device_management/minijail/device_managementd.conf - third_party/platform2 - Git at Google

 % minijail-config-file v0

 u = device_management
 g = device_management
 S = /usr/share/policy/device_managementd-seccomp.policy
 i
 I
 n
 N
 p
 uts
 l
 profile = minimalistic-mountns
 bind-mount = /dev/log
 mount = /run,/run,tmpfs,MS_NODEV|MS_NOEXEC|MS_NOSUID,mode=755,size=10M
 bind-mount = /run/dbus
 bind-mount = /run/lockbox,,1
 mount = /var,/var,tmpfs,MS_NODEV|MS_NOEXEC|MS_NOSUID,mode=755,size=10M
 bind-mount = /var/lib/metrics,,1
 bind-mount = /var/lib/device_management,,1
 mount = /mnt,/mnt,tmpfs,MS_NODEV|MS_NOEXEC|MS_NOSUID,mode=755,size=10M
 mount = tmpfs,/sys,tmpfs,MS_NODEV|MS_NOEXEC|MS_NOSUID,mode=755,size=10M
	% minijail-config-file v0

	u = device_management
	g = device_management
	S = /usr/share/policy/device_managementd-seccomp.policy
	i
	I
	n
	N
	p
	uts
	l
	profile = minimalistic-mountns
	bind-mount = /dev/log
	mount = /run,/run,tmpfs,MS_NODEV\|MS_NOEXEC\|MS_NOSUID,mode=755,size=10M
	bind-mount = /run/dbus
	bind-mount = /run/lockbox,,1
	mount = /var,/var,tmpfs,MS_NODEV\|MS_NOEXEC\|MS_NOSUID,mode=755,size=10M
	bind-mount = /var/lib/metrics,,1
	bind-mount = /var/lib/device_management,,1
	mount = /mnt,/mnt,tmpfs,MS_NODEV\|MS_NOEXEC\|MS_NOSUID,mode=755,size=10M
	mount = tmpfs,/sys,tmpfs,MS_NODEV\|MS_NOEXEC\|MS_NOSUID,mode=755,size=10M