|
|
54c016 |
From 246ba5fed9f67047179f11a85c5fa4c869b62840 Mon Sep 17 00:00:00 2001
|
|
|
54c016 |
From: Mario Limonciello <mario.limonciello@dell.com>
|
|
|
54c016 |
Date: Mon, 9 Jul 2018 17:09:41 -0500
|
|
|
54c016 |
Subject: [PATCH] Allow running on an older systemd
|
|
|
54c016 |
|
|
|
54c016 |
Build the path list dynamically based on enabled plugins and use options
|
|
|
54c016 |
that are compatible with older systemd when appropriate
|
|
|
54c016 |
---
|
|
|
54c016 |
data/fwupd.service.in | 6 +----
|
|
|
54c016 |
data/meson.build | 61 ++++++++++++++++++++++++++++---------------
|
|
|
54c016 |
meson.build | 2 +-
|
|
|
54c016 |
3 files changed, 42 insertions(+), 27 deletions(-)
|
|
|
54c016 |
|
|
|
54c016 |
diff --git a/data/fwupd.service.in b/data/fwupd.service.in
|
|
|
54c016 |
index 7785439f..996ff4cf 100644
|
|
|
54c016 |
--- a/data/fwupd.service.in
|
|
|
54c016 |
+++ b/data/fwupd.service.in
|
|
|
54c016 |
@@ -8,13 +8,9 @@ Before=gdm.service
|
|
|
54c016 |
Type=dbus
|
|
|
54c016 |
BusName=org.freedesktop.fwupd
|
|
|
54c016 |
ExecStart=@libexecdir@/fwupd/fwupd
|
|
|
54c016 |
-MemoryDenyWriteExecute=yes
|
|
|
54c016 |
PrivateTmp=yes
|
|
|
54c016 |
-ProtectControlGroups=yes
|
|
|
54c016 |
ProtectHome=yes
|
|
|
54c016 |
-ProtectKernelModules=yes
|
|
|
54c016 |
ProtectSystem=full
|
|
|
54c016 |
RestrictAddressFamilies=AF_NETLINK AF_UNIX
|
|
|
54c016 |
-RestrictRealtime=yes
|
|
|
54c016 |
-ReadWritePaths=@localstatedir@/lib/fwupd @sysconfdir@/fwupd/remotes.d -@bootdir@
|
|
|
54c016 |
SystemCallFilter=~@mount
|
|
|
54c016 |
+@dynamic_options@
|
|
|
54c016 |
diff --git a/data/meson.build b/data/meson.build
|
|
|
54c016 |
index 7adc0c05..c40b132b 100644
|
|
|
54c016 |
--- a/data/meson.build
|
|
|
54c016 |
+++ b/data/meson.build
|
|
|
54c016 |
@@ -30,26 +30,47 @@ if get_option('daemon')
|
|
|
54c016 |
)
|
|
|
54c016 |
endif
|
|
|
54c016 |
|
|
|
54c016 |
-con2 = configuration_data()
|
|
|
54c016 |
-con2.set('libexecdir', libexecdir)
|
|
|
54c016 |
-con2.set('bindir', bindir)
|
|
|
54c016 |
-con2.set('localstatedir', localstatedir)
|
|
|
54c016 |
-con2.set('datadir', datadir)
|
|
|
54c016 |
-con2.set('bootdir', get_option('bootdir'))
|
|
|
54c016 |
-con2.set('sysconfdir', default_sysconfdir)
|
|
|
54c016 |
+if get_option('systemd')
|
|
|
54c016 |
+ con2 = configuration_data()
|
|
|
54c016 |
+ con2.set('libexecdir', libexecdir)
|
|
|
54c016 |
+ con2.set('bindir', bindir)
|
|
|
54c016 |
+ con2.set('localstatedir', localstatedir)
|
|
|
54c016 |
+ con2.set('datadir', datadir)
|
|
|
54c016 |
+ con2.set('bootdir', get_option('bootdir'))
|
|
|
54c016 |
+ con2.set('sysconfdir', default_sysconfdir)
|
|
|
54c016 |
|
|
|
54c016 |
-# replace @libexecdir@
|
|
|
54c016 |
-configure_file(
|
|
|
54c016 |
- input : 'org.freedesktop.fwupd.service.in',
|
|
|
54c016 |
- output : 'org.freedesktop.fwupd.service',
|
|
|
54c016 |
- configuration : con2,
|
|
|
54c016 |
- install: true,
|
|
|
54c016 |
- install_dir: join_paths(datadir,
|
|
|
54c016 |
- 'dbus-1',
|
|
|
54c016 |
- 'system-services'),
|
|
|
54c016 |
-)
|
|
|
54c016 |
+ rw_directories = []
|
|
|
54c016 |
+ rw_directories += join_paths (localstatedir, 'lib', 'fwupd')
|
|
|
54c016 |
+ rw_directories += join_paths (default_sysconfdir, 'fwupd', 'remotes.d')
|
|
|
54c016 |
+ if get_option('plugin_uefi')
|
|
|
54c016 |
+ rw_directories += ['-/boot/efi', '-/boot', '-/efi']
|
|
|
54c016 |
+ endif
|
|
|
54c016 |
+
|
|
|
54c016 |
+ dynamic_options = []
|
|
|
54c016 |
+ if systemd.version().version_compare('>= 232')
|
|
|
54c016 |
+ dynamic_options += 'ProtectControlGroups=yes'
|
|
|
54c016 |
+ dynamic_options += 'ProtectKernelModules=yes'
|
|
|
54c016 |
+ endif
|
|
|
54c016 |
+ if systemd.version().version_compare('>= 231')
|
|
|
54c016 |
+ dynamic_options += 'RestrictRealtime=yes'
|
|
|
54c016 |
+ dynamic_options += 'MemoryDenyWriteExecute=yes'
|
|
|
54c016 |
+ dynamic_options += ['ReadWritePaths=' + ' '.join(rw_directories)]
|
|
|
54c016 |
+ else
|
|
|
54c016 |
+ dynamic_options += ['ReadWriteDirectories=' + ' '.join(rw_directories)]
|
|
|
54c016 |
+ endif
|
|
|
54c016 |
+ con2.set('dynamic_options', '\n'.join(dynamic_options))
|
|
|
54c016 |
+
|
|
|
54c016 |
+ # replace @libexecdir@
|
|
|
54c016 |
+ configure_file(
|
|
|
54c016 |
+ input : 'org.freedesktop.fwupd.service.in',
|
|
|
54c016 |
+ output : 'org.freedesktop.fwupd.service',
|
|
|
54c016 |
+ configuration : con2,
|
|
|
54c016 |
+ install: true,
|
|
|
54c016 |
+ install_dir: join_paths(datadir,
|
|
|
54c016 |
+ 'dbus-1',
|
|
|
54c016 |
+ 'system-services'),
|
|
|
54c016 |
+ )
|
|
|
54c016 |
|
|
|
54c016 |
-if get_option('systemd')
|
|
|
54c016 |
# replace @bindir@
|
|
|
54c016 |
configure_file(
|
|
|
54c016 |
input : 'fwupd-offline-update.service.in',
|
|
|
54c016 |
@@ -58,10 +79,8 @@ if get_option('systemd')
|
|
|
54c016 |
install: true,
|
|
|
54c016 |
install_dir: systemdunitdir,
|
|
|
54c016 |
)
|
|
|
54c016 |
-endif
|
|
|
54c016 |
|
|
|
54c016 |
-if get_option('systemd')
|
|
|
54c016 |
- # replace @localstatedir@, @sysconfdir@ and @bootdir@
|
|
|
54c016 |
+ # replace @dynamic_options@
|
|
|
54c016 |
configure_file(
|
|
|
54c016 |
input : 'fwupd.service.in',
|
|
|
54c016 |
output : 'fwupd.service',
|
|
|
54c016 |
diff --git a/meson.build b/meson.build
|
|
|
54c016 |
index 2f2710c2..fecdfca5 100644
|
|
|
54c016 |
--- a/meson.build
|
|
|
54c016 |
+++ b/meson.build
|
|
|
54c016 |
@@ -225,7 +225,7 @@ if get_option('plugin_thunderbolt')
|
|
|
54c016 |
endif
|
|
|
54c016 |
|
|
|
54c016 |
if get_option('systemd')
|
|
|
54c016 |
- systemd = dependency('systemd', version : '>= 231')
|
|
|
54c016 |
+ systemd = dependency('systemd', version : '>= 211')
|
|
|
54c016 |
conf.set('HAVE_SYSTEMD' , '1')
|
|
|
54c016 |
endif
|
|
|
54c016 |
|
|
|
54c016 |
--
|
|
|
54c016 |
2.17.1
|
|
|
54c016 |
|