| # Copyright (c) 2012 The Chromium OS Authors. All rights reserved. |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| |
| description "Start the cryptohome daemon" |
| author "chromium-os-dev@chromium.org" |
| |
| # Starts the cryptohome daemon, which handles mounting and |
| # unmounting users' encrypted home directories. Also supports |
| # offline login checks. |
| start on started boot-services and started tpm_managerd and started chapsd |
| stop on stopping boot-services |
| respawn |
| |
| # Set in the ebuild. |
| env DIRENCRYPTION_FLAG="" |
| env DISTRIBUTED_MODE_FLAG="" |
| |
| # Directory to store ephemeral cryptohome underlying sparse file. |
| env CRYPTOHOME_EPHEMERAL_PATH="/run/cryptohome" |
| |
| # File for passing user data auth flag from pre-start to actual script block. |
| env USERDATAAUTH_FLAG_STORAGE_FILE="/run/cryptohome/cryptohomed.upstart_userdataauth_flag" |
| |
| # Allow VMODULE_ARG env variable to be sent to the job. If VLOG_PARAMS is set |
| # (unset by default), it will be set as a parameter to --vmodule. |
| import VMODULE_ARG |
| env VMODULE_ARG= |
| |
| # Allow CRYPTOHOMED_ARGS env variable to be sent to the job. If CRYPTOHOMED_ARGS |
| # is set (unset by default), it will be passed as arguments to cryptohomed. |
| import CRYPTOHOMED_ARGS |
| env CRYPTOHOMED_ARGS= |
| |
| pre-start script |
| # Create dir for ephemeral mounts while running as root. |
| if [ ! -d "${CRYPTOHOME_EPHEMERAL_PATH}" ]; then |
| mkdir -m 0700 "${CRYPTOHOME_EPHEMERAL_PATH}" |
| fi |
| |
| if /usr/libexec/cryptohome/shall-use-userdataauth.sh; then |
| # Yes, we are using the new UserDataAuth interface. |
| touch "${USERDATAAUTH_FLAG_STORAGE_FILE}" |
| else |
| rm -rf "${USERDATAAUTH_FLAG_STORAGE_FILE}" |
| fi |
| end script |
| |
| expect fork |
| |
| script |
| # Note that cat is not used here to prevent confusing upstart's fork |
| # tracking. |
| set -- "$@" --noclose ${DIRENCRYPTION_FLAG} ${DISTRIBUTED_MODE_FLAG} \ |
| --vmodule="${VMODULE_ARG}" ${CRYPTOHOMED_ARGS} |
| [ -f "${USERDATAAUTH_FLAG_STORAGE_FILE}" ] && |
| set -- "$@" --user_data_auth_interface |
| exec cryptohomed "$@" |
| end script |
| |
| post-start exec rm -f "${USERDATAAUTH_FLAG_STORAGE_FILE}" |