| # Copyright 2016 The Chromium OS Authors. All rights reserved. |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| |
| description "Run /system/bin/sdcard in a container" |
| author "chromium-os-dev@chromium.org" |
| |
| # This job is started via arc-boot-continue.conf. |
| # This job is stopped via arc-lifetime.conf. |
| |
| # Unused, but to be compliant with sdcardfs upstart script. |
| import CONTAINER_PID |
| |
| env PIDFILE=/run/arc/sdcard.pid |
| env ANDROID_ROOTFS_DIR=/opt/google/containers/android/rootfs/root |
| env ANDROID_MUTABLE_SOURCE=/opt/google/containers/android/rootfs/android-data |
| env SDCARD_ROOTFS_DIR=\ |
| /opt/google/containers/arc-sdcard/mountpoints/container-root |
| env SDCARD_MOUNT_DIR=/run/arc/sdcard |
| |
| env ROOT_UID=655360 |
| env SDCARD_UID=656383 |
| |
| script |
| { |
| echo "Start arc-sdcard" |
| set -x |
| |
| # Note: $SDCARD_MOUNT_DIR/... and $ANDROID_MUTABLE_SOURCE/data/... |
| # (including /data/media) should have been properly initialized. |
| |
| # Clean up a stale pid file if exists. |
| rm -f $PIDFILE |
| |
| # Start constructing minijail0 args... |
| args="" |
| |
| # Pivot root. |
| args="$args -P $SDCARD_ROOTFS_DIR" |
| |
| # Enter a new network namespace. |
| args="$args -e" |
| |
| # Enter a new PID namespace. |
| args="$args -p" |
| |
| # Enter a new mount namespace. |
| args="$args -v" |
| |
| # Enter a new IPC namespace. |
| args="$args -l" |
| |
| # Disable PRIVATE marking for all mount points. |
| args="$args -K" |
| |
| # Use Android alt-syscall table. |
| args="$args -a android" |
| |
| # Create PID file at $PIDFILE. |
| args="$args -f $PIDFILE" |
| |
| # Here after, set up mount points. First, set up private mount points. |
| args="$args -k proc,/proc,proc,0xe" # nosuid,nodev,noexec |
| args="$args -b $ANDROID_ROOTFS_DIR/system/bin/sdcard,/system/bin/sdcard" |
| |
| args="$args -b $ANDROID_MUTABLE_SOURCE/data,/data,1" |
| |
| args="$args -b /home/chronos/user/Downloads,/Downloads,1" |
| |
| # Mark PRIVATE recursively under (pivot) root, in order not to expose |
| # shared mount points accidentally. |
| args="$args -k none,/,none,0x44000" # rec,private |
| |
| # Mount shared mount points. |
| args="$args -b $SDCARD_MOUNT_DIR,/mnt/runtime,1" |
| # Remount to make it writable. |
| args="$args -k none,/mnt/runtime,none,0x2e" # remount,nosuid,nodev,noexec |
| |
| # Above mount points work confuses the binary path detection in |
| # libminijail. Explicitly declare /system/bin/sdcard is a static binary. |
| args="$args -T static" |
| |
| # Finally, specify the command line arguments. |
| args="$args -- /system/bin/sdcard -u $SDCARD_UID -g $SDCARD_UID \ |
| -m -w /data/media emulated" |
| |
| # Unlike other services, redirect to logger. |
| # sdcard is maintained in Android repository, and uses stdio for logging. |
| exec capsh --drop=CAP_BLOCK_SUSPEND,CAP_WAKE_ALARM,CAP_SYS_BOOT \ |
| -- -c "minijail0 $args" |
| } 2>&1 | logger -t "${UPSTART_JOB}" |
| end script |
| |
| |
| post-stop exec /usr/sbin/arc-setup --mode=unmount-sdcard \ |
| "--log_tag=${UPSTART_JOB}" |