| # Copyright 2020 The Chromium OS Authors. All rights reserved. |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| |
| description "Set up the host side environment for ARCVM" |
| author "chromium-os-dev@chromium.org" |
| |
| start on starting boot-services |
| |
| oom score -1000 |
| task |
| |
| script |
| # If your directory will be used by a single service (e.g. vm_concierge), |
| # create the directory in its conf file (e.g. vm_concierge.conf). This is |
| # the place to set up enviroment for either multiple services starting up |
| # at the same time or Chrome. |
| |
| # Create the runtime directory for ARCVM. |
| mkdir -p /run/arcvm |
| chown crosvm:crosvm /run/arcvm |
| |
| # Create the directory for having files that are created at runtime and |
| # exported to ARCVM via virtio-fs. Chrome tries to write to the directory |
| # while it's showing the login screen. |
| mkdir -p /run/arcvm/host_generated |
| chmod 770 /run/arcvm/host_generated |
| chown crosvm:chronos /run/arcvm/host_generated |
| |
| # Create the directory which is mounted as /oem/etc in the guest. |
| mkdir -p /run/arcvm/host_generated/oem/etc/permissions |
| chmod 755 -R /run/arcvm/host_generated/oem |
| chcon -R "u:object_r:oemfs:s0" /run/arcvm/host_generated/oem |
| chown chronos:chronos -R /run/arcvm/host_generated/oem |
| |
| # Devices upgraded from ARC P may have the salt file. Change the file |
| # permissions from 400 root:root to 440 root:chronos so that Chrome can |
| # read the file. See b/143976415 for more details. |
| if [ -f /var/lib/misc/arc_salt ] ; then |
| chmod 440 /var/lib/misc/arc_salt |
| chown root:chronos /var/lib/misc/arc_salt |
| fi |
| end script |
