summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>2021-05-16 13:35:51 +0200
committerYu Watanabe <watanabe.yu+github@gmail.com>2021-05-19 03:24:43 +0200
commitd924a938fe3dbba360cdbee0201ea9797c5f8bff (patch)
treef4a982db4a863fe9e017916df5228f2005b6a89c
parentmeson: drop unnecessary listification (diff)
downloadsystemd-d924a938fe3dbba360cdbee0201ea9797c5f8bff.tar.xz
systemd-d924a938fe3dbba360cdbee0201ea9797c5f8bff.zip
meson: use jinja2 for tmpfiles.d templates
HAVE_SMACK_RUN_LABEL was dropped back in 348b44372f36010d48d9a7dda14ef67155753a71, so one line in etc.conf was not rendered as expected ;( Checking if names are defined is paying for itself!
-rw-r--r--meson.build7
-rw-r--r--src/basic/fileio.c2
-rw-r--r--tmpfiles.d/etc.conf.in (renamed from tmpfiles.d/etc.conf.m4)12
-rw-r--r--tmpfiles.d/meson.build36
-rw-r--r--tmpfiles.d/static-nodes-permissions.conf.in6
-rw-r--r--tmpfiles.d/systemd.conf.in (renamed from tmpfiles.d/systemd.conf.m4)34
-rw-r--r--tmpfiles.d/var.conf.in (renamed from tmpfiles.d/var.conf.m4)4
7 files changed, 42 insertions, 59 deletions
diff --git a/meson.build b/meson.build
index 44931368de..c98c4c1e7d 100644
--- a/meson.build
+++ b/meson.build
@@ -850,6 +850,7 @@ conf.set10('ENABLE_ADM_GROUP', get_option('adm-group'))
conf.set10('ENABLE_WHEEL_GROUP', get_option('wheel-group'))
dev_kvm_mode = get_option('dev-kvm-mode')
+conf.set_quoted('DEV_KVM_MODE', dev_kvm_mode) # FIXME: convert to 0o… notation
substs.set('DEV_KVM_MODE', dev_kvm_mode)
conf.set10('DEV_KVM_UACCESS', dev_kvm_mode != '0666')
group_render_mode = get_option('group-render-mode')
@@ -1040,10 +1041,8 @@ else
endif
conf.set10('HAVE_APPARMOR', have)
-smack_run_label = get_option('smack-run-label')
-if smack_run_label != ''
- conf.set_quoted('SMACK_RUN_LABEL', smack_run_label)
-endif
+conf.set10('HAVE_SMACK_RUN_LABEL', get_option('smack-run-label') != '')
+conf.set_quoted('SMACK_RUN_LABEL', get_option('smack-run-label'))
want_polkit = get_option('polkit')
install_polkit = false
diff --git a/src/basic/fileio.c b/src/basic/fileio.c
index 93d8547b32..dabdf5b517 100644
--- a/src/basic/fileio.c
+++ b/src/basic/fileio.c
@@ -1391,7 +1391,7 @@ int rename_and_apply_smack_floor_label(const char *from, const char *to) {
if (rename(from, to) < 0)
return -errno;
-#ifdef SMACK_RUN_LABEL
+#if HAVE_SMACK_RUN_LABEL
r = mac_smack_apply(to, SMACK_ATTR_ACCESS, SMACK_FLOOR_LABEL);
if (r < 0)
return r;
diff --git a/tmpfiles.d/etc.conf.m4 b/tmpfiles.d/etc.conf.in
index f82e0b82ce..2323fd8cd8 100644
--- a/tmpfiles.d/etc.conf.m4
+++ b/tmpfiles.d/etc.conf.in
@@ -9,14 +9,14 @@
L /etc/os-release - - - - ../usr/lib/os-release
L+ /etc/mtab - - - - ../proc/self/mounts
-m4_ifdef(`HAVE_SMACK_RUN_LABEL',
+{% if HAVE_SMACK_RUN_LABEL %}
t /etc/mtab - - - - security.SMACK64=_
-)m4_dnl
-m4_ifdef(`ENABLE_RESOLVE',
+{% endif %}
+{% if ENABLE_RESOLVE %}
L! /etc/resolv.conf - - - - ../run/systemd/resolve/stub-resolv.conf
-)m4_dnl
+{% endif %}
C! /etc/nsswitch.conf - - - -
-m4_ifdef(`HAVE_PAM',
+{% if HAVE_PAM %}
C! /etc/pam.d - - - -
-)m4_dnl
+{% endif %}
C! /etc/issue - - - -
diff --git a/tmpfiles.d/meson.build b/tmpfiles.d/meson.build
index d5d4bbc9ea..d449034dba 100644
--- a/tmpfiles.d/meson.build
+++ b/tmpfiles.d/meson.build
@@ -26,34 +26,20 @@ foreach pair : files
endif
endforeach
-in_files = ['static-nodes-permissions.conf']
-
-foreach file : in_files
- gen = configure_file(
- input : file + '.in',
- output : file,
- configuration : substs)
- if enable_tmpfiles
- install_data(gen,
- install_dir : tmpfilesdir)
- endif
-endforeach
-
-m4_files = ['etc.conf',
+in_files = ['etc.conf',
+ 'static-nodes-permissions.conf',
'systemd.conf',
'var.conf']
-foreach file : m4_files
- if enable_tmpfiles
- custom_target(
- 'tmpfiles.d_' + file,
- input : file + '.m4',
- output: file,
- command : [meson_apply_m4, config_h, '@INPUT@'],
- capture : true,
- install : true,
- install_dir : tmpfilesdir)
- endif
+foreach file : in_files
+ custom_target(
+ file,
+ input : file + '.in',
+ output: file,
+ command : [meson_render_jinja2, config_h, '@INPUT@'],
+ capture : true,
+ install : enable_tmpfiles,
+ install_dir : tmpfilesdir)
endforeach
if enable_tmpfiles and install_sysconfdir
diff --git a/tmpfiles.d/static-nodes-permissions.conf.in b/tmpfiles.d/static-nodes-permissions.conf.in
index e5aa8fdb20..f77312a71c 100644
--- a/tmpfiles.d/static-nodes-permissions.conf.in
+++ b/tmpfiles.d/static-nodes-permissions.conf.in
@@ -14,6 +14,6 @@ z /dev/snd/timer 0660 - audio -
z /dev/loop-control 0660 - disk -
z /dev/net/tun 0666 - - -
z /dev/fuse 0666 - - -
-z /dev/kvm @DEV_KVM_MODE@ - kvm -
-z /dev/vhost-net @DEV_KVM_MODE@ - kvm -
-z /dev/vhost-vsock @DEV_KVM_MODE@ - kvm -
+z /dev/kvm {{DEV_KVM_MODE}} - kvm -
+z /dev/vhost-net {{DEV_KVM_MODE}} - kvm -
+z /dev/vhost-vsock {{DEV_KVM_MODE}} - kvm -
diff --git a/tmpfiles.d/systemd.conf.m4 b/tmpfiles.d/systemd.conf.in
index 11d87d275b..9b2357cd31 100644
--- a/tmpfiles.d/systemd.conf.m4
+++ b/tmpfiles.d/systemd.conf.in
@@ -8,9 +8,9 @@
# See tmpfiles.d(5) for details
d /run/user 0755 root root -
-m4_ifdef(`ENABLE_UTMP',
+{% if ENABLE_UTMP %}
F! /run/utmp 0664 root utmp -
-)m4_dnl
+{% endif %}
d /run/systemd/ask-password 0755 root root -
d /run/systemd/seats 0755 root root -
@@ -18,53 +18,51 @@ d /run/systemd/sessions 0755 root root -
d /run/systemd/users 0755 root root -
d /run/systemd/machines 0755 root root -
d /run/systemd/shutdown 0755 root root -
-m4_ifdef(`ENABLE_NETWORKD',
+{% if ENABLE_NETWORKD %}
d /run/systemd/netif 0755 systemd-network systemd-network -
d /run/systemd/netif/links 0755 systemd-network systemd-network -
d /run/systemd/netif/leases 0755 systemd-network systemd-network -
d /run/systemd/netif/lldp 0755 systemd-network systemd-network -
-)m4_dnl
+{% endif %}
d /run/log 0755 root root -
z /run/log/journal 2755 root systemd-journal - -
Z /run/log/journal/%m ~2750 root systemd-journal - -
-m4_ifdef(`HAVE_ACL',`m4_dnl
-m4_ifdef(`ENABLE_ADM_GROUP',`m4_dnl
-m4_ifdef(`ENABLE_WHEEL_GROUP',``
+{% if HAVE_ACL %}
+{% if ENABLE_ADM_GROUP and ENABLE_WHEEL_GROUP %}
a+ /run/log/journal - - - - d:group::r-x,d:group:adm:r-x,d:group:wheel:r-x,group::r-x,group:adm:r-x,group:wheel:r-x
a+ /run/log/journal/%m - - - - d:group:adm:r-x,d:group:wheel:r-x,group:adm:r-x,group:wheel:r-x
a+ /run/log/journal/%m/*.journal* - - - - group:adm:r--,group:wheel:r--
-'',``
+{% elif ENABLE_ADM_GROUP %}
a+ /run/log/journal - - - - d:group::r-x,d:group:adm:r-x,group::r-x,group:adm:r-x
a+ /run/log/journal/%m - - - - d:group:adm:r-x,group:adm:r-x
a+ /run/log/journal/%m/*.journal* - - - - group:adm:r--
-'')',`m4_dnl
-m4_ifdef(`ENABLE_WHEEL_GROUP',``
+{% elif ENABLE_WHEEL_GROUP %}
a+ /run/log/journal - - - - d:group::r-x,d:group:wheel:r-x,group::r-x,group:wheel:r-x
a+ /run/log/journal/%m - - - - d:group:wheel:r-x,group:wheel:r-x
a+ /run/log/journal/%m/*.journal* - - - - group:wheel:r--
-'')')')m4_dnl
+{% endif %}
+{% endif %}
z /var/log/journal 2755 root systemd-journal - -
z /var/log/journal/%m 2755 root systemd-journal - -
z /var/log/journal/%m/system.journal 0640 root systemd-journal - -
-m4_ifdef(`HAVE_ACL',`m4_dnl
-m4_ifdef(`ENABLE_ADM_GROUP',`m4_dnl
-m4_ifdef(`ENABLE_WHEEL_GROUP',``
+{% if HAVE_ACL %}
+{% if ENABLE_ADM_GROUP and ENABLE_WHEEL_GROUP %}
a+ /var/log/journal - - - - d:group::r-x,d:group:adm:r-x,d:group:wheel:r-x,group::r-x,group:adm:r-x,group:wheel:r-x
a+ /var/log/journal/%m - - - - d:group:adm:r-x,d:group:wheel:r-x,group:adm:r-x,group:wheel:r-x
a+ /var/log/journal/%m/system.journal - - - - group:adm:r--,group:wheel:r--
-'', ``
+{% elif ENABLE_ADM_GROUP %}
a+ /var/log/journal - - - - d:group::r-x,d:group:adm:r-x,group::r-x,group:adm:r-x
a+ /var/log/journal/%m - - - - d:group:adm:r-x,group:adm:r-x
a+ /var/log/journal/%m/system.journal - - - - group:adm:r--
-'')',`m4_dnl
-m4_ifdef(`ENABLE_WHEEL_GROUP',``
+{% elif ENABLE_WHEEL_GROUP %}
a+ /var/log/journal - - - - d:group::r-x,d:group:wheel:r-x,group::r-x,group:wheel:r-x
a+ /var/log/journal/%m - - - - d:group:wheel:r-x,group:wheel:r-x
a+ /var/log/journal/%m/system.journal - - - - group:wheel:r--
-'')')')m4_dnl
+{% endif %}
+{% endif %}
d /var/lib/systemd 0755 root root -
d /var/lib/systemd/coredump 0755 root root 3d
diff --git a/tmpfiles.d/var.conf.m4 b/tmpfiles.d/var.conf.in
index 0e2c50966d..557dd20ce9 100644
--- a/tmpfiles.d/var.conf.m4
+++ b/tmpfiles.d/var.conf.in
@@ -12,11 +12,11 @@ q /var 0755 - - -
L /var/run - - - - ../run
d /var/log 0755 - - -
-m4_ifdef(`ENABLE_UTMP',
+{% if ENABLE_UTMP %}
f /var/log/wtmp 0664 root utmp -
f /var/log/btmp 0660 root utmp -
f /var/log/lastlog 0664 root utmp -
-)m4_dnl
+{% endif %}
d /var/cache 0755 - - -