| # Copyright 2018 The Chromium OS Authors. All rights reserved. |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| |
| description "Start the Chromium OS Newblue daemon" |
| author "chromium-os-dev@chromium.org" |
| |
| env seccomp_flags="-S /usr/share/policy/newblued-seccomp.policy" |
| |
| start on started system-services |
| stop on stopping system-services |
| respawn |
| |
| # Minijail actually forks off our desired process. |
| expect fork |
| |
| # Add modules here in --vmodule format for debugging. |
| env VMODULE_ARG= |
| |
| # -u bluetooth changes user. |
| # -g bluetooth changes group. |
| # -G inherit bluetooth's supplementary groups. |
| # -i makes sure minijail0 exits right away and won't block upstart. |
| # -n prevents that execve gains privileges, required for seccomp filters. |
| # -l creates IPC namespace (isolates System V IPC objects/POSIX message queues). |
| # -p creates PID namespace (process won't see any other processes). |
| # -v enters new mount namespace, allows to change mounts inside jail. |
| # -r remounts /proc read-only (prevents any messing with it). |
| # -t creates new, empty tmp directory (technically, mounts tmpfs). |
| # --uts enters a new UTS namespace. |
| # -e enters new network namespace. |
| # --profile minimalistic-mountns sets up minimalistic mount namespace. |
| # -b /dev/log,/dev/log,1 is required for syslog. |
| # -b /run,/run mount read-only, required for D-Bus. |
| exec minijail0 -u bluetooth -g bluetooth -G -i -n -l -p -v -r -t --uts -e \ |
| --profile minimalistic-mountns \ |
| -b /dev/log,/dev/log,1 -b /run,/run \ |
| ${seccomp_flags} \ |
| -- \ |
| /usr/bin/newblued \ |
| --vmodule="${VMODULE_ARG}" |
