systemd: base "RestrictAddressFamilies" on build options

This allows to not allow `AF_NETLINK` if `smbclient` is not enabled.

systemd/meson.build

@@ -1,6 +1,13 @@
 systemd_unit_conf = configuration_data()
 systemd_unit_conf.set('prefix', get_option('prefix'))
 
+address_families = ['AF_INET', 'AF_INET6', 'AF_UNIX']
+if get_option('smbclient').enabled()
+  # AF_NETLINK is required by libsmbclient, or it will exit() .. *sigh*
+  address_families += 'AF_NETLINK'
+endif
+systemd_unit_conf.set('address_families', ' '.join(address_families))
+
 systemd_socket_conf = configuration_data()
 listen_streams = []
 if get_option('local_socket')

systemd/system/mpd.service.in

@@ -27,8 +27,7 @@ NoNewPrivileges=yes
 ProtectKernelTunables=yes
 ProtectControlGroups=yes
 ProtectKernelModules=yes
-# AF_NETLINK is required by libsmbclient, or it will exit() .. *sigh*
+RestrictAddressFamilies=@address_families@
-RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX AF_NETLINK
 RestrictNamespaces=yes
 
 [Install]

systemd/user/mpd.service.in

@@ -28,8 +28,7 @@ ProtectSystem=yes
 NoNewPrivileges=yes
 ProtectKernelTunables=yes
 ProtectControlGroups=yes
-# AF_NETLINK is required by libsmbclient, or it will exit() .. *sigh*
+RestrictAddressFamilies=@address_families@
-RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX AF_NETLINK
 RestrictNamespaces=yes
 
 # Note that "ProtectKernelModules=yes" is missing in the user unit