2021-03-09 03:18:52 +00:00
# NOTE: Make sure to (re-)format this file on changes with `nixpkgs-fmt`!
2020-11-12 09:05:59 +00:00
{ stdenv
, lib
2021-12-19 01:06:50 +00:00
, nixosTests
2023-03-04 12:14:45 +00:00
, pkgsCross
2020-11-12 09:05:59 +00:00
, fetchFromGitHub
2021-12-06 16:07:01 +00:00
, fetchzip
2020-04-24 23:36:52 +00:00
, buildPackages
2022-10-30 15:09:59 +00:00
, makeBinaryWrapper
2020-11-12 09:05:59 +00:00
, ninja
, meson
, m4
2021-02-05 17:12:51 +00:00
, pkg-config
2020-11-12 09:05:59 +00:00
, coreutils
, gperf
, getent
, glibcLocales
2022-04-15 01:41:22 +00:00
# glib is only used during tests (test-bus-gvariant, test-bus-marshal)
2020-11-12 09:05:59 +00:00
, glib
, gettext
, python3Packages
# Mandatory dependencies
2020-11-06 00:33:48 +00:00
, libcap
2020-11-24 20:58:05 +00:00
, util-linux
2020-11-06 00:33:48 +00:00
, kbd
, kmod
2022-10-30 15:09:59 +00:00
, libxcrypt
2020-11-06 00:33:48 +00:00
2020-11-12 09:05:59 +00:00
# Optional dependencies
, pam
, cryptsetup
, audit
, acl
, lz4
, libgcrypt
2021-10-08 15:17:17 +00:00
, libgpg-error
2020-11-12 09:05:59 +00:00
, libidn2
, curl
, gnutar
, gnupg
, zlib
, xz
2021-12-26 17:43:05 +00:00
, zstd
2021-09-26 12:46:18 +00:00
, tpm2-tss
2020-11-12 09:05:59 +00:00
, libuuid
, libapparmor
, intltool
, bzip2
, pcre2
2021-12-26 17:43:05 +00:00
, elfutils
2020-11-06 00:33:48 +00:00
, linuxHeaders ? stdenv . cc . libc . linuxHeaders
2024-01-13 08:15:51 +00:00
, gnutls
2020-11-06 00:33:48 +00:00
, iptables
2020-11-12 09:05:59 +00:00
, withSelinux ? false
, libselinux
2021-05-20 23:08:51 +00:00
, withLibseccomp ? lib . meta . availableOn stdenv . hostPlatform libseccomp
2020-11-12 09:05:59 +00:00
, libseccomp
2021-09-18 10:52:07 +00:00
, withKexectools ? lib . meta . availableOn stdenv . hostPlatform kexec-tools
, kexec-tools
2020-11-06 00:33:48 +00:00
, bashInteractive
2023-03-04 12:14:45 +00:00
, bash
2020-11-12 09:05:59 +00:00
, libmicrohttpd
2022-04-15 01:41:22 +00:00
, libfido2
, p11-kit
2024-01-25 14:12:00 +00:00
, libpwquality
, qrencode
2020-11-06 00:33:48 +00:00
2022-04-15 01:41:22 +00:00
# the (optional) BPF feature requires bpftool, libbpf, clang and llvm-strip to be available during build time.
2021-09-26 12:46:18 +00:00
# Only libbpf should be a runtime dependency.
2023-01-11 07:51:40 +00:00
# Note: llvmPackages is explicitly taken from buildPackages instead of relying
# on splicing. Splicing will evaluate the adjacent (pkgsHostTarget) llvmPackages
# which is sometimes problematic: llvmPackages.clang looks at targetPackages.stdenv.cc
# which, in the unfortunate case of pkgsCross.ghcjs, `throw`s. If we explicitly
# take buildPackages.llvmPackages, this is no problem because
# `buildPackages.targetPackages.stdenv.cc == stdenv.cc` relative to us. Working
# around this is important, because systemd is in the dependency closure of
# GHC via emscripten and jdk.
2021-09-26 12:46:18 +00:00
, bpftools
, libbpf
2023-08-04 22:07:22 +00:00
# Needed to produce a ukify that works for cross compiling UKIs.
, targetPackages
2023-03-27 19:17:25 +00:00
, withAcl ? true
2020-11-12 09:05:59 +00:00
, withAnalyze ? true
, withApparmor ? true
2023-03-27 19:17:25 +00:00
, withAudit ? true
2024-01-25 14:12:00 +00:00
# compiles systemd-boot, assumes EFI is available.
, withBootloader ? withEfi
&& ! stdenv . hostPlatform . isMusl
# "Unknown 64-bit data model"
&& ! stdenv . hostPlatform . isRiscV32
2021-12-26 17:43:05 +00:00
, withCompression ? true # adds bzip2, lz4, xz and zstd
2020-11-30 08:33:03 +00:00
, withCoredump ? true
2020-11-12 09:05:59 +00:00
, withCryptsetup ? true
2023-10-09 19:29:22 +00:00
, withRepart ? true
2020-11-12 09:05:59 +00:00
, withDocumentation ? true
2023-04-12 12:48:02 +00:00
, withEfi ? stdenv . hostPlatform . isEfi
2021-09-26 12:46:18 +00:00
, withFido2 ? true
2023-10-09 19:29:22 +00:00
, withFirstboot ? false # conflicts with the NixOS /etc management
2023-01-20 10:41:00 +00:00
, withHomed ? ! stdenv . hostPlatform . isMusl
2020-11-06 00:33:48 +00:00
, withHostnamed ? true
2020-11-12 09:05:59 +00:00
, withHwdb ? true
2021-12-06 16:07:01 +00:00
, withImportd ? ! stdenv . hostPlatform . isMusl
2024-01-25 14:12:00 +00:00
, withIptables ? true
2023-03-27 19:17:25 +00:00
, withKmod ? true
2023-01-11 07:51:40 +00:00
, withLibBPF ? lib . versionAtLeast buildPackages . llvmPackages . clang . version " 1 0 . 0 "
2023-04-29 16:46:19 +00:00
&& ( stdenv . hostPlatform . isAarch -> lib . versionAtLeast stdenv . hostPlatform . parsed . cpu . version " 6 " ) # assumes hard floats
2023-01-20 10:41:00 +00:00
&& ! stdenv . hostPlatform . isMips64 # see https://github.com/NixOS/nixpkgs/pull/194149#issuecomment-1266642211
2024-01-02 11:29:13 +00:00
# can't find gnu/stubs-32.h
&& ( stdenv . hostPlatform . isPower64 -> stdenv . hostPlatform . isBigEndian )
2024-01-25 14:12:00 +00:00
# https://reviews.llvm.org/D43106#1019077
&& ( stdenv . hostPlatform . isRiscV32 -> stdenv . cc . isClang )
2023-04-29 16:46:19 +00:00
# buildPackages.targetPackages.llvmPackages is the same as llvmPackages,
# but we do it this way to avoid taking llvmPackages as an input, and
# risking making it too easy to ignore the above comment about llvmPackages.
&& lib . meta . availableOn stdenv . hostPlatform buildPackages . targetPackages . llvmPackages . compiler-rt
2023-03-27 19:17:25 +00:00
, withLibidn2 ? true
2020-11-06 00:33:48 +00:00
, withLocaled ? true
2020-11-12 09:05:59 +00:00
, withLogind ? true
, withMachined ? true
2020-11-06 00:33:48 +00:00
, withNetworkd ? true
2021-12-06 16:07:01 +00:00
, withNss ? ! stdenv . hostPlatform . isMusl
2022-09-09 14:08:57 +00:00
, withOomd ? true
2023-03-27 19:17:25 +00:00
, withPam ? true
2024-01-25 14:12:00 +00:00
, withPasswordQuality ? true
2020-11-12 09:05:59 +00:00
, withPCRE2 ? true
, withPolkit ? true
2022-10-30 15:09:59 +00:00
, withPortabled ? ! stdenv . hostPlatform . isMusl
2024-01-25 14:12:00 +00:00
, withQrencode ? true
2021-12-06 16:07:01 +00:00
, withRemote ? ! stdenv . hostPlatform . isMusl
2020-11-12 09:05:59 +00:00
, withResolved ? true
, withShellCompletions ? true
2023-11-16 04:20:00 +00:00
, withSysusers ? true
2023-10-09 19:29:22 +00:00
, withSysupdate ? true
2020-11-06 00:33:48 +00:00
, withTimedated ? true
, withTimesyncd ? true
2022-09-30 11:47:45 +00:00
, withTpm2Tss ? true
2023-04-12 12:48:02 +00:00
, withUkify ? false # adds python to closure which is too much by default
2022-09-30 11:47:45 +00:00
, withUserDb ? true
2022-09-14 18:05:37 +00:00
, withUtmp ? ! stdenv . hostPlatform . isMusl
2024-01-25 14:12:00 +00:00
, withVmspawn ? true
2022-04-15 01:41:22 +00:00
# tests assume too much system access for them to be feasible for us right now
, withTests ? false
2023-11-16 04:20:00 +00:00
# build only libudev and libsystemd
, buildLibsOnly ? false
2020-11-06 00:33:48 +00:00
2020-11-12 09:05:59 +00:00
# name argument
2020-11-06 00:33:48 +00:00
, pname ? " s y s t e m d "
2020-11-12 09:05:59 +00:00
, libxslt
, docbook_xsl
, docbook_xml_dtd_42
, docbook_xml_dtd_45
2024-01-02 11:29:13 +00:00
, withLogTrace ? false
2020-04-24 23:36:52 +00:00
} :
2022-09-22 12:36:57 +00:00
assert withImportd -> withCompression ;
2020-11-12 09:05:59 +00:00
assert withCoredump -> withCompression ;
assert withHomed -> withCryptsetup ;
2023-03-27 19:17:25 +00:00
assert withHomed -> withPam ;
2024-01-02 11:29:13 +00:00
assert withUkify -> ( withEfi && withBootloader ) ;
2023-10-09 19:29:22 +00:00
assert withRepart -> withCryptsetup ;
assert withBootloader -> withEfi ;
2020-11-06 00:33:48 +00:00
2020-09-25 04:45:31 +00:00
let
2020-11-12 09:05:59 +00:00
wantCurl = withRemote || withImportd ;
2022-04-15 01:41:22 +00:00
wantGcrypt = withResolved || withImportd ;
2024-01-25 14:12:00 +00:00
version = " 2 5 5 . 2 " ;
2022-04-15 01:41:22 +00:00
# Bump this variable on every (major) version change. See below (in the meson options list) for why.
# command:
# $ curl -s https://api.github.com/repos/systemd/systemd/releases/latest | \
# jq '.created_at|strptime("%Y-%m-%dT%H:%M:%SZ")|mktime'
2024-01-25 14:12:00 +00:00
releaseTimestamp = " 1 7 0 1 8 9 5 1 1 0 " ;
2020-11-12 09:05:59 +00:00
in
2023-03-04 12:14:45 +00:00
stdenv . mkDerivation ( finalAttrs : {
2021-09-26 12:46:18 +00:00
inherit pname version ;
2020-04-24 23:36:52 +00:00
2020-09-25 04:45:31 +00:00
# We use systemd/systemd-stable for src, and ship NixOS-specific patches inside nixpkgs directly
# This has proven to be less error-prone than the previous systemd fork.
2020-04-24 23:36:52 +00:00
src = fetchFromGitHub {
owner = " s y s t e m d " ;
repo = " s y s t e m d - s t a b l e " ;
2020-09-25 04:45:31 +00:00
rev = " v ${ version } " ;
2024-01-25 14:12:00 +00:00
hash = " s h a 2 5 6 - 8 S f J Y / p c H 4 y r D e J i 0 G f I U p e t T b p M w y s w v S u + R S f g q f Y = " ;
2020-04-24 23:36:52 +00:00
} ;
2022-04-15 01:41:22 +00:00
# On major changes, or when otherwise required, you *must* reformat the patches,
# `git am path/to/00*.patch` them into a systemd worktree, rebase to the more recent
2022-08-12 12:06:08 +00:00
# systemd version, and export the patches again via
# `git -c format.signoff=false format-patch v${version} --no-numbered --zero-commit --no-signature`.
2020-12-25 13:55:36 +00:00
# Use `find . -name "*.patch" | sort` to get an up-to-date listing of all patches
2020-04-24 23:36:52 +00:00
patches = [
./0001-Start-device-units-for-uninitialised-encrypted-devic.patch
2020-05-15 21:57:56 +00:00
./0002-Don-t-try-to-unmount-nix-or-nix-store.patch
./0003-Fix-NixOS-containers.patch
2023-07-15 17:15:38 +00:00
./0004-Add-some-NixOS-specific-unit-directories.patch
./0005-Get-rid-of-a-useless-message-in-user-sessions.patch
./0006-hostnamed-localed-timedated-disable-methods-that-cha.patch
2024-01-25 14:12:00 +00:00
./0007-Change-usr-share-zoneinfo-to-etc-zoneinfo.patch
./0008-localectl-use-etc-X11-xkb-for-list-x11.patch
./0009-add-rootprefix-to-lookup-dir-paths.patch
./0010-systemd-shutdown-execute-scripts-in-etc-systemd-syst.patch
./0011-systemd-sleep-execute-scripts-in-etc-systemd-system-.patch
./0012-path-util.h-add-placeholder-for-DEFAULT_PATH_NORMAL.patch
./0013-inherit-systemd-environment-when-calling-generators.patch
./0014-core-don-t-taint-on-unmerged-usr.patch
./0015-tpm2_context_init-fix-driver-name-checking.patch
./0016-systemctl-edit-suggest-systemdctl-edit-runtime-on-sy.patch
./0017-meson.build-do-not-create-systemdstatedir.patch
] ++ lib . optional ( stdenv . hostPlatform . isLinux && stdenv . hostPlatform . isGnu ) [
./0018-timesyncd-disable-NSCD-when-DNSSEC-validation-is-dis.patch
2022-04-15 01:41:22 +00:00
] ++ lib . optional stdenv . hostPlatform . isMusl (
let
oe-core = fetchzip {
2024-02-07 01:22:34 +00:00
url = " h t t p s : / / g i t . o p e n e m b e d d e d . o r g / o p e n e m b e d d e d - c o r e / s n a p s h o t / o p e n e m b e d d e d - c o r e - 6 f d f 0 3 b d 9 5 0 e 5 5 e f 7 8 8 1 0 4 1 6 0 6 f 6 e 7 6 1 4 1 0 3 3 7 1 6 . t a r . g z " ;
sha256 = " / + 9 a J d O x B Y 8 Y 4 v J P f t O C x m y K 8 L 2 n v R 8 2 K m J x i l 1 a 2 a Y = " ;
2022-04-15 01:41:22 +00:00
} ;
2023-01-20 10:41:00 +00:00
musl-patches = oe-core + " / m e t a / r e c i p e s - c o r e / s y s t e m d / s y s t e m d " ;
2022-04-15 01:41:22 +00:00
in
[
2024-02-07 01:22:34 +00:00
( musl-patches + " / 0 0 1 7 - A d j u s t - f o r - m u s l - h e a d e r s . p a t c h " )
( musl-patches + " / 0 0 1 6 - p a s s - c o r r e c t - p a r a m e t e r s - t o - g e t d e n t s 6 4 . p a t c h " )
( musl-patches + " / 0 0 1 8 - t e s t - b u s - e r r o r - s t r e r r o r - i s - a s s u m e d - t o - b e - G N U - s p e c i f i . p a t c h " )
( musl-patches + " / 0 0 0 1 - m i s s i n g _ t y p e . h - a d d - c o m p a r i s o n _ f n _ t . p a t c h " )
( musl-patches + " / 0 0 0 2 - a d d - f a l l b a c k - p a r s e _ p r i n t f _ f o r m a t - i m p l e m e n t a t i o n . p a t c h " )
( musl-patches + " / 0 0 0 3 - s r c - b a s i c - m i s s i n g . h - c h e c k - f o r - m i s s i n g - s t r n d u p a . p a t c h " )
( musl-patches + " / 0 0 0 4 - d o n - t - f a i l - i f - G L O B _ B R A C E - a n d - G L O B _ A L T D I R F U N C - i s - n o t - . p a t c h " )
( musl-patches + " / 0 0 0 5 - a d d - m i s s i n g - F T W _ - m a c r o s - f o r - m u s l . p a t c h " )
( musl-patches + " / 0 0 0 6 - U s e - u i n t m a x _ t - f o r - h a n d l i n g - r l i m _ t . p a t c h " )
( musl-patches + " / 0 0 0 7 - d o n - t - p a s s - A T _ S Y M L I N K _ N O F O L L O W - f l a g - t o - f a c c e s s a t . p a t c h " )
( musl-patches + " / 0 0 0 8 - D e f i n e - g l i b c - c o m p a t i b l e - b a s e n a m e - f o r - n o n - g l i b c - s y s t e . p a t c h " )
( musl-patches + " / 0 0 0 9 - D o - n o t - d i s a b l e - b u f f e r i n g - w h e n - w r i t i n g - t o - o o m _ s c o r e _ a . p a t c h " )
( musl-patches + " / 0 0 1 0 - d i s t i n g u i s h - X S I - c o m p l i a n t - s t r e r r o r _ r - f r o m - G N U - s p e c i f . p a t c h " )
( musl-patches + " / 0 0 1 1 - a v o i d - r e d e f i n i t i o n - o f - p r c t l _ m m _ m a p - s t r u c t u r e . p a t c h " )
( musl-patches + " / 0 0 1 2 - d o - n o t - d i s a b l e - b u f f e r - i n - w r i t i n g - f i l e s . p a t c h " )
( musl-patches + " / 0 0 1 3 - H a n d l e - _ _ c p u _ m a s k - u s a g e . p a t c h " )
( musl-patches + " / 0 0 1 4 - H a n d l e - m i s s i n g - g s h a d o w . p a t c h " )
( musl-patches + " / 0 0 1 5 - m i s s i n g _ s y s c a l l . h - D e f i n e - M I P S - A B I - d e f i n e s - f o r - m u s l . p a t c h " )
( musl-patches + " / 0 0 2 0 - s d - e v e n t - M a k e - m a l l o c _ t r i m - c o n d i t i o n a l - o n - g l i b c . p a t c h " )
( musl-patches + " / 0 0 2 1 - s h a r e d - D o - n o t - u s e - m a l l o c _ i n f o - o n - m u s l . p a t c h " )
( musl-patches + " / 0 0 2 2 - a v o i d - m i s s i n g - L O C K _ E X - d e c l a r a t i o n . p a t c h " )
2022-04-15 01:41:22 +00:00
]
) ;
2020-04-24 23:36:52 +00:00
postPatch = ''
substituteInPlace src/basic/path-util.h - - replace " @ d e f a u l t P a t h N o r m a l @ " " ${ placeholder " o u t " } / b i n / "
2022-09-14 18:05:37 +00:00
'' + l i b . o p t i o n a l S t r i n g w i t h L i b B P F ''
substituteInPlace meson . build \
- - replace " f i n d _ p r o g r a m ( ' c l a n g ' " " f i n d _ p r o g r a m ( ' ${ stdenv . cc . targetPrefix } c l a n g ' "
2023-08-04 22:07:22 +00:00
'' + l i b . o p t i o n a l S t r i n g w i t h U k i f y ''
substituteInPlace src/ukify/ukify.py \
- - replace \
" ' r e a d e l f ' " \
2024-01-02 11:29:13 +00:00
" ' ${ targetPackages . stdenv . cc . bintools . targetPrefix } r e a d e l f ' " \
- - replace \
" / u s r / l i b / s y s t e m d / b o o t / e f i " \
" $ o u t / l i b / s y s t e m d / b o o t / e f i "
2021-03-09 03:18:52 +00:00
'' + (
let
2022-04-15 01:41:22 +00:00
# The following patches references to dynamic libraries to ensure that
2021-09-26 12:46:18 +00:00
# all the features that are implemented via dlopen(3) are available (or
# explicitly deactivated) by pointing dlopen to the absolute store path
# instead of relying on the linkers runtime lookup code.
2021-03-09 03:18:52 +00:00
#
2021-09-26 12:46:18 +00:00
# All of the shared library references have to be handled. When new ones
# are introduced by upstream (or one of our patches) they must be
# explicitly declared, otherwise the build will fail.
2021-03-09 03:18:52 +00:00
#
# As of systemd version 247 we've seen a few errors like `libpcre2.… not
# found` when using e.g. --grep with journalctl. Those errors should
# become less unexpected now.
#
# There are generally two classes of dlopen(3) calls. Those that we want to
# support and those that should be deactivated / unsupported. This change
# enforces that we handle all dlopen calls explicitly. Meaning: There is
# not a single dlopen call in the source code tree that we did not
# explicitly handle.
#
# In order to do this we introduced a list of attributes that maps from
# shared object name to the package that contains them. The package can be
# null meaning the reference should be nuked and the shared object will
# never be loadable during runtime (because it points at an invalid store
# path location).
#
# To get a list of dynamically loaded libraries issue something like
2021-09-26 12:46:18 +00:00
# `grep -ri '"lib[a-zA-Z0-9-]*\.so[\.0-9a-zA-z]*"'' $src` and update the below list.
dlopenLibs =
let
opt = condition : pkg : if condition then pkg else null ;
in
[
2022-11-21 17:40:18 +00:00
# bpf compilation support. We use libbpf 1 now.
{ name = " l i b b p f . s o . 1 " ; pkg = opt withLibBPF libbpf ; }
{ name = " l i b b p f . s o . 0 " ; pkg = null ; }
2021-09-26 12:46:18 +00:00
2024-01-25 14:12:00 +00:00
# We did never provide support for libxkbcommon
2021-09-26 12:46:18 +00:00
{ name = " l i b x k b c o m m o n . s o . 0 " ; pkg = null ; }
2024-01-25 14:12:00 +00:00
# qrencode
{ name = " l i b q r e n c o d e . s o . 4 " ; pkg = opt withQrencode qrencode ; }
2022-11-21 17:40:18 +00:00
{ name = " l i b q r e n c o d e . s o . 3 " ; pkg = null ; }
2021-09-26 12:46:18 +00:00
2024-01-25 14:12:00 +00:00
# Password quality
# We currently do not package passwdqc, only libpwquality.
{ name = " l i b p w q u a l i t y . s o . 1 " ; pkg = opt withPasswordQuality libpwquality ; }
{ name = " l i b p a s s w d q c . s o . 1 " ; pkg = null ; }
2021-09-26 12:46:18 +00:00
# Only include cryptsetup if it is enabled. We might not be able to
# provide it during "bootstrap" in e.g. the minimal systemd build as
# cryptsetup has udev (aka systemd) in it's dependencies.
{ name = " l i b c r y p t s e t u p . s o . 1 2 " ; pkg = opt withCryptsetup cryptsetup ; }
# We are using libidn2 so we only provide that and ignore the others.
# Systemd does this decision during configure time and uses ifdef's to
# enable specific branches. We can safely ignore (nuke) the libidn "v1"
# libraries.
2023-03-27 19:17:25 +00:00
{ name = " l i b i d n 2 . s o . 0 " ; pkg = opt withLibidn2 libidn2 ; }
2021-09-26 12:46:18 +00:00
{ name = " l i b i d n . s o . 1 2 " ; pkg = null ; }
{ name = " l i b i d n . s o . 1 1 " ; pkg = null ; }
2022-04-15 01:41:22 +00:00
# journalctl --grep requires libpcre so let's provide it
2021-09-26 12:46:18 +00:00
{ name = " l i b p c r e 2 - 8 . s o . 0 " ; pkg = pcre2 ; }
# Support for TPM2 in systemd-cryptsetup, systemd-repart and systemd-cryptenroll
{ name = " l i b t s s 2 - e s y s . s o . 0 " ; pkg = opt withTpm2Tss tpm2-tss ; }
{ name = " l i b t s s 2 - r c . s o . 0 " ; pkg = opt withTpm2Tss tpm2-tss ; }
{ name = " l i b t s s 2 - m u . s o . 0 " ; pkg = opt withTpm2Tss tpm2-tss ; }
2021-12-06 16:07:01 +00:00
{ name = " l i b t s s 2 - t c t i - " ; pkg = opt withTpm2Tss tpm2-tss ; }
2021-09-26 12:46:18 +00:00
{ name = " l i b f i d o 2 . s o . 1 " ; pkg = opt withFido2 libfido2 ; }
2022-04-15 01:41:22 +00:00
# inspect-elf support
{ name = " l i b e l f . s o . 1 " ; pkg = opt withCoredump elfutils ; }
{ name = " l i b d w . s o . 1 " ; pkg = opt withCoredump elfutils ; }
2023-03-27 19:17:25 +00:00
# Support for PKCS#11 in systemd-cryptsetup, systemd-cryptenroll and systemd-homed
{ name = " l i b p 1 1 - k i t . s o . 0 " ; pkg = opt ( withHomed || withCryptsetup ) p11-kit ; }
2023-10-09 19:29:22 +00:00
2024-01-25 14:12:00 +00:00
{ name = " l i b i p 4 t c . s o . 2 " ; pkg = opt withIptables iptables ; }
2021-09-26 12:46:18 +00:00
] ;
2021-01-15 22:18:51 +00:00
2021-03-09 03:18:52 +00:00
patchDlOpen = dl :
let
library = " ${ lib . makeLibraryPath [ dl . pkg ] } / ${ dl . name } " ;
in
if dl . pkg == null then ''
# remove the dependency on the library by replacing it with an invalid path
2021-09-26 12:46:18 +00:00
for file in $ ( grep - lr ' " ${ dl . name } " ' src ) ; do
2023-03-27 19:17:25 +00:00
echo " p a t c h i n g d l o p e n ( \" ${ dl . name } \" , … ) i n $ f i l e t o a n i n v a l i d s t o r e p a t h ( " $ { builtins . storeDir } /eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-not-implemented / $ { dl . name } " ) … "
substituteInPlace " $ f i l e " - - replace ' " ${ dl . name } " ' ' " ${ builtins . storeDir } / e e e e e e e e e e e e e e e e e e e e e e e e e e e e e e e e - n o t - i m p l e m e n t e d / ${ dl . name } " '
2021-03-09 03:18:52 +00:00
done
'' e l s e ''
# ensure that the library we provide actually exists
if ! [ - e $ { library } ] ; then
2021-12-06 16:07:01 +00:00
# exceptional case, details:
# https://github.com/systemd/systemd-stable/blob/v249-stable/src/shared/tpm2-util.c#L157
if ! [ [ " ${ library } " = ~ . * libtss2-tcti- $ ] ] ; then
2022-04-15 01:41:22 +00:00
echo ' The shared library ` $ { library } ` does not exist but was given as substitute for ` $ { dl . name } ` '
2021-12-06 16:07:01 +00:00
exit 1
fi
2021-03-09 03:18:52 +00:00
fi
# make the path to the dependency explicit
2021-09-26 12:46:18 +00:00
for file in $ ( grep - lr ' " ${ dl . name } " ' src ) ; do
2021-03-09 03:18:52 +00:00
echo " p a t c h i n g d l o p e n ( \" ${ dl . name } \" , … ) i n $ f i l e t o ${ library } … "
2021-09-26 12:46:18 +00:00
substituteInPlace " $ f i l e " - - replace ' " ${ dl . name } " ' ' " ${ library } " '
2021-03-09 03:18:52 +00:00
done
2021-09-26 12:46:18 +00:00
2021-03-09 03:18:52 +00:00
'' ;
in
# patch all the dlopen calls to contain absolute paths to the libraries
lib . concatMapStringsSep " \n " patchDlOpen dlopenLibs
)
2021-09-26 12:46:18 +00:00
# finally ensure that there are no left-over dlopen calls (or rather strings pointing to shared libraries) that we didn't handle
2021-01-15 22:18:51 +00:00
+ ''
2021-09-26 12:46:18 +00:00
if grep - qr ' " l i b [ a - z A - Z 0 - 9 - ] * \. s o [ \. 0 - 9 a - z A - z ] * " ' src ; then
echo " F o u n d u n h a n d l e d d y n a m i c l i b r a r y c a l l s : "
grep - r ' " l i b [ a - z A - Z 0 - 9 - ] * \. s o [ \. 0 - 9 a - z A - z ] * " ' src
2021-01-15 22:18:51 +00:00
exit 1
fi
2021-09-26 12:46:18 +00:00
''
2022-06-16 17:23:12 +00:00
# Finally, patch shebangs in scripts used at build time. This must not patch
# scripts that will end up in the output, to avoid build platform references
# when cross-compiling.
2021-09-26 12:46:18 +00:00
+ ''
2022-06-16 17:23:12 +00:00
shopt - s extglob
2023-04-12 12:48:02 +00:00
patchShebangs tools test src / ! ( rpm | kernel-install | ukify ) src/kernel-install/test-kernel-install.sh
2020-04-24 23:36:52 +00:00
'' ;
2023-11-16 04:20:00 +00:00
outputs = [ " o u t " " d e v " ] ++ ( lib . optional ( ! buildLibsOnly ) " m a n " ) ;
2020-04-24 23:36:52 +00:00
2021-09-26 12:46:18 +00:00
nativeBuildInputs =
[
pkg-config
2022-10-30 15:09:59 +00:00
makeBinaryWrapper
2021-09-26 12:46:18 +00:00
gperf
ninja
meson
glibcLocales
getent
m4
intltool
gettext
libxslt
docbook_xsl
docbook_xml_dtd_42
docbook_xml_dtd_45
2023-03-04 12:14:45 +00:00
bash
2023-10-09 19:29:22 +00:00
( buildPackages . python3Packages . python . withPackages ( ps : with ps ; [ lxml jinja2 ] ++ lib . optional withEfi ps . pyelftools ) )
2021-09-26 12:46:18 +00:00
]
2022-09-14 18:05:37 +00:00
++ lib . optionals withLibBPF [
2021-09-26 12:46:18 +00:00
bpftools
2023-01-11 07:51:40 +00:00
buildPackages . llvmPackages . clang
buildPackages . llvmPackages . libllvm
2021-09-26 12:46:18 +00:00
]
;
2021-09-18 10:52:07 +00:00
2021-09-26 12:46:18 +00:00
buildInputs =
[
2022-10-30 15:09:59 +00:00
libxcrypt
2021-09-26 12:46:18 +00:00
libcap
libuuid
linuxHeaders
2023-03-04 12:14:45 +00:00
bashInteractive # for patch shebangs
2021-09-26 12:46:18 +00:00
]
2023-03-04 12:14:45 +00:00
++ lib . optionals wantGcrypt [ libgcrypt libgpg-error ]
2022-04-15 01:41:22 +00:00
++ lib . optional withTests glib
2023-03-27 19:17:25 +00:00
++ lib . optional withAcl acl
2021-09-26 12:46:18 +00:00
++ lib . optional withApparmor libapparmor
2023-03-27 19:17:25 +00:00
++ lib . optional withAudit audit
2021-09-26 12:46:18 +00:00
++ lib . optional wantCurl ( lib . getDev curl )
2024-01-25 14:12:00 +00:00
++ lib . optionals withCompression [ zlib bzip2 lz4 xz zstd ]
2021-12-26 17:43:05 +00:00
++ lib . optional withCoredump elfutils
2021-09-26 12:46:18 +00:00
++ lib . optional withCryptsetup ( lib . getDev cryptsetup . dev )
++ lib . optional withKexectools kexec-tools
2023-03-27 19:17:25 +00:00
++ lib . optional withKmod kmod
++ lib . optional withLibidn2 libidn2
2021-09-26 12:46:18 +00:00
++ lib . optional withLibseccomp libseccomp
2024-01-25 14:12:00 +00:00
++ lib . optional withIptables iptables
2023-03-27 19:17:25 +00:00
++ lib . optional withPam pam
2021-09-26 12:46:18 +00:00
++ lib . optional withPCRE2 pcre2
++ lib . optional withSelinux libselinux
2024-01-13 08:15:51 +00:00
++ lib . optionals withRemote [ libmicrohttpd gnutls ]
2023-03-27 19:17:25 +00:00
++ lib . optionals ( withHomed || withCryptsetup ) [ p11-kit ]
2021-09-26 12:46:18 +00:00
++ lib . optionals ( withHomed || withCryptsetup ) [ libfido2 ]
++ lib . optionals withLibBPF [ libbpf ]
2021-12-06 16:07:01 +00:00
++ lib . optional withTpm2Tss tpm2-tss
2023-04-12 12:48:02 +00:00
++ lib . optional withUkify ( python3Packages . python . withPackages ( ps : with ps ; [ pefile ] ) )
2024-01-25 14:12:00 +00:00
++ lib . optionals withPasswordQuality [ libpwquality ]
++ lib . optionals withQrencode [ qrencode ]
2020-11-30 08:33:03 +00:00
;
2020-04-24 23:36:52 +00:00
2023-11-16 04:20:00 +00:00
mesonBuildType = " r e l e a s e " ;
2020-04-24 23:36:52 +00:00
mesonFlags = [
2024-01-25 14:12:00 +00:00
# Options
2022-04-15 01:41:22 +00:00
# We bump this variable on every (major) version change to ensure
# that we have known-good value for a timestamp that is in the (not so distant) past.
# This serves as a lower bound for valid system timestamps during startup. Systemd will
# reset the system timestamp if this date is +- 15 years from the system time.
# See the systemd v250 release notes for further details:
# https://github.com/systemd/systemd/blob/60e930fc3e6eb8a36fbc184773119eb8d2f30364/NEWS#L258-L266
2024-01-25 14:12:00 +00:00
( lib . mesonOption " t i m e - e p o c h " releaseTimestamp )
2020-12-03 08:41:04 +00:00
2024-01-25 14:12:00 +00:00
( lib . mesonOption " v e r s i o n - t a g " version )
( lib . mesonOption " m o d e " " r e l e a s e " )
( lib . mesonOption " t t y - g i d " " 3 " ) # tty in NixOS has gid 3
( lib . mesonOption " d e b u g - s h e l l " " ${ bashInteractive } / b i n / b a s h " )
( lib . mesonOption " p a m c o n f d i r " " ${ placeholder " o u t " } / e t c / p a m . d " )
2020-12-03 08:41:04 +00:00
# Use cgroupsv2. This is already the upstream default, but better be explicit.
2024-01-25 14:12:00 +00:00
( lib . mesonOption " d e f a u l t - h i e r a r c h y " " u n i f i e d " )
( lib . mesonOption " k m o d - p a t h " " ${ kmod } / b i n / k m o d " )
# D-Bus
( lib . mesonOption " d b u s p o l i c y d i r " " ${ placeholder " o u t " } / s h a r e / d b u s - 1 / s y s t e m . d " )
( lib . mesonOption " d b u s s e s s i o n s e r v i c e d i r " " ${ placeholder " o u t " } / s h a r e / d b u s - 1 / s e r v i c e s " )
( lib . mesonOption " d b u s s y s t e m s e r v i c e d i r " " ${ placeholder " o u t " } / s h a r e / d b u s - 1 / s y s t e m - s e r v i c e s " )
# pkgconfig
( lib . mesonOption " p k g c o n f i g l i b d i r " " ${ placeholder " d e v " } / l i b / p k g c o n f i g " )
( lib . mesonOption " p k g c o n f i g d a t a d i r " " ${ placeholder " d e v " } / s h a r e / p k g c o n f i g " )
# Keyboard
( lib . mesonOption " l o a d k e y s - p a t h " " ${ kbd } / b i n / l o a d k e y s " )
( lib . mesonOption " s e t f o n t - p a t h " " ${ kbd } / b i n / s e t f o n t " )
# SBAT
( lib . mesonOption " s b a t - d i s t r o " " n i x o s " )
( lib . mesonOption " s b a t - d i s t r o - s u m m a r y " " N i x O S " )
( lib . mesonOption " s b a t - d i s t r o - u r l " " h t t p s : / / n i x o s . o r g / " )
( lib . mesonOption " s b a t - d i s t r o - p k g n a m e " pname )
( lib . mesonOption " s b a t - d i s t r o - v e r s i o n " version )
# Users
( lib . mesonOption " s y s t e m - u i d - m a x " " 9 9 9 " )
( lib . mesonOption " s y s t e m - g i d - m a x " " 9 9 9 " )
# SysVinit
( lib . mesonOption " s y s v i n i t - p a t h " " " )
( lib . mesonOption " s y s v r c n d - p a t h " " " )
# Login
( lib . mesonOption " s u l o g i n - p a t h " " ${ util-linux . login } / b i n / s u l o g i n " )
( lib . mesonOption " n o l o g i n - p a t h " " ${ util-linux . login } / b i n / n o l o g i n " )
# Mount
( lib . mesonOption " m o u n t - p a t h " " ${ lib . getOutput " m o u n t " util-linux } / b i n / m o u n t " )
( lib . mesonOption " u m o u n t - p a t h " " ${ lib . getOutput " m o u n t " util-linux } / b i n / u m o u n t " )
# Features
# Tests
( lib . mesonBool " t e s t s " withTests )
( lib . mesonEnable " g l i b " withTests )
( lib . mesonEnable " d b u s " withTests )
# Compression
( lib . mesonEnable " b z i p 2 " withCompression )
( lib . mesonEnable " l z 4 " withCompression )
( lib . mesonEnable " x z " withCompression )
( lib . mesonEnable " z s t d " withCompression )
( lib . mesonEnable " z l i b " withCompression )
# NSS
( lib . mesonEnable " n s s - m y m a c h i n e s " withNss )
( lib . mesonEnable " n s s - r e s o l v e " withNss )
( lib . mesonBool " n s s - m y h o s t n a m e " withNss )
( lib . mesonBool " n s s - s y s t e m d " withNss )
# Cryptsetup
( lib . mesonEnable " l i b c r y p t s e t u p " withCryptsetup )
( lib . mesonEnable " l i b c r y p t s e t u p - p l u g i n s " withCryptsetup )
( lib . mesonEnable " p 1 1 k i t " ( withHomed || withCryptsetup ) )
# FIDO2
( lib . mesonEnable " l i b f i d o 2 " withFido2 )
( lib . mesonEnable " o p e n s s l " withFido2 )
# Password Quality
( lib . mesonEnable " p w q u a l i t y " withPasswordQuality )
( lib . mesonEnable " p a s s w d q c " false )
# Remote
( lib . mesonEnable " r e m o t e " withRemote )
( lib . mesonEnable " m i c r o h t t p d " withRemote )
( lib . mesonEnable " p a m " withPam )
( lib . mesonEnable " a c l " withAcl )
( lib . mesonEnable " a u d i t " withAudit )
( lib . mesonEnable " a p p a r m o r " withApparmor )
( lib . mesonEnable " g c r y p t " wantGcrypt )
( lib . mesonEnable " i m p o r t d " withImportd )
( lib . mesonEnable " h o m e d " withHomed )
( lib . mesonEnable " p o l k i t " withPolkit )
( lib . mesonEnable " e l f u t i l s " withCoredump )
( lib . mesonEnable " l i b c u r l " wantCurl )
( lib . mesonEnable " l i b i d n " false )
( lib . mesonEnable " l i b i d n 2 " withLibidn2 )
( lib . mesonEnable " l i b i p t c " withIptables )
( lib . mesonEnable " r e p a r t " withRepart )
( lib . mesonEnable " s y s u p d a t e " withSysupdate )
( lib . mesonEnable " s e l i n u x " withSelinux )
( lib . mesonEnable " t p m 2 " withTpm2Tss )
( lib . mesonEnable " p c r e 2 " withPCRE2 )
( lib . mesonEnable " b p f - f r a m e w o r k " withLibBPF )
( lib . mesonEnable " b o o t l o a d e r " withBootloader )
( lib . mesonEnable " u k i f y " withUkify )
( lib . mesonEnable " k m o d " withKmod )
( lib . mesonEnable " q r e n c o d e " withQrencode )
( lib . mesonEnable " v m s p a w n " withVmspawn )
( lib . mesonEnable " x e n c t r l " false )
( lib . mesonEnable " g n u t l s " false )
( lib . mesonEnable " x k b c o m m o n " false )
( lib . mesonEnable " m a n " true )
( lib . mesonBool " a n a l y z e " withAnalyze )
( lib . mesonBool " l o g i n d " withLogind )
( lib . mesonBool " l o c a l e d " withLocaled )
( lib . mesonBool " h o s t n a m e d " withHostnamed )
( lib . mesonBool " m a c h i n e d " withMachined )
( lib . mesonBool " n e t w o r k d " withNetworkd )
( lib . mesonBool " o o m d " withOomd )
( lib . mesonBool " p o r t a b l e d " withPortabled )
( lib . mesonBool " h w d b " withHwdb )
( lib . mesonBool " t i m e d a t e d " withTimedated )
( lib . mesonBool " t i m e s y n c d " withTimesyncd )
( lib . mesonBool " u s e r d b " withUserDb )
( lib . mesonBool " c o r e d u m p " withCoredump )
( lib . mesonBool " f i r s t b o o t " withFirstboot )
( lib . mesonBool " r e s o l v e " withResolved )
( lib . mesonBool " s y s u s e r s " withSysusers )
( lib . mesonBool " e f i " withEfi )
( lib . mesonBool " u t m p " withUtmp )
( lib . mesonBool " l o g - t r a c e " withLogTrace )
( lib . mesonBool " q u o t a c h e c k " false )
( lib . mesonBool " l d c o n f i g " false )
( lib . mesonBool " i n s t a l l - s y s c o n f d i r " false )
( lib . mesonBool " c r e a t e - l o g - d i r s " false )
( lib . mesonBool " s m a c k " true )
( lib . mesonBool " b _ p i e " true )
2023-04-12 12:48:02 +00:00
2020-11-12 09:05:59 +00:00
] ++ lib . optionals ( withShellCompletions == false ) [
2024-01-25 14:12:00 +00:00
( lib . mesonOption " b a s h c o m p l e t i o n d i r " " n o " )
( lib . mesonOption " z s h c o m p l e t i o n d i r " " n o " )
2021-12-06 16:07:01 +00:00
] ++ lib . optionals stdenv . hostPlatform . isMusl [
2024-01-25 14:12:00 +00:00
( lib . mesonBool " g s h a d o w " false )
( lib . mesonBool " i d n " false )
2020-04-24 23:36:52 +00:00
] ;
2022-04-15 01:41:22 +00:00
preConfigure =
let
2022-12-28 21:21:41 +00:00
# A list of all the runtime binaries that the systemd executables, tests and libraries are referencing in their source code, scripts and unit files.
2022-04-15 01:41:22 +00:00
# As soon as a dependency isn't required anymore we should remove it from the list. The `where` attribute for each of the replacement patterns must be exhaustive. If another (unhandled) case is found in the source code the build fails with an error message.
binaryReplacements = [
{ search = " / u s r / b i n / g e t e n t " ; replacement = " ${ getent } / b i n / g e t e n t " ; where = [ " s r c / n s p a w n / n s p a w n - s e t u i d . c " ] ; }
{
search = " / s b i n / m k s w a p " ;
replacement = " ${ lib . getBin util-linux } / s b i n / m k s w a p " ;
where = [
" m a n / s y s t e m d - m a k e f s @ . s e r v i c e . x m l "
] ;
}
2023-08-04 22:07:22 +00:00
{ search = " / s b i n / s w a p o n " ; replacement = " ${ lib . getOutput " s w a p " util-linux } / s b i n / s w a p o n " ; where = [ " s r c / c o r e / s w a p . c " " s r c / b a s i c / u n i t - d e f . h " ] ; }
{ search = " / s b i n / s w a p o f f " ; replacement = " ${ lib . getOutput " s w a p " util-linux } / s b i n / s w a p o f f " ; where = [ " s r c / c o r e / s w a p . c " ] ; }
2022-04-15 01:41:22 +00:00
{
search = " / b i n / e c h o " ;
replacement = " ${ coreutils } / b i n / e c h o " ;
where = [
" m a n / s y s t e m d - a n a l y z e . x m l "
" m a n / s y s t e m d . s e r v i c e . x m l "
2023-10-09 19:29:22 +00:00
" m a n / s y s t e m d - r u n . x m l "
2022-04-15 01:41:22 +00:00
" s r c / a n a l y z e / t e s t - v e r i f y . c "
" s r c / t e s t / t e s t - e n v - f i l e . c "
" s r c / t e s t / t e s t - f i l e i o . c "
2022-08-12 12:06:08 +00:00
" s r c / t e s t / t e s t - l o a d - f r a g m e n t . c "
2022-04-15 01:41:22 +00:00
] ;
}
{
search = " / b i n / c a t " ;
replacement = " ${ coreutils } / b i n / c a t " ;
2023-10-09 19:29:22 +00:00
where = [ " t e s t / t e s t - e x e c u t e / e x e c - n o e x e c p a t h s - s i m p l e . s e r v i c e " " s r c / j o u r n a l / c a t . c " ] ;
2022-04-15 01:41:22 +00:00
}
{
search = " / u s r / l i b / s y s t e m d / s y s t e m d - f s c k " ;
replacement = " $ o u t / l i b / s y s t e m d / s y s t e m d - f s c k " ;
where = [
" m a n / s y s t e m d - f s c k @ . s e r v i c e . x m l "
] ;
}
] ++ lib . optionals withImportd [
{
search = " \" g p g \" " ;
replacement = " \\ \" ${ gnupg } / b i n / g p g \\ \" " ;
where = [ " s r c / i m p o r t / p u l l - c o m m o n . c " ] ;
}
{
search = " \" t a r \" " ;
replacement = " \\ \" ${ gnutar } / b i n / t a r \\ \" " ;
where = [
" s r c / i m p o r t / e x p o r t - t a r . c "
" s r c / i m p o r t / i m p o r t - c o m m o n . c "
" s r c / i m p o r t / i m p o r t - t a r . c "
2022-08-12 12:06:08 +00:00
] ;
ignore = [
2022-12-28 21:21:41 +00:00
# occurrences here refer to the tar sub command
2022-08-12 12:06:08 +00:00
" s r c / s y s u p d a t e / s y s u p d a t e - r e s o u r c e . c "
" s r c / s y s u p d a t e / s y s u p d a t e - t r a n s f e r . c "
" s r c / i m p o r t / p u l l . c "
" s r c / i m p o r t / e x p o r t . c "
2022-04-15 01:41:22 +00:00
" s r c / i m p o r t / i m p o r t . c "
" s r c / i m p o r t / i m p o r t d . c "
2022-08-12 12:06:08 +00:00
# runs `tar` but also also creates a temporary directory with the string
2022-04-15 01:41:22 +00:00
" s r c / i m p o r t / p u l l - t a r . c "
] ;
}
2023-03-27 19:17:25 +00:00
] ++ lib . optionals withKmod [
{ search = " / s b i n / m o d p r o b e " ; replacement = " ${ lib . getBin kmod } / s b i n / m o d p r o b e " ; where = [ " u n i t s / m o d p r o b e @ . s e r v i c e " ] ; }
2022-04-15 01:41:22 +00:00
] ;
# { replacement, search, where } -> List[str]
2022-10-30 15:09:59 +00:00
mkSubstitute = { replacement , search , where , ignore ? [ ] }:
2022-04-15 01:41:22 +00:00
map ( path : " s u b s t i t u t e I n P l a c e ${ path } - - r e p l a c e ' ${ search } ' \" ${ replacement } \" " ) where ;
2022-10-30 15:09:59 +00:00
mkEnsureSubstituted = { replacement , search , where , ignore ? [ ] }:
let
ignore' = lib . concatStringsSep " | " ( ignore ++ [ " ^ t e s t " " N E W S " ] ) ;
in
''
set + e
search = $ ( grep ' $ { search } ' - r | grep - v " ${ replacement } " | grep - Ev " ${ ignore' } " )
set - e
if [ [ - n " $ s e a r c h " ] ] ; then
echo " N o t a l l r e f e r e n c e s t o ' ${ search } ' h a v e b e e n r e p l a c e d . F o u n d t h e f o l l o w i n g m a t c h e s : "
echo " $ s e a r c h "
exit 1
fi
'' ;
2022-04-15 01:41:22 +00:00
in
''
mesonFlagsArray + = ( - Dntp-servers = " 0 . n i x o s . p o o l . n t p . o r g 1 . n i x o s . p o o l . n t p . o r g 2 . n i x o s . p o o l . n t p . o r g 3 . n i x o s . p o o l . n t p . o r g " )
export LC_ALL = " e n _ U S . U T F - 8 " ;
2020-04-24 23:36:52 +00:00
2022-04-15 01:41:22 +00:00
$ { lib . concatStringsSep " \n " ( lib . flatten ( map mkSubstitute binaryReplacements ) ) }
$ { lib . concatMapStringsSep " \n " mkEnsureSubstituted binaryReplacements }
2020-04-24 23:36:52 +00:00
2022-04-15 01:41:22 +00:00
substituteInPlace src/libsystemd/sd-journal/catalog.c \
- - replace /usr/lib/systemd/catalog / $ out/lib/systemd/catalog /
2022-08-12 12:06:08 +00:00
substituteInPlace src/import/pull-tar.c \
- - replace ' wait_for_terminate_and_check ( " t a r " ' ' wait_for_terminate_and_check ( " ${ gnutar } / b i n / t a r " '
2022-04-15 01:41:22 +00:00
'' ;
2020-04-24 23:36:52 +00:00
# These defines are overridden by CFLAGS and would trigger annoying
# warning messages
postConfigure = ''
substituteInPlace config . h \
- - replace " P O L K I T _ A G E N T _ B I N A R Y _ P A T H " " _ P O L K I T _ A G E N T _ B I N A R Y _ P A T H " \
- - replace " S Y S T E M D _ B I N A R Y _ P A T H " " _ S Y S T E M D _ B I N A R Y _ P A T H " \
2022-04-15 01:41:22 +00:00
- - replace " S Y S T E M D _ C G R O U P _ A G E N T S _ P A T H " " _ S Y S T E M D _ C G R O U P _ A G E N T _ P A T H "
2020-04-24 23:36:52 +00:00
'' ;
2023-03-04 12:14:45 +00:00
env . NIX_CFLAGS_COMPILE = toString ( [
2020-04-24 23:36:52 +00:00
# Can't say ${polkit.bin}/bin/pkttyagent here because that would
# lead to a cyclic dependency.
2020-11-12 09:05:59 +00:00
" - U P O L K I T _ A G E N T _ B I N A R Y _ P A T H "
" - D P O L K I T _ A G E N T _ B I N A R Y _ P A T H = \" / r u n / c u r r e n t - s y s t e m / s w / b i n / p k t t y a g e n t \" "
2020-04-24 23:36:52 +00:00
# Set the release_agent on /sys/fs/cgroup/systemd to the
# currently running systemd (/run/current-system/systemd) so
# that we don't use an obsolete/garbage-collected release agent.
2022-04-15 01:41:22 +00:00
" - U S Y S T E M D _ C G R O U P _ A G E N T S _ P A T H "
" - D S Y S T E M D _ C G R O U P _ A G E N T S _ P A T H = \" / r u n / c u r r e n t - s y s t e m / s y s t e m d / l i b / s y s t e m d / s y s t e m d - c g r o u p s - a g e n t \" "
2020-04-24 23:36:52 +00:00
2020-11-12 09:05:59 +00:00
" - U S Y S T E M D _ B I N A R Y _ P A T H "
" - D S Y S T E M D _ B I N A R Y _ P A T H = \" / r u n / c u r r e n t - s y s t e m / s y s t e m d / l i b / s y s t e m d / s y s t e m d \" "
2021-12-06 16:07:01 +00:00
] ++ lib . optionals stdenv . hostPlatform . isMusl [
" - D _ _ U A P I _ D E F _ E T H H D R = 0 "
] ) ;
2020-04-24 23:36:52 +00:00
doCheck = false ; # fails a bunch of tests
# trigger the test -n "$DESTDIR" || mutate in upstreams build system
preInstall = ''
export DESTDIR = /
'' ;
2023-11-16 04:20:00 +00:00
mesonInstallTags = lib . optionals buildLibsOnly [ " d e v e l " " l i b u d e v " " l i b s y s t e m d " ] ;
postInstall = lib . optionalString ( ! buildLibsOnly ) ''
2020-04-24 23:36:52 +00:00
mkdir - p $ out/example/systemd
2023-03-27 19:17:25 +00:00
mv $ out/lib / { binfmt . d , sysctl . d , tmpfiles . d } $ out/example
2020-04-24 23:36:52 +00:00
mv $ out/lib/systemd / { system , user } $ out/example/systemd
rm - rf $ out/etc/systemd/system
# Fix reference to /bin/false in the D-Bus services.
for i in $ out/share/dbus-1/system-services /* . s e r v i c e ; d o
substituteInPlace $ i - - replace /bin/false $ { coreutils } /bin/false
done
rm - rf $ out/etc/rpm
# "kernel-install" shouldn't be used on NixOS.
find $ out - name " * k e r n e l - i n s t a l l * " - exec rm { } \ ;
2020-11-12 09:05:59 +00:00
'' + l i b . o p t i o n a l S t r i n g ( ! w i t h D o c u m e n t a t i o n ) ''
rm - rf $ out/share/doc
2023-11-16 04:20:00 +00:00
'' + l i b . o p t i o n a l S t r i n g ( w i t h K m o d & & ! b u i l d L i b s O n l y ) ''
2023-03-27 19:17:25 +00:00
mv $ out/lib/modules-load.d $ out/example
2023-11-16 04:20:00 +00:00
'' + l i b . o p t i o n a l S t r i n g w i t h S y s u s e r s ''
mv $ out/lib/sysusers.d $ out/example
2020-11-12 09:05:59 +00:00
'' ;
2020-04-24 23:36:52 +00:00
2022-05-18 14:49:53 +00:00
# Avoid *.EFI binary stripping. At least on aarch64-linux strip
# removes too much from PE32+ files:
# https://github.com/NixOS/nixpkgs/issues/169693
# The hack is to move EFI file out of lib/ before doStrip
# run and return it after doStrip run.
2023-10-09 19:29:22 +00:00
preFixup = lib . optionalString withBootloader ''
2022-05-18 14:49:53 +00:00
mv $ out/lib/systemd/boot/efi $ out/dont-strip-me
'' ;
2022-10-30 15:09:59 +00:00
# Wrap in the correct path for LUKS2 tokens.
postFixup = lib . optionalString withCryptsetup ''
2024-01-25 14:12:00 +00:00
for f in bin/systemd-cryptsetup bin/systemd-cryptenroll ; do
2022-10-30 15:09:59 +00:00
# This needs to be in LD_LIBRARY_PATH because rpath on a binary is not propagated to libraries using dlopen, in this case `libcryptsetup.so`
wrapProgram $ out / $ f - - prefix LD_LIBRARY_PATH : $ { placeholder " o u t " } /lib/cryptsetup
done
2023-10-09 19:29:22 +00:00
'' + l i b . o p t i o n a l S t r i n g w i t h B o o t l o a d e r ''
2022-05-18 14:49:53 +00:00
mv $ out/dont-strip-me $ out/lib/systemd/boot/efi
2023-08-04 22:07:22 +00:00
'' + l i b . o p t i o n a l S t r i n g w i t h U k i f y ''
# To cross compile a derivation that builds a UKI with ukify, we need to wrap
# ukify with the correct binutils. When wrapping, no splicing happens so we
# have to explicitly pull binutils from targetPackages.
2024-01-25 14:12:00 +00:00
wrapProgram $ out/bin/ukify - - prefix PATH : $ { lib . makeBinPath [ targetPackages . stdenv . cc . bintools ] }: $ { placeholder " o u t " } /lib/systemd
2022-05-18 14:49:53 +00:00
'' ;
2023-03-04 12:14:45 +00:00
disallowedReferences = lib . optionals ( stdenv . buildPlatform != stdenv . hostPlatform )
# 'or p' is for manually specified buildPackages as they dont have __spliced
( builtins . map ( p : p . __spliced . buildHost or p ) finalAttrs . nativeBuildInputs ) ;
2022-02-10 20:34:41 +00:00
passthru = {
# The interface version prevents NixOS from switching to an
# incompatible systemd at runtime. (Switching across reboots is
# fine, of course.) It should be increased whenever systemd changes
# in a backwards-incompatible way. If the interface version of two
# systemd builds is the same, then we can switch between them at
# runtime; otherwise we can't and we need to reboot.
interfaceVersion = 2 ;
2023-03-27 19:17:25 +00:00
inherit withCryptsetup withHostnamed withImportd withKmod withLocaled withMachined withPortabled withTimedated withUtmp util-linux kmod kbd ;
2022-02-10 20:34:41 +00:00
tests = {
2024-01-13 08:15:51 +00:00
inherit ( nixosTests )
switchTest
systemd-journal
systemd-journal-gateway
systemd-journal-upload ;
2023-04-29 16:46:19 +00:00
cross = pkgsCross . ${ if stdenv . buildPlatform . isAarch64 then " g n u 6 4 " else " a a r c h 6 4 - m u l t i p l a t f o r m " } . systemd ;
2022-02-10 20:34:41 +00:00
} ;
2021-12-19 01:06:50 +00:00
} ;
2020-11-12 09:05:59 +00:00
meta = with lib ; {
2020-04-24 23:36:52 +00:00
homepage = " h t t p s : / / w w w . f r e e d e s k t o p . o r g / w i k i / S o f t w a r e / s y s t e m d / " ;
description = " A s y s t e m a n d s e r v i c e m a n a g e r f o r L i n u x " ;
license = licenses . lgpl21Plus ;
platforms = platforms . linux ;
2023-02-02 18:25:31 +00:00
badPlatforms = [ lib . systems . inspect . platformPatterns . isStatic ] ;
2022-05-18 14:49:53 +00:00
# https://github.com/systemd/systemd/issues/20600#issuecomment-912338965
broken = stdenv . hostPlatform . isStatic ;
2020-04-24 23:36:52 +00:00
priority = 10 ;
2023-11-16 04:20:00 +00:00
maintainers = with maintainers ; [ flokli kloenk ] ;
2020-04-24 23:36:52 +00:00
} ;
2023-03-04 12:14:45 +00:00
} )
