| # Copyright 2018 The Chromium OS Authors. All rights reserved. |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| |
| description "Start the diagnostics_processor daemon" |
| author "chromium-os-dev@chromium.org" |
| |
| # Start the diagnostics_processor daemon, which is responsible for processing |
| # and analyzing telemetry and diagnostics information obtained from |
| # diagnosticsd. |
| start on starting system-services |
| stop on stopping system-services |
| |
| respawn |
| # If the job respawns 3 times in 10 seconds, stop trying. |
| respawn limit 3 10 |
| |
| expect fork |
| |
| pre-start script |
| # Create a directory for gRPC socket files - see the comment about the jailing |
| # parameters below. |
| mkdir -p -m 755 /run/diagnostics/grpc_sockets |
| chown -R diagnostics:diagnostics /run/diagnostics/ |
| end script |
| |
| # Used jailing parameters: |
| # -e: new network namespace; |
| # -i: exit after forking; |
| # -l: new IPC namespace; |
| # -n: the no_new_privs bit; |
| # -p: new PID namespace; |
| # -r: remount /proc readonly; |
| # -t: a new tmpfs filesystem for /tmp; |
| # -v: new VFS namespace; |
| # --uts: new UTS/hostname namespace; |
| # -u, -g: user account and group; |
| # --mount-dev: a new /dev mount; |
| # --profile: minimalistic mount namespace; |
| # -k /run: a new tmpfs filesystem for /run, with the subsequent parameters |
| # mounting specific files into this directory; |
| # -b /run/diagnostics/grpc_sockets: shared directory with gRPC socket files, |
| # some of which are owned by diagnostics_processor and some by the |
| # diagnosticsd daemon (note: no other daemon will use this directory); |
| # -S: apply seccomp filters. |
| exec minijail0 -e -i -l -n -p -r -t -v --uts \ |
| -u diagnostics -g diagnostics \ |
| --mount-dev \ |
| --profile=minimalistic-mountns \ |
| -k 'tmpfs,/run,tmpfs,MS_NODEV|MS_NOSUID|MS_NOEXEC,mode=755,size=10M' \ |
| -b /run/diagnostics/grpc_sockets,,1 \ |
| -S /usr/share/policy/diagnostics_processor-seccomp.policy \ |
| -- /usr/bin/diagnostics_processor |