meson: add option to build systemd-executor "statically"

The new link-executor-shared option is similar to the existing
link-udev-shared: when set to false, we link to the static versions of our
internal libraries.

The resulting exuctor binary is fairly large, about as large as libsystemd-core
(14 MB without lto, 8 with lto).

This is intended as a workaround for the fuckup with the pinned executor
binary:
when an upgrade is performed, the package manager will install new version of
the libraries and new version of the code, and some time later reexecute the
managers. This creates a window when the pinned executor binary will fail to
execute. There are two factors which make the issue easier to hit:

- when the distribution uses a finely-grained shared-lib-tag. E.g. Fedora
  uses version-release as the tag, which means that the issue occurs on
  every package upgrade. This is the right thing to do, because the
  ABI of our internal libraries is not stable at all, so replacing the
  library from a different version in place creates a window where our
  programs may crash or misbehave.

- when the distribution doesn't immediately reexec all the managers after
  upgrade. In early versions of systemd, we used to hammer the machine during
  upgrade, doing daemon-reexecs repeatedly. This works, but is ugly and
  wasteful. Doing the reexecs while the upgrade is in progres also creates a
  window where a mix of old and new configs or both is loaded. Users are
  particularly annoyed by those reloads if there is some issue in the
  configuration causing us to emit warnings on every reexec. Doing the
  reexecs once after the new configuration and libraries have been put
  in place is nicer.

The pinning of the executor binary breaks upgrades and in particular
it penalizes the distributions which make use of the features which
were previously added to avoid bugs and inefficiency during upgrades.

When the executor is linked statically, there is a smaller chance that it'll
fail to load libraries. The issue can still occur because other libraries, not
our own, are linked dynamically.

(cherry picked from commit d59cae6ceb)
This commit is contained in:
Zbigniew Jędrzejewski-Szmek 2024-07-03 17:05:31 +02:00
parent c3b4032fc3
commit d28aa922fd
2 changed files with 14 additions and 4 deletions

View File

@ -21,6 +21,8 @@ option('rootprefix', type : 'string', deprecated: true,
description : 'This option is deprecated and will be removed in a future release')
option('link-udev-shared', type : 'boolean',
description : 'link systemd-udevd and its helpers to libsystemd-shared.so')
option('link-executor-shared', type : 'boolean',
description : 'link systemd-executor to libsystemd-shared.so and libsystemd-core.so')
option('link-systemctl-shared', type: 'boolean',
description : 'link systemctl against libsystemd-shared.so')
option('link-networkd-shared', type: 'boolean',

View File

@ -156,6 +156,17 @@ systemd_executor_sources = files(
'exec-invoke.c',
)
executor_libs = get_option('link-executor-shared') ? \
[
libcore,
libshared,
] : [
libcore_static,
libshared_static,
libbasic_static,
libsystemd_static,
]
executables += [
libexec_template + {
'name' : 'systemd',
@ -173,10 +184,7 @@ executables += [
'public' : true,
'sources' : systemd_executor_sources,
'include_directories' : core_includes,
'link_with' : [
libcore,
libshared,
],
'link_with' : executor_libs,
'dependencies' : [
libapparmor,
libpam,