| # Copyright 2020 The Chromium OS Authors. All rights reserved. |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| |
| description "Forward ARCVM pstore file to expected location in cryptohome" |
| author "chromium-os-dev@chromium.org" |
| |
| # arcvm-forward-pstore is started before mini-ARCVM starts, and persists across |
| # ARCVM restarts in a single session. It deletes the pstore from /run/arcvm when |
| # it is stopped to prevent it from leaking out of the user session. |
| start on starting arcvm-pre-login-services |
| stop on stopping ui |
| |
| exec minijail0 \ |
| -u crosvm -g crosvm \ |
| --profile=minimalistic-mountns --uts -e -l -p -n -N -K -v \ |
| -S /usr/share/policy/arcvm-forward-pstore-seccomp.policy \ |
| -k "tmpfs,/run,tmpfs,MS_NOSUID|MS_NODEV|MS_NOEXEC" \ |
| -b /run/dbus,/run/dbus,1 \ |
| -k '/run/arcvm,/run/arcvm,none,MS_BIND|MS_REC' \ |
| -k '/run/daemon-store/crosvm,/run/daemon-store/crosvm,none,MS_BIND|MS_REC' \ |
| -- /usr/sbin/arcvm-forward-pstore |
