| # Copyright 2020 The ChromiumOS Authors |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| |
| description "System-proxy daemon" |
| author "chromium-os-dev@chromium.org" |
| |
| # The service is started by Chrome on demand. |
| stop on stopping ui |
| respawn |
| respawn limit 3 5 |
| |
| # Do not respawn if the service is terminated on purpose. |
| normal exit 0 |
| |
| # Sacrifice before OOM panic. |
| oom score 0 |
| # TODO (acostinas, crbug.com/1045862) Add virtual memory size limit after |
| # run-time analysis. |
| |
| # Minijail actually forks off the desired process. |
| expect fork |
| |
| pre-start script |
| # Check if ui is still running before starting the system proxy daemon. |
| # This is to prevent new dbus-activated instances from getting started once |
| # the system is beginning to shut down. |
| if ! initctl status ui | grep -q running; then |
| stop |
| exit 0 |
| fi |
| end script |
| |
| script |
| # Start constructing minijail0 args... |
| args="" |
| |
| # Use Minijail config file. |
| args="${args} --config /usr/share/minijail/system-proxy.conf" |
| |
| # Execute system-proxy. |
| args="${args} /usr/sbin/system_proxy" |
| |
| exec minijail0 ${args} |
| end script |
| |
| # Wait for daemon to claim its D-Bus name before transitioning to started. |
| post-start exec minijail0 -u system-proxy -g system-proxy /usr/bin/gdbus \ |
| wait --system --timeout 15 org.chromium.SystemProxy |
