| # Copyright 2019 The Chromium OS Authors. All rights reserved. |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| |
| description "Start the cros_healthd daemon" |
| author "chromium-os-dev@chromium.org" |
| |
| # Start the cros_healthd daemon, which is responsible for reporting telemetry |
| # data and running diagnostics. |
| start on starting system-services |
| stop on stopping system-services |
| |
| respawn |
| # If the job respawns 3 times in 10 seconds, stop trying. |
| respawn limit 3 10 |
| |
| expect fork |
| |
| pre-start script |
| # Prepare directory for diagnostics routine test files. |
| mkdir -p /var/cache/diagnostics |
| chown cros_healthd:cros_healthd /var/cache/diagnostics |
| end script |
| |
| # Used jailing parameters: |
| # -e: new network namespace; |
| # -G: inherit supplementary groups; |
| # -i: exit after forking; |
| # -l: new IPC namespace; |
| # -n: the no_new_privs bit; |
| # -p: new PID namespace; |
| # -r: remount /proc readonly; |
| # -t: a new tmpfs filesystem for /tmp; |
| # -v: new VFS namespace; |
| # --uts: new UTS/hostname namespace; |
| # -u, -g: user account and group; |
| # -P: set /mnt/empty as rootfs; |
| # -b: bind /, /proc and /dev. /dev is necessary to send ioctls to the system's |
| # block devices. |
| # -k /run: a new tmpfs filesystem for /run, with the subsequent parameters |
| # mounting specific files into this directory; |
| # -b /run/dbus: shared socket file for talking with the D-Bus daemon; |
| # -b /run/systemd/journal: needed for logging; |
| # -b /run/chromeos-config/v1: needed for access to chromeos-config; |
| # -k /sys: a new tmpfs filesystem for /sys, with the subsequent parameters |
| # mounting specific files into this directory; |
| # -b /sys/class/backlight: files related to the system's backlights; |
| # -b /sys/class/block: files related to the system's block devices; |
| # -b /sys/class/chromeos: files related to Chrome OS hardware devices; |
| # -b /sys/class/power_supply: files related to the system's power supplies; |
| # -b /sys/devices: needed to get the names of the block device dev nodes; |
| # -b /sys/firmware/vpd/ro: files with cached VPD; |
| # -k /var: new tmpfs for var, with the subsequent parameters |
| # mounting specific files into this directory; |
| # -b /var/lib/timezone: symlink for reading the timezone file; |
| # -b /usr/share/zoneinfo: directory holding timezone files; |
| # -b /sys/devices/system/cpu: directory of both global and individual CPU |
| # attributes which used to diagnose the CPU by the stressapptest. |
| # -b /dev/shm: allows creation of shared memory files that are used to set up |
| # mojo::ScopedHandles which can be returned by GetRoutineUpdate. |
| # -b /var/cache/diagnostics: allow test routine to create a test |
| # file under filesystem; |
| # -S: apply seccomp filters. |
| script |
| # Evaluate which directories are present for binding. Do this without starting |
| # subshells to avoid breaking upstart's PID tracking. |
| set -- |
| if [ -e /sys/class/backlight ]; then |
| set -- "$@" -b /sys/class/backlight |
| fi |
| if [ -e /sys/class/chromeos ]; then |
| set -- "$@" -b /sys/class/chromeos |
| fi |
| if [ -e /sys/class/power_supply ]; then |
| set -- "$@" -b /sys/class/power_supply |
| fi |
| if [ -e /sys/firmware/vpd/ro ]; then |
| set -- "$@" -b /sys/firmware/vpd/ro |
| fi |
| |
| exec minijail0 -e -G -i -l -n -p -r -t -v --uts \ |
| -u cros_healthd -g cros_healthd \ |
| -P /mnt/empty \ |
| -b / -b /proc -b /dev \ |
| -k 'tmpfs,/run,tmpfs,MS_NODEV|MS_NOSUID|MS_NOEXEC,mode=755,size=10M' \ |
| -b /run/dbus -b /run/systemd/journal \ |
| -b /run/chromeos-config/v1 \ |
| -k 'tmpfs,/sys,tmpfs,MS_NODEV|MS_NOSUID|MS_NOEXEC,mode=755,size=10M' \ |
| -b /sys/class/block -b /sys/devices \ |
| -b /usr/share/zoneinfo \ |
| -k 'tmpfs,/var,tmpfs,MS_NODEV|MS_NOSUID|MS_NOEXEC,mode=755,size=10M' \ |
| -b /var/lib/timezone \ |
| -b /sys/devices/system/cpu \ |
| -b /dev/shm,,1 \ |
| "$@" \ |
| -b /var/cache/diagnostics,,1 \ |
| -S /usr/share/policy/cros_healthd-seccomp.policy \ |
| -- /usr/bin/cros_healthd |
| end script |
| |
| # Wait for daemon to claim its D-Bus name before transitioning to started. |
| post-start exec minijail0 -u cros_healthd -g cros_healthd /usr/bin/gdbus \ |
| wait --system --timeout 15 org.chromium.CrosHealthd |