arc/setup/init/arc-create-data.conf - mirrors/cros/chromiumos/platform2 - Git at Google

 # Copyright 2020 The Chromium OS Authors. All rights reserved.
 # Use of this source code is governed by a BSD-style license that can be
 # found in the LICENSE file.

 description   "Create ARC data directories for the user"
 author        "chromium-os-dev@chromium.org"

 start on starting arcvm-post-login-services
 stop on stopping arcvm-post-login-services

 # Use 'never' since terminating this job fails ARC to start.
 oom score never
 task

 import CHROMEOS_USER

 env ANDROID_MUTABLE_SOURCE=/run/arcvm/android-data/mount

 pre-start script
     CHROMEOS_USER_HOME=$(cryptohome-path system "${CHROMEOS_USER}")
     if [ ! -d "${CHROMEOS_USER_HOME}" ]; then
       logger -t "${UPSTART_JOB}" \
         "User home ${CHROMEOS_USER_HOME} does not exist"
       exit 1
     fi
     mount --no-canonicalize --bind ${CHROMEOS_USER_HOME} /run/arcvm/userhome
     nsenter --mount=/run/namespaces/mnt_concierge \
       -- mount --no-canonicalize --bind \
                /run/arcvm/userhome ${CHROMEOS_USER_HOME}
     # Run arc-create-data in /run/namespaces/mnt_concierge. This namespace is
     # created by vm_concierge.conf, so Concierge must be running in order to
     # enter the namespace. This relies on ArcVmClientAdapter in Chrome to ensure
     # that Concierge is started before arc-create-data.
     exec /sbin/minijail0 \
       -c 'cap_dac_override,cap_dac_read_search,cap_chown,cap_fowner,cap_sys_admin+eip' \
       --uts -e -l -N -p -K -v \
       -V /run/namespaces/mnt_concierge \
       -- /usr/sbin/arc-create-data --log_tag=arc-create-data
 end script

 # This is needed to ensure this job doesn't remain in the started state.
 exec /bin/true

 post-stop script
     CHROMEOS_USER_HOME=$(cryptohome-path system "${CHROMEOS_USER}")
     if [ ! -d "${CHROMEOS_USER_HOME}" ]; then
       logger -t "${UPSTART_JOB}" \
         "User home ${CHROMEOS_USER_HOME} does not exist"
       exit 1
     fi

     nsenter --mount=/run/namespaces/mnt_concierge \
       -- umount ${CHROMEOS_USER_HOME} || true

     if mountpoint -q /run/arcvm/userhome; then
       umount /run/arcvm/userhome
     fi
 end script
	# Copyright 2020 The Chromium OS Authors. All rights reserved.
	# Use of this source code is governed by a BSD-style license that can be
	# found in the LICENSE file.

	description "Create ARC data directories for the user"
	author "chromium-os-dev@chromium.org"

	start on starting arcvm-post-login-services
	stop on stopping arcvm-post-login-services

	# Use 'never' since terminating this job fails ARC to start.
	oom score never
	task

	import CHROMEOS_USER

	env ANDROID_MUTABLE_SOURCE=/run/arcvm/android-data/mount

	pre-start script
	CHROMEOS_USER_HOME=$(cryptohome-path system "${CHROMEOS_USER}")
	if [ ! -d "${CHROMEOS_USER_HOME}" ]; then
	logger -t "${UPSTART_JOB}" \
	"User home ${CHROMEOS_USER_HOME} does not exist"
	exit 1
	fi
	mount --no-canonicalize --bind ${CHROMEOS_USER_HOME} /run/arcvm/userhome
	nsenter --mount=/run/namespaces/mnt_concierge \
	-- mount --no-canonicalize --bind \
	/run/arcvm/userhome ${CHROMEOS_USER_HOME}
	# Run arc-create-data in /run/namespaces/mnt_concierge. This namespace is
	# created by vm_concierge.conf, so Concierge must be running in order to
	# enter the namespace. This relies on ArcVmClientAdapter in Chrome to ensure
	# that Concierge is started before arc-create-data.
	exec /sbin/minijail0 \
	-c 'cap_dac_override,cap_dac_read_search,cap_chown,cap_fowner,cap_sys_admin+eip' \
	--uts -e -l -N -p -K -v \
	-V /run/namespaces/mnt_concierge \
	-- /usr/sbin/arc-create-data --log_tag=arc-create-data
	end script

	# This is needed to ensure this job doesn't remain in the started state.
	exec /bin/true

	post-stop script
	CHROMEOS_USER_HOME=$(cryptohome-path system "${CHROMEOS_USER}")
	if [ ! -d "${CHROMEOS_USER_HOME}" ]; then
	logger -t "${UPSTART_JOB}" \
	"User home ${CHROMEOS_USER_HOME} does not exist"
	exit 1
	fi

	nsenter --mount=/run/namespaces/mnt_concierge \
	-- umount ${CHROMEOS_USER_HOME} \|\| true

	if mountpoint -q /run/arcvm/userhome; then
	umount /run/arcvm/userhome
	fi
	end script