lorgnette/minijail/lorgnette.conf - third_party/platform2 - Git at Google

 % minijail-config-file v0

 # Copyright 2024 The ChromiumOS Authors
 # Use of this source code is governed by a BSD-style license that can be
 # found in the LICENSE file.

 i
 l
 n
 N
 p
 r
 ns-mount
 uts
 mount-dev
 u = saned
 g = scanner
 G
 P = /mnt/empty
 bind-mount = /
 bind-mount = /proc
 bind-mount = /sys
 bind-mount = /dev/log
 bind-mount = /dev/bus/usb
 mount = run,/run,tmpfs,MS_NOSUID|MS_NODEV|MS_NOEXEC
 bind-mount = /run/dbus
 bind-mount = /run/udev
 # Need to recursively mount DLC paths to access installed DLCs.
 mount = /run/imageloader,/run/imageloader,none,MS_BIND|MS_REC
 bind-mount = /run/ippusb,/run/ippusb,1
 bind-mount = /run/lorgnette,/run/lorgnette,1
 mount = var,/var,tmpfs,MS_NOSUID|MS_NODEV|MS_NOEXEC
 bind-mount = /var/lib/metrics,/var/lib/metrics,1
 bind-mount = /var/log/lorgnette,/var/log/lorgnette,1
	% minijail-config-file v0

	# Copyright 2024 The ChromiumOS Authors
	# Use of this source code is governed by a BSD-style license that can be
	# found in the LICENSE file.

	i
	l
	n
	N
	p
	r
	ns-mount
	uts
	mount-dev
	u = saned
	g = scanner
	G
	P = /mnt/empty
	bind-mount = /
	bind-mount = /proc
	bind-mount = /sys
	bind-mount = /dev/log
	bind-mount = /dev/bus/usb
	mount = run,/run,tmpfs,MS_NOSUID\|MS_NODEV\|MS_NOEXEC
	bind-mount = /run/dbus
	bind-mount = /run/udev
	# Need to recursively mount DLC paths to access installed DLCs.
	mount = /run/imageloader,/run/imageloader,none,MS_BIND\|MS_REC
	bind-mount = /run/ippusb,/run/ippusb,1
	bind-mount = /run/lorgnette,/run/lorgnette,1
	mount = var,/var,tmpfs,MS_NOSUID\|MS_NODEV\|MS_NOEXEC
	bind-mount = /var/lib/metrics,/var/lib/metrics,1
	bind-mount = /var/log/lorgnette,/var/log/lorgnette,1