| # Copyright 2023 The ChromiumOS Authors |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| |
| description "Chromium OS device service" |
| author "chromium-os-dev@chromium.org" |
| |
| start on started boot-services and started tpm_managerd |
| stop on stopping boot-services |
| |
| respawn |
| |
| oom score -100 |
| |
| tmpfiles /usr/lib/tmpfiles.d/device_managementd.conf |
| |
| expect fork |
| |
| script |
| # Files in /sys/class/tpm/tpm0 need to be readable for TPM_DYNAMIC case. Note |
| # that some flex devices may not have tpm, so we bind mount it conditionally. |
| if [ -d "/sys/class/tpm/tpm0" ]; then |
| set -- "$@" -b /sys/class/tpm/tpm0 |
| fi |
| |
| exec minijail0 --config /usr/share/minijail/device_managementd.conf \ |
| "$@" -- /usr/sbin/device_managementd |
| end script |
| |
| # Wait for daemon to claim its D-Bus name. |
| post-start exec minijail0 -u device_management -G \ |
| /usr/bin/gdbus wait --system --timeout 15 org.chromium.DeviceManagement |
