| # Copyright 2020 The Chromium OS Authors. All rights reserved. |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| |
| description "Start arc-data-snapshotd daemon in Chrome OS." |
| author "chromium-os-dev@chromium.org" |
| |
| # Chrome browser manages a lifetime of arc-data-snapshotd daemon via upstart. |
| # The daemon is responsible for ARC snapshot of data/ directory management. |
| stop on stopping ui |
| |
| # Killable for memory leaks. |
| oom score -100 |
| |
| respawn |
| # If the job respawns 3 times in 10 seconds, stop trying. |
| respawn limit 3 10 |
| |
| env SNAPSHOT_DIR=/var/cache/arc-data-snapshot |
| import RESTART_FRECON |
| |
| pre-start script |
| # Clean up the directory for temporary images on every startup. |
| rm -rf "${SNAPSHOT_DIR}/tmp" |
| |
| if [ ! -d "${SNAPSHOT_DIR}" ]; then |
| mkdir -m 755 "${SNAPSHOT_DIR}" |
| mkdir -m 755 "${SNAPSHOT_DIR}/images" |
| mkdir -m 755 "${SNAPSHOT_DIR}/tmp" |
| |
| chown -R arc-data-snapshotd:arc-data-snapshotd "${SNAPSHOT_DIR}" |
| |
| cp /usr/share/chromeos-assets/images/boot_message_light.png \ |
| "${SNAPSHOT_DIR}/images/boot_message.png" |
| fi |
| |
| end script |
| |
| # Used jailing parameters: |
| # -c: capabalities: |
| # cap_dac_override,cap_fowner,cap_chown: let arc-data-snapshotd user to |
| # copy/remove/stat android-data regardless of file ownership; |
| # cap_sys_admin: let arc-data-snapshotd user to modify security |
| # attributes of the copied files; |
| # --ambient: let subprocesses inherit capabilities; |
| # -e: new network namespace; |
| # -l: new IPC namespace; |
| # -n: the no_new_privs bit; |
| # -N: new cgroup namespace; |
| # --uts: new UTS/hostname namespace; |
| # -K: no mount mode is changed by default; |
| # -v: new VFS namespace; |
| # -r: remount /proc read-only; |
| # -p: new PID namespace; |
| # -I: run a program as init (pid 1) inside a new pid namespace; |
| # -u, -g: user account and group; |
| # --profile=minimalistic-mountns: start with minimal mounts; |
| # /var/cache/arc-data-snapshot: for storing snapshot related info; |
| # /run/dbus: for communication over bus; |
| # /run/frecon: for communication with frecon; |
| # /dev/input: for watching ESC key presses; |
| # /dev/pts,,1: for communication with frecon; |
| # -S: apply seccomp filters. |
| script |
| logger -t "${UPSTART_JOB}" "Start arc-data-snapshotd" |
| set -x |
| |
| # Show update_arc_data_snapshot UI screen if needed. |
| # TODO(pbond): remove this frecon restart once it is no longer needed. |
| # Currently, boot-splash screen is not able to be updated via esc sequence. |
| if [ "${RESTART_FRECON}" = "1" ]; then |
| IMAGE_BACKGROUND_RGB=fefefe IMAGE_TEXT_COLOR=Black \ |
| ASSETS_IMAGE_PATH="${SNAPSHOT_DIR}/images" MESSAGE_OPTIONS=--markup \ |
| chromeos-boot-alert update_arc_data_snapshot |
| fi |
| |
| exec minijail0 -c 'cap_dac_override,cap_chown,cap_fowner,cap_sys_admin+eip' \ |
| --ambient -e -l -n -N -r -K -v -p -I \ |
| --uts -u arc-data-snapshotd -g arc-data-snapshotd \ |
| --profile=minimalistic-mountns \ |
| -k 'tmpfs,/var,tmpfs,MS_NODEV|MS_NOSUID|MS_NOEXEC,mode=755,size=10M' \ |
| -b /var/cache/arc-data-snapshot,,1 \ |
| -k 'tmpfs,/run,tmpfs,MS_NODEV|MS_NOSUID|MS_NOEXEC,mode=755,size=10M' \ |
| -b /run/dbus \ |
| -b /run/frecon \ |
| -b /dev/input \ |
| -b /dev/pts,,1 \ |
| -S /usr/share/policy/arc-data-snapshotd-seccomp.policy \ |
| -- /usr/bin/arc-data-snapshotd |
| end script |
| |
| # Wait for daemon to claim its D-Bus name before transitioning to started. |
| post-start exec minijail0 -u arc-data-snapshotd -g arc-data-snapshotd \ |
| /usr/bin/gdbus wait --system --timeout 15 org.chromium.ArcDataSnapshotd |
| |
| post-stop script |
| logger -t "${UPSTART_JOB}" "Post-stop arc-data-snapshotd" |
| display_boot_message action restore_frecon |
| end script |