meson: use jinja2 for tmpfiles.d templates

HAVE_SMACK_RUN_LABEL was dropped back in 348b44372f,
so one line in etc.conf was not rendered as expected ;(
Checking if names are defined is paying for itself!

meson.build

@@ -850,6 +850,7 @@ conf.set10('ENABLE_ADM_GROUP', get_option('adm-group'))
 conf.set10('ENABLE_WHEEL_GROUP', get_option('wheel-group'))
 
 dev_kvm_mode = get_option('dev-kvm-mode')
+conf.set_quoted('DEV_KVM_MODE', dev_kvm_mode) # FIXME: convert to 0o… notation
 substs.set('DEV_KVM_MODE', dev_kvm_mode)
 conf.set10('DEV_KVM_UACCESS', dev_kvm_mode != '0666')
 group_render_mode = get_option('group-render-mode')
@@ -1040,10 +1041,8 @@ else
 endif
 conf.set10('HAVE_APPARMOR', have)
 
-smack_run_label = get_option('smack-run-label')
+conf.set10('HAVE_SMACK_RUN_LABEL', get_option('smack-run-label') != '')
-if smack_run_label != ''
+conf.set_quoted('SMACK_RUN_LABEL', get_option('smack-run-label'))
-        conf.set_quoted('SMACK_RUN_LABEL', smack_run_label)
-endif
 
 want_polkit = get_option('polkit')
 install_polkit = false

src/basic/fileio.c

@@ -1391,7 +1391,7 @@ int rename_and_apply_smack_floor_label(const char *from, const char *to) {
         if (rename(from, to) < 0)
                 return -errno;
 
-#ifdef SMACK_RUN_LABEL
+#if HAVE_SMACK_RUN_LABEL
         r = mac_smack_apply(to, SMACK_ATTR_ACCESS, SMACK_FLOOR_LABEL);
         if (r < 0)
                 return r;

tmpfiles.d/etc.conf.in

@@ -9,14 +9,14 @@
 
 L /etc/os-release - - - - ../usr/lib/os-release
 L+ /etc/mtab - - - - ../proc/self/mounts
-m4_ifdef(`HAVE_SMACK_RUN_LABEL',
+{% if HAVE_SMACK_RUN_LABEL %}
 t /etc/mtab - - - - security.SMACK64=_
-)m4_dnl
+{% endif %}
-m4_ifdef(`ENABLE_RESOLVE',
+{% if ENABLE_RESOLVE %}
 L! /etc/resolv.conf - - - - ../run/systemd/resolve/stub-resolv.conf
-)m4_dnl
+{% endif %}
 C! /etc/nsswitch.conf - - - -
-m4_ifdef(`HAVE_PAM',
+{% if HAVE_PAM %}
 C! /etc/pam.d - - - -
-)m4_dnl
+{% endif %}
 C! /etc/issue - - - -

tmpfiles.d/meson.build

@@ -26,34 +26,20 @@ foreach pair : files
         endif
 endforeach
 
-in_files = ['static-nodes-permissions.conf']
+in_files = ['etc.conf',
-
+            'static-nodes-permissions.conf',
-foreach file : in_files
-        gen = configure_file(
-                input : file + '.in',
-                output : file,
-                configuration : substs)
-        if enable_tmpfiles
-                install_data(gen,
-                             install_dir : tmpfilesdir)
-        endif
-endforeach
-
-m4_files = ['etc.conf',
             'systemd.conf',
             'var.conf']
 
-foreach file : m4_files
+foreach file : in_files
-        if enable_tmpfiles
+        custom_target(
-                custom_target(
+                file,
-                        'tmpfiles.d_' + file,
+                input : file + '.in',
-                         input : file + '.m4',
+                output: file,
-                         output: file,
+                command : [meson_render_jinja2, config_h, '@INPUT@'],
-                         command : [meson_apply_m4, config_h, '@INPUT@'],
+                capture : true,
-                         capture : true,
+                install : enable_tmpfiles,
-                         install : true,
+                install_dir : tmpfilesdir)
-                         install_dir : tmpfilesdir)
-        endif
 endforeach
 
 if enable_tmpfiles and install_sysconfdir

tmpfiles.d/static-nodes-permissions.conf.in

@@ -14,6 +14,6 @@ z /dev/snd/timer    0660 - audio -
 z /dev/loop-control 0660 - disk  -
 z /dev/net/tun      0666 - -     -
 z /dev/fuse         0666 - -     -
-z /dev/kvm          @DEV_KVM_MODE@ - kvm -
+z /dev/kvm          {{DEV_KVM_MODE}} - kvm -
-z /dev/vhost-net    @DEV_KVM_MODE@ - kvm -
+z /dev/vhost-net    {{DEV_KVM_MODE}} - kvm -
-z /dev/vhost-vsock  @DEV_KVM_MODE@ - kvm -
+z /dev/vhost-vsock  {{DEV_KVM_MODE}} - kvm -

tmpfiles.d/systemd.conf.in

@@ -8,9 +8,9 @@
 # See tmpfiles.d(5) for details
 
 d /run/user 0755 root root -
-m4_ifdef(`ENABLE_UTMP',
+{% if ENABLE_UTMP %}
 F! /run/utmp 0664 root utmp -
-)m4_dnl
+{% endif %}
 
 d /run/systemd/ask-password 0755 root root -
 d /run/systemd/seats 0755 root root -
@@ -18,53 +18,51 @@ d /run/systemd/sessions 0755 root root -
 d /run/systemd/users 0755 root root -
 d /run/systemd/machines 0755 root root -
 d /run/systemd/shutdown 0755 root root -
-m4_ifdef(`ENABLE_NETWORKD',
+{% if ENABLE_NETWORKD %}
 d /run/systemd/netif 0755 systemd-network systemd-network -
 d /run/systemd/netif/links 0755 systemd-network systemd-network -
 d /run/systemd/netif/leases 0755 systemd-network systemd-network -
 d /run/systemd/netif/lldp 0755 systemd-network systemd-network -
-)m4_dnl
+{% endif %}
 
 d /run/log 0755 root root -
 
 z /run/log/journal 2755 root systemd-journal - -
 Z /run/log/journal/%m ~2750 root systemd-journal - -
-m4_ifdef(`HAVE_ACL',`m4_dnl
+{% if HAVE_ACL %}
-m4_ifdef(`ENABLE_ADM_GROUP',`m4_dnl
+{% if ENABLE_ADM_GROUP and ENABLE_WHEEL_GROUP %}
-m4_ifdef(`ENABLE_WHEEL_GROUP',``
 a+ /run/log/journal    - - - - d:group::r-x,d:group:adm:r-x,d:group:wheel:r-x,group::r-x,group:adm:r-x,group:wheel:r-x
 a+ /run/log/journal/%m - - - - d:group:adm:r-x,d:group:wheel:r-x,group:adm:r-x,group:wheel:r-x
 a+ /run/log/journal/%m/*.journal* - - - - group:adm:r--,group:wheel:r--
-'',``
+{% elif ENABLE_ADM_GROUP %}
 a+ /run/log/journal    - - - - d:group::r-x,d:group:adm:r-x,group::r-x,group:adm:r-x
 a+ /run/log/journal/%m - - - - d:group:adm:r-x,group:adm:r-x
 a+ /run/log/journal/%m/*.journal* - - - - group:adm:r--
-'')',`m4_dnl
+{% elif ENABLE_WHEEL_GROUP %}
-m4_ifdef(`ENABLE_WHEEL_GROUP',``
 a+ /run/log/journal    - - - - d:group::r-x,d:group:wheel:r-x,group::r-x,group:wheel:r-x
 a+ /run/log/journal/%m - - - - d:group:wheel:r-x,group:wheel:r-x
 a+ /run/log/journal/%m/*.journal* - - - - group:wheel:r--
-'')')')m4_dnl
+{% endif %}
+{% endif %}
 
 z /var/log/journal 2755 root systemd-journal - -
 z /var/log/journal/%m 2755 root systemd-journal - -
 z /var/log/journal/%m/system.journal 0640 root systemd-journal - -
-m4_ifdef(`HAVE_ACL',`m4_dnl
+{% if HAVE_ACL %}
-m4_ifdef(`ENABLE_ADM_GROUP',`m4_dnl
+{% if ENABLE_ADM_GROUP and ENABLE_WHEEL_GROUP %}
-m4_ifdef(`ENABLE_WHEEL_GROUP',``
 a+ /var/log/journal    - - - - d:group::r-x,d:group:adm:r-x,d:group:wheel:r-x,group::r-x,group:adm:r-x,group:wheel:r-x
 a+ /var/log/journal/%m - - - - d:group:adm:r-x,d:group:wheel:r-x,group:adm:r-x,group:wheel:r-x
 a+ /var/log/journal/%m/system.journal - - - - group:adm:r--,group:wheel:r--
-'', ``
+{% elif ENABLE_ADM_GROUP %}
 a+ /var/log/journal    - - - - d:group::r-x,d:group:adm:r-x,group::r-x,group:adm:r-x
 a+ /var/log/journal/%m - - - - d:group:adm:r-x,group:adm:r-x
 a+ /var/log/journal/%m/system.journal - - - - group:adm:r--
-'')',`m4_dnl
+{% elif ENABLE_WHEEL_GROUP %}
-m4_ifdef(`ENABLE_WHEEL_GROUP',``
 a+ /var/log/journal    - - - - d:group::r-x,d:group:wheel:r-x,group::r-x,group:wheel:r-x
 a+ /var/log/journal/%m - - - - d:group:wheel:r-x,group:wheel:r-x
 a+ /var/log/journal/%m/system.journal - - - - group:wheel:r--
-'')')')m4_dnl
+{% endif %}
+{% endif %}
 
 d /var/lib/systemd 0755 root root -
 d /var/lib/systemd/coredump 0755 root root 3d

tmpfiles.d/var.conf.in

@@ -12,11 +12,11 @@ q /var 0755 - - -
 L /var/run - - - - ../run
 
 d /var/log 0755 - - -
-m4_ifdef(`ENABLE_UTMP',
+{% if ENABLE_UTMP %}
 f /var/log/wtmp 0664 root utmp -
 f /var/log/btmp 0660 root utmp -
 f /var/log/lastlog 0664 root utmp -
-)m4_dnl
+{% endif %}
 
 d /var/cache 0755 - - -