Skip to content

Commit

Permalink
meson: add option to build systemd-executor "statically"
Browse files Browse the repository at this point in the history
The new link-executor-shared option is similar to the existing
link-udev-shared: when set to false, we link to the static versions of our
internal libraries.

The resulting exuctor binary is fairly large, about as large as libsystemd-core
(14 MB without lto, 8 with lto).

This is intended as a workaround for the fuckup with the pinned executor
binary:
when an upgrade is performed, the package manager will install new version of
the libraries and new version of the code, and some time later reexecute the
managers. This creates a window when the pinned executor binary will fail to
execute. There are two factors which make the issue easier to hit:

- when the distribution uses a finely-grained shared-lib-tag. E.g. Fedora
  uses version-release as the tag, which means that the issue occurs on
  every package upgrade. This is the right thing to do, because the
  ABI of our internal libraries is not stable at all, so replacing the
  library from a different version in place creates a window where our
  programs may crash or misbehave.

- when the distribution doesn't immediately reexec all the managers after
  upgrade. In early versions of systemd, we used to hammer the machine during
  upgrade, doing daemon-reexecs repeatedly. This works, but is ugly and
  wasteful. Doing the reexecs while the upgrade is in progres also creates a
  window where a mix of old and new configs or both is loaded. Users are
  particularly annoyed by those reloads if there is some issue in the
  configuration causing us to emit warnings on every reexec. Doing the
  reexecs once after the new configuration and libraries have been put
  in place is nicer.

The pinning of the executor binary breaks upgrades and in particular
it penalizes the distributions which make use of the features which
were previously added to avoid bugs and inefficiency during upgrades.

When the executor is linked statically, there is a smaller chance that it'll
fail to load libraries. The issue can still occur because other libraries, not
our own, are linked dynamically.

see currently unmerged systemd/systemd#33599

RHEL-only workaround

Resolves: RHEL-46020
  • Loading branch information
keszybz authored and lnykryn committed Jul 3, 2024
1 parent 6f9e8b0 commit 9615ba0
Show file tree
Hide file tree
Showing 2 changed files with 14 additions and 4 deletions.
2 changes: 2 additions & 0 deletions meson_options.txt
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,8 @@ option('rootprefix', type : 'string', deprecated: true,
description : '''This option is deprecated and will be removed in a future release''')
option('link-udev-shared', type : 'boolean',
description : 'link systemd-udevd and its helpers to libsystemd-shared.so')
option('link-executor-shared', type : 'boolean',
description : 'link systemd-executor to libsystemd-shared.so and libsystemd-core.so')
option('link-systemctl-shared', type: 'boolean',
description : 'link systemctl against libsystemd-shared.so')
option('link-networkd-shared', type: 'boolean',
Expand Down
16 changes: 12 additions & 4 deletions src/core/meson.build
Original file line number Diff line number Diff line change
Expand Up @@ -156,6 +156,17 @@ systemd_executor_sources = files(
'exec-invoke.c',
)

executor_libs = get_option('link-executor-shared') ? \
[
libcore,
libshared,
] : [
libcore_static,
libshared_static,
libbasic_static,
libsystemd_static,
]

executables += [
libexec_template + {
'name' : 'systemd',
Expand All @@ -173,10 +184,7 @@ executables += [
'public' : true,
'sources' : systemd_executor_sources,
'include_directories' : core_includes,
'link_with' : [
libcore,
libshared,
],
'link_with' : executor_libs,
'dependencies' : [
libapparmor,
libpam,
Expand Down

0 comments on commit 9615ba0

Please sign in to comment.