| # Copyright 2013 The ChromiumOS Authors |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| |
| description "Runs a daemon which collects and reports kernel log anomalies" |
| author "chromium-os-dev@chromium.org" |
| |
| start on started system-services |
| stop on stopping system-services |
| respawn |
| expect fork |
| |
| env TESTONLY_SEND_ALL |
| import TESTONLY_SEND_ALL |
| |
| # Allow us to be killed as we are not critical to the system. If we have a |
| # leak, better to crash & restart than to OOM-panic the system. |
| oom score -100 |
| # Let the daemon crash if it grows too much. "as" is "address space" (vm |
| # size). Since anomaly_detector maps in the journal files which are currently |
| # limited to 200MiB in size, we set the limit to three times that for safety. |
| # The VM size of the daemon when it's not mapping in journals is about 30MiB, |
| # so it fits well within this limit. |
| limit as 600000000 unlimited |
| |
| # /dev/log: We use syslog for error messages. |
| # /var/log: We monitor /var/log/messages for anomalies. But we can't bind mount |
| # that path directly because it gets rotated. |
| # /var/spool: We write out our crash reports here. |
| # TODO: We should mount just /var/spool/crash. |
| # /var/lib/metrics: We write out uma stats directly. |
| # /sys: Some kernel detectors will read PCI device information. |
| # /run/crash_reporter: We need to indicate runtime state. |
| # /run/dbus: We need to talk to dbus. |
| # /run/metrics: crash_reporter needs to read metrics consent state. |
| # /home/chronos: crash_reporter running inside this minijail needs to read user |
| # consent of error collection. |
| # /var/lib/devicesettings: crash_reporter needs to read device policy file. |
| # /run/daemon-store/crash: crash_reporter must write crashes to here. |
| # /run/daemon-store/uma-consent: crash_reporter must read per-user consent from |
| # here. |
| # Shorten this for line-length purposes. (Without the environment variable, |
| # the line is over 80 characters, resulting in a lint failure. A line break |
| # would insert undesired spaces into the middle of the argument.) |
| env UMA_CONSENT='/run/daemon-store/uma-consent' |
| env APPS_CONSENT='/run/daemon-store/appsync-consent' |
| exec /sbin/minijail0 \ |
| -T static \ |
| --profile=minimalistic-mountns \ |
| -Kslave \ |
| -i -N -p -v -r --uts -l -g syslog \ |
| --mount-dev -b /dev/log \ |
| -b /sys \ |
| -k '/var,/var,tmpfs,MS_NODEV|MS_NOEXEC|MS_NOSUID,mode=755,size=10M' \ |
| -b /var/log -b /var/spool,,1 -b /var/lib/metrics,,1 \ |
| -b /var/lib/devicesettings \ |
| -k '/run,/run,tmpfs,MS_NODEV|MS_NOEXEC|MS_NOSUID,mode=755,size=10M' \ |
| -b /run/crash_reporter,,1 \ |
| -b /run/dbus \ |
| -b /home/chronos \ |
| -b /run/metrics \ |
| -k '/run/daemon-store/crash,/run/daemon-store/crash,none,MS_BIND|MS_REC' \ |
| -k "${UMA_CONSENT},${UMA_CONSENT},none,MS_BIND|MS_REC|MS_RDONLY" \ |
| -k "${APPS_CONSENT},${APPS_CONSENT},none,MS_BIND|MS_REC|MS_RDONLY" \ |
| -- /usr/bin/anomaly_detector $TESTONLY_SEND_ALL |