net-wireless/floss/files/upstart/btmanagerd.conf - third_party/overlays/chromiumos-overlay - Git at Google

 # Copyright 2021 The ChromiumOS Authors
 # Use of this source code is governed by a BSD-style license that can be
 # found in the LICENSE file.

 description "Bluetooth Manager"
 author "ChromeOS BT <chromeos-bt-team@google.com>"

 start on started boot-services
 stop on stopping boot-services

 # Limit respawning in case of crashloop
 respawn limit 10 5
 respawn

 # This daemon manages the Bluetooth controllers on a system. It can be killed at
 # the cost of an interruption in Bluetooth connectivity.
 oom score -100

 # Additional flags for `btmanagerd`
 env BTMANAGERD_FLAGS=""

 pre-start script
   var_conf_file="/var/lib/bluetooth/bt_did.conf"
   sysprop_file="/var/lib/bluetooth/sysprops.conf"

   # Set the DeviceID based on Chrome OS version.
   os_version="$(awk -F= '$1=="VERSION" { print $2 ;}' /etc/os-release)"
   hex_os_version="0x$(printf '%04x' "${os_version}")"
   sed -i -E "s/(version = ).*$/\1${hex_os_version}/" "${var_conf_file}"

   # Set the product version based on Chrome OS version.
   pv_rule="^(bluetooth.device_id.product_version) = .*#autofill$"
   sed -i -E "s/${pv_rule}/\1 = ${os_version} #autofill/" "${sysprop_file}"

   # Set the major and minor class of device based on DMI chassis type.
   dmi_chassis_file="/sys/class/dmi/id/chassis_type"
   chassis=0
   if [ -f "${dmi_chassis_file}" ]; then
     chassis="$(cat "${dmi_chassis_file}")"
   fi
   case "$chassis" in
     3|4|6|7)
       # Desktops
       minor_class=4 ;;
     8|9|10|14)
       # Laptops
       minor_class=12 ;;
     11)
       # Handsets
       minor_class=192 ;;
     17|28)
       # Servers
       minor_class=8 ;;
     *)
       # Unknown
       minor_class=0
   esac
   sed -i -E "s/#(bluetooth.device.class_of_device)/\1=0,1,${minor_class}/" "${sysprop_file}"

   if [ -f /usr/bin/process_flex_bluetooth_overrides ]; then
     exec minijail0 \
     -u bluetooth -g bluetooth -G -n \
     -- /usr/bin/process_flex_bluetooth_overrides
   fi
 end script

 script
   # Parameters that can't be set:
   # -e enters new network namespace. This prevents access to raw socket.
   #
   # Parameters that are set and what they do.
   # -u bluetooth changes user.
   # -g bluetooth changes group.
   # -G inherit bluetooth's supplementary groups.
   # -n prevents that execve gains privileges, required for seccomp filters.
   # -l creates IPC namespace (isolates System V IPC objects/POSIX message
   #    queues).
   # --uts enters a new UTS namespace.
   # --profile minimalistic-mountns sets up minimalistic mount namespace.
   #   equivalent to -v -t -r --mount-dev -P /var/empty -b / -b /proc -b /dev/log
   # -k /run,/run,tmpfs,... mounts tmpfs at /run
   # -k /var,/var,tmpfs,... mounts tmpfs at /var
   # -k /sys,/sys,tmpfs... mounts tmpfs at /sys
   # -b /run/dbus mount read-only, required for D-Bus.
   # -b /sys/class mount read-only. Only /sys/class/bluetooth is needed
   #   (it's required for hci devices), but may not exist yet when the
   #   service starts.
   # -b /sys/devices allows read-write access so we can write to the reset file.
   # -b /var/run/bluetooth mount read-only, required for pid files.
   # -b /var/lib/misc/ allows read-write access to select floss/bluez daemon
   # -b /var/lib/bluetooth/ allows read-write access to bluetooth config
   # -c 3400 = cap_net_raw          (1 << 13) | cap_net_admin (1 << 12) | \
   #           cap_net_bind_service (1 << 10)
   exec minijail0 \
   -u bluetooth -g bluetooth -G -n -l --uts \
   --profile minimalistic-mountns \
   -k '/run,/run,tmpfs,MS_NODEV|MS_NOEXEC|MS_NOSUID,mode=755,size=10M' \
   -k '/var,/var,tmpfs,MS_NODEV|MS_NOEXEC|MS_NOSUID,mode=755,size=10M' \
   -k '/sys,/sys,tmpfs,MS_NODEV|MS_NOEXEC|MS_NOSUID,mode=755,size=10M' \
   -b /run/dbus \
   -b /sys/class \
   -b /sys/devices,,1 \
   -b /var/run/bluetooth,,1 \
   -b /var/lib/misc,,1 \
   -b /var/lib/bluetooth,,1 \
   -c 'cap_net_raw+ep cap_net_admin+ep cap_net_bind_service+ep' \
   -- /usr/bin/btmanagerd ${BTMANAGERD_FLAGS}
 end script
	# Copyright 2021 The ChromiumOS Authors
	# Use of this source code is governed by a BSD-style license that can be
	# found in the LICENSE file.

	description "Bluetooth Manager"
	author "ChromeOS BT <chromeos-bt-team@google.com>"

	start on started boot-services
	stop on stopping boot-services

	# Limit respawning in case of crashloop
	respawn limit 10 5
	respawn

	# This daemon manages the Bluetooth controllers on a system. It can be killed at
	# the cost of an interruption in Bluetooth connectivity.
	oom score -100

	# Additional flags for `btmanagerd`
	env BTMANAGERD_FLAGS=""

	pre-start script
	var_conf_file="/var/lib/bluetooth/bt_did.conf"
	sysprop_file="/var/lib/bluetooth/sysprops.conf"

	# Set the DeviceID based on Chrome OS version.
	os_version="$(awk -F= '$1=="VERSION" { print $2 ;}' /etc/os-release)"
	hex_os_version="0x$(printf '%04x' "${os_version}")"
	sed -i -E "s/(version = ).*$/\1${hex_os_version}/" "${var_conf_file}"

	# Set the product version based on Chrome OS version.
	pv_rule="^(bluetooth.device_id.product_version) = .*#autofill$"
	sed -i -E "s/${pv_rule}/\1 = ${os_version} #autofill/" "${sysprop_file}"

	# Set the major and minor class of device based on DMI chassis type.
	dmi_chassis_file="/sys/class/dmi/id/chassis_type"
	chassis=0
	if [ -f "${dmi_chassis_file}" ]; then
	chassis="$(cat "${dmi_chassis_file}")"
	fi
	case "$chassis" in
	3\|4\|6\|7)
	# Desktops
	minor_class=4 ;;
	8\|9\|10\|14)
	# Laptops
	minor_class=12 ;;
	11)
	# Handsets
	minor_class=192 ;;
	17\|28)
	# Servers
	minor_class=8 ;;
	*)
	# Unknown
	minor_class=0
	esac
	sed -i -E "s/#(bluetooth.device.class_of_device)/\1=0,1,${minor_class}/" "${sysprop_file}"

	if [ -f /usr/bin/process_flex_bluetooth_overrides ]; then
	exec minijail0 \
	-u bluetooth -g bluetooth -G -n \
	-- /usr/bin/process_flex_bluetooth_overrides
	fi
	end script

	script
	# Parameters that can't be set:
	# -e enters new network namespace. This prevents access to raw socket.
	#
	# Parameters that are set and what they do.
	# -u bluetooth changes user.
	# -g bluetooth changes group.
	# -G inherit bluetooth's supplementary groups.
	# -n prevents that execve gains privileges, required for seccomp filters.
	# -l creates IPC namespace (isolates System V IPC objects/POSIX message
	# queues).
	# --uts enters a new UTS namespace.
	# --profile minimalistic-mountns sets up minimalistic mount namespace.
	# equivalent to -v -t -r --mount-dev -P /var/empty -b / -b /proc -b /dev/log
	# -k /run,/run,tmpfs,... mounts tmpfs at /run
	# -k /var,/var,tmpfs,... mounts tmpfs at /var
	# -k /sys,/sys,tmpfs... mounts tmpfs at /sys
	# -b /run/dbus mount read-only, required for D-Bus.
	# -b /sys/class mount read-only. Only /sys/class/bluetooth is needed
	# (it's required for hci devices), but may not exist yet when the
	# service starts.
	# -b /sys/devices allows read-write access so we can write to the reset file.
	# -b /var/run/bluetooth mount read-only, required for pid files.
	# -b /var/lib/misc/ allows read-write access to select floss/bluez daemon
	# -b /var/lib/bluetooth/ allows read-write access to bluetooth config
	# -c 3400 = cap_net_raw (1 << 13) \| cap_net_admin (1 << 12) \| \
	# cap_net_bind_service (1 << 10)
	exec minijail0 \
	-u bluetooth -g bluetooth -G -n -l --uts \
	--profile minimalistic-mountns \
	-k '/run,/run,tmpfs,MS_NODEV\|MS_NOEXEC\|MS_NOSUID,mode=755,size=10M' \
	-k '/var,/var,tmpfs,MS_NODEV\|MS_NOEXEC\|MS_NOSUID,mode=755,size=10M' \
	-k '/sys,/sys,tmpfs,MS_NODEV\|MS_NOEXEC\|MS_NOSUID,mode=755,size=10M' \
	-b /run/dbus \
	-b /sys/class \
	-b /sys/devices,,1 \
	-b /var/run/bluetooth,,1 \
	-b /var/lib/misc,,1 \
	-b /var/lib/bluetooth,,1 \
	-c 'cap_net_raw+ep cap_net_admin+ep cap_net_bind_service+ep' \
	-- /usr/bin/btmanagerd ${BTMANAGERD_FLAGS}
	end script