| # Copyright 2018 The Chromium OS Authors. All rights reserved. |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| |
| description "Chrome OS Runtime Probe service" |
| author "chromium-os-dev@chromium.org" |
| |
| # This daemon is started by D-Bus service activation configured in |
| # dbus/org.chromium.RuntimeProbe.service. |
| stop on stopping system-services |
| task |
| |
| pre-start script |
| # Check if system-services is still running before starting runtime probe. |
| # This is to prevent new dbus-activated instances from getting started once |
| # the system is beginning to shut down. |
| if ! initctl status system-services | grep -q running; then |
| stop |
| exit 0 |
| fi |
| end script |
| |
| script |
| MINIJAIL_FLAGS_CROS_DEBUG="" |
| if crossystem cros_debug?1 ; then |
| MINIJAIL_FLAGS_CROS_DEBUG="-b /usr/local" |
| fi |
| |
| exec minijail0 -i -e -p -r -v -l --uts -n \ |
| -u runtime_probe -g runtime_probe -G \ |
| --profile=minimalistic-mountns \ |
| -k 'tmpfs,/run,tmpfs,MS_NODEV|MS_NOEXEC|MS_NOSUID,mode=755,size=10M' \ |
| -k 'tmpfs,/sys,tmpfs,MS_NODEV|MS_NOEXEC|MS_NOSUID,mode=755,size=10M' \ |
| -b /run/chromeos-config/v1 \ |
| -b /run/dbus \ |
| ${MINIJAIL_FLAGS_CROS_DEBUG} \ |
| -S /usr/share/policy/runtime_probe-seccomp.policy \ |
| -- /usr/bin/runtime_probe --dbus --verbosity_level=1 |
| end script |
| # Wait for daemon to claim its D-Bus name before transitioning to started. |
| post-start exec minijail0 -u runtime_probe -g runtime_probe /usr/bin/gdbus \ |
| wait --system --timeout 15 org.chromium.RuntimeProbe |
