shill/init/shill-sandboxing-kill-switch.conf - mirrors/cros/chromiumos/platform2 - Git at Google

 #
 # Copyright 2018 The Chromium OS Authors. All rights reserved.
 #
 # Micah Morton <mortonm@chromium.org>
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation; either version 2 of the License, or
 # (at your option) any later version.
 #
 # This program is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
 #

 description     "Write kill switch file for sandboxing shill."
 author          "chromium-os-dev@chromium.org"

 # NOTE: Since Chrome feature flags only get updated through Finch during
 # browser startup, we need to relay the message from Chrome to shill whenever
 # the ShillSandboxing flag is disabled. We do this by writing a file in
 # /var/lib/shill that is queried by the shill.sh init script next time shill
 # spawns. In this way, after updating Finch server configs (and waiting the
 # necessary time to push configs to clients), going from shill sandboxing
 # enabled to disabled requires first a reboot (which will trigger this script
 # under the updated feature flag, since Chrome has been restarted by the
 # reboot) followed by restarting shill (e.g. another reboot or "restart shill"
 # command).

 # Use 'start on started system-services' to ensure Chrome is running and we can
 # query the "IsShillSandboxingEnabled" feature flag.
 # TODO(mortonm): Remove this file completely when removing the kill switch for
 # shill sandboxing.
 start on started system-services

 pre-start exec mkdir -p /var/lib/shill

 script
   status=0
   reply=$(minijail0 -u chronos /usr/bin/dbus-send --system --type=method_call \
     --print-reply \
     --dest=org.chromium.ChromeFeaturesService \
     /org/chromium/ChromeFeaturesService \
     "org.chromium.ChromeFeaturesServiceInterface.IsShillSandboxingEnabled" \
     2>/dev/null) || status=$?
   if [ ${status} -eq 0 -a "${reply##* }" = "false" ] ; then
     # Disable sandboxing.
     echo "1" > /var/lib/shill/shill_sandboxing_disabled
   else
     # Either "${reply##* }" equals "true" or something went wrong in parsing
     # response. Regardless, remove the file that disables sandboxing since
     # shill running in a sandbox is the default/expected behavior.
     rm -f /var/lib/shill/shill_sandboxing_disabled
   fi
 end script
	#
	# Copyright 2018 The Chromium OS Authors. All rights reserved.
	#
	# Micah Morton <mortonm@chromium.org>
	#
	# This program is free software; you can redistribute it and/or modify
	# it under the terms of the GNU General Public License as published by
	# the Free Software Foundation; either version 2 of the License, or
	# (at your option) any later version.
	#
	# This program is distributed in the hope that it will be useful,
	# but WITHOUT ANY WARRANTY; without even the implied warranty of
	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	# GNU General Public License for more details.
	#

	description "Write kill switch file for sandboxing shill."
	author "chromium-os-dev@chromium.org"

	# NOTE: Since Chrome feature flags only get updated through Finch during
	# browser startup, we need to relay the message from Chrome to shill whenever
	# the ShillSandboxing flag is disabled. We do this by writing a file in
	# /var/lib/shill that is queried by the shill.sh init script next time shill
	# spawns. In this way, after updating Finch server configs (and waiting the
	# necessary time to push configs to clients), going from shill sandboxing
	# enabled to disabled requires first a reboot (which will trigger this script
	# under the updated feature flag, since Chrome has been restarted by the
	# reboot) followed by restarting shill (e.g. another reboot or "restart shill"
	# command).

	# Use 'start on started system-services' to ensure Chrome is running and we can
	# query the "IsShillSandboxingEnabled" feature flag.
	# TODO(mortonm): Remove this file completely when removing the kill switch for
	# shill sandboxing.
	start on started system-services

	pre-start exec mkdir -p /var/lib/shill

	script
	status=0
	reply=$(minijail0 -u chronos /usr/bin/dbus-send --system --type=method_call \
	--print-reply \
	--dest=org.chromium.ChromeFeaturesService \
	/org/chromium/ChromeFeaturesService \
	"org.chromium.ChromeFeaturesServiceInterface.IsShillSandboxingEnabled" \
	2>/dev/null) \|\| status=$?
	if [ ${status} -eq 0 -a "${reply##* }" = "false" ] ; then
	# Disable sandboxing.
	echo "1" > /var/lib/shill/shill_sandboxing_disabled
	else
	# Either "${reply##* }" equals "true" or something went wrong in parsing
	# response. Regardless, remove the file that disables sandboxing since
	# shill running in a sandbox is the default/expected behavior.
	rm -f /var/lib/shill/shill_sandboxing_disabled
	fi
	end script