permission_broker/permission_broker.conf - mirrors/cros/chromiumos/platform2 - Git at Google

 # Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
 # Use of this source code is governed by a BSD-style license that can be
 # found in the LICENSE file.

 description     "Permission broker daemon"
 author          "chromium-os-dev@chromium.org"

 start on starting system-services
 stop on stopping system-services
 expect fork
 # permission_broker maintains some state and will close network ports on
 # shutdown, but can otherwise recover.
 oom score -100
 respawn

 # Keep CAP_CHOWN, CAP_DAC_OVERRIDE, CAP_FOWNER, and CAP_NET_ADMIN+CAP_NET_RAW
 # for 'iptables'; set NoNewPrivs.
 exec minijail0 -u devbroker -c 0x300b --ambient -i -n -- \
     /usr/bin/permission_broker
	# Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
	# Use of this source code is governed by a BSD-style license that can be
	# found in the LICENSE file.

	description "Permission broker daemon"
	author "chromium-os-dev@chromium.org"

	start on starting system-services
	stop on stopping system-services
	expect fork
	# permission_broker maintains some state and will close network ports on
	# shutdown, but can otherwise recover.
	oom score -100
	respawn

	# Keep CAP_CHOWN, CAP_DAC_OVERRIDE, CAP_FOWNER, and CAP_NET_ADMIN+CAP_NET_RAW
	# for 'iptables'; set NoNewPrivs.
	exec minijail0 -u devbroker -c 0x300b --ambient -i -n -- \
	/usr/bin/permission_broker