mirror of
https://github.com/morgan9e/systemd
synced 2026-04-14 00:14:32 +09:00
a030f8cc94
The commit8442ac9c02set install_tag option to install_emptydir() calls, but it requires meson-0.62.0. Hence, after the commit, we cannot build systemd with older meson anymore. As using install_tag is quite useful for building systemd package, let's bump the requirement of meson version to 0.62.0. Note, the current meson versions of major distributions are: CentOS 9: 0.63.3 CentOS 10: 1.4.1 Fedora 40: 1.4.1 Fedora 41: 1.5.1 Ubuntu 20.04 LTS (focal): 0.53.2 -- EOL on 2025-04 Ubuntu 22.04 LTS (jammy): 0.61.2 -- EOL on 2027-04 Ubuntu 24.04 LTS (noble): 1.3.2 Ubuntu 24.10 (oracular): 1.5.2 Debian 11 (bullseye): 0.56.2 (1.0.0 in backports) -- EOL on 2024-08 Debian 12 (bookworm): 1.0.1 (1.5.1 in backports) openSUSE Leap 15.6: 1.6.1 openSUSE Tumbleweed: 1.6.1 As the next version (v258) is not expected to be released before the end of 2025-04, it is OK to cut the support of Ubuntu 20.04 LTS and Debian 11. Also, our policy for support of distributions explicitly says only latest Ubuntu LTS and non-LTS releases are supported. Hence, we can also cut Ubuntu 22.04, even if it is not EOL. Follow-up for8442ac9c02. Closes #35967.
143 lines
5.7 KiB
Bash
Executable File
143 lines
5.7 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
# SPDX-License-Identifier: LGPL-2.1-or-later
|
|
|
|
# shellcheck disable=SC2206
|
|
PHASES=(${@:-SETUP RUN RUN_ASAN_UBSAN CLEANUP})
|
|
ADDITIONAL_DEPS=(
|
|
clang
|
|
expect
|
|
fdisk
|
|
jekyll
|
|
libbpf-dev
|
|
libfdisk-dev
|
|
libfido2-dev
|
|
libp11-kit-dev
|
|
libpwquality-dev
|
|
libqrencode-dev
|
|
libssl-dev
|
|
libtss2-dev
|
|
libxkbcommon-dev
|
|
libzstd-dev
|
|
python3-libevdev
|
|
python3-pefile
|
|
python3-pyelftools
|
|
python3-pyparsing
|
|
python3-pytest
|
|
rpm
|
|
systemd-boot-efi
|
|
zstd
|
|
)
|
|
|
|
function info() {
|
|
echo -e "\033[33;1m$1\033[0m"
|
|
}
|
|
|
|
function run_meson() {
|
|
if ! meson "$@"; then
|
|
find . -type f -name meson-log.txt -exec cat '{}' +
|
|
return 1
|
|
fi
|
|
}
|
|
|
|
set -ex
|
|
|
|
MESON_ARGS=(-Dcryptolib=${CRYPTOLIB:-auto})
|
|
|
|
# (Re)set the current oom-{score-}adj. For some reason root on GH actions is able to _decrease_
|
|
# its oom-score even after dropping all capabilities (including CAP_SYS_RESOURCE), until the
|
|
# score is explicitly changed after sudo. No idea what's going on, but it breaks
|
|
# exec-oomscoreadjust-negative.service from test-execute when running unprivileged.
|
|
choom -p $$ -n 0
|
|
|
|
for phase in "${PHASES[@]}"; do
|
|
case $phase in
|
|
SETUP)
|
|
info "Setup phase"
|
|
# This is added by default, and it is often broken, but we don't need anything from it
|
|
rm -f /etc/apt/sources.list.d/microsoft-prod.{list,sources}
|
|
# add-apt-repository --enable-source does not work on deb822 style sources.
|
|
for f in /etc/apt/sources.list.d/*.sources; do
|
|
sed -i "s/Types: deb/Types: deb deb-src/g" "$f"
|
|
done
|
|
apt-get -y update
|
|
apt-get -y build-dep systemd
|
|
apt-get -y install "${ADDITIONAL_DEPS[@]}"
|
|
pip3 install -r .github/workflows/requirements.txt --require-hashes --break-system-packages
|
|
|
|
# Make sure the build dir is accessible even when drop privileges, otherwise the unprivileged
|
|
# part of test-execute gets skipped, since it can't run systemd-executor
|
|
chmod o+x /home/runner
|
|
capsh --drop=all -- -c "stat $PWD/meson.build"
|
|
;;
|
|
RUN|RUN_GCC|RUN_CLANG|RUN_CLANG_RELEASE)
|
|
if [[ "$phase" =~ ^RUN_CLANG ]]; then
|
|
export CC=clang
|
|
export CXX=clang++
|
|
export CFLAGS="-fno-sanitize=function"
|
|
export CXXFLAGS="-fno-sanitize=function"
|
|
if [[ "$phase" == RUN_CLANG ]]; then
|
|
# The docs build is slow and is not affected by compiler/flags, so do it just once
|
|
MESON_ARGS+=(-Dman=enabled)
|
|
else
|
|
MESON_ARGS+=(-Dmode=release --optimization=2)
|
|
fi
|
|
|
|
# Some variation: remove machine-id, like on Debian builders to ensure unit tests still work.
|
|
if [ -w /etc/machine-id ]; then
|
|
mv /etc/machine-id /etc/machine-id.bak
|
|
fi
|
|
fi
|
|
MESON_ARGS+=(--fatal-meson-warnings)
|
|
run_meson -Dnobody-group=nogroup --werror -Dtests=unsafe -Dslow-tests=true -Dfuzz-tests=true "${MESON_ARGS[@]}" build
|
|
ninja -C build -v
|
|
# Ensure setting a timezone (like the reproducible build tests do) does not break time/date unit tests
|
|
TZ=GMT+12 meson test -C build --print-errorlogs
|
|
;;
|
|
RUN_ASAN_UBSAN|RUN_GCC_ASAN_UBSAN|RUN_CLANG_ASAN_UBSAN|RUN_CLANG_ASAN_UBSAN_NO_DEPS)
|
|
MESON_ARGS=(--optimization=1)
|
|
|
|
if [[ "$phase" =~ ^RUN_CLANG_ASAN_UBSAN ]]; then
|
|
export CC=clang
|
|
export CXX=clang++
|
|
export CFLAGS="-fno-sanitize=function"
|
|
export CXXFLAGS="-fno-sanitize=function"
|
|
# Build fuzzer regression tests only with clang (for now),
|
|
# see: https://github.com/systemd/systemd/pull/15886#issuecomment-632689604
|
|
# -Db_lundef=false: See https://github.com/mesonbuild/meson/issues/764
|
|
MESON_ARGS+=(-Db_lundef=false -Dfuzz-tests=true)
|
|
|
|
if [[ "$phase" == "RUN_CLANG_ASAN_UBSAN_NO_DEPS" ]]; then
|
|
MESON_ARGS+=(--auto-features=disabled)
|
|
fi
|
|
fi
|
|
MESON_ARGS+=(--fatal-meson-warnings)
|
|
run_meson -Dnobody-group=nogroup --werror -Dtests=unsafe -Db_sanitize=address,undefined "${MESON_ARGS[@]}" build
|
|
ninja -C build -v
|
|
|
|
export ASAN_OPTIONS=strict_string_checks=1:detect_stack_use_after_return=1:check_initialization_order=1:strict_init_order=1
|
|
# Never remove halt_on_error from UBSAN_OPTIONS. See https://github.com/systemd/systemd/commit/2614d83aa06592aedb.
|
|
export UBSAN_OPTIONS=print_stacktrace=1:print_summary=1:halt_on_error=1
|
|
|
|
# FIXME
|
|
# For some strange reason the GH Actions VM stops responding after
|
|
# executing first ~150 tests, _unless_ there's something producing
|
|
# output (either running `meson test` in verbose mode, or something
|
|
# else in background). Despite my efforts so far I haven't been able
|
|
# to identify the culprit (since the issue is not reproducible
|
|
# during debugging, wonderful), so let's at least keep a workaround
|
|
# here to make the builds stable for the time being.
|
|
(set +x; while :; do echo -ne "\n[WATCHDOG] $(date)\n"; sleep 30; done) &
|
|
meson test --timeout-multiplier=3 -C build --print-errorlogs
|
|
;;
|
|
CLEANUP)
|
|
info "Cleanup phase"
|
|
if [ ! -f /etc/machine-id ] && [ -w /etc/machine-id.bak ]; then
|
|
mv /etc/machine-id.bak /etc/machine-id
|
|
fi
|
|
;;
|
|
*)
|
|
echo >&2 "Unknown phase '$phase'"
|
|
exit 1
|
|
esac
|
|
done
|