blob: 2a626b40df22b02af728fb5442f708e46f9ffc20 [file] [log] [blame]
# Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
description "Syslog daemon"
author ""
start on starting boot-services
stop on stopping boot-services
expect fork
# We don't use --mount-dev because of the way the /dev/log unix socket works.
# See for details.
# rsyslogd creates it's unix domain socket at /run/systemd/journal/syslog.
# Journald forwards messages to that address.
# We don't use a pid namespace because that breaks syslog's ability to log the
# remote pid. Otherwise the logs would look like (where [0] is the pid):
# INFO sshd[0]: ...
exec /sbin/minijail0 -l -N --uts -i -v -e -t -P /mnt/empty -T static \
-b / -b /dev,,1 -b /proc \
-k 'tmpfs,/run,tmpfs,MS_NOSUID|MS_NODEV|MS_NOEXEC' \
-b /run/rsyslogd,,1 \
-k 'tmpfs,/var,tmpfs,MS_NOSUID|MS_NODEV|MS_NOEXEC' \
-b /var/log,,1 -b /var/lib/timezone \
/usr/sbin/rsyslogd -n -f /etc/rsyslog.chromeos -i /tmp/
# The timeout is high, but it should never be hit unless there's a serious
# problem, in which case we want to fall over anyways. We can't set it too
# low because we also run in slow environments like VMs.
post-start exec net_poll_tool --timeout=60 --unix_socket=/dev/log