hardware_verifier/init/hardware_verifier-dbus.conf - mirrors/cros/chromiumos/platform2 - Git at Google

 # Copyright 2021 The Chromium OS Authors. All rights reserved.
 # Use of this source code is governed by a BSD-style license that can be
 # found in the LICENSE file.

 description   "Report hardware_verifier UMA statistics"
 author        "chromeos-hw-checker@google.com"

 # This daemon is started by D-Bus service activation configured in
 # dbus/org.chromium.HardwareVerifier.service.
 stop on stopping system-services
 task

 pre-start script
   # Check if system-services is still running before starting runtime probe.
   # This is to prevent new dbus-activated instances from getting started once
   # the system is beginning to shut down.
   if ! initctl status system-services | grep -q running; then
     stop
     exit 0
   fi
 end script

 # Allow us to be killed as we are not critical to the system.
 oom score -100

 # Let the process crash if it grows too much.  "as" for "address space".
 # Currently it uses about 25MB (by checking /proc/$PID/status).
 limit as 125000000 unlimited

 script
   # /usr/local: Verification payloads in the stateful partition
   MINIJAIL_FLAGS_CROS_DEBUG=""
   if crossystem cros_debug?1 ; then
     MINIJAIL_FLAGS_CROS_DEBUG="-b /usr/local"
   fi

   # /run/chromeos-config/v1: cros_config
   # /run/dbus: D-Bus call
   # /var/lib/metrics: Write UMA stats
   # /var/lib/devicesettings: Read policy by policy::DevicePolicy
   minijail0 -e -N -p -r -v -l --uts -n \
     -u hardware_verifier -g hardware_verifier -G \
     --profile=minimalistic-mountns \
     -k 'tmpfs,/run,tmpfs,MS_NODEV|MS_NOEXEC|MS_NOSUID,mode=755,size=10M' \
     -k 'tmpfs,/var,tmpfs,MS_NODEV|MS_NOEXEC|MS_NOSUID,mode=755,size=10M' \
     -b /run/chromeos-config/v1 \
     -b /run/dbus \
     -b /var/lib/metrics,,1 \
     -b /var/lib/devicesettings \
     ${MINIJAIL_FLAGS_CROS_DEBUG} \
     -- /usr/bin/hardware_verifier \
       --dbus --send_to_uma

 end script
 post-start exec minijail0 -u hardware_verifier -g hardware_verifier \
     /usr/bin/gdbus wait --system --timeout 15 org.chromium.HardwareVerifier
	# Copyright 2021 The Chromium OS Authors. All rights reserved.
	# Use of this source code is governed by a BSD-style license that can be
	# found in the LICENSE file.

	description "Report hardware_verifier UMA statistics"
	author "chromeos-hw-checker@google.com"

	# This daemon is started by D-Bus service activation configured in
	# dbus/org.chromium.HardwareVerifier.service.
	stop on stopping system-services
	task

	pre-start script
	# Check if system-services is still running before starting runtime probe.
	# This is to prevent new dbus-activated instances from getting started once
	# the system is beginning to shut down.
	if ! initctl status system-services \| grep -q running; then
	stop
	exit 0
	fi
	end script

	# Allow us to be killed as we are not critical to the system.
	oom score -100

	# Let the process crash if it grows too much. "as" for "address space".
	# Currently it uses about 25MB (by checking /proc/$PID/status).
	limit as 125000000 unlimited

	script
	# /usr/local: Verification payloads in the stateful partition
	MINIJAIL_FLAGS_CROS_DEBUG=""
	if crossystem cros_debug?1 ; then
	MINIJAIL_FLAGS_CROS_DEBUG="-b /usr/local"
	fi

	# /run/chromeos-config/v1: cros_config
	# /run/dbus: D-Bus call
	# /var/lib/metrics: Write UMA stats
	# /var/lib/devicesettings: Read policy by policy::DevicePolicy
	minijail0 -e -N -p -r -v -l --uts -n \
	-u hardware_verifier -g hardware_verifier -G \
	--profile=minimalistic-mountns \
	-k 'tmpfs,/run,tmpfs,MS_NODEV\|MS_NOEXEC\|MS_NOSUID,mode=755,size=10M' \
	-k 'tmpfs,/var,tmpfs,MS_NODEV\|MS_NOEXEC\|MS_NOSUID,mode=755,size=10M' \
	-b /run/chromeos-config/v1 \
	-b /run/dbus \
	-b /var/lib/metrics,,1 \
	-b /var/lib/devicesettings \
	${MINIJAIL_FLAGS_CROS_DEBUG} \
	-- /usr/bin/hardware_verifier \
	--dbus --send_to_uma

	end script
	post-start exec minijail0 -u hardware_verifier -g hardware_verifier \
	/usr/bin/gdbus wait --system --timeout 15 org.chromium.HardwareVerifier