cryptohome/init/cryptohomed.conf - mirrors/cros/chromiumos/platform2 - Git at Google

 # Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
 # Use of this source code is governed by a BSD-style license that can be
 # found in the LICENSE file.

 description     "Start the cryptohome daemon"
 author          "chromium-os-dev@chromium.org"

 # Starts the cryptohome daemon, which handles mounting and
 # unmounting users' encrypted home directories.  Also supports
 # offline login checks.
 start on started boot-services and started tpm_managerd and started chapsd
 stop on stopping boot-services
 respawn

 # Set in the ebuild.
 env DIRENCRYPTION_FLAG=""
 env FSCRYPT_V2_FLAG=""
 env DISTRIBUTED_MODE_FLAG=""
 env NO_LEGACY_MOUNT_FLAG=""
 env NO_DOWNLOAD_BINDMOUNT_FLAG=""
 env APPLICATION_CONTAINERS=""

 # Directory to store ephemeral cryptohome underlying sparse file.
 env CRYPTOHOME_EPHEMERAL_PATH="/run/cryptohome"

 # File for passing user data auth flag from pre-start to actual script block.
 env USERDATAAUTH_FLAG_STORAGE_FILE="/run/cryptohome/cryptohomed.upstart_userdataauth_flag"

 # File to determine if userdataauth is disabled.
 env USERDATAAUTH_INTERFACE_CTRL_FILE="/var/lib/cryptohome/cryptohome_userdataauth_interface.conf"

 # Allow VMODULE_ARG env variable to be sent to the job. If VLOG_PARAMS is set
 # (unset by default), it will be set as a parameter to --vmodule.
 import VMODULE_ARG
 env VMODULE_ARG=

 # Allow CRYPTOHOMED_ARGS env variable to be sent to the job. If CRYPTOHOMED_ARGS
 # is set (unset by default), it will be passed as arguments to cryptohomed.
 import CRYPTOHOMED_ARGS
 env CRYPTOHOMED_ARGS=

 pre-start script
   # Create dir for ephemeral mounts while running as root.
   if [ ! -d "${CRYPTOHOME_EPHEMERAL_PATH}" ]; then
     mkdir -m 0700 "${CRYPTOHOME_EPHEMERAL_PATH}"
   fi
 end script

 expect fork

 script
   # Note that cat is not used here to prevent confusing upstart's fork
   # tracking.
   set -- "$@" --noclose ${DIRENCRYPTION_FLAG} ${DISTRIBUTED_MODE_FLAG} \
     ${NO_LEGACY_MOUNT_FLAG} ${NO_DOWNLOAD_BINDMOUNT_FLAG} ${FSCRYPT_V2_FLAG} \
     ${APPLICATION_CONTAINERS} --vmodule="${VMODULE_ARG}" ${CRYPTOHOMED_ARGS}
   exec cryptohomed "$@"
 end script

 # Wait for daemon to claim its D-Bus name.
 post-start exec minijail0 -u cryptohome -G \
   /usr/bin/gdbus wait --system --timeout 15 org.chromium.UserDataAuth
	# Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
	# Use of this source code is governed by a BSD-style license that can be
	# found in the LICENSE file.

	description "Start the cryptohome daemon"
	author "chromium-os-dev@chromium.org"

	# Starts the cryptohome daemon, which handles mounting and
	# unmounting users' encrypted home directories. Also supports
	# offline login checks.
	start on started boot-services and started tpm_managerd and started chapsd
	stop on stopping boot-services
	respawn

	# Set in the ebuild.
	env DIRENCRYPTION_FLAG=""
	env FSCRYPT_V2_FLAG=""
	env DISTRIBUTED_MODE_FLAG=""
	env NO_LEGACY_MOUNT_FLAG=""
	env NO_DOWNLOAD_BINDMOUNT_FLAG=""
	env APPLICATION_CONTAINERS=""

	# Directory to store ephemeral cryptohome underlying sparse file.
	env CRYPTOHOME_EPHEMERAL_PATH="/run/cryptohome"

	# File for passing user data auth flag from pre-start to actual script block.
	env USERDATAAUTH_FLAG_STORAGE_FILE="/run/cryptohome/cryptohomed.upstart_userdataauth_flag"

	# File to determine if userdataauth is disabled.
	env USERDATAAUTH_INTERFACE_CTRL_FILE="/var/lib/cryptohome/cryptohome_userdataauth_interface.conf"

	# Allow VMODULE_ARG env variable to be sent to the job. If VLOG_PARAMS is set
	# (unset by default), it will be set as a parameter to --vmodule.
	import VMODULE_ARG
	env VMODULE_ARG=

	# Allow CRYPTOHOMED_ARGS env variable to be sent to the job. If CRYPTOHOMED_ARGS
	# is set (unset by default), it will be passed as arguments to cryptohomed.
	import CRYPTOHOMED_ARGS
	env CRYPTOHOMED_ARGS=

	pre-start script
	# Create dir for ephemeral mounts while running as root.
	if [ ! -d "${CRYPTOHOME_EPHEMERAL_PATH}" ]; then
	mkdir -m 0700 "${CRYPTOHOME_EPHEMERAL_PATH}"
	fi
	end script

	expect fork

	script
	# Note that cat is not used here to prevent confusing upstart's fork
	# tracking.
	set -- "$@" --noclose ${DIRENCRYPTION_FLAG} ${DISTRIBUTED_MODE_FLAG} \
	${NO_LEGACY_MOUNT_FLAG} ${NO_DOWNLOAD_BINDMOUNT_FLAG} ${FSCRYPT_V2_FLAG} \
	${APPLICATION_CONTAINERS} --vmodule="${VMODULE_ARG}" ${CRYPTOHOMED_ARGS}
	exec cryptohomed "$@"
	end script

	# Wait for daemon to claim its D-Bus name.
	post-start exec minijail0 -u cryptohome -G \
	/usr/bin/gdbus wait --system --timeout 15 org.chromium.UserDataAuth