| # Copyright 2018 The Chromium OS Authors. All rights reserved. |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| |
| description "Start the server proxy for arcvm" |
| author "chromium-os-dev@chromium.org" |
| |
| start on starting arcvm-post-login-services |
| stop on stopping arcvm-post-login-services |
| |
| oom score -100 |
| |
| # Use minimalistic-mountns profile. |
| # -e for a new network namespace. |
| # -p for a new PID namespace. |
| # -l for a new IPC namespace. |
| # --uts for UTS namespace to isolate from host / domain names. |
| # -N for freeze cgroup settings. |
| # -u and -g to run as arc-mojo-proxy. |
| # -c sets capabilities: |
| # cap_sys_admin is needed to mount a FUSE file system. |
| # TODO(b/238044680): Remove cap_dac_override. |
| # /mnt is the mount point of the fuse file system. |
| # /run/chrome/arc/arc_bridge.sock is the socket connected to the |
| # ArcBridgeService in Chrome browser process. arcvm_server_proxy may be started |
| # before the socket is available, so bind /run/chrome/arc instead. |
| # /run/chrome/arc is bind-mounted to /run/chrome for historical reasons. The |
| # service tries to use /run/chrome/arc_bridge.sock rather than |
| # /run/chrome/arc/arc_bridge.sock. |
| exec minijail0 \ |
| --profile=minimalistic-mountns \ |
| -e \ |
| -p \ |
| -l \ |
| --uts \ |
| -N \ |
| -u arc-mojo-proxy \ |
| -g arc-mojo-proxy \ |
| -c "cap_dac_override,cap_sys_admin+eip" \ |
| -k "tmpfs,/mnt,tmpfs,MS_NOSUID|MS_NODEV|MS_NOEXEC" \ |
| -k "tmpfs,/run,tmpfs,MS_NOSUID|MS_NODEV|MS_NOEXEC" \ |
| -b /dev/fuse \ |
| -b /run/chrome/arc,/run/chrome \ |
| -b /run/arcvm/mojo,/run/arcvm/mojo,1 \ |
| -- /usr/bin/arcvm_server_proxy /mnt |
| |
| post-stop exec logger -t "${UPSTART_JOB}" "Post-stop arcvm-server-proxy" |
