mirror of
https://git.proxmox.com/git/systemd
synced 2026-01-05 03:17:54 +00:00
ac866cbd38
Ship test-seccomp in libsystemd-dev and run it as autopkgtest, so that it's easier to spot regressions like issue #5215. Gbp-Dch: Short
371 lines
12 KiB
Makefile
Executable File
371 lines
12 KiB
Makefile
Executable File
#! /usr/bin/make -f
|
|
|
|
#export DH_VERBOSE = 1
|
|
#export DEB_BUILD_OPTIONS = nostrip
|
|
|
|
include /usr/share/dpkg/default.mk
|
|
|
|
ifeq ($(DEB_VENDOR),Ubuntu)
|
|
DEFAULT_NTP_SERVERS = ntp.ubuntu.com
|
|
BREAKS_USB_MODESWITCH =
|
|
SUPPORT_URL = http://www.ubuntu.com/support
|
|
else
|
|
DEFAULT_NTP_SERVERS = 0.debian.pool.ntp.org 1.debian.pool.ntp.org 2.debian.pool.ntp.org 3.debian.pool.ntp.org
|
|
BREAKS_USB_MODESWITCH = usb-modeswitch (<< 2.3.0+repack0-1~)
|
|
SUPPORT_URL = https://www.debian.org/support
|
|
endif
|
|
|
|
# Drop these after stretch
|
|
BREAKS_RCS_COMPAT = \
|
|
ifupdown (<< 0.8), \
|
|
keyboard-configuration (<< 1.141), \
|
|
kbd (<< 2.0.3-2), \
|
|
nfs-common (<< 1:1.2.8-9.1), \
|
|
rpcbind (<< 0.2.3-0.1), \
|
|
hdparm (<< 9.48+ds-1), \
|
|
screen (<< 4.3.1-2), \
|
|
mdadm (<< 3.4-2), \
|
|
console-common (<< 0.7.89), \
|
|
ebtables (<< 2.0.10.4-3.5), \
|
|
ufw (<< 0.34-1), \
|
|
virtualbox-guest-x11 (<< 5.0.12-dfsg-2), \
|
|
rdnssd (<< 1.0.1-5), \
|
|
pidentd (<< 3.0.19.ds1-7.1), \
|
|
shorewall (<< 5.0.3.1-1), \
|
|
setserial (<< 2.17-49), \
|
|
apparmor (<< 2.10.95-1), \
|
|
ipsec-tools (<< 1:0.8.2+20140711-6), \
|
|
ferm (<< 2.2-3.1), \
|
|
mt-st (<< 1.3-1), \
|
|
scsitools (<< 0.12-2.3), \
|
|
clvm (<< 2.02.156-1), \
|
|
zfs-fuse (<< 0.7.0-13.1), \
|
|
multipath-tools (<< 0.5.0+git1.656f8865-3), \
|
|
shorewall6 (<< 5.0.3.1-1), \
|
|
arno-iptables-firewall (<< 2.0.1.f-1), \
|
|
ifrename (<< 30~pre9-9), \
|
|
live-tools (<< 1:20151214+nmu1), \
|
|
selinux-basics (<< 0.5.3), \
|
|
adjtimex (<< 1.29-6), \
|
|
nbd-client (<< 1:3.14-1), \
|
|
ifupdown-extra (<< 0.27), \
|
|
eeepc-acpi-scripts (<< 1.1.12+nmu1), \
|
|
aoetools (<< 36-1.1), \
|
|
ocfs2-tools (<< 1.8.4-2), \
|
|
shorewall-init (<< 5.0.3.1-1), \
|
|
espeakup (<< 1:0.71-27.1), \
|
|
cman (<< 3.1.8-1.3+rm), \
|
|
gfs2-utils (<< 3.1.8-1), \
|
|
gfs2-cluster (<< 3.1.8-1), \
|
|
srptools (<< 1.0.3-1), \
|
|
ifscheme (<< 1.7-4), \
|
|
gom (<< 0.30.2-7), \
|
|
atm-tools (<< 1:2.5.1-1.6), \
|
|
switchconf (<< 0.0.15-1), \
|
|
shorewall-lite (<< 5.0.3.1-1), \
|
|
rgmanager (<< 3.1.8-1.3+rm), \
|
|
zvbi (<< 0.2.35-10), \
|
|
fiaif (<< 1.23.1-4+rm), \
|
|
netenv (<< 0.94.3-30+rm), \
|
|
shorewall6-lite (<< 5.0.3.1-1), \
|
|
natlog (<< 1.02.00-4),
|
|
|
|
# fail on missing files and symbols changes on distro builds, but not if we
|
|
# build/test upstream master
|
|
ifeq ($(TEST_UPSTREAM),)
|
|
DH_INSTALL_MISSING = --fail-missing
|
|
GENSYMBOLS_LEVEL = 4
|
|
else
|
|
DH_INSTALL_MISSING = --list-missing
|
|
GENSYMBOLS_LEVEL = 1
|
|
BREAKS_RCS_COMPAT =
|
|
endif
|
|
|
|
ifneq (, $(filter noudeb, $(DEB_BUILD_OPTIONS)))
|
|
export DEB_BUILD_PROFILES += noudeb
|
|
endif
|
|
|
|
# The gold linker is currently broken on mips*. See #851736.
|
|
# Switch to bfd as a temporary workaround.
|
|
ifneq ($(filter $(DEB_BUILD_ARCH), mips mipsel mips64el),)
|
|
export DEB_LDFLAGS_MAINT_APPEND = -Wl,-fuse-ld=bfd
|
|
endif
|
|
|
|
SPLIT_USR_PATHS = \
|
|
QUOTAON=/sbin/quotaon \
|
|
QUOTACHECK=/sbin/quotacheck \
|
|
SETCAP=/sbin/setcap \
|
|
KILL=/bin/kill \
|
|
KMOD=/bin/kmod \
|
|
KEXEC=/sbin/kexec \
|
|
SULOGIN=/sbin/sulogin \
|
|
MOUNT_PATH=/bin/mount \
|
|
UMOUNT_PATH=/bin/umount \
|
|
$(NULL)
|
|
|
|
CONFFLAGS = \
|
|
$(SPLIT_USR_PATHS) \
|
|
--with-rootprefix= \
|
|
--with-rootlibdir=/lib/$(DEB_HOST_MULTIARCH) \
|
|
--with-zshcompletiondir=/usr/share/zsh/vendor-completions \
|
|
--with-sysvinit-path=/etc/init.d \
|
|
--with-sysvrcnd-path=/etc \
|
|
--with-debug-shell=/bin/bash \
|
|
--with-kbd-loadkeys=/bin/loadkeys \
|
|
--with-kbd-setfont=/bin/setfont \
|
|
--with-telinit=/lib/sysvinit/telinit \
|
|
--with-dbuspolicydir=/etc/dbus-1/system.d/ \
|
|
--with-support-url=$(SUPPORT_URL) \
|
|
--without-kill-user-processes \
|
|
--with-pamconfdir=no \
|
|
--enable-split-usr \
|
|
--disable-qrencode \
|
|
--disable-vconsole \
|
|
--disable-firstboot \
|
|
--disable-xkbcommon \
|
|
--disable-wheel-group \
|
|
--with-ntp-servers="$(DEFAULT_NTP_SERVERS)" \
|
|
--with-system-uid-max=999 \
|
|
--with-system-gid-max=999
|
|
|
|
# resolved's DNSSEC support is still not mature enough, disable for stable
|
|
# Debian/Ubuntu releases
|
|
CONFFLAGS += $(shell grep -q yakkety /etc/os-release && echo --with-default-dnssec=no)
|
|
|
|
CONFFLAGS_deb = \
|
|
--enable-selinux \
|
|
--enable-hwdb \
|
|
--enable-sysusers \
|
|
--enable-efi \
|
|
PYTHON=python3
|
|
|
|
ifeq (, $(filter stage1, $(DEB_BUILD_PROFILES)))
|
|
CONFFLAGS_deb += \
|
|
--enable-audit \
|
|
--enable-libcryptsetup \
|
|
--enable-coredump \
|
|
--enable-elfutils \
|
|
--enable-apparmor \
|
|
--enable-libidn \
|
|
--enable-libiptc \
|
|
--enable-libcurl \
|
|
--enable-importd \
|
|
--enable-microhttpd \
|
|
--enable-gnutls
|
|
else
|
|
CONFFLAGS_deb += \
|
|
--disable-audit \
|
|
--disable-libcryptsetup \
|
|
--disable-coredump \
|
|
--disable-elfutils \
|
|
--disable-apparmor \
|
|
--disable-libidn \
|
|
--disable-libiptc \
|
|
--disable-libcurl \
|
|
--disable-importd \
|
|
--disable-microhttpd \
|
|
--disable-gnutls
|
|
endif
|
|
|
|
CONFFLAGS_udeb = \
|
|
--disable-libcryptsetup \
|
|
--disable-coredump \
|
|
--disable-elfutils \
|
|
--disable-pam \
|
|
--disable-audit \
|
|
--disable-selinux \
|
|
--disable-apparmor \
|
|
--disable-libidn \
|
|
--disable-libiptc \
|
|
--disable-smack \
|
|
--disable-ima \
|
|
--disable-binfmt \
|
|
--disable-quotacheck \
|
|
--disable-tmpfiles \
|
|
--disable-randomseed \
|
|
--disable-backlight \
|
|
--disable-logind \
|
|
--disable-machined \
|
|
--disable-libcurl \
|
|
--disable-importd \
|
|
--disable-microhttpd \
|
|
--disable-gnutls \
|
|
--disable-hostnamed \
|
|
--disable-timedated \
|
|
--disable-networkd \
|
|
--disable-timesyncd \
|
|
--disable-localed \
|
|
--disable-myhostname \
|
|
--disable-resolved \
|
|
--disable-polkit \
|
|
--disable-acl \
|
|
--disable-gcrypt \
|
|
--disable-rfkill \
|
|
--disable-hwdb \
|
|
--disable-manpages \
|
|
--disable-efi \
|
|
--disable-gnuefi \
|
|
--disable-seccomp \
|
|
--disable-sysusers \
|
|
--without-python
|
|
|
|
override_dh_auto_configure:
|
|
dh_auto_configure --builddirectory=build-deb \
|
|
-- $(CONFFLAGS) $(CONFFLAGS_deb)
|
|
ifeq (, $(filter noudeb, $(DEB_BUILD_PROFILES)))
|
|
dh_auto_configure --builddirectory=build-udeb \
|
|
-- $(CONFFLAGS) $(CONFFLAGS_udeb)
|
|
endif
|
|
|
|
override_dh_auto_build:
|
|
dh_auto_build --builddirectory=build-deb
|
|
ifeq (, $(filter noudeb, $(DEB_BUILD_PROFILES)))
|
|
dh_auto_build --builddirectory=build-udeb
|
|
endif
|
|
# generate POT file for translators
|
|
cd build-deb/po; srcdir=../../po intltool-update --pot --verbose
|
|
|
|
override_dh_auto_install:
|
|
dh_auto_install --builddirectory=build-deb \
|
|
--destdir=debian/install/deb
|
|
ifeq (, $(filter noudeb, $(DEB_BUILD_PROFILES)))
|
|
dh_auto_install --builddirectory=build-udeb \
|
|
--destdir=debian/install/udeb
|
|
endif
|
|
# fix paths in manpages; manually check the remaining /usr occurrences
|
|
# occasionally, with filtering out paths which are known to be in /usr:
|
|
# grep -r /usr debian/install/deb/usr/share/man/|egrep -v '/usr/local|os.*release|factory|zoneinfo|tmpfiles|kernel|foo|machines|sysctl|dbus|include|binfmt'
|
|
find debian/install/deb/usr/share/man/ -type f | xargs sed -ri 's_/usr(/lib/systemd/system|/lib/systemd/network|/lib/udev|/lib[^/]|/lib/[^a-z])_\1_g'
|
|
|
|
override_dh_auto_clean:
|
|
ifneq (, $(TEST_UPSTREAM))
|
|
debian/extra/checkout-upstream
|
|
endif
|
|
dh_auto_clean --builddirectory=build-deb
|
|
ifeq (, $(filter noudeb, $(DEB_BUILD_PROFILES)))
|
|
dh_auto_clean --builddirectory=build-udeb
|
|
endif
|
|
rm -rf debian/install/ debian/shlibs.local
|
|
# remove Python byte code files
|
|
rm -rf tools/__pycache__/
|
|
|
|
override_dh_install:
|
|
# remove unnecessary / unused files
|
|
rm -f debian/install/*/usr/share/doc/systemd/LICENSE.*
|
|
rm -f debian/install/*/var/log/README
|
|
rm -f debian/install/*/etc/init.d/README
|
|
rm -rf debian/install/*/etc/rpm/
|
|
rm -rf debian/install/*/usr/lib/rpm/
|
|
rm -f debian/install/*/usr/lib/sysctl.d/50-default.conf
|
|
rm -f debian/install/*/etc/X11/xinit/xinitrc.d/50-systemd-user.sh
|
|
rmdir -p --ignore-fail-on-non-empty debian/install/*/etc/X11/xinit/xinitrc.d/
|
|
rm -f debian/install/*/lib/systemd/system/halt-local.service
|
|
find debian/install/ -name '*.la' -delete
|
|
rm -f debian/install/*/lib/systemd/libsystemd-shared.so
|
|
find debian/install/ -name '*.busname' -delete
|
|
# remove files related to factory-reset feature
|
|
find debian/install/ \( -name 'systemd-update-done*' -o \
|
|
-name systemd-journal-catalog-update.service -o \
|
|
-name systemd-udev-hwdb-update.service -o \
|
|
-name ldconfig.service -o \
|
|
-name etc.conf \) -delete
|
|
rm -rf debian/install/*/usr/share/factory/
|
|
# remove symlinks enabling default-on services
|
|
rm -rf debian/install/*/etc/systemd/system/*.target.wants/
|
|
# FIXME: generate proper sysusers.d/basic.conf for Debian, and add autopkgtest
|
|
rm -rf debian/install/*/usr/lib/sysusers.d/*
|
|
rm -f debian/install/*/lib/systemd/system/*sysusers*.service debian/install/*/lib/systemd/system/*/*sysusers*.service
|
|
ifeq (, $(filter noudeb, $(DEB_BUILD_PROFILES)))
|
|
dh_install -pudev-udeb -plibudev1-udeb --sourcedir=debian/install/udeb
|
|
endif
|
|
|
|
dh_install --remaining-packages --sourcedir=debian/install/deb $(DH_INSTALL_MISSING)
|
|
|
|
# we don't want /tmp to be a tmpfs by default
|
|
mv debian/systemd/lib/systemd/system/tmp.mount debian/systemd/usr/share/systemd/
|
|
printf '\n[Install]\nWantedBy=local-fs.target\n' >> debian/systemd/usr/share/systemd/tmp.mount
|
|
rm debian/systemd/lib/systemd/system/local-fs.target.wants/tmp.mount
|
|
|
|
# files shipped by cryptsetup
|
|
ifeq (, $(filter stage1, $(DEB_BUILD_PROFILES)))
|
|
rm debian/systemd/usr/share/man/man5/crypttab.5
|
|
endif
|
|
|
|
# files shipped by systemd
|
|
rm debian/udev/lib/udev/rules.d/70-uaccess.rules
|
|
rm debian/udev/lib/udev/rules.d/73-seat-late.rules
|
|
rm debian/udev/lib/udev/rules.d/71-seat.rules
|
|
rm debian/udev/lib/udev/rules.d/99-systemd.rules
|
|
|
|
# remove duplicate files shipped by systemd-*/udev
|
|
echo "Removing duplicate files in systemd package:"
|
|
set -e; for pkg in $(shell dh_listpackages -Nudev-udeb -Nlibudev1-udeb -Nsystemd); do \
|
|
echo "... from $$pkg..."; \
|
|
(cd debian/$$pkg; find -type f -o -type l) | (cd debian/systemd; xargs rm -f --verbose); \
|
|
(cd debian/$$pkg; find -mindepth 1 -type d) | (cd debian/systemd; xargs rmdir --ignore-fail-on-non-empty --verbose || true); \
|
|
done
|
|
|
|
# ship some test programs for autopkgtests
|
|
install -D build-deb/.libs/test-udev debian/libudev-dev/usr/lib/$(DEB_HOST_MULTIARCH)/udev/test-udev
|
|
install -D build-deb/.libs/test-seccomp debian/libsystemd-dev/usr/lib/$(DEB_HOST_MULTIARCH)/systemd/test-seccomp
|
|
|
|
# Ubuntu specific files
|
|
ifeq ($(DEB_VENDOR),Ubuntu)
|
|
install -D --mode=644 debian/extra/udev.py debian/udev/usr/share/apport/package-hooks/udev.py
|
|
install -D --mode=644 debian/extra/systemd.py debian/systemd/usr/share/apport/package-hooks/systemd.py
|
|
install --mode=644 debian/extra/rules-ubuntu/*.rules debian/udev/lib/udev/rules.d/
|
|
cp -a debian/extra/units-ubuntu/* debian/systemd/lib/systemd/system/
|
|
install --mode=755 debian/extra/set-cpufreq debian/systemd/lib/systemd/
|
|
endif
|
|
|
|
override_dh_installinit:
|
|
dh_installinit --no-start
|
|
# the following are only upstart jobs
|
|
dh_installinit --name=udevtrigger --noscripts
|
|
dh_installinit --name=udevmonitor --noscripts
|
|
dh_installinit --name=udev-fallback-graphics --noscripts
|
|
|
|
# The SysV compat tools (which are symlinks to systemctl) are
|
|
# quasi-essential, so add their dependencies to Pre-Depends
|
|
# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=753589
|
|
override_dh_shlibdeps:
|
|
dh_shlibdeps -psystemd -- -dPre-Depends -edebian/systemd/bin/systemctl -dDepends
|
|
dh_shlibdeps --remaining-packages -Lsystemd
|
|
|
|
override_dh_makeshlibs:
|
|
sed 's/SHARED_LIB_VERSION/$(shell sed -n '/^PACKAGE_VERSION/ {s/^.*= *//; p}' build-deb/Makefile)/' debian/shlibs.local.in > debian/shlibs.local
|
|
dh_makeshlibs -plibudev1 --add-udeb=libudev1-udeb -- -c$(GENSYMBOLS_LEVEL)
|
|
dh_makeshlibs -psystemd -Xlibsystemd-shared -- -c$(GENSYMBOLS_LEVEL)
|
|
dh_makeshlibs --remaining-packages -- -c$(GENSYMBOLS_LEVEL)
|
|
|
|
autoreconf:
|
|
intltoolize -f -c
|
|
autoreconf -f -i
|
|
|
|
override_dh_autoreconf:
|
|
dh_autoreconf --as-needed debian/rules -- autoreconf
|
|
|
|
override_dh_strip:
|
|
dh_strip --dbgsym-migration='systemd-dbg (<< 229-6~)'
|
|
|
|
override_dh_gencontrol:
|
|
dh_gencontrol -- -VBreaks:usb-modeswitch="$(BREAKS_USB_MODESWITCH)" -VBreaks:rcs-compat="$(BREAKS_RCS_COMPAT)"
|
|
|
|
override_dh_auto_test:
|
|
ifeq (, $(filter nocheck, $(DEB_BUILD_OPTIONS)))
|
|
echo "01234567890123456789012345678901" > build-deb/machine-id
|
|
# some tests hang under fakeroot, so disable fakeroot
|
|
# some tests are known to fail under ancient kernels
|
|
env -u LD_PRELOAD SYSTEMD_MACHINE_ID_PATH=$(CURDIR)/build-deb/machine-id make -C build-deb check || ( \
|
|
cd build-deb; \
|
|
for f in test-*.log; do echo "==== $$f ===="; cat $$f; done; \
|
|
if linux-version compare "$$(uname -r)" ge 3.13; then \
|
|
exit 1; \
|
|
else \
|
|
echo "Ignoring test failure under too old kernel $$(uname -r)"; \
|
|
fi)
|
|
endif
|
|
|
|
%:
|
|
dh $@ --with autoreconf --parallel
|