| # Copyright 2019 The Chromium OS Authors. All rights reserved. |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| |
| description "OOBE Config Save" |
| author "chromium-os-dev@chromium.org" |
| |
| start on starting pre-shutdown |
| |
| # 32MByte RLIMIT_MEMLOCK, this is required because oobe_config_save uses |
| # SecureBlob to store owner key, install attributes and shill default profile, |
| # and SecureBlob uses mlock(). |
| limit memlock 33554432 33554432 |
| |
| task |
| script |
| # Checks if a rollback is being requested and stages system files |
| # to a location owned by oobe_config_save. Then oobe_config_save |
| # runs in the jail to package and encrypt the data. |
| if rollback_prepare_save; then |
| # --profile=minimalistic-mountns Set up a minimalistic mount namespace |
| # -p Enter a new PID namespace and run the process as init (pid=1). |
| # -I Runs program as init inside a new pid namespace. |
| # -e Enter a new network namespace. |
| # -l Enter a new IPC namespace. |
| # --uts Enters a new UTS namespace. |
| # -n Sets the no_new_privs bit. |
| # -S Apply seccomp filters. |
| # -u Run as oobe_config_restore user. |
| # -g Run as oobe_config_restore group. |
| # NOTE: The ebuild erases the "-b /run/tcsd" line on TPM2 devices. |
| minijail0 \ |
| --profile=minimalistic-mountns \ |
| -p -I \ |
| -e \ |
| -l \ |
| --uts \ |
| -n \ |
| -k '/run,/run,tmpfs,MS_NODEV|MS_NOEXEC|MS_NOSUID,mode=755,size=10M' \ |
| -b /run/dbus \ |
| -b /run/tcsd \ |
| -k '/var,/var,tmpfs,MS_NODEV|MS_NOEXEC|MS_NOSUID,mode=755,size=10M' \ |
| -b /var/lib/metrics,,1 \ |
| -b /var/lib/oobe_config_save,,1 \ |
| -k '/mnt/stateful_partition,/mnt/stateful_partition,tmpfs,MS_NODEV|MS_NOEXEC|MS_NOSUID,mode=755,size=10M' \ |
| -b /mnt/stateful_partition/unencrypted/preserve,,1 \ |
| -u oobe_config_save -g oobe_config_save \ |
| -G \ |
| -S /usr/share/policy/oobe_config_save-seccomp.policy \ |
| /usr/sbin/oobe_config_save |
| fi |
| end script |