attestation/pca_agent/server/pca_agentd.conf - mirrors/cros/chromiumos/platform2 - Git at Google

 # Copyright 2020 The Chromium OS Authors. All rights reserved.
 # Use of this source code is governed by a BSD-style license that can be
 # found in the LICENSE file.

 description     "Chromium OS device PCA agent service."
 author          "chromium-os-dev@chromium.org"

 start on started boot-services and started shill and started syslog
 stop on stopping boot-services

 oom score -100

 respawn

 expect fork

 # Uses minijail (drop root, set no_new_privs, set seccomp filter).
 # Mounts /run/shill for DNS lookup.
 exec minijail0 -u attestation -g attestation --profile=minimalistic-mountns \
     --uts -i -I -l -n -p -v -k 'tmpfs,/run,tmpfs,MS_NOSUID|MS_NODEV|MS_NOEXEC' \
     -b /run/dbus -b /run/shill -S /usr/share/policy/pca_agentd-seccomp.policy \
     -- /usr/sbin/pca_agentd
	# Copyright 2020 The Chromium OS Authors. All rights reserved.
	# Use of this source code is governed by a BSD-style license that can be
	# found in the LICENSE file.

	description "Chromium OS device PCA agent service."
	author "chromium-os-dev@chromium.org"

	start on started boot-services and started shill and started syslog
	stop on stopping boot-services

	oom score -100

	respawn

	expect fork

	# Uses minijail (drop root, set no_new_privs, set seccomp filter).
	# Mounts /run/shill for DNS lookup.
	exec minijail0 -u attestation -g attestation --profile=minimalistic-mountns \
	--uts -i -I -l -n -p -v -k 'tmpfs,/run,tmpfs,MS_NOSUID\|MS_NODEV\|MS_NOEXEC' \
	-b /run/dbus -b /run/shill -S /usr/share/policy/pca_agentd-seccomp.policy \
	-- /usr/sbin/pca_agentd