blob: 493104d2f2830d8ef4c9610fbc7cf9f21d514303 [file] [log] [blame]
# Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
description "Media Transfer Protocol Daemon"
author "chromium-os-dev@chromium.org"
# Minimum log level defined in base/logging.h.
# 0:INFO, 1:WARNING, 2:ERROR, 3:ERROR_REPORT, 4:FATAL
# Set to log only WARNING or above by default.
env MTPD_MINLOGLEVEL=1
start on starting system-services
stop on stopping system-services
# Since minijail forks & exits, we need to track the mtpd child.
expect fork
respawn
# use minijail (drop root, set no_new_privs, set seccomp filter).
# -e (enter new network namespace) is removed as mtpd is using
# udev_monitor_new_from_netlink (chromium:778995).
# Mount /proc, /sys, /dev, /run/udev so that USB devices can be
# discovered. Mount /run/dbus to communicate with D-Bus.
#
exec minijail0 -i -I -p -l -r -v -t -u mtp -g mtp -G \
-P /mnt/empty -b / -b /proc -b /sys -b /dev \
-k 'tmpfs,/run,tmpfs,MS_NOSUID|MS_NODEV|MS_NOEXEC' -b /run/dbus \
-b /run/udev \
-n -S /usr/share/policy/mtpd-seccomp.policy -- \
/usr/sbin/mtpd -minloglevel="${MTPD_MINLOGLEVEL}"