hardware_verifier: add user and group entries.

In order to limit the capabilities while calling hardware_verifier
binary at upstart job, we add hardware_verifier user/group and invoke
binary with minijail.

BUG=b:147654337
TEST=emerge-$BOARD hardware_verifier

Change-Id: Iaf9baab810749a11440368fc95cc7e7df17145e9
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/overlays/eclass-overlay/+/2087555
Reviewed-by: Stimim Chen <stimim@chromium.org>
Reviewed-by: Chun-ta Lin (ping on chat if not responsive) <itspeter@chromium.org>
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Tested-by: Chun-ta Lin (ping on chat if not responsive) <itspeter@chromium.org>
Commit-Queue: Clark Chung <ckclark@chromium.org>
2 files changed
tree: 7cc782a9a0feae33e94657b6dc1ba83de98c9120
  1. eclass/
  2. metadata/
  3. profiles/
  4. OWNERS
  5. PRESUBMIT.cfg