstatedir')
+
+libexecdir = prefixdir / 'lib/systemd'
+pkglibdir = libdir / 'systemd'
+
+install_sysconfdir = get_option('install-sysconfdir') != 'false'
+install_sysconfdir_samples = get_option('install-sysconfdir') == 'true'
+# Dirs of external packages
+pkgconfigdatadir = get_option('pkgconfigdatadir') != '' ? get_option('pkgconfigdatadir') : datadir / 'pkgconfig'
+pkgconfiglibdir = get_option('pkgconfiglibdir') != '' ? get_option('pkgconfiglibdir') : libdir / 'pkgconfig'
+polkitpolicydir = datadir / 'polkit-1/actions'
+polkitrulesdir = datadir / 'polkit-1/rules.d'
+polkitpkladir = localstatedir / 'lib/polkit-1/localauthority/10-vendor.d'
+xinitrcdir = get_option('xinitrcdir') != '' ? get_option('xinitrcdir') : sysconfdir / 'X11/xinit/xinitrc.d'
+rpmmacrosdir = get_option('rpmmacrosdir')
+if rpmmacrosdir != 'no'
+ rpmmacrosdir = prefixdir / rpmmacrosdir
+endif
+modprobedir = prefixdir / 'lib/modprobe.d'
+
+# Our own paths
+pkgdatadir = datadir / 'systemd'
+environmentdir = prefixdir / 'lib/environment.d'
+pkgsysconfdir = sysconfdir / 'systemd'
+userunitdir = prefixdir / 'lib/systemd/user'
+userpresetdir = prefixdir / 'lib/systemd/user-preset'
+tmpfilesdir = prefixdir / 'lib/tmpfiles.d'
+usertmpfilesdir = prefixdir / 'share/user-tmpfiles.d'
+sysusersdir = prefixdir / 'lib/sysusers.d'
+sysctldir = prefixdir / 'lib/sysctl.d'
+binfmtdir = prefixdir / 'lib/binfmt.d'
+modulesloaddir = prefixdir / 'lib/modules-load.d'
+networkdir = prefixdir / 'lib/systemd/network'
+systemgeneratordir = libexecdir / 'system-generators'
+usergeneratordir = prefixdir / 'lib/systemd/user-generators'
+systemenvgeneratordir = prefixdir / 'lib/systemd/system-environment-generators'
+userenvgeneratordir = prefixdir / 'lib/systemd/user-environment-generators'
+systemshutdowndir = libexecdir / 'system-shutdown'
+systemsleepdir = libexecdir / 'system-sleep'
+systemunitdir = prefixdir / 'lib/systemd/system'
+systempresetdir = prefixdir / 'lib/systemd/system-preset'
+udevlibexecdir = prefixdir / 'lib/udev'
+udevrulesdir = udevlibexecdir / 'rules.d'
+udevhwdbdir = udevlibexecdir / 'hwdb.d'
+catalogdir = prefixdir / 'lib/systemd/catalog'
+kerneldir = prefixdir / 'lib/kernel'
+kernelinstalldir = kerneldir / 'install.d'
+factorydir = datadir / 'factory'
+bootlibdir = prefixdir / 'lib/systemd/boot/efi'
+testsdir = prefixdir / 'lib/systemd/tests'
+unittestsdir = testsdir / 'unit-tests'
+testdata_dir = testsdir / 'testdata'
+systemdstatedir = localstatedir / 'lib/systemd'
+catalogstatedir = systemdstatedir / 'catalog'
+randomseeddir = localstatedir / 'lib/systemd'
+profiledir = libexecdir / 'portable' / 'profile'
+repartdefinitionsdir = libexecdir / 'repart/definitions'
+ntpservicelistdir = prefixdir / 'lib/systemd/ntp-units.d'
+credstoredir = prefixdir / 'lib/credstore'
+pcrlockdir = prefixdir / 'lib/pcrlock.d'
+
+configfiledir = get_option('configfiledir')
+if configfiledir == ''
+ configfiledir= sysconfdir
+endif
+pkgconfigfiledir = configfiledir / 'systemd'
+
+docdir = get_option('docdir')
+if docdir == ''
+ docdir = datadir / 'doc/systemd'
+endif
+
+pamlibdir = get_option('pamlibdir')
+if pamlibdir == ''
+ pamlibdir = libdir / 'security'
+endif
+
+pamconfdir = get_option('pamconfdir')
+if pamconfdir == ''
+ pamconfdir = prefixdir / 'lib/pam.d'
+endif
+
+libcryptsetup_plugins_dir = get_option('libcryptsetup-plugins-dir')
+if libcryptsetup_plugins_dir == ''
+ libcryptsetup_plugins_dir = libdir / 'cryptsetup'
+endif
+
+memory_accounting_default = get_option('memory-accounting-default')
+status_unit_format_default = get_option('status-unit-format-default')
+if status_unit_format_default == 'auto'
+ status_unit_format_default = conf.get('BUILD_MODE_DEVELOPER') == 1 ? 'name' : 'description'
+endif
+
+conf.set_quoted('BINDIR', bindir)
+conf.set_quoted('BINFMT_DIR', binfmtdir)
+conf.set_quoted('BOOTLIBDIR', bootlibdir)
+conf.set_quoted('CATALOG_DATABASE', catalogstatedir / 'database')
+conf.set_quoted('CERTIFICATE_ROOT', get_option('certificate-root'))
+conf.set_quoted('DOC_DIR', docdir)
+conf.set_quoted('DOCUMENT_ROOT', pkgdatadir / 'gatewayd')
+conf.set_quoted('ENVIRONMENT_DIR', environmentdir)
+conf.set_quoted('INCLUDE_DIR', includedir)
+conf.set_quoted('LIBDIR', libdir)
+conf.set_quoted('LIBEXECDIR', libexecdir)
+conf.set_quoted('MODPROBE_DIR', modprobedir)
+conf.set_quoted('MODULESLOAD_DIR', modulesloaddir)
+conf.set_quoted('PKGSYSCONFDIR', pkgsysconfdir)
+conf.set_quoted('POLKIT_AGENT_BINARY_PATH', bindir / 'pkttyagent')
+conf.set_quoted('PREFIX', prefixdir)
+conf.set_quoted('PREFIX_NOSLASH', prefixdir_noslash)
+conf.set_quoted('RANDOM_SEED', randomseeddir / 'random-seed')
+conf.set_quoted('RANDOM_SEED_DIR', randomseeddir)
+conf.set_quoted('RC_LOCAL_PATH', get_option('rc-local'))
+conf.set_quoted('SYSCONF_DIR', sysconfdir)
+conf.set_quoted('SYSCTL_DIR', sysctldir)
+conf.set_quoted('SYSTEMCTL_BINARY_PATH', bindir / 'systemctl')
+conf.set_quoted('SYSTEMD_BINARY_PATH', libexecdir / 'systemd')
+conf.set_quoted('SYSTEMD_EXECUTOR_BINARY_PATH', libexecdir / 'systemd-executor')
+conf.set_quoted('SYSTEMD_CATALOG_DIR', catalogdir)
+conf.set_quoted('SYSTEMD_CGROUPS_AGENT_PATH', libexecdir / 'systemd-cgroups-agent')
+conf.set_quoted('SYSTEMD_CRYPTSETUP_PATH', bindir / 'systemd-cryptsetup')
+conf.set_quoted('SYSTEMD_EXPORT_PATH', libexecdir / 'systemd-export')
+conf.set_quoted('SYSTEMD_FSCK_PATH', libexecdir / 'systemd-fsck')
+conf.set_quoted('SYSTEMD_GROWFS_PATH', libexecdir / 'systemd-growfs')
+conf.set_quoted('SYSTEMD_HOMEWORK_PATH', libexecdir / 'systemd-homework')
+conf.set_quoted('SYSTEMD_IMPORT_FS_PATH', libexecdir / 'systemd-import-fs')
+conf.set_quoted('SYSTEMD_IMPORT_PATH', libexecdir / 'systemd-import')
+conf.set_quoted('SYSTEMD_INTEGRITYSETUP_PATH', libexecdir / 'systemd-integritysetup')
+conf.set_quoted('SYSTEMD_KBD_MODEL_MAP', pkgdatadir / 'kbd-model-map')
+conf.set_quoted('SYSTEMD_LANGUAGE_FALLBACK_MAP', pkgdatadir / 'language-fallback-map')
+conf.set_quoted('SYSTEMD_MAKEFS_PATH', libexecdir / 'systemd-makefs')
+conf.set_quoted('SYSTEMD_PULL_PATH', libexecdir / 'systemd-pull')
+conf.set_quoted('SYSTEMD_SHUTDOWN_BINARY_PATH', libexecdir / 'systemd-shutdown')
+conf.set_quoted('SYSTEMD_TEST_DATA', testdata_dir)
+conf.set_quoted('SYSTEMD_TTY_ASK_PASSWORD_AGENT_BINARY_PATH', bindir / 'systemd-tty-ask-password-agent')
+conf.set_quoted('SYSTEMD_UPDATE_HELPER_PATH', libexecdir / 'systemd-update-helper')
+conf.set_quoted('SYSTEMD_USERWORK_PATH', libexecdir / 'systemd-userwork')
+conf.set_quoted('SYSTEMD_VERITYSETUP_PATH', libexecdir / 'systemd-veritysetup')
+conf.set_quoted('SYSTEM_CONFIG_UNIT_DIR', pkgsysconfdir / 'system')
+conf.set_quoted('SYSTEM_DATA_UNIT_DIR', systemunitdir)
+conf.set_quoted('SYSTEM_ENV_GENERATOR_DIR', systemenvgeneratordir)
+conf.set_quoted('SYSTEM_GENERATOR_DIR', systemgeneratordir)
+conf.set_quoted('SYSTEM_PRESET_DIR', systempresetdir)
+conf.set_quoted('SYSTEM_SHUTDOWN_PATH', systemshutdowndir)
+conf.set_quoted('SYSTEM_SLEEP_PATH', systemsleepdir)
+conf.set_quoted('SYSTEM_SYSVINIT_PATH', sysvinit_path)
+conf.set_quoted('SYSTEM_SYSVRCND_PATH', sysvrcnd_path)
+conf.set_quoted('SYSUSERS_DIR', sysusersdir)
+conf.set_quoted('TMPFILES_DIR', tmpfilesdir)
+conf.set_quoted('USER_TMPFILES_DIR', usertmpfilesdir)
+conf.set_quoted('UDEVLIBEXECDIR', udevlibexecdir)
+conf.set_quoted('UDEV_HWDB_DIR', udevhwdbdir)
+conf.set_quoted('UDEV_RULES_DIR', udevrulesdir)
+conf.set_quoted('USER_CONFIG_UNIT_DIR', pkgsysconfdir / 'user')
+conf.set_quoted('USER_DATA_UNIT_DIR', userunitdir)
+conf.set_quoted('USER_ENV_GENERATOR_DIR', userenvgeneratordir)
+conf.set_quoted('USER_GENERATOR_DIR', usergeneratordir)
+conf.set_quoted('USER_KEYRING_PATH', pkgsysconfdir / 'import-pubring.gpg')
+conf.set_quoted('USER_PRESET_DIR', userpresetdir)
+conf.set_quoted('VENDOR_KEYRING_PATH', libexecdir / 'import-pubring.gpg')
+
+conf.set('ANSI_OK_COLOR', 'ANSI_' + get_option('ok-color').underscorify().to_upper())
+conf.set10('ENABLE_URLIFY', get_option('urlify'))
+conf.set10('ENABLE_FEXECVE', get_option('fexecve'))
+conf.set10('MEMORY_ACCOUNTING_DEFAULT', memory_accounting_default)
+conf.set('STATUS_UNIT_FORMAT_DEFAULT', 'STATUS_UNIT_FORMAT_' + status_unit_format_default.to_upper())
+conf.set_quoted('STATUS_UNIT_FORMAT_DEFAULT_STR', status_unit_format_default)
+
+conf.set('DEFAULT_TIMEOUT_SEC', get_option('default-timeout-sec'))
+conf.set('DEFAULT_USER_TIMEOUT_SEC', get_option('default-user-timeout-sec'))
+conf.set('UPDATE_HELPER_USER_TIMEOUT_SEC', get_option('update-helper-user-timeout-sec'))
+
+conf.set10('ENABLE_FIRST_BOOT_FULL_PRESET', get_option('first-boot-full-preset'))
+
+#####################################################################
+
+cc = meson.get_compiler('c')
+userspace_c_args = []
+userspace_c_ld_args = []
+meson_build_sh = find_program('tools/meson-build.sh')
+
+want_tests = get_option('tests')
+slow_tests = want_tests != 'false' and get_option('slow-tests')
+fuzz_tests = want_tests != 'false' and get_option('fuzz-tests')
+install_tests = want_tests != 'false' and get_option('install-tests')
+
+if add_languages('cpp', native : false, required : fuzzer_build)
+ # Used only for tests
+ cxx = meson.get_compiler('cpp')
+ cxx_cmd = ' '.join(cxx.cmd_array())
+else
+ cxx_cmd = ''
+endif
+
+if want_libfuzzer
+ fuzzing_engine = meson.get_compiler('cpp').find_library('Fuzzer', required : false)
+ if fuzzing_engine.found()
+ userspace_c_args += '-fsanitize-coverage=trace-pc-guard,trace-cmp'
+ elif cc.has_argument('-fsanitize=fuzzer-no-link')
+ userspace_c_args += '-fsanitize=fuzzer-no-link'
+ else
+ error('Looks like neither libFuzzer nor -fsanitize=fuzzer-no-link is supported')
+ endif
+elif want_ossfuzz
+ fuzzing_engine = meson.get_compiler('cpp').find_library('FuzzingEngine')
+endif
+
+# Those generate many false positives, and we do not want to change the code to
+# avoid them.
+basic_disabled_warnings = [
+ '-Wno-missing-field-initializers',
+ '-Wno-unused-parameter',
+ '-Wno-nonnull-compare',
+]
+
+possible_common_cc_flags = [
+ '-Warray-bounds', # clang
+ '-Warray-bounds=2',
+ '-Wdate-time',
+ '-Wendif-labels',
+ '-Werror=format=2',
+ '-Werror=format-signedness',
+ '-Werror=implicit-function-declaration',
+ '-Werror=implicit-int',
+ '-Werror=incompatible-pointer-types',
+ '-Werror=int-conversion',
+ '-Werror=missing-declarations',
+ '-Werror=missing-prototypes',
+ '-Werror=overflow',
+ '-Werror=override-init',
+ '-Werror=return-type',
+ '-Werror=shift-count-overflow',
+ '-Werror=shift-overflow=2',
+ '-Werror=strict-flex-arrays',
+ '-Werror=undef',
+ '-Wfloat-equal',
+ # gperf prevents us from enabling this because it does not emit fallthrough
+ # attribute with clang.
+ #'-Wimplicit-fallthrough',
+ '-Wimplicit-fallthrough=5',
+ '-Winit-self',
+ '-Wlogical-op',
+ '-Wmissing-include-dirs',
+ '-Wmissing-noreturn',
+ '-Wnested-externs',
+ '-Wold-style-definition',
+ '-Wpointer-arith',
+ '-Wredundant-decls',
+ '-Wshadow',
+ '-Wstrict-aliasing=2',
+ '-Wstrict-prototypes',
+ '-Wsuggest-attribute=noreturn',
+ '-Wunused-function',
+ '-Wwrite-strings',
+ '-Wzero-length-bounds',
+
+ # negative arguments are correctly detected starting with meson 0.46.
+ '-Wno-error=#warnings', # clang
+ '-Wno-string-plus-int', # clang
+
+ '-fdiagnostics-show-option',
+ '-fno-common',
+ '-fstack-protector',
+ '-fstack-protector-strong',
+ '-fstrict-flex-arrays',
+ '--param=ssp-buffer-size=4',
+]
+
+possible_common_link_flags = [
+ '-fstack-protector',
+]
+
+c_args = get_option('c_args')
+
+# Our json library does not support -ffinite-math-only, which is enabled by -Ofast or -ffast-math.
+if (('-Ofast' in c_args or '-ffast-math' in c_args or '-ffinite-math-only' in c_args) and '-fno-finite-math-only' not in c_args)
+ error('-Ofast, -ffast-math, or -ffinite-math-only is specified in c_args.')
+endif
+
+# Disable -Wmaybe-uninitialized when compiling with -Os/-O1/-O3/etc. There are
+# too many false positives with gcc >= 8. Effectively, we only test with -O0
+# and -O2; this should be enough to catch most important cases without too much
+# busywork. See https://github.com/systemd/systemd/pull/19226.
+if cc.get_id() == 'gcc' and (not '02'.contains(get_option('optimization')) or
+ cc.version().version_compare('<10') or
+ '-Os' in c_args or
+ '-O1' in c_args or
+ '-O3' in c_args or
+ '-Og' in c_args)
+ possible_common_cc_flags += '-Wno-maybe-uninitialized'
+endif
+
+# Disable -Wno-unused-result with gcc, see
+# https://gcc.gnu.org/bugzilla/show_bug.cgi?id=66425.
+if cc.get_id() == 'gcc'
+ possible_common_cc_flags += '-Wno-unused-result'
+endif
+
+# --as-needed and --no-undefined are provided by meson by default,
+# run 'meson configure' to see what is enabled
+possible_link_flags = [
+ '-Wl,--fatal-warnings',
+ '-Wl,-z,now',
+ '-Wl,-z,relro',
+]
+
+if get_option('b_sanitize') == 'none'
+ possible_link_flags += '-Wl,--warn-common'
+endif
+
+if cc.get_id() == 'clang'
+ possible_common_cc_flags += [
+ '-Wno-typedef-redefinition',
+ '-Wno-gnu-variable-sized-type-not-at-end',
+ ]
+endif
+
+if get_option('mode') == 'release'
+ # We could enable 'pattern' for developer mode, but that can interfere with
+ # valgrind and sanitizer builds. Also, clang does not zero-initialize unions,
+ # breaking some of our code (https://reviews.llvm.org/D68115).
+ possible_common_cc_flags += '-ftrivial-auto-var-init=zero'
+endif
+
+possible_cc_flags = [
+ '-fno-strict-aliasing',
+ '-fstrict-flex-arrays=1',
+ '-fvisibility=hidden',
+]
+
+if get_option('buildtype') != 'debug'
+ possible_cc_flags += [
+ '-ffunction-sections',
+ '-fdata-sections',
+ ]
+
+ possible_link_flags += '-Wl,--gc-sections'
+endif
+
+if get_option('mode') == 'developer'
+ possible_cc_flags += '-fno-omit-frame-pointer'
+endif
+
+add_project_arguments(
+ cc.get_supported_arguments(
+ basic_disabled_warnings,
+ possible_common_cc_flags
+ ),
+ language : 'c')
+
+add_project_link_arguments(
+ cc.get_supported_link_arguments(possible_common_link_flags),
+ language : 'c')
+
+userspace_c_args += cc.get_supported_arguments(possible_cc_flags)
+userspace_c_ld_args += cc.get_supported_link_arguments(possible_link_flags)
+
+have = cc.has_argument('-Wzero-length-bounds')
+conf.set10('HAVE_ZERO_LENGTH_BOUNDS', have)
+
+if cc.compiles('''
+ #include <time.h>
+ #include <inttypes.h>
+ typedef uint64_t usec_t;
+ usec_t now(clockid_t clock);
+ int main(void) {
+ struct timespec now;
+ return 0;
+ }
+''', args: '-Werror=shadow', name : '-Werror=shadow with local shadowing')
+ add_project_arguments('-Werror=shadow', language : 'c')
+endif
+
+if cxx_cmd != ''
+ add_project_arguments(cxx.get_supported_arguments(basic_disabled_warnings), language : 'cpp')
+endif
+
+cpp = ' '.join(cc.cmd_array() + get_option('c_args')) + ' -E'
+
+has_wstringop_truncation = cc.has_argument('-Wstringop-truncation')
+
+#####################################################################
+# compilation result tests
+
+conf.set('_GNU_SOURCE', 1)
+conf.set('__SANE_USERSPACE_TYPES__', true)
+conf.set10('HAVE_WSTRINGOP_TRUNCATION', has_wstringop_truncation)
+
+conf.set('SIZEOF_DEV_T', cc.sizeof('dev_t', prefix : '#include <sys/types.h>'))
+conf.set('SIZEOF_INO_T', cc.sizeof('ino_t', prefix : '#include <sys/types.h>'))
+conf.set('SIZEOF_RLIM_T', cc.sizeof('rlim_t', prefix : '#include <sys/resource.h>'))
+conf.set('SIZEOF_TIME_T', cc.sizeof('time_t', prefix : '#include <sys/time.h>'))
+conf.set('SIZEOF_TIMEX_MEMBER', cc.sizeof('typeof(((struct timex *)0)->freq)', prefix : '#include <sys/timex.h>'))
+
+long_max = cc.compute_int(
+ 'LONG_MAX',
+ prefix : '#include <limits.h>',
+ guess : 0x7FFFFFFFFFFFFFFF,
+ high : 0x7FFFFFFFFFFFFFFF)
+assert(long_max > 100000)
+conf.set_quoted('LONG_MAX_STR', '@0@'.format(long_max))
+
+decl_headers = '''
+#include <dirent.h>
+#include <uchar.h>
+#include <sys/mount.h>
+#include <sys/stat.h>
+'''
+
+foreach decl : ['char16_t',
+ 'char32_t',
+ 'struct mount_attr',
+ 'struct statx',
+ 'struct dirent64',
+ ]
+
+ # We get -1 if the size cannot be determined
+ have = cc.sizeof(decl, prefix : decl_headers, args : '-D_GNU_SOURCE') > 0
+
+ if decl == 'struct mount_attr'
+ if have
+ want_linux_fs_h = false
+ else
+ have = cc.sizeof(decl,
+ prefix : decl_headers + '#include <linux/fs.h>',
+ args : '-D_GNU_SOURCE') > 0
+ want_linux_fs_h = have
+ endif
+ endif
+
+ if decl == 'struct statx'
+ if have
+ want_linux_stat_h = false
+ else
+ have = cc.sizeof(decl,
+ prefix : decl_headers + '#include <linux/stat.h>',
+ args : '-D_GNU_SOURCE') > 0
+ want_linux_stat_h = have
+ endif
+ endif
+
+ conf.set10('HAVE_' + decl.underscorify().to_upper(), have)
+endforeach
+
+conf.set10('WANT_LINUX_STAT_H', want_linux_stat_h)
+conf.set10('WANT_LINUX_FS_H', want_linux_fs_h)
+
+foreach ident : ['secure_getenv', '__secure_getenv']
+ conf.set10('HAVE_' + ident.to_upper(), cc.has_function(ident))
+endforeach
+
+foreach ident : [
+ ['memfd_create', '''#include <sys/mman.h>'''],
+ ['gettid', '''#include <sys/types.h>
+ #include <unistd.h>'''],
+ ['fchmodat2', '''#include <stdlib.h>
+ #include <fcntl.h>'''], # no known header declares fchmodat2
+ ['pivot_root', '''#include <stdlib.h>
+ #include <unistd.h>'''], # no known header declares pivot_root
+ ['ioprio_get', '''#include <sched.h>'''], # no known header declares ioprio_get
+ ['ioprio_set', '''#include <sched.h>'''], # no known header declares ioprio_set
+ ['name_to_handle_at', '''#include <sys/types.h>
+ #include <sys/stat.h>
+ #include <fcntl.h>'''],
+ ['setns', '''#include <sched.h>'''],
+ ['renameat2', '''#include <stdio.h>
+ #include <fcntl.h>'''],
+ ['kcmp', '''#include <linux/kcmp.h>'''],
+ ['keyctl', '''#include <sys/types.h>
+ #include <keyutils.h>'''],
+ ['copy_file_range', '''#include <sys/syscall.h>
+ #include <unistd.h>'''],
+ ['bpf', '''#include <sys/syscall.h>
+ #include <unistd.h>'''],
+ ['statx', '''#include <sys/types.h>
+ #include <sys/stat.h>
+ #include <unistd.h>'''],
+ ['explicit_bzero' , '''#include <string.h>'''],
+ ['reallocarray', '''#include <stdlib.h>'''],
+ ['set_mempolicy', '''#include <stdlib.h>
+ #include <unistd.h>'''],
+ ['get_mempolicy', '''#include <stdlib.h>
+ #include <unistd.h>'''],
+ ['pidfd_send_signal', '''#include <stdlib.h>
+ #include <unistd.h>
+ #include <signal.h>
+ #include <sys/wait.h>'''],
+ ['pidfd_open', '''#include <stdlib.h>
+ #include <unistd.h>
+ #include <signal.h>
+ #include <sys/wait.h>'''],
+ ['rt_sigqueueinfo', '''#include <stdlib.h>
+ #include <unistd.h>
+ #include <signal.h>
+ #include <sys/wait.h>'''],
+ ['rt_tgsigqueueinfo', '''#include <stdlib.h>
+ #include <unistd.h>
+ #include <signal.h>
+ #include <sys/wait.h>'''],
+ ['mallinfo', '''#include <malloc.h>'''],
+ ['mallinfo2', '''#include <malloc.h>'''],
+ ['execveat', '''#include <unistd.h>'''],
+ ['close_range', '''#include <unistd.h>'''],
+ ['epoll_pwait2', '''#include <sys/epoll.h>'''],
+ ['mount_setattr', '''#include <sys/mount.h>'''],
+ ['move_mount', '''#include <sys/mount.h>'''],
+ ['open_tree', '''#include <sys/mount.h>'''],
+ ['fsopen', '''#include <sys/mount.h>'''],
+ ['fsconfig', '''#include <sys/mount.h>'''],
+ ['fsmount', '''#include <sys/mount.h>'''],
+ ['getdents64', '''#include <dirent.h>'''],
+]
+
+ have = cc.has_function(ident[0], prefix : ident[1], args : '-D_GNU_SOURCE')
+ conf.set10('HAVE_' + ident[0].to_upper(), have)
+endforeach
+
+if cc.has_function('getrandom', prefix : '''#include <sys/random.h>''', args : '-D_GNU_SOURCE')
+ conf.set10('USE_SYS_RANDOM_H', true)
+ conf.set10('HAVE_GETRANDOM', true)
+else
+ have = cc.has_function('getrandom', prefix : '''#include <linux/random.h>''')
+ conf.set10('USE_SYS_RANDOM_H', false)
+ conf.set10('HAVE_GETRANDOM', have)
+endif
+
+#####################################################################
+
+sh = find_program('sh')
+echo = find_program('echo')
+sed = find_program('sed')
+awk = find_program('awk')
+stat = find_program('stat')
+ln = find_program('ln')
+git = find_program('git', required : false)
+env = find_program('env')
+rsync = find_program('rsync', required : false)
+diff = find_program('diff')
+find = find_program('find')
+
+ln_s = ln.full_path() + ' -frsT -- "${DESTDIR:-}@0@" "${DESTDIR:-}@1@"'
+
+# If -Dxxx-path option is found, use that. Otherwise, check in $PATH,
+# /usr/sbin, /sbin, and fall back to the default from middle column.
+progs = [['quotaon', '/usr/sbin/quotaon' ],
+ ['quotacheck', '/usr/sbin/quotacheck' ],
+ ['kmod', '/usr/bin/kmod' ],
+ ['kexec', '/usr/sbin/kexec' ],
+ ['sulogin', '/usr/sbin/sulogin' ],
+ ['mount', '/usr/bin/mount', 'MOUNT_PATH'],
+ ['umount', '/usr/bin/umount', 'UMOUNT_PATH'],
+ ['loadkeys', '/usr/bin/loadkeys', 'KBD_LOADKEYS'],
+ ['setfont', '/usr/bin/setfont', 'KBD_SETFONT'],
+ ['nologin', '/usr/sbin/nologin', ],
+ ]
+foreach prog : progs
+ path = get_option(prog[0] + '-path')
+ if path != ''
+ message('Using @1@ for @0@'.format(prog[0], path))
+ else
+ exe = find_program(prog[0],
+ '/usr/sbin/' + prog[0],
+ '/sbin/' + prog[0],
+ required: false)
+ path = exe.found() ? exe.full_path() : prog[1]
+ endif
+ name = prog.length() > 2 ? prog[2] : prog[0].to_upper()
+ conf.set_quoted(name, path)
+endforeach
+
+conf.set_quoted('TELINIT', get_option('telinit-path'))
+
+if run_command(ln, '--relative', '--help', check : false).returncode() != 0
+ error('ln does not support --relative (added in coreutils 8.16)')
+endif
+
+############################################################
+
+gperf = find_program('gperf')
+
+gperf_test_format = '''
+#include <string.h>
+const char * in_word_set(const char *, @0@);
+@1@
+'''
+gperf_snippet = run_command(sh, '-c', 'echo foo,bar | "$1" -L ANSI-C', '_', gperf,
+ check : true)
+gperf_test = gperf_test_format.format('size_t', gperf_snippet.stdout())
+if cc.compiles(gperf_test)
+ gperf_len_type = 'size_t'
+else
+ gperf_test = gperf_test_format.format('unsigned', gperf_snippet.stdout())
+ if cc.compiles(gperf_test)
+ gperf_len_type = 'unsigned'
+ else
+ error('unable to determine gperf len type')
+ endif
+endif
+message('gperf len type is @0@'.format(gperf_len_type))
+conf.set('GPERF_LEN_TYPE', gperf_len_type,
+ description : 'The type of gperf "len" parameter')
+
+############################################################
+
+if not cc.has_header('sys/capability.h')
+ error('POSIX caps headers not found')
+endif
+foreach header : ['crypt.h',
+ 'linux/memfd.h',
+ 'linux/vm_sockets.h',
+ 'sys/auxv.h',
+ 'threads.h',
+ 'valgrind/memcheck.h',
+ 'valgrind/valgrind.h',
+ 'linux/time_types.h',
+ 'sys/sdt.h',
+ ]
+
+ conf.set10('HAVE_' + header.underscorify().to_upper(),
+ cc.has_header(header))
+endforeach
+
+############################################################
+
+fallback_hostname = get_option('fallback-hostname')
+if fallback_hostname == '' or fallback_hostname[0] == '.' or fallback_hostname[0] == '-'
+ error('Invalid fallback-hostname configuration')
+ # A more extensive test is done in test-hostname-util. Let's catch
+ # the most obvious errors here so we don't fail with an assert later.
+endif
+conf.set_quoted('FALLBACK_HOSTNAME', fallback_hostname)
+
+default_hierarchy = get_option('default-hierarchy')
+conf.set_quoted('DEFAULT_HIERARCHY_NAME', default_hierarchy,
+ description : 'default cgroup hierarchy as string')
+if default_hierarchy == 'legacy'
+ conf.set('DEFAULT_HIERARCHY', 'CGROUP_UNIFIED_NONE')
+elif default_hierarchy == 'hybrid'
+ conf.set('DEFAULT_HIERARCHY', 'CGROUP_UNIFIED_SYSTEMD')
+else
+ conf.set('DEFAULT_HIERARCHY', 'CGROUP_UNIFIED_ALL')
+endif
+
+extra_net_naming_schemes = []
+extra_net_naming_map = []
+foreach scheme: get_option('extra-net-naming-schemes').split(',')
+ if scheme != ''
+ name = scheme.split('=')[0]
+ value = scheme.split('=')[1]
+ NAME = name.underscorify().to_upper()
+ VALUE = []
+ foreach field: value.split('+')
+ VALUE += 'NAMING_' + field.underscorify().to_upper()
+ endforeach
+ extra_net_naming_schemes += 'NAMING_@0@ = @1@,'.format(NAME, '|'.join(VALUE))
+ extra_net_naming_map += '{ "@0@", NAMING_@1@ },'.format(name, NAME)
+ endif
+endforeach
+conf.set('EXTRA_NET_NAMING_SCHEMES', ' '.join(extra_net_naming_schemes))
+conf.set('EXTRA_NET_NAMING_MAP', ' '.join(extra_net_naming_map))
+
+default_net_naming_scheme = get_option('default-net-naming-scheme')
+conf.set_quoted('DEFAULT_NET_NAMING_SCHEME', default_net_naming_scheme,
+ description : 'Default naming scheme as a string')
+if default_net_naming_scheme != 'latest'
+ conf.set('_DEFAULT_NET_NAMING_SCHEME',
+ 'NAMING_' + default_net_naming_scheme.underscorify().to_upper(),
+ description : 'Default naming scheme as a constant')
+endif
+
+time_epoch = get_option('time-epoch')
+if time_epoch <= 0
+ time_epoch = run_command(sh, '-c', 'echo "$SOURCE_DATE_EPOCH"', check : true).stdout().strip()
+ if time_epoch == '' and git.found() and fs.is_dir('.git')
+ # If we're in a git repository, use the creation time of the latest git tag.
+ latest_tag = run_command(git, 'describe', '--abbrev=0', '--tags',
+ check : false)
+ if latest_tag.returncode() == 0
+ time_epoch = run_command(
+ git, 'log', '--no-show-signature', '-1', '--format=%at',
+ latest_tag.stdout().strip(),
+ check : false).stdout()
+ endif
+ endif
+ if time_epoch == ''
+ NEWS = files('NEWS')
+ time_epoch = run_command(stat, '-c', '%Y', NEWS,
+ check : true).stdout()
+ endif
+ time_epoch = time_epoch.strip().to_int()
+endif
+conf.set('TIME_EPOCH', time_epoch)
+
+conf.set('CLOCK_VALID_RANGE_USEC_MAX', get_option('clock-valid-range-usec-max'))
+
+default_user_shell = get_option('default-user-shell')
+conf.set_quoted('DEFAULT_USER_SHELL', default_user_shell)
+conf.set_quoted('DEFAULT_USER_SHELL_NAME', fs.name(default_user_shell))
+
+foreach tuple : [['system-alloc-uid-min', 'SYS_UID_MIN', 1], # Also see login.defs(5).
+ ['system-uid-max', 'SYS_UID_MAX', 999],
+ ['system-alloc-gid-min', 'SYS_GID_MIN', 1],
+ ['system-gid-max', 'SYS_GID_MAX', 999]]
+ v = get_option(tuple[0])
+ if v <= 0
+ v = run_command(
+ awk,
+ '/^\s*@0@\s+/ { uid=$2 } END { print uid }'.format(tuple[1]),
+ '/etc/login.defs',
+ check : false).stdout().strip()
+ if v == ''
+ v = tuple[2]
+ else
+ v = v.to_int()
+ endif
+ endif
+ conf.set(tuple[0].underscorify().to_upper(), v)
+endforeach
+if conf.get('SYSTEM_ALLOC_UID_MIN') >= conf.get('SYSTEM_UID_MAX')
+ error('Invalid uid allocation range')
+endif
+if conf.get('SYSTEM_ALLOC_GID_MIN') >= conf.get('SYSTEM_GID_MAX')
+ error('Invalid gid allocation range')
+endif
+
+dynamic_uid_min = get_option('dynamic-uid-min')
+dynamic_uid_max = get_option('dynamic-uid-max')
+conf.set('DYNAMIC_UID_MIN', dynamic_uid_min)
+conf.set('DYNAMIC_UID_MAX', dynamic_uid_max)
+
+container_uid_base_min = get_option('container-uid-base-min')
+container_uid_base_max = get_option('container-uid-base-max')
+conf.set('CONTAINER_UID_BASE_MIN', container_uid_base_min)
+conf.set('CONTAINER_UID_BASE_MAX', container_uid_base_max)
+
+nobody_user = get_option('nobody-user')
+nobody_group = get_option('nobody-group')
+
+if not meson.is_cross_build()
+ getent_result = run_command('getent', 'passwd', '65534', check : false)
+ if getent_result.returncode() == 0
+ name = getent_result.stdout().split(':')[0]
+ if name != nobody_user
+ warning('\n' +
+ 'The local user with the UID 65534 does not match the configured user name "@0@" of the nobody user (its name is @1@).\n'.format(nobody_user, name) +
+ 'Your build will result in an user table setup that is incompatible with the local system.')
+ endif
+ endif
+ id_result = run_command('id', '-u', nobody_user, check : false)
+ if id_result.returncode() == 0
+ id = id_result.stdout().strip().to_int()
+ if id != 65534
+ warning('\n' +
+ 'The local user with the configured user name "@0@" of the nobody user does not have UID 65534 (it has @1@).\n'.format(nobody_user, id) +
+ 'Your build will result in an user table setup that is incompatible with the local system.')
+ endif
+ endif
+
+ getent_result = run_command('getent', 'group', '65534', check : false)
+ if getent_result.returncode() == 0
+ name = getent_result.stdout().split(':')[0]
+ if name != nobody_group
+ warning('\n' +
+ 'The local group with the GID 65534 does not match the configured group name "@0@" of the nobody group (its name is @1@).\n'.format(nobody_group, name) +
+ 'Your build will result in an group table setup that is incompatible with the local system.')
+ endif
+ endif
+ id_result = run_command('id', '-g', nobody_group, check : false)
+ if id_result.returncode() == 0
+ id = id_result.stdout().strip().to_int()
+ if id != 65534
+ warning('\n' +
+ 'The local group with the configured group name "@0@" of the nobody group does not have GID 65534 (it has @1@).\n'.format(nobody_group, id) +
+ 'Your build will result in an group table setup that is incompatible with the local system.')
+ endif
+ endif
+endif
+if nobody_user != nobody_group and not (nobody_user == 'nobody' and nobody_group == 'nogroup')
+ warning('\n' +
+ 'The configured user name "@0@" and group name "@1@" of the nobody user/group are not equivalent.\n'.format(nobody_user, nobody_group) +
+ 'Please re-check that both "nobody-user" and "nobody-group" options are correctly set.')
+endif
+
+conf.set_quoted('NOBODY_USER_NAME', nobody_user)
+conf.set_quoted('NOBODY_GROUP_NAME', nobody_group)
+
+static_ugids = []
+foreach option : ['adm-gid',
+ 'audio-gid',
+ 'cdrom-gid',
+ 'dialout-gid',
+ 'disk-gid',
+ 'input-gid',
+ 'kmem-gid',
+ 'kvm-gid',
+ 'lp-gid',
+ 'render-gid',
+ 'sgx-gid',
+ 'tape-gid',
+ 'tty-gid',
+ 'users-gid',
+ 'utmp-gid',
+ 'video-gid',
+ 'wheel-gid',
+ 'systemd-journal-gid',
+ 'systemd-network-uid',
+ 'systemd-resolve-uid',
+ 'systemd-timesync-uid']
+ name = option.underscorify().to_upper()
+ val = get_option(option)
+
+ # Ensure provided GID argument is numeric, otherwise fall back to default assignment
+ conf.set(name, val > 0 ? val : '-')
+ if val > 0
+ static_ugids += '@0@:@1@'.format(option, val)
+ endif
+endforeach
+
+conf.set10('ENABLE_ADM_GROUP', get_option('adm-group'))
+conf.set10('ENABLE_WHEEL_GROUP', get_option('wheel-group'))
+
+dev_kvm_mode = get_option('dev-kvm-mode')
+conf.set_quoted('DEV_KVM_MODE', dev_kvm_mode) # FIXME: convert to 0o… notation
+conf.set10('DEV_KVM_UACCESS', dev_kvm_mode != '0666')
+group_render_mode = get_option('group-render-mode')
+conf.set_quoted('GROUP_RENDER_MODE', group_render_mode)
+conf.set10('GROUP_RENDER_UACCESS', group_render_mode != '0666')
+
+kill_user_processes = get_option('default-kill-user-processes')
+conf.set10('KILL_USER_PROCESSES', kill_user_processes)
+
+dns_servers = get_option('dns-servers')
+conf.set_quoted('DNS_SERVERS', dns_servers)
+
+ntp_servers = get_option('ntp-servers')
+conf.set_quoted('NTP_SERVERS', ntp_servers)
+
+default_locale = get_option('default-locale')
+conf.set_quoted('SYSTEMD_DEFAULT_LOCALE', default_locale)
+
+nspawn_locale = get_option('nspawn-locale')
+conf.set_quoted('SYSTEMD_NSPAWN_LOCALE', nspawn_locale)
+
+default_keymap = get_option('default-keymap')
+if default_keymap == ''
+ # We canonicalize empty keymap to '@kernel', as it makes the default value
+ # in the factory provided /etc/vconsole.conf more obvious.
+ default_keymap = '@kernel'
+endif
+conf.set_quoted('SYSTEMD_DEFAULT_KEYMAP', default_keymap)
+
+localegen_path = get_option('localegen-path')
+if localegen_path != ''
+ conf.set_quoted('LOCALEGEN_PATH', localegen_path)
+endif
+conf.set10('HAVE_LOCALEGEN', localegen_path != '')
+
+conf.set_quoted('GETTEXT_PACKAGE', meson.project_name())
+
+service_watchdog = get_option('service-watchdog')
+watchdog_value = service_watchdog == '' ? '' : 'WatchdogSec=' + service_watchdog
+conf.set_quoted('SERVICE_WATCHDOG', watchdog_value)
+
+conf.set_quoted('SUSHELL', get_option('debug-shell'))
+conf.set_quoted('DEBUGTTY', get_option('debug-tty'))
+
+enable_debug_hashmap = false
+enable_debug_mmap_cache = false
+enable_debug_siphash = false
+foreach name : get_option('debug-extra')
+ if name == 'hashmap'
+ enable_debug_hashmap = true
+ elif name == 'mmap-cache'
+ enable_debug_mmap_cache = true
+ elif name == 'siphash'
+ enable_debug_siphash = true
+ else
+ message('unknown debug option "@0@", ignoring'.format(name))
+ endif
+endforeach
+conf.set10('ENABLE_DEBUG_HASHMAP', enable_debug_hashmap)
+conf.set10('ENABLE_DEBUG_MMAP_CACHE', enable_debug_mmap_cache)
+conf.set10('ENABLE_DEBUG_SIPHASH', enable_debug_siphash)
+conf.set10('LOG_TRACE', get_option('log-trace'))
+
+default_user_path = get_option('user-path')
+if default_user_path != ''
+ conf.set_quoted('DEFAULT_USER_PATH', default_user_path)
+endif
+
+#####################################################################
+
+threads = dependency('threads')
+librt = cc.find_library('rt')
+libm = cc.find_library('m')
+libdl = cc.find_library('dl')
+libcrypt = dependency('libcrypt', 'libxcrypt', required : false)
+if not libcrypt.found()
+ # fallback to use find_library() if libcrypt is provided by glibc, e.g. for LibreELEC.
+ libcrypt = cc.find_library('crypt')
+endif
+libcap = dependency('libcap')
+
+# On some architectures, libatomic is required. But on some installations,
+# it is found, but actual linking fails. So let's try to use it opportunistically.
+# If it is installed, but not needed, it will be dropped because of --as-needed.
+if cc.links('''int main(int argc, char **argv) { return 0; }''',
+ args : '-latomic',
+ name : 'libatomic')
+ libatomic = declare_dependency(link_args : '-latomic')
+else
+ libatomic = []
+endif
+
+crypt_header = conf.get('HAVE_CRYPT_H') == 1 ? '''#include <crypt.h>''' : '''#include <unistd.h>'''
+foreach ident : [
+ ['crypt_ra', crypt_header],
+ ['crypt_preferred_method', crypt_header],
+ ['crypt_gensalt_ra', crypt_header]]
+
+ have = cc.has_function(ident[0], prefix : ident[1], args : '-D_GNU_SOURCE',
+ dependencies : libcrypt)
+ conf.set10('HAVE_' + ident[0].to_upper(), have)
+endforeach
+
+bpf_framework = get_option('bpf-framework')
+bpf_compiler = get_option('bpf-compiler')
+libbpf = dependency('libbpf',
+ required : bpf_framework,
+ version : bpf_compiler == 'gcc' ? '>= 1.0.0' : '>= 0.1.0')
+conf.set10('HAVE_LIBBPF', libbpf.found())
+
+if not libbpf.found()
+ conf.set10('BPF_FRAMEWORK', false)
+else
+ clang_found = false
+ clang_supports_bpf = false
+ bpf_gcc_found = false
+ bpftool_strip = false
+ deps_found = false
+
+ if bpf_compiler == 'clang'
+ # Support 'versioned' clang/llvm-strip binaries, as seen on Debian/Ubuntu
+ # (like clang-10/llvm-strip-10)
+ if meson.is_cross_build() or cc.get_id() != 'clang' or cc.cmd_array()[0].contains('afl-clang') or cc.cmd_array()[0].contains('hfuzz-clang')
+ r = find_program('clang',
+ required : bpf_framework,
+ version : '>= 10.0.0')
+ clang_found = r.found()
+ if clang_found
+ clang = r.full_path()
+ endif
+ else
+ clang_found = true
+ clang = cc.cmd_array()
+ endif
+
+ if clang_found
+ # Check if 'clang -target bpf' is supported.
+ clang_supports_bpf = run_command(clang, '-target', 'bpf', '--print-supported-cpus', check : false).returncode() == 0
+ endif
+ elif bpf_compiler == 'gcc'
+ bpf_gcc = find_program('bpf-gcc',
+ 'bpf-none-gcc',
+ required : true,
+ version : '>= 13.1.0')
+ bpf_gcc_found = bpf_gcc.found()
+ endif
+
+ if clang_supports_bpf or bpf_gcc_found
+ # Debian installs this in /usr/sbin/ which is not in $PATH.
+ # We check for 'bpftool' first, honouring $PATH, and in /usr/sbin/ for Debian.
+ # We use 'bpftool gen object' subcommand for bpftool strip, it was added by d80b2fcbe0a023619e0fc73112f2a02c2662f6ab (v5.13).
+ bpftool = find_program('bpftool',
+ '/usr/sbin/bpftool',
+ required : bpf_framework.enabled() and bpf_compiler == 'gcc',
+ version : bpf_compiler == 'gcc' ? '>= 7.0.0' : '>= 5.13.0')
+
+ if bpftool.found()
+ bpftool_strip = true
+ deps_found = true
+ elif bpf_compiler == 'clang'
+ # We require the 'bpftool gen skeleton' subcommand, it was added by 985ead416df39d6fe8e89580cc1db6aa273e0175 (v5.6).
+ bpftool = find_program('bpftool',
+ '/usr/sbin/bpftool',
+ required : bpf_framework,
+ version : '>= 5.6.0')
+ endif
+
+ # We use `llvm-strip` as a fallback if `bpftool gen object` strip support is not available.
+ if not bpftool_strip and bpftool.found() and clang_supports_bpf
+ if not meson.is_cross_build()
+ llvm_strip_bin = run_command(clang, '--print-prog-name', 'llvm-strip',
+ check : true).stdout().strip()
+ else
+ llvm_strip_bin = 'llvm-strip'
+ endif
+ llvm_strip = find_program(llvm_strip_bin,
+ required : bpf_framework,
+ version : '>= 10.0.0')
+ deps_found = llvm_strip.found()
+ endif
+ endif
+
+ # Can build BPF program from source code in restricted C
+ conf.set10('BPF_FRAMEWORK', deps_found)
+endif
+
+libmount = dependency('mount',
+ version : fuzzer_build ? '>= 0' : '>= 2.30')
+
+libfdisk = dependency('fdisk',
+ version : '>= 2.32',
+ disabler : true,
+ required : get_option('fdisk'))
+conf.set10('HAVE_LIBFDISK', libfdisk.found())
+
+# This prefers pwquality if both are enabled or auto.
+feature = get_option('pwquality').disable_auto_if(get_option('passwdqc').enabled())
+libpwquality = dependency('pwquality',
+ version : '>= 1.4.1',
+ required : feature)
+have = libpwquality.found()
+if not have
+ # libpwquality is used for both features for simplicity
+ libpwquality = dependency('passwdqc',
+ required : get_option('passwdqc'))
+endif
+conf.set10('HAVE_PWQUALITY', have)
+conf.set10('HAVE_PASSWDQC', not have and libpwquality.found())
+
+libseccomp = dependency('libseccomp',
+ version : '>= 2.3.1',
+ required : get_option('seccomp'))
+conf.set10('HAVE_SECCOMP', libseccomp.found())
+
+libselinux = dependency('libselinux',
+ version : '>= 2.1.9',
+ required : get_option('selinux'))
+conf.set10('HAVE_SELINUX', libselinux.found())
+
+libapparmor = dependency('libapparmor',
+ version : '>= 2.13',
+ required : get_option('apparmor'))
+conf.set10('HAVE_APPARMOR', libapparmor.found())
+
+have = get_option('smack') and get_option('smack-run-label') != ''
+conf.set10('HAVE_SMACK_RUN_LABEL', have)
+if have
+ conf.set_quoted('SMACK_RUN_LABEL', get_option('smack-run-label'))
+endif
+
+have = get_option('smack') and get_option('smack-default-process-label') != ''
+if have
+ conf.set_quoted('SMACK_DEFAULT_PROCESS_LABEL', get_option('smack-default-process-label'))
+endif
+
+feature = get_option('polkit')
+libpolkit = dependency('polkit-gobject-1',
+ required : feature.disabled() ? feature : false)
+install_polkit = feature.allowed()
+install_polkit_pkla = libpolkit.found() and libpolkit.version().version_compare('< 0.106')
+if install_polkit_pkla
+ message('Old polkit detected, will install pkla files')
+endif
+conf.set10('ENABLE_POLKIT', install_polkit)
+
+libacl = dependency('libacl',
+ required : get_option('acl'))
+conf.set10('HAVE_ACL', libacl.found())
+
+libaudit = dependency('audit',
+ required : get_option('audit'))
+conf.set10('HAVE_AUDIT', libaudit.found())
+
+libblkid = dependency('blkid',
+ required : get_option('blkid'))
+conf.set10('HAVE_BLKID', libblkid.found())
+conf.set10('HAVE_BLKID_PROBE_SET_HINT',
+ libblkid.found() and cc.has_function('blkid_probe_set_hint', dependencies : libblkid))
+
+libkmod = dependency('libkmod',
+ version : '>= 15',
+ required : get_option('kmod'))
+conf.set10('HAVE_KMOD', libkmod.found())
+
+libxenctrl = dependency('xencontrol',
+ version : '>= 4.9',
+ required : get_option('xenctrl'))
+conf.set10('HAVE_XENCTRL', libxenctrl.found())
+libxenctrl_cflags = libxenctrl.partial_dependency(includes: true, compile_args: true)
+
+feature = get_option('pam')
+libpam = dependency('pam',
+ required : feature.disabled() ? feature : false)
+if not libpam.found()
+ # Debian older than bookworm and Ubuntu older than 22.10 do not provide the .pc file.
+ libpam = cc.find_library('pam', required : feature)
+endif
+libpam_misc = dependency('pam_misc',
+ required : feature.disabled() ? feature : false)
+if not libpam_misc.found()
+ libpam_misc = cc.find_library('pam_misc', required : feature)
+endif
+conf.set10('HAVE_PAM', libpam.found() and libpam_misc.found())
+
+libmicrohttpd = dependency('libmicrohttpd',
+ version : '>= 0.9.33',
+ required : get_option('microhttpd'))
+conf.set10('HAVE_MICROHTTPD', libmicrohttpd.found())
+
+libcryptsetup = get_option('libcryptsetup')
+libcryptsetup_plugins = get_option('libcryptsetup-plugins')
+if libcryptsetup_plugins.enabled()
+ if libcryptsetup.disabled()
+ error('libcryptsetup-plugins cannot be requested without libcryptsetup')
+ endif
+ libcryptsetup = libcryptsetup_plugins
+endif
+
+libcryptsetup = dependency('libcryptsetup',
+ version : libcryptsetup_plugins.enabled() ? '>= 2.4.0' : '>= 2.0.1',
+ required : libcryptsetup)
+
+have = libcryptsetup.found()
+foreach ident : ['crypt_set_metadata_size',
+ 'crypt_activate_by_signed_key',
+ 'crypt_token_max',
+ 'crypt_reencrypt_init_by_passphrase',
+ 'crypt_reencrypt',
+ 'crypt_set_data_offset']
+ have_ident = have and cc.has_function(
+ ident,
+ prefix : '#include <libcryptsetup.h>',
+ dependencies : libcryptsetup)
+ conf.set10('HAVE_' + ident.to_upper(), have_ident)
+endforeach
+conf.set10('HAVE_LIBCRYPTSETUP', have)
+
+# TODO: Use has_function(required : libcryptsetup_plugins) with meson >= 1.3.0
+if libcryptsetup_plugins.allowed()
+ have = (cc.has_function(
+ 'crypt_activate_by_token_pin',
+ prefix : '#include <libcryptsetup.h>',
+ dependencies : libcryptsetup) and
+ cc.has_function(
+ 'crypt_token_external_path',
+ prefix : '#include <libcryptsetup.h>',
+ dependencies : libcryptsetup))
+else
+ have = false
+endif
+conf.set10('HAVE_LIBCRYPTSETUP_PLUGINS', have)
+
+libcurl = dependency('libcurl',
+ version : '>= 7.32.0',
+ required : get_option('libcurl'))
+conf.set10('HAVE_LIBCURL', libcurl.found())
+conf.set10('CURL_NO_OLDIES', conf.get('BUILD_MODE_DEVELOPER') == 1)
+
+feature = get_option('libidn2').disable_auto_if(get_option('libidn').enabled())
+libidn = dependency('libidn2',
+ required : feature)
+have = libidn.found()
+if not have
+ # libidn is used for both libidn and libidn2 objects
+ libidn = dependency('libidn',
+ required : get_option('libidn'))
+endif
+conf.set10('HAVE_LIBIDN', not have and libidn.found())
+conf.set10('HAVE_LIBIDN2', have)
+
+libiptc = dependency('libiptc',
+ required : get_option('libiptc'))
+conf.set10('HAVE_LIBIPTC', libiptc.found())
+libiptc_cflags = libiptc.partial_dependency(includes: true, compile_args: true)
+
+libqrencode = dependency('libqrencode',
+ version : '>= 3',
+ required : get_option('qrencode'))
+conf.set10('HAVE_QRENCODE', libqrencode.found())
+
+feature = get_option('gcrypt')
+libgcrypt = dependency('libgcrypt',
+ required : feature)
+libgpg_error = dependency('gpg-error',
+ required : feature.disabled() ? feature : false)
+if not libgpg_error.found()
+ # CentOS 8 does not provide the .pc file.
+ libgpg_error = cc.find_library('gpg-error', required : feature)
+endif
+
+have = libgcrypt.found() and libgpg_error.found()
+if not have
+ # link to neither of the libs if one is not found
+ libgcrypt = []
+ libgpg_error = []
+endif
+conf.set10('HAVE_GCRYPT', have)
+
+libgnutls = dependency('gnutls',
+ version : '>= 3.1.4',
+ required : get_option('gnutls'))
+conf.set10('HAVE_GNUTLS', libgnutls.found())
+
+libopenssl = dependency('openssl',
+ version : '>= 1.1.0',
+ required : get_option('openssl'))
+conf.set10('HAVE_OPENSSL', libopenssl.found())
+
+libp11kit = dependency('p11-kit-1',
+ version : '>= 0.23.3',
+ required : get_option('p11kit'))
+conf.set10('HAVE_P11KIT', libp11kit.found())
+libp11kit_cflags = libp11kit.partial_dependency(includes: true, compile_args: true)
+
+feature = get_option('libfido2').require(
+ conf.get('HAVE_OPENSSL') == 1,
+ error_message : 'openssl required')
+libfido2 = dependency('libfido2',
+ required : feature)
+conf.set10('HAVE_LIBFIDO2', libfido2.found())
+
+tpm2 = dependency('tss2-esys tss2-rc tss2-mu tss2-tcti-device',
+ required : get_option('tpm2'))
+conf.set10('HAVE_TPM2', tpm2.found())
+conf.set10('HAVE_TSS2_ESYS3', tpm2.found() and tpm2.version().version_compare('>= 3.0.0'))
+
+libdw = dependency('libdw',
+ required : get_option('elfutils'))
+conf.set10('HAVE_ELFUTILS', libdw.found())
+# New in elfutils 0.177
+conf.set10('HAVE_DWELF_ELF_E_MACHINE_STRING',
+ libdw.found() and cc.has_function('dwelf_elf_e_machine_string', dependencies : libdw))
+
+libz = dependency('zlib',
+ required : get_option('zlib'))
+conf.set10('HAVE_ZLIB', libz.found())
+
+feature = get_option('bzip2')
+libbzip2 = dependency('bzip2',
+ required : feature.disabled() ? feature : false)
+if not libbzip2.found()
+ # Debian and Ubuntu do not provide the .pc file.
+ libbzip2 = cc.find_library('bz2', required : feature)
+endif
+conf.set10('HAVE_BZIP2', libbzip2.found())
+
+libxz = dependency('liblzma',
+ required : get_option('xz'))
+conf.set10('HAVE_XZ', libxz.found())
+
+liblz4 = dependency('liblz4',
+ version : '>= 1.3.0',
+ required : get_option('lz4'))
+conf.set10('HAVE_LZ4', liblz4.found())
+
+libzstd = dependency('libzstd',
+ version : '>= 1.4.0',
+ required : get_option('zstd'))
+conf.set10('HAVE_ZSTD', libzstd.found())
+
+conf.set10('HAVE_COMPRESSION', libxz.found() or liblz4.found() or libzstd.found())
+
+compression = get_option('default-compression')
+if compression == 'auto'
+ if libzstd.found()
+ compression = 'zstd'
+ elif liblz4.found()
+ compression = 'lz4'
+ elif libxz.found()
+ compression = 'xz'
+ else
+ compression = 'none'
+ endif
+elif compression == 'zstd' and not libzstd.found()
+ error('default-compression=zstd requires zstd')
+elif compression == 'lz4' and not liblz4.found()
+ error('default-compression=lz4 requires lz4')
+elif compression == 'xz' and not libxz.found()
+ error('default-compression=xz requires xz')
+endif
+conf.set('DEFAULT_COMPRESSION', 'COMPRESSION_@0@'.format(compression.to_upper()))
+
+libxkbcommon = dependency('xkbcommon',
+ version : '>= 0.3.0',
+ required : get_option('xkbcommon'))
+conf.set10('HAVE_XKBCOMMON', libxkbcommon.found())
+
+libpcre2 = dependency('libpcre2-8',
+ required : get_option('pcre2'))
+conf.set10('HAVE_PCRE2', libpcre2.found())
+
+libglib = dependency('glib-2.0',
+ version : '>= 2.22.0',
+ required : get_option('glib'))
+libgobject = dependency('gobject-2.0',
+ version : '>= 2.22.0',
+ required : get_option('glib'))
+libgio = dependency('gio-2.0',
+ required : get_option('glib'))
+conf.set10('HAVE_GLIB', libglib.found() and libgobject.found() and libgio.found())
+
+libdbus = dependency('dbus-1',
+ version : '>= 1.3.2',
+ required : get_option('dbus'))
+conf.set10('HAVE_DBUS', libdbus.found())
+
+dbusdatadir = libdbus.get_variable(pkgconfig: 'datadir', default_value: datadir) / 'dbus-1'
+
+dbuspolicydir = get_option('dbuspolicydir')
+if dbuspolicydir == ''
+ dbuspolicydir = dbusdatadir / 'system.d'
+endif
+
+dbussessionservicedir = get_option('dbussessionservicedir')
+if dbussessionservicedir == ''
+ dbussessionservicedir = libdbus.get_variable(pkgconfig: 'session_bus_services_dir', default_value: dbusdatadir / 'services')
+endif
+
+dbussystemservicedir = get_option('dbussystemservicedir')
+if dbussystemservicedir == ''
+ dbussystemservicedir = libdbus.get_variable(pkgconfig: 'system_bus_services_dir', default_value: dbusdatadir / 'system-services')
+endif
+
+dbus_interfaces_dir = get_option('dbus-interfaces-dir')
+if dbus_interfaces_dir == '' or dbus_interfaces_dir == 'yes'
+ if meson.is_cross_build() and dbus_interfaces_dir != 'yes'
+ dbus_interfaces_dir = 'no'
+ warning('Exporting D-Bus interface XML files is disabled during cross build. Pass path or "yes" to force enable.')
+ else
+ dbus_interfaces_dir = libdbus.get_variable(pkgconfig: 'interfaces_dir', default_value: dbusdatadir / 'interfaces')
+ endif
+endif
+
+dmi_arches = ['x86', 'x86_64', 'aarch64', 'arm', 'ia64', 'loongarch64', 'mips']
+conf.set10('HAVE_DMI', host_machine.cpu_family() in dmi_arches)
+
+# We support one or the other. If gcrypt is available, we assume it's there to
+# be used, and use it in preference.
+opt = get_option('cryptolib')
+if opt == 'openssl' and conf.get('HAVE_OPENSSL') == 0
+ error('openssl requested as the default cryptolib, but not available')
+endif
+conf.set10('PREFER_OPENSSL',
+ opt == 'openssl' or (opt == 'auto' and conf.get('HAVE_OPENSSL') == 1 and conf.get('HAVE_GCRYPT') == 0))
+conf.set10('HAVE_OPENSSL_OR_GCRYPT',
+ conf.get('HAVE_OPENSSL') == 1 or conf.get('HAVE_GCRYPT') == 1)
+lib_openssl_or_gcrypt = conf.get('PREFER_OPENSSL') == 1 ? [libopenssl] : [libgcrypt, libgpg_error]
+
+dns_over_tls = get_option('dns-over-tls')
+if dns_over_tls != 'false'
+ if dns_over_tls == 'gnutls' and conf.get('PREFER_OPENSSL') == 1
+ error('Sorry, -Ddns-over-tls=gnutls is not supported when openssl is used as the cryptolib')
+ endif
+
+ if dns_over_tls == 'gnutls'
+ have_openssl = false
+ else
+ have_openssl = conf.get('HAVE_OPENSSL') == 1
+ if dns_over_tls == 'openssl' and not have_openssl
+ error('DNS-over-TLS support was requested with openssl, but dependencies are not available')
+ endif
+ endif
+ if dns_over_tls == 'openssl' or have_openssl
+ have_gnutls = false
+ else
+ have_gnutls = conf.get('HAVE_GNUTLS') == 1 and libgnutls.version().version_compare('>= 3.6.0')
+ if dns_over_tls != 'auto' and not have_gnutls
+ str = dns_over_tls == 'gnutls' ? ' with gnutls' : ''
+ error('DNS-over-TLS support was requested@0@, but dependencies are not available'.format(str))
+ endif
+ endif
+ have = have_gnutls or have_openssl
+else
+ have = false
+ have_gnutls = false
+ have_openssl = false
+endif
+conf.set10('ENABLE_DNS_OVER_TLS', have)
+conf.set10('DNS_OVER_TLS_USE_GNUTLS', have_gnutls)
+conf.set10('DNS_OVER_TLS_USE_OPENSSL', have_openssl)
+
+default_dns_over_tls = get_option('default-dns-over-tls')
+if default_dns_over_tls != 'no' and conf.get('ENABLE_DNS_OVER_TLS') == 0
+ message('default-dns-over-tls cannot be enabled or set to opportunistic when DNS-over-TLS support is disabled. Setting default-dns-over-tls to no.')
+ default_dns_over_tls = 'no'
+endif
+conf.set('DEFAULT_DNS_OVER_TLS_MODE',
+ 'DNS_OVER_TLS_' + default_dns_over_tls.underscorify().to_upper())
+conf.set_quoted('DEFAULT_DNS_OVER_TLS_MODE_STR', default_dns_over_tls)
+
+default_mdns = get_option('default-mdns')
+conf.set('DEFAULT_MDNS_MODE',
+ 'RESOLVE_SUPPORT_' + default_mdns.to_upper())
+conf.set_quoted('DEFAULT_MDNS_MODE_STR', default_mdns)
+
+default_llmnr = get_option('default-llmnr')
+conf.set('DEFAULT_LLMNR_MODE',
+ 'RESOLVE_SUPPORT_' + default_llmnr.to_upper())
+conf.set_quoted('DEFAULT_LLMNR_MODE_STR', default_llmnr)
+
+have = get_option('repart').require(
+ conf.get('HAVE_LIBFDISK') == 1,
+ error_message : 'fdisk required').allowed()
+conf.set10('ENABLE_REPART', have)
+
+default_dnssec = get_option('default-dnssec')
+if default_dnssec != 'no' and conf.get('HAVE_OPENSSL_OR_GCRYPT') == 0
+ message('default-dnssec cannot be set to yes or allow-downgrade openssl and gcrypt are disabled. Setting default-dnssec to no.')
+ default_dnssec = 'no'
+endif
+conf.set('DEFAULT_DNSSEC_MODE',
+ 'DNSSEC_' + default_dnssec.underscorify().to_upper())
+conf.set_quoted('DEFAULT_DNSSEC_MODE_STR', default_dnssec)
+
+have = get_option('sysupdate').require(
+ conf.get('HAVE_OPENSSL') == 1 and
+ conf.get('HAVE_LIBFDISK') == 1,
+ error_message : 'fdisk and openssl required').allowed()
+conf.set10('ENABLE_SYSUPDATE', have)
+
+conf.set10('ENABLE_STORAGETM', get_option('storagetm'))
+
+have = get_option('importd').require(
+ conf.get('HAVE_LIBCURL') == 1 and
+ conf.get('HAVE_OPENSSL_OR_GCRYPT') == 1 and
+ conf.get('HAVE_ZLIB') == 1 and
+ conf.get('HAVE_XZ') == 1,
+ error_message : 'curl, openssl/grypt, zlib and xz required').allowed()
+conf.set10('ENABLE_IMPORTD', have)
+
+have = get_option('homed').require(
+ conf.get('HAVE_OPENSSL') == 1 and
+ conf.get('HAVE_LIBFDISK') == 1 and
+ conf.get('HAVE_LIBCRYPTSETUP') == 1,
+ error_message : 'openssl, fdisk and libcryptsetup required').allowed()
+conf.set10('ENABLE_HOMED', have)
+
+have = have and conf.get('HAVE_PAM') == 1
+conf.set10('ENABLE_PAM_HOME', have)
+
+feature = get_option('remote')
+have_deps = [conf.get('HAVE_MICROHTTPD') == 1,
+ conf.get('HAVE_LIBCURL') == 1]
+# sd-j-remote requires µhttpd, and sd-j-upload requires libcurl, so
+# it's possible to build one without the other. Complain only if
+# support was explicitly requested. The auxiliary files like sysusers
+# config should be installed when any of the programs are built.
+if feature.enabled() and not (have_deps[0] and have_deps[1])
+ error('remote support was requested, but dependencies are not available')
+endif
+have = feature.allowed() and (have_deps[0] or have_deps[1])
+conf.set10('ENABLE_REMOTE', have)
+
+feature = get_option('vmspawn').disable_auto_if(conf.get('BUILD_MODE_DEVELOPER') == 0)
+conf.set10('ENABLE_VMSPAWN', feature.allowed())
+
+foreach term : ['analyze',
+ 'backlight',
+ 'binfmt',
+ 'compat-mutable-uid-boundaries',
+ 'coredump',
+ 'efi',
+ 'environment-d',
+ 'firstboot',
+ 'gshadow',
+ 'hibernate',
+ 'hostnamed',
+ 'hwdb',
+ 'idn',
+ 'ima',
+ 'initrd',
+ 'kernel-install',
+ 'ldconfig',
+ 'localed',
+ 'logind',
+ 'machined',
+ 'networkd',
+ 'nscd',
+ 'nss-myhostname',
+ 'nss-systemd',
+ 'oomd',
+ 'portabled',
+ 'pstore',
+ 'quotacheck',
+ 'randomseed',
+ 'resolve',
+ 'rfkill',
+ 'smack',
+ 'sysext',
+ 'sysusers',
+ 'timedated',
+ 'timesyncd',
+ 'tmpfiles',
+ 'tpm',
+ 'userdb',
+ 'utmp',
+ 'vconsole',
+ 'xdg-autostart']
+ have = get_option(term)
+ name = 'ENABLE_' + term.underscorify().to_upper()
+ conf.set10(name, have)
+endforeach
+
+enable_sysusers = conf.get('ENABLE_SYSUSERS') == 1
+
+foreach tuple : [['nss-mymachines', 'machined'],
+ ['nss-resolve', 'resolve']]
+ want = get_option(tuple[0])
+ if want.allowed()
+ have = get_option(tuple[1])
+ if want.enabled() and not have
+ error('@0@ is requested but @1@ is disabled'.format(tuple[0], tuple[1]))
+ endif
+ else
+ have = false
+ endif
+ name = 'ENABLE_' + tuple[0].underscorify().to_upper()
+ conf.set10(name, have)
+endforeach
+
+enable_nss = false
+foreach term : ['ENABLE_NSS_MYHOSTNAME',
+ 'ENABLE_NSS_MYMACHINES',
+ 'ENABLE_NSS_RESOLVE',
+ 'ENABLE_NSS_SYSTEMD']
+ if conf.get(term) == 1
+ enable_nss = true
+ endif
+endforeach
+conf.set10('ENABLE_NSS', enable_nss)
+
+conf.set10('ENABLE_TIMEDATECTL', get_option('timedated') or get_option('timesyncd'))
+
+conf.set10('SYSTEMD_SLOW_TESTS_DEFAULT', slow_tests)
+
+############################################################
+
+pymod = import('python')
+python = pymod.find_installation('python3', required : true, modules : ['jinja2'])
+python_39 = python.language_version().version_compare('>=3.9')
+
+############################################################
+
+if conf.get('BPF_FRAMEWORK') == 1
+ bpf_clang_flags = [
+ '-std=gnu11',
+ '-Wno-compare-distinct-pointer-types',
+ '-fno-stack-protector',
+ '-O2',
+ '-target',
+ 'bpf',
+ '-g',
+ '-c',
+ ]
+
+ bpf_gcc_flags = [
+ '-std=gnu11',
+ '-fno-stack-protector',
+ '-O2',
+ '-mkernel=5.2',
+ '-mcpu=v3',
+ '-mco-re',
+ '-gbtf',
+ '-c',
+ ]
+
+ # Generate defines that are appropriate to tell the compiler what architecture
+ # we're compiling for. By default we just map meson's cpu_family to __<cpu_family>__.
+ # This dictionary contains the exceptions where this doesn't work.
+ #
+ # C.f. https://mesonbuild.com/Reference-tables.html#cpu-families
+ # and src/basic/missing_syscall_def.h.
+ cpu_arch_defines = {
+ 'ppc' : ['-D__powerpc__'],
+ 'ppc64' : ['-D__powerpc64__', '-D_CALL_ELF=2'],
+ 'riscv32' : ['-D__riscv', '-D__riscv_xlen=32'],
+ 'riscv64' : ['-D__riscv', '-D__riscv_xlen=64'],
+ 'x86' : ['-D__i386__'],
+
+ # For arm, assume hardware fp is available.
+ 'arm' : ['-D__arm__', '-D__ARM_PCS_VFP'],
+ }
+
+ bpf_arch_flags = cpu_arch_defines.get(host_machine.cpu_family(),
+ ['-D__@0@__'.format(host_machine.cpu_family())])
+ if bpf_compiler == 'gcc'
+ bpf_arch_flags += ['-m' + host_machine.endian() + '-endian']
+ endif
+
+ libbpf_include_dir = libbpf.get_variable(pkgconfig : 'includedir')
+
+ bpf_o_unstripped_cmd = []
+ if bpf_compiler == 'clang'
+ bpf_o_unstripped_cmd += [
+ clang,
+ bpf_clang_flags,
+ bpf_arch_flags,
+ ]
+ elif bpf_compiler == 'gcc'
+ bpf_o_unstripped_cmd += [
+ bpf_gcc,
+ bpf_gcc_flags,
+ bpf_arch_flags,
+ ]
+ endif
+
+ bpf_o_unstripped_cmd += ['-I.']
+
+ if not meson.is_cross_build() and bpf_compiler == 'clang'
+ target_triplet_cmd = run_command('gcc', '-dumpmachine', check: false)
+ if target_triplet_cmd.returncode() == 0
+ target_triplet = target_triplet_cmd.stdout().strip()
+ bpf_o_unstripped_cmd += [
+ '-isystem',
+ '/usr/include/@0@'.format(target_triplet)
+ ]
+ endif
+ endif
+
+ bpf_o_unstripped_cmd += [
+ '-idirafter',
+ libbpf_include_dir,
+ '@INPUT@',
+ '-o',
+ '@OUTPUT@'
+ ]
+
+ if bpftool_strip
+ bpf_o_cmd = [
+ bpftool,
+ 'gen',
+ 'object',
+ '@OUTPUT@',
+ '@INPUT@'
+ ]
+ elif bpf_compiler == 'clang'
+ bpf_o_cmd = [
+ llvm_strip,
+ '-g',
+ '@INPUT@',
+ '-o',
+ '@OUTPUT@'
+ ]
+ endif
+
+ skel_h_cmd = [
+ bpftool,
+ 'gen',
+ 'skeleton',
+ '@INPUT@'
+ ]
+endif
+
+#####################################################################
+
+efi_arch = {
+ 'aarch64' : 'aa64',
+ 'arm' : 'arm',
+ 'loongarch32' : 'loongarch32',
+ 'loongarch64' : 'loongarch64',
+ 'riscv32' : 'riscv32',
+ 'riscv64' : 'riscv64',
+ 'x86_64' : 'x64',
+ 'x86' : 'ia32',
+}.get(host_machine.cpu_family(), '')
+
+pyelftools = pymod.find_installation('python3',
+ required : get_option('bootloader'),
+ modules : ['elftools'])
+
+have = get_option('bootloader').require(
+ pyelftools.found() and get_option('efi') and efi_arch != '',
+ error_message : 'unsupported EFI arch or EFI support is disabled').allowed()
+conf.set10('ENABLE_BOOTLOADER', have)
+conf.set_quoted('EFI_MACHINE_TYPE_NAME', have ? efi_arch : '')
+
+efi_arch_alt = ''
+efi_cpu_family_alt = ''
+if have and efi_arch == 'x64' and cc.links('''
+ #include <limits.h>
+ int main(int argc, char *argv[]) {
+ return __builtin_popcount(argc - CHAR_MAX);
+ }''', args : ['-m32', '-march=i686'], name : '32bit build possible')
+ efi_arch_alt = 'ia32'
+ efi_cpu_family_alt = 'x86'
+endif
+
+pefile = pymod.find_installation('python3', required: false, modules : ['pefile'])
+
+want_ukify = get_option('ukify').require(python_39 and (want_tests != 'true' or pefile.found()), error_message : 'Python >= 3.9 and pefile required').allowed()
+conf.set10('ENABLE_UKIFY', want_ukify)
+
+############################################################
+
+check_version_history_py = find_program('tools/check-version-history.py')
+elf2efi_py = find_program('tools/elf2efi.py')
+export_dbus_interfaces_py = find_program('tools/dbus_exporter.py')
+generate_gperfs = find_program('tools/generate-gperfs.py')
+make_autosuspend_rules_py = find_program('tools/make-autosuspend-rules.py')
+make_directive_index_py = find_program('tools/make-directive-index.py')
+sync_docs_py = find_program('tools/sync-docs.py')
+make_man_index_py = find_program('tools/make-man-index.py')
+meson_render_jinja2 = find_program('tools/meson-render-jinja2.py')
+update_dbus_docs_py = find_program('tools/update-dbus-docs.py')
+update_hwdb_autosuspend_sh = find_program('tools/update-hwdb-autosuspend.sh')
+update_hwdb_sh = find_program('tools/update-hwdb.sh')
+update_man_rules_py = find_program('tools/update-man-rules.py')
+update_syscall_tables_sh = find_program('tools/update-syscall-tables.sh')
+xml_helper_py = find_program('tools/xml_helper.py')
+
+############################################################
+
+version_tag = get_option('version-tag')
+version_h = vcs_tag(
+ input : 'src/version/version.h.in',
+ output : 'version.h',
+ command: [project_source_root / 'tools/meson-vcs-tag.sh',
+ project_source_root,
+ meson.project_version(),
+ version_tag,
+ ])
+
+shared_lib_tag = get_option('shared-lib-tag')
+if shared_lib_tag == ''
+ shared_lib_tag = meson.project_version()
+endif
+
+############################################################
+
+if get_option('b_coverage')
+ userspace_c_args += ['-include', 'src/basic/coverage.h']
+endif
+
+############################################################
+
+config_h = configure_file(
+ output : 'config.h',
+ configuration : conf)
+
+userspace_c_args += ['-include', 'config.h']
+
+jinja2_cmdline = [meson_render_jinja2, config_h, version_h]
+
+userspace = declare_dependency(
+ compile_args : userspace_c_args,
+ link_args : userspace_c_ld_args,
+ sources : version_h,
+)
+
+man_page_depends = []
+
+############################################################
+
+simple_tests = []
+libsystemd_tests = []
+simple_fuzzers = []
+catalogs = []
+modules = [] # nss, pam, and other plugins
+executables = []
+executables_by_name = {}
+fuzzer_exes = []
+
+# binaries that have --help and are intended for use by humans,
+# usually, but not always, installed in /bin.
+public_programs = []
+
+# D-Bus introspection XML export
+dbus_programs = []
+
+# A list of boot stubs. Required for testing of ukify.
+boot_stubs = []
+
+build_dir_include = include_directories('.')
+
+basic_includes = include_directories(
+ 'src/basic',
+ 'src/fundamental',
+ 'src/systemd',
+ '.')
+
+libsystemd_includes = [basic_includes, include_directories(
+ 'src/libsystemd/sd-bus',
+ 'src/libsystemd/sd-device',
+ 'src/libsystemd/sd-event',
+ 'src/libsystemd/sd-hwdb',
+ 'src/libsystemd/sd-id128',
+ 'src/libsystemd/sd-journal',
+ 'src/libsystemd/sd-netlink',
+ 'src/libsystemd/sd-network',
+ 'src/libsystemd/sd-resolve')]
+
+includes = [libsystemd_includes, include_directories('src/shared')]
+
+subdir('po')
+subdir('catalog')
+subdir('src/fundamental')
+subdir('src/basic')
+subdir('src/libsystemd')
+subdir('src/shared')
+subdir('src/libudev')
+
+libsystemd = shared_library(
+ 'systemd',
+ version : libsystemd_version,
+ include_directories : libsystemd_includes,
+ link_args : ['-shared',
+ '-Wl,--version-script=' + libsystemd_sym_path],
+ link_with : [libbasic,
+ libbasic_gcrypt,
+ libbasic_compress],
+ link_whole : [libsystemd_static],
+ dependencies : [librt,
+ threads,
+ userspace],
+ link_depends : libsystemd_sym,
+ install : true,
+ install_tag: 'libsystemd',
+ install_dir : libdir)
+
+alias_target('libsystemd', libsystemd)
+
+install_libsystemd_static = static_library(
+ 'systemd',
+ libsystemd_sources,
+ basic_sources,
+ basic_gcrypt_sources,
+ basic_compress_sources,
+ fundamental_sources,
+ include_directories : libsystemd_includes,
+ build_by_default : static_libsystemd != 'false',
+ install : static_libsystemd != 'false',
+ install_tag: 'libsystemd',
+ install_dir : libdir,
+ pic : static_libsystemd_pic,
+ dependencies : [libblkid,
+ libcap,
+ libdl,
+ libgcrypt,
+ liblz4,
+ libmount,
+ libopenssl,
+ librt,
+ libxz,
+ libzstd,
+ threads,
+ userspace],
+ c_args : libsystemd_c_args + (static_libsystemd_pic ? [] : ['-fno-PIC']))
+
+libudev = shared_library(
+ 'udev',
+ version : libudev_version,
+ include_directories : includes,
+ link_args : ['-shared',
+ '-Wl,--version-script=' + libudev_sym_path],
+ link_with : [libsystemd_static, libshared_static],
+ link_whole : libudev_basic,
+ dependencies : [threads,
+ userspace],
+ link_depends : libudev_sym,
+ install : true,
+ install_tag: 'libudev',
+ install_dir : libdir)
+
+alias_target('libudev', libudev)
+
+install_libudev_static = static_library(
+ 'udev',
+ basic_sources,
+ fundamental_sources,
+ shared_sources,
+ libsystemd_sources,
+ libudev_sources,
+ include_directories : includes,
+ build_by_default : static_libudev != 'false',
+ install : static_libudev != 'false',
+ install_tag: 'libudev',
+ install_dir : libdir,
+ link_depends : libudev_sym,
+ dependencies : [libmount,
+ libshared_deps,
+ userspace],
+ c_args : static_libudev_pic ? [] : ['-fno-PIC'],
+ pic : static_libudev_pic)
+
+############################################################
+
+runtest_env = custom_target(
+ 'systemd-runtest.env',
+ output : 'systemd-runtest.env',
+ command : [sh, '-c',
+ '{ echo SYSTEMD_TEST_DATA=@0@; echo SYSTEMD_CATALOG_DIR=@1@; } >@OUTPUT@'.format(
+ project_source_root / 'test',
+ project_build_root / 'catalog')],
+ depends : catalogs,
+ build_by_default : true)
+
+test_cflags = ['-DTEST_CODE=1']
+# We intentionally do not do inline initializations with definitions for a
+# bunch of _cleanup_ variables in tests, to ensure valgrind is triggered if we
+# use the variable unexpectedly. This triggers a lot of maybe-uninitialized
+# false positives when the combination of -O2 and -flto is used. Suppress them.
+if '-O2' in c_args and '-flto=auto' in c_args
+ test_cflags += cc.first_supported_argument('-Wno-maybe-uninitialized')
+endif
+
+############################################################
+
+executable_template = {
+ 'include_directories' : includes,
+ 'link_with' : libshared,
+ 'install_rpath' : pkglibdir,
+ 'install' : true,
+}
+
+generator_template = executable_template + {
+ 'install_dir' : systemgeneratordir,
+}
+
+libexec_template = executable_template + {
+ 'install_dir' : libexecdir,
+}
+
+executable_additional_kwargs = {
+ 'dependencies' : userspace,
+}
+
+test_template = executable_template + {
+ 'build_by_default' : want_tests != 'false',
+ 'install' : install_tests,
+ 'install_dir' : unittestsdir,
+}
+
+test_additional_kwargs = {
+ 'c_args' : test_cflags,
+ 'link_depends' : runtest_env,
+}
+
+fuzz_template = executable_template + {
+ 'build_by_default' : fuzzer_build,
+ 'install' : false,
+}
+
+if want_ossfuzz or (want_libfuzzer and fuzzing_engine.found())
+ fuzz_additional_kwargs = {
+ 'dependencies' : fuzzing_engine,
+ }
+elif want_libfuzzer and not fuzzing_engine.found()
+ fuzz_additional_kwargs = {
+ 'link_args' : ['-fsanitize=fuzzer'],
+ }
+else
+ fuzz_additional_kwargs = {
+ 'sources' : files('src/fuzz/fuzz-main.c'),
+ }
+endif
+fuzz_additional_kwargs += {
+ 'include_directories' : include_directories('src/fuzz'),
+ 'c_args' : test_cflags,
+}
+
+nss_template = {
+ 'version' : '2',
+ 'include_directories' : includes,
+ # Note that we link NSS modules with '-z nodelete' so that mempools never get orphaned
+ 'link_args' : ['-z', 'nodelete'],
+ 'link_with' : [
+ libsystemd_static,
+ libshared_static,
+ libbasic,
+ ],
+ 'dependencies' : [
+ librt,
+ threads,
+ ],
+ 'install' : true,
+ 'install_tag' : 'nss',
+ 'install_dir' : libdir,
+}
+
+pam_template = {
+ 'name_prefix' : '',
+ 'include_directories' : includes,
+ 'link_with' : [
+ libsystemd_static,
+ libshared_static,
+ ],
+ 'dependencies' : [
+ libpam_misc,
+ libpam,
+ threads,
+ ],
+ 'install' : true,
+ 'install_tag' : 'pam',
+ 'install_dir' : pamlibdir,
+}
+
+module_additional_kwargs = {
+ 'link_args' : ['-shared'],
+ 'dependencies' : userspace,
+}
+
+############################################################
+
+# systemd-analyze requires 'libcore'
+subdir('src/core')
+# systemd-networkd requires 'libsystemd_network'
+subdir('src/libsystemd-network')
+# hwdb requires 'udev_link_with' and 'udev_rpath'
+subdir('src/udev')
+
+subdir('src/ac-power')
+subdir('src/analyze')
+subdir('src/ask-password')
+subdir('src/backlight')
+subdir('src/battery-check')
+subdir('src/binfmt')
+subdir('src/boot')
+subdir('src/boot/efi')
+subdir('src/busctl')
+subdir('src/cgls')
+subdir('src/cgroups-agent')
+subdir('src/cgtop')
+subdir('src/coredump')
+subdir('src/creds')
+subdir('src/cryptenroll')
+subdir('src/cryptsetup')
+subdir('src/debug-generator')
+subdir('src/delta')
+subdir('src/detect-virt')
+subdir('src/dissect')
+subdir('src/environment-d-generator')
+subdir('src/escape')
+subdir('src/firstboot')
+subdir('src/fsck')
+subdir('src/fstab-generator')
+subdir('src/getty-generator')
+subdir('src/gpt-auto-generator')
+subdir('src/hibernate-resume')
+subdir('src/home')
+subdir('src/hostname')
+subdir('src/hwdb')
+subdir('src/id128')
+subdir('src/import')
+subdir('src/initctl')
+subdir('src/integritysetup')
+subdir('src/journal')
+subdir('src/journal-remote')
+subdir('src/kernel-install')
+subdir('src/locale')
+subdir('src/login')
+subdir('src/machine')
+subdir('src/machine-id-setup')
+subdir('src/modules-load')
+subdir('src/mount')
+subdir('src/network')
+subdir('src/notify')
+subdir('src/nspawn')
+subdir('src/nss-myhostname')
+subdir('src/nss-mymachines')
+subdir('src/nss-resolve')
+subdir('src/nss-systemd')
+subdir('src/oom')
+subdir('src/partition')
+subdir('src/path')
+subdir('src/pcrextend')
+subdir('src/pcrlock')
+subdir('src/portable')
+subdir('src/pstore')
+subdir('src/quotacheck')
+subdir('src/random-seed')
+subdir('src/rc-local-generator')
+subdir('src/remount-fs')
+subdir('src/reply-password')
+subdir('src/resolve')
+subdir('src/rfkill')
+subdir('src/rpm')
+subdir('src/run')
+subdir('src/run-generator')
+subdir('src/shutdown')
+subdir('src/sleep')
+subdir('src/socket-activate')
+subdir('src/socket-proxy')
+subdir('src/stdio-bridge')
+subdir('src/sulogin-shell')
+subdir('src/sysctl')
+subdir('src/sysext')
+subdir('src/system-update-generator')
+subdir('src/systemctl')
+subdir('src/sysupdate')
+subdir('src/sysusers')
+subdir('src/sysv-generator')
+subdir('src/storagetm')
+subdir('src/timedate')
+subdir('src/timesync')
+subdir('src/tmpfiles')
+subdir('src/tpm2-setup')
+subdir('src/tty-ask-password-agent')
+subdir('src/update-done')
+subdir('src/update-utmp')
+subdir('src/user-sessions')
+subdir('src/userdb')
+subdir('src/varlinkctl')
+subdir('src/vconsole')
+subdir('src/veritysetup')
+subdir('src/vmspawn')
+subdir('src/volatile-root')
+subdir('src/xdg-autostart-generator')
+
+subdir('src/systemd')
+
+subdir('src/test')
+subdir('src/fuzz')
+subdir('src/ukify/test') # needs to be last for test_env variable
+subdir('test/fuzz')
+
+alias_target('devel', libsystemd_pc, libudev_pc, systemd_pc, udev_pc)
+
+############################################################
+
+foreach test : simple_tests
+ executables += test_template + { 'sources' : [test] }
+endforeach
+
+foreach test : libsystemd_tests
+ executables += test_template + test
+endforeach
+
+foreach fuzzer : simple_fuzzers
+ executables += fuzz_template + { 'sources' : [fuzzer] }
+endforeach
+
+foreach dict : executables
+ name = dict.get('name', '')
+ if name == ''
+ name = fs.stem(dict.get('sources')[0])
+ assert(name.split('-')[0] in ['test', 'fuzz'])
+ endif
+
+ is_test = name.startswith('test-')
+ is_fuzz = name.startswith('fuzz-')
+
+ build = true
+ foreach cond : dict.get('conditions', [])
+ if conf.get(cond) != 1
+ build = false
+ break
+ endif
+ endforeach
+ if not build
+ continue
+ endif
+
+ kwargs = {}
+ foreach key, val : dict
+ if key in ['name', 'dbus', 'public', 'conditions',
+ 'type', 'suite', 'timeout', 'parallel']
+ continue
+ endif
+
+ kwargs += { key : val }
+ endforeach
+
+ foreach key, val : executable_additional_kwargs
+ kwargs += { key : [ kwargs.get(key, []), val ]}
+ endforeach
+
+ if is_test
+ kwargs += { 'install_dir' : kwargs.get('install_dir') / dict.get('type', '') }
+ foreach key, val : test_additional_kwargs
+ kwargs += { key : [ kwargs.get(key, []), val ] }
+ endforeach
+ endif
+
+ if is_fuzz
+ foreach key, val : fuzz_additional_kwargs
+ kwargs += { key : [ kwargs.get(key, []), val ] }
+ endforeach
+ endif
+
+ exe = executable(
+ name,
+ kwargs : kwargs,
+ )
+
+ executables_by_name += { name : exe }
+
+ if dict.get('build_by_default', true)
+ if dict.get('dbus', false)
+ dbus_programs += exe
+ endif
+ if dict.get('public', false)
+ public_programs += exe
+ endif
+ endif
+
+ if is_test
+ type = dict.get('type', '')
+ suite = dict.get('suite', '')
+ if suite == ''
+ suite = fs.name(fs.parent(dict.get('sources')[0]))
+ if suite.startswith('sd-')
+ suite = 'libsystemd'
+ endif
+ endif
+
+ if type == 'manual'
+ message('@0@/@1@ is a manual test'.format(suite, name))
+ elif type == 'unsafe' and want_tests != 'unsafe'
+ message('@0@/@1@ is an unsafe test'.format(suite, name))
+ elif dict.get('build_by_default')
+ test(name, exe,
+ env : test_env,
+ timeout : dict.get('timeout', 30),
+ suite : suite,
+ is_parallel : dict.get('parallel', true))
+ endif
+ endif
+
+ if is_fuzz
+ fuzzer_exes += exe
+
+ if want_tests != 'false'
+ # Run the fuzz regression tests without any sanitizers enabled.
+ # Additional invocations with sanitizers may get added below.
+ fuzz_ins = fuzz_regression_tests.get(name, {})
+ foreach directive : fuzz_ins.get('directives', [])
+ tt = '@0@_@1@'.format(name, fs.name(directive.full_path()))
+ if tt.substring(45) != ''
+ error('Directive sample name is too long:', directive.full_path())
+ endif
+
+ test(tt,
+ exe,
+ suite : 'fuzz',
+ args : directive.full_path(),
+ depends : directive)
+ endforeach
+ foreach file : fuzz_ins.get('files', [])
+ tt = '@0@_@1@'.format(name, fs.name(file))
+ if tt.substring(45) != ''
+ error('Fuzz sample name is too long:', fs.name(file))
+ endif
+
+ test(tt,
+ exe,
+ suite : 'fuzz',
+ args : file)
+ endforeach
+ endif
+ endif
+endforeach
+
+alias_target('fuzzers', fuzzer_exes)
+
+############################################################
+
+test_dlopen = executables_by_name.get('test-dlopen')
+
+foreach dict : modules
+ name = dict.get('name')
+ is_nss = name.startswith('nss_')
+ is_pam = name.startswith('pam_')
+
+ build = true
+ foreach cond : dict.get('conditions', [])
+ if conf.get(cond) != 1
+ build = false
+ break
+ endif
+ endforeach
+ if not build
+ continue
+ endif
+
+ kwargs = {}
+ foreach key, val : dict
+ if key in ['name', 'conditions', 'version-script']
+ continue
+ endif
+ kwargs += { key : val }
+ endforeach
+
+ kwargs += {
+ 'link_args' : [
+ kwargs.get('link_args', []),
+ '-Wl,--version-script=' + dict.get('version-script'),
+ ],
+ 'link_depends' : [
+ kwargs.get('link_depends', []),
+ dict.get('version-script'),
+ ],
+ }
+ foreach key, val : module_additional_kwargs
+ kwargs += { key : [ kwargs.get(key, []), val ]}
+ endforeach
+
+ lib = shared_library(
+ name,
+ kwargs : kwargs,
+ )
+
+ if is_nss
+ # We cannot use shared_module because it does not support version suffix.
+ # Unfortunately shared_library insists on creating the symlink…
+ meson.add_install_script(sh, '-c', 'rm $DESTDIR@0@/lib@1@.so'.format(libdir, name),
+ install_tag : 'nss')
+ endif
+
+ if want_tests != 'false' and (is_nss or is_pam)
+ test('dlopen-' + name,
+ test_dlopen,
+ # path to dlopen must include a slash
+ args : lib.full_path(),
+ depends : lib,
+ suite : is_nss ? 'nss' : 'pam')
+ endif
+endforeach
+
+############################################################
+
+ukify = custom_target(
+ 'ukify',
+ input : 'src/ukify/ukify.py',
+ output : 'ukify',
+ command : [jinja2_cmdline, '@INPUT@', '@OUTPUT@'],
+ install : want_ukify,
+ install_mode : 'rwxr-xr-x',
+ install_dir : bindir)
+if want_ukify
+ public_programs += ukify
+
+ # symlink for backwards compatibility after rename
+ meson.add_install_script(sh, '-c',
+ ln_s.format(bindir / 'ukify',
+ libexecdir / 'ukify'))
+endif
+
+############################################################
+
+subdir('rules.d')
+subdir('test')
+
+############################################################
+
+subdir('docs/sysvinit')
+subdir('docs/var-log')
+subdir('hwdb.d')
+subdir('man')
+subdir('modprobe.d')
+subdir('network')
+subdir('presets')
+subdir('shell-completion/bash')
+subdir('shell-completion/zsh')
+subdir('sysctl.d')
+subdir('sysusers.d')
+subdir('tmpfiles.d')
+subdir('units')
+
+install_subdir('factory/etc',
+ install_dir : factorydir)
+subdir('factory/templates')
+
+if install_sysconfdir
+ install_data('xorg/50-systemd-user.sh',
+ install_dir : xinitrcdir)
+endif
+install_data('LICENSE.GPL2',
+ 'LICENSE.LGPL2.1',
+ 'NEWS',
+ 'README',
+ 'docs/CODING_STYLE.md',
+ 'docs/DISTRO_PORTING.md',
+ 'docs/ENVIRONMENT.md',
+ 'docs/HACKING.md',
+ 'docs/TRANSIENT-SETTINGS.md',
+ 'docs/TRANSLATORS.md',
+ 'docs/UIDS-GIDS.md',
+ install_dir : docdir)
+
+install_subdir('LICENSES',
+ install_dir : docdir)
+
+install_emptydir(systemdstatedir)
+
+############################################################
+
+# Ensure that changes to the docs/ directory do not break the
+# basic Github pages build. But only run it in developer mode,
+# as it might be fragile due to changes in the tooling, and it is
+# not generally useful for users.
+jekyll = find_program('jekyll', required : false)
+if get_option('mode') == 'developer' and want_tests != 'false' and jekyll.found()
+ test('github-pages',
+ jekyll,
+ suite : 'dist',
+ args : ['build',
+ '--source', project_source_root / 'docs',
+ '--destination', project_build_root / '_site'])
+endif
+
+############################################################
+
+check_help = find_program('tools/check-help.sh')
+check_version = find_program('tools/check-version.sh')
+
+foreach exec : public_programs
+ name = fs.name(exec.full_path())
+ if want_tests != 'false'
+ test('check-help-' + name,
+ check_help,
+ suite : 'dist',
+ args : exec.full_path(),
+ depends: exec)
+
+ test('check-version-' + name,
+ check_version,
+ suite : 'dist',
+ args : [exec.full_path(),
+ meson.project_version()],
+ depends: exec)
+ endif
+endforeach
+
+# Enable tests for all supported sanitizers
+foreach tuple : fuzz_sanitizers
+ sanitizer = tuple[0]
+ build = tuple[1]
+
+ if cc.has_link_argument('-fsanitize=@0@'.format(sanitizer))
+ foreach fuzzer, fuzz_ins : fuzz_regression_tests
+ name = '@0@:@1@'.format(fuzzer, sanitizer)
+ if want_tests == 'false'
+ message('Not compiling @0@ because tests is set to false'.format(name))
+ continue
+ endif
+ if not fuzz_tests
+ message('Not compiling @0@ because fuzz-tests is set to false'.format(name))
+ continue
+ endif
+ exe = custom_target(
+ name,
+ output : name,
+ depends : build,
+ command : [ln, '-fs',
+ build.full_path() / fuzzer,
+ '@OUTPUT@'],
+ build_by_default : true)
+
+ foreach directive : fuzz_ins.get('directives', [])
+ test('@0@_@1@_@2@'.format(fuzzer, fs.name(directive.full_path()), sanitizer),
+ env,
+ suite : 'fuzz+san',
+ env : ['UBSAN_OPTIONS=print_stacktrace=1:print_summary=1:halt_on_error=1'],
+ timeout : 60,
+ args : [exe.full_path(), directive.full_path()],
+ depends : directive)
+ endforeach
+ foreach file : fuzz_ins.get('files', [])
+ test('@0@_@1@_@2@'.format(fuzzer, fs.name(file), sanitizer),
+ env,
+ suite : 'fuzz+san',
+ env : ['UBSAN_OPTIONS=print_stacktrace=1:print_summary=1:halt_on_error=1'],
+ timeout : 60,
+ args : [exe.full_path(), file])
+ endforeach
+ endforeach
+ endif
+endforeach
+
+############################################################
+
+if git.found()
+ all_files = run_command(
+ env, '-u', 'GIT_WORK_TREE',
+ git, '--git-dir=@0@/.git'.format(project_source_root),
+ 'ls-files', ':/*.[ch]', ':/*.cc',
+ check : false)
+ if all_files.returncode() == 0
+ all_files = files(all_files.stdout().split())
+
+ custom_target(
+ 'tags',
+ output : 'tags',
+ command : [env, 'etags', '-o', '@0@/TAGS'.format(project_source_root)] + all_files)
+ run_target(
+ 'ctags',
+ command : [env, 'ctags', '--tag-relative=never', '-o', '@0@/tags'.format(project_source_root)] + all_files)
+
+ ############################################
+
+ if want_tests != 'false' and conf.get('BUILD_MODE_DEVELOPER') == 1
+ test('check-includes',
+ files('tools/check-includes.py'),
+ args: all_files,
+ env : ['PROJECT_SOURCE_ROOT=@0@'.format(project_source_root)],
+ suite : 'headers')
+ endif
+ endif
+
+ ####################################################
+
+ git_contrib_sh = find_program('tools/git-contrib.sh')
+ run_target(
+ 'git-contrib',
+ command : [git_contrib_sh])
+
+ ####################################################
+
+ git_head = run_command(
+ git, '--git-dir=@0@/.git'.format(project_source_root),
+ 'rev-parse', 'HEAD',
+ check : false).stdout().strip()
+ git_head_short = run_command(
+ git, '--git-dir=@0@/.git'.format(project_source_root),
+ 'rev-parse', '--short=7', 'HEAD',
+ check : false).stdout().strip()
+
+ run_target(
+ 'git-snapshot',
+ command : [git, 'archive',
+ '-o', '@0@/systemd-@1@.tar.gz'.format(project_source_root,
+ git_head_short),
+ '--prefix', 'systemd-@0@/'.format(git_head),
+ 'HEAD'])
+endif
+
+############################################################
+
+check_api_docs_sh = find_program('tools/check-api-docs.sh')
+run_target(
+ 'check-api-docs',
+ depends : [man, libsystemd, libudev],
+ command : [check_api_docs_sh, libsystemd.full_path(), libudev.full_path()])
+
+alias_target('update-dbus-docs', update_dbus_docs)
+alias_target('update-man-rules', update_man_rules)
+
+if not meson.is_cross_build()
+ custom_target(
+ 'export-dbus-interfaces',
+ output : fs.name(dbus_interfaces_dir),
+ install : dbus_interfaces_dir != 'no',
+ install_dir : fs.parent(dbus_interfaces_dir),
+ command : [export_dbus_interfaces_py, '@OUTPUT@', dbus_programs])
+endif
+
+############################################################
+
+alt_time_epoch = run_command('date', '-Is', '-u', '-d', '@@0@'.format(time_epoch),
+ check : true).stdout().strip()
+
+summary({
+ 'split bin-sbin' : split_bin,
+ 'prefix directory' : prefixdir,
+ 'sysconf directory' : sysconfdir,
+ 'include directory' : includedir,
+ 'lib directory' : libdir,
+ 'SysV init scripts' : sysvinit_path,
+ 'SysV rc?.d directories' : sysvrcnd_path,
+ 'PAM modules directory' : pamlibdir,
+ 'PAM configuration directory' : pamconfdir,
+ 'libcryptsetup plugins directory' : libcryptsetup_plugins_dir,
+ 'RPM macros directory' : rpmmacrosdir,
+ 'modprobe.d directory' : modprobedir,
+ 'D-Bus policy directory' : dbuspolicydir,
+ 'D-Bus session directory' : dbussessionservicedir,
+ 'D-Bus system directory' : dbussystemservicedir,
+ 'D-Bus interfaces directory' : dbus_interfaces_dir,
+ 'bash completions directory' : bashcompletiondir,
+ 'zsh completions directory' : zshcompletiondir,
+ 'private shared lib version tag' : shared_lib_tag,
+ 'extra start script' : get_option('rc-local'),
+ 'debug shell' : '@0@ @ @1@'.format(get_option('debug-shell'),
+ get_option('debug-tty')),
+ 'system UIDs' : '<=@0@ (alloc >=@1@)'.format(conf.get('SYSTEM_UID_MAX'),
+ conf.get('SYSTEM_ALLOC_UID_MIN')),
+ 'system GIDs' : '<=@0@ (alloc >=@1@)'.format(conf.get('SYSTEM_GID_MAX'),
+ conf.get('SYSTEM_ALLOC_GID_MIN')),
+ 'dynamic UIDs' : '@0@…@1@'.format(dynamic_uid_min, dynamic_uid_max),
+ 'container UID bases' : '@0@…@1@'.format(container_uid_base_min, container_uid_base_max),
+ 'static UID/GID allocations' : ' '.join(static_ugids),
+ '/dev/kvm access mode' : get_option('dev-kvm-mode'),
+ 'render group access mode' : get_option('group-render-mode'),
+ 'certificate root directory' : get_option('certificate-root'),
+ 'support URL' : support_url,
+ 'nobody user name' : nobody_user,
+ 'nobody group name' : nobody_group,
+ 'fallback hostname' : get_option('fallback-hostname'),
+ 'default compression method' : compression,
+ 'default DNSSEC mode' : default_dnssec,
+ 'default DNS-over-TLS mode' : default_dns_over_tls,
+ 'default mDNS mode' : default_mdns,
+ 'default LLMNR mode' : default_llmnr,
+ 'default DNS servers' : dns_servers.split(' '),
+ 'default NTP servers' : ntp_servers.split(' '),
+ 'default cgroup hierarchy' : default_hierarchy,
+ 'default net.naming-scheme value' : default_net_naming_scheme,
+ 'default KillUserProcesses value' : kill_user_processes,
+ 'default locale' : default_locale,
+ 'default nspawn locale' : nspawn_locale,
+ 'default status unit format' : status_unit_format_default,
+ 'default user $PATH' :
+ default_user_path != '' ? default_user_path : '(same as system services)',
+ 'systemd service watchdog' : service_watchdog == '' ? 'disabled' : service_watchdog,
+ 'time epoch' : '@0@ (@1@)'.format(time_epoch, alt_time_epoch)})
+
+# TODO:
+# CFLAGS: ${OUR_CFLAGS} ${CFLAGS}
+# CPPFLAGS: ${OUR_CPPFLAGS} ${CPPFLAGS}
+# LDFLAGS: ${OUR_LDFLAGS} ${LDFLAGS}
+
+found = []
+missing = []
+
+foreach tuple : [
+ # dependencies
+ ['ACL'],
+ ['AUDIT'],
+ ['AppArmor'],
+ ['IMA'],
+ ['PAM'],
+ ['SECCOMP'],
+ ['SELinux'],
+ ['SMACK'],
+ ['blkid'],
+ ['elfutils'],
+ ['gcrypt'],
+ ['gnutls'],
+ ['libbpf'],
+ ['libcryptsetup'],
+ ['libcryptsetup-plugins'],
+ ['libcurl'],
+ ['libfdisk'],
+ ['libfido2'],
+ ['libidn'],
+ ['libidn2'],
+ ['libiptc'],
+ ['microhttpd'],
+ ['openssl'],
+ ['p11kit'],
+ ['passwdqc'],
+ ['pcre2'],
+ ['pwquality'],
+ ['qrencode'],
+ ['tpm2'],
+ ['xkbcommon'],
+
+ # compression libs
+ ['zstd'],
+ ['lz4'],
+ ['xz'],
+ ['zlib'],
+ ['bzip2'],
+
+ # components
+ ['backlight'],
+ ['binfmt'],
+ ['bootloader'],
+ ['bpf-framework', conf.get('BPF_FRAMEWORK') == 1],
+ ['coredump'],
+ ['efi'],
+ ['environment.d'],
+ ['firstboot'],
+ ['hibernate'],
+ ['homed'],
+ ['hostnamed'],
+ ['hwdb'],
+ ['importd'],
+ ['initrd'],
+ ['kernel-install'],
+ ['localed'],
+ ['logind'],
+ ['machined'],
+ ['networkd'],
+ ['nss-myhostname'],
+ ['nss-mymachines'],
+ ['nss-resolve'],
+ ['nss-systemd'],
+ ['oomd'],
+ ['portabled'],
+ ['pstore'],
+ ['quotacheck'],
+ ['randomseed'],
+ ['repart'],
+ ['resolve'],
+ ['rfkill'],
+ ['sysext'],
+ ['systemd-analyze', conf.get('ENABLE_ANALYZE') == 1],
+ ['sysupdate'],
+ ['sysusers'],
+ ['storagetm'],
+ ['timedated'],
+ ['timesyncd'],
+ ['tmpfiles'],
+ ['userdb'],
+ ['vconsole'],
+ ['vmspawn'],
+ ['xdg-autostart'],
+
+ # optional features
+ ['dmi'],
+ ['idn'],
+ ['polkit'],
+ ['nscd'],
+ ['legacy-pkla', install_polkit_pkla],
+ ['kmod'],
+ ['xenctrl'],
+ ['dbus'],
+ ['glib'],
+ ['tpm'],
+ ['man pages', want_man],
+ ['html pages', want_html],
+ ['man page indices', want_man and have_lxml],
+ ['SysV compat'],
+ ['compat-mutable-uid-boundaries'],
+ ['utmp'],
+ ['ldconfig'],
+ ['adm group', get_option('adm-group')],
+ ['wheel group', get_option('wheel-group')],
+ ['gshadow'],
+ ['debug hashmap'],
+ ['debug mmap cache'],
+ ['debug siphash'],
+ ['trace logging', conf.get('LOG_TRACE') == 1],
+ ['slow tests', slow_tests],
+ ['fuzz tests', fuzz_tests],
+ ['install tests', install_tests],
+ ['link-udev-shared', get_option('link-udev-shared')],
+ ['link-systemctl-shared', get_option('link-systemctl-shared')],
+ ['link-networkd-shared', get_option('link-networkd-shared')],
+ ['link-timesyncd-shared', get_option('link-timesyncd-shared')],
+ ['link-journalctl-shared', get_option('link-journalctl-shared')],
+ ['link-boot-shared', get_option('link-boot-shared')],
+ ['link-portabled-shared', get_option('link-portabled-shared')],
+ ['first-boot-full-preset'],
+ ['fexecve'],
+ ['standalone-binaries', get_option('standalone-binaries')],
+ ['coverage', get_option('b_coverage')],
+]
+
+ if tuple.length() >= 2
+ cond = tuple[1]
+ else
+ ident1 = 'HAVE_' + tuple[0].underscorify().to_upper()
+ ident2 = 'ENABLE_' + tuple[0].underscorify().to_upper()
+ cond = conf.get(ident1, 0) == 1 or conf.get(ident2, 0) == 1
+ endif
+ if cond
+ found += tuple[0]
+ else
+ missing += tuple[0]
+ endif
+endforeach
+
+if static_libsystemd == 'false'
+ missing += 'static-libsystemd'
+else
+ found += 'static-libsystemd(@0@)'.format(static_libsystemd)
+endif
+
+if static_libudev == 'false'
+ missing += 'static-libudev'
+else
+ found += 'static-libudev(@0@)'.format(static_libudev)
+endif
+
+if conf.get('HAVE_OPENSSL_OR_GCRYPT') == 1 and conf.get('PREFER_OPENSSL') == 1
+ found += 'cryptolib(openssl)'
+elif conf.get('HAVE_OPENSSL_OR_GCRYPT') == 1
+ found += 'cryptolib(gcrypt)'
+else
+ missing += 'cryptolib'
+endif
+
+if conf.get('DNS_OVER_TLS_USE_GNUTLS') == 1
+ found += 'DNS-over-TLS(gnutls)'
+elif conf.get('DNS_OVER_TLS_USE_OPENSSL') == 1
+ found += 'DNS-over-TLS(openssl)'
+else
+ missing += 'DNS-over-TLS'
+endif
+
+summary({
+ 'enabled' : ', '.join(found),
+ 'disabled' : ', '.join(missing)},
+ section : 'Features')