diff options
author | Daiki Ueno <dueno@redhat.com> | 2018-06-20 10:43:24 +0200 |
---|---|---|
committer | Daiki Ueno <ueno@gnu.org> | 2018-06-20 13:19:23 +0200 |
commit | 53a7e915b2694bc1957d98493a7aee9abfa3c6c5 (patch) | |
tree | 82d4bdce9a6d8559a698cd40fda4bb96990489c7 /configure.ac | |
parent | d4a4039f97b2e1f67d09d7cd8c05fb2dd129b23c (diff) |
server: Enable socket activation through systemd
This enables socket activation of "p11-kit server" through systemd.
The feature provided is essentially the same as commit
a4fb2bb5 (reverted), but implemented with "p11-kit server" and
libsystemd API instead of wrapping "p11-kit remote" in the unit file.
Note that, while it exposes all tokens through the socket, it doesn't
increase attack surface beyond the PKCS#11 binary interface provided
by p11-kit-proxy.so, because the service is per-user.
Diffstat (limited to 'configure.ac')
-rw-r--r-- | configure.ac | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/configure.ac b/configure.ac index bd6ece0..a04ae43 100644 --- a/configure.ac +++ b/configure.ac @@ -545,6 +545,28 @@ AC_DEFINE_UNQUOTED(EXEEXT, ["$EXEEXT"], [File extension for executables]) privatedir='${libexecdir}/p11-kit' AC_SUBST(privatedir) +# -------------------------------------------------------------------- +# systemd + +AC_ARG_WITH([systemd], + AS_HELP_STRING([--without-systemd], + [Disable systemd socket activation])) + +AS_IF([test "$with_systemd" != "no"], [ + PKG_CHECK_MODULES([LIBSYSTEMD], [libsystemd], [], + [with_systemd=no]) + + PKG_CHECK_VAR([systemduserunitdir], [systemd], [systemduserunitdir], [], + [with_systemd=no]) + + AS_IF([test "$with_systemd" != "no"], [ + with_systemd=yes + AC_DEFINE_UNQUOTED(WITH_SYSTEMD, 1, [Build with systemd socket activation]) + ]) +]) + +AM_CONDITIONAL(WITH_SYSTEMD, [test "$with_systemd" = "yes"]) + AC_CONFIG_FILES([Makefile doc/Makefile doc/manual/Makefile @@ -576,6 +598,7 @@ AC_MSG_NOTICE([build options: With libtasn1 dependency: $with_libtasn1 With libffi: $with_libffi With hash implementation: $with_hash_impl + With systemd: $with_systemd Build trust module: $enable_trust_module Trust module paths: $trust_status |