| # Copyright (c) 2012 The Chromium OS Authors. All rights reserved. |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| |
| description "Syslog daemon" |
| author "chromium-os-dev@chromium.org" |
| |
| start on starting boot-services |
| stop on stopping boot-services |
| expect fork |
| respawn |
| |
| # We don't use --mount-dev because of the way the /dev/log unix socket works. |
| # See https://crbug.com/764455#c6 for details. |
| # |
| # rsyslogd creates it's unix domain socket at /run/systemd/journal/syslog. |
| # Journald forwards messages to that address. |
| # |
| # We don't use a pid namespace because that breaks syslog's ability to log the |
| # remote pid. Otherwise the logs would look like (where [0] is the pid): |
| # INFO sshd[0]: ... |
| exec /sbin/minijail0 -l -N --uts -i -v -e -t -P /mnt/empty -T static \ |
| -b / -b /dev,,1 -b /proc \ |
| -k 'tmpfs,/run,tmpfs,MS_NOSUID|MS_NODEV|MS_NOEXEC' \ |
| -b /run/rsyslogd,,1 \ |
| -k 'tmpfs,/var,tmpfs,MS_NOSUID|MS_NODEV|MS_NOEXEC' \ |
| -b /var/log,,1 -b /var/lib/timezone \ |
| /usr/sbin/rsyslogd -n -f /etc/rsyslog.chromeos -i /tmp/rsyslogd.pid |
| |
| # The timeout is high, but it should never be hit unless there's a serious |
| # problem, in which case we want to fall over anyways. We can't set it too |
| # low because we also run in slow environments like VMs. |
| post-start exec net_poll_tool --timeout=60 --unix_socket=/dev/log |
