blob: b6123ff5e357e0558e865c27887353fab1095460 [file] [log] [blame]
# Copyright 2021 The Chromium OS Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
description "Fwupd daemon"
author ""
# The service is started via DBus activation.
stop on stopping system-services
env CACHE_DIRECTORY="/var/cache/fwupd"
pre-start script
mkdir -p /var/cache/fwupd /var/lib/fwupd
chown -R fwupd:fwupd /var/cache/fwupd /var/lib/fwupd
# Check if system-services is still running before starting.
# This is to prevent new dbus-activated instances from getting started once
# the system is beginning to shut down.
if ! initctl status system-services | grep -q running; then
logger -t "${UPSTART_JOB}" "ERROR: system services not running, quit."
exit 0
end script
# Need access to original network namespace for udev (no -e), which passes
# uevents via netlink socket.
# Need access to /proc, /sys, /dev to perform USB enumeration.
# Need access to /run/dbus for DBus communications.
exec minijail0 \
--uts -e -l -p -N \
-v -P /mnt/empty -b / -b /proc -t -r -b /dev,,1 -b /sys,,1 \
-k /var,/var,tmpfs -b /var/cache/fwupd,,1 -b /var/lib/fwupd,,1 \
-k run,/run,tmpfs -b /run/dbus -b /run/shill -u fwupd -g fwupd -G \
-- /usr/libexec/fwupd/fwupd
end script
# Wait for daemon to claim its D-Bus name before transitioning to started.
post-start exec minijail0 -u fwupd -g fwupd /usr/bin/gdbus \
wait --system --timeout 15 org.freedesktop.fwupd