u2fd/init/u2fd.conf - third_party/platform2 - Git at Google

 # Copyright 2017 The ChromiumOS Authors
 # Use of this source code is governed by a BSD-style license that can be
 # found in the LICENSE file.

 description   "Start the U2FHID emulation daemon"
 author        "chromium-os-dev@chromium.org"

 # TODO(crbug.com/770150) also start on device policy creation/update for OOBE.
 start on started system-services and started tpm_managerd
 stop on hwsec-stop-clients-signal
 respawn
 # if the job respawns 3 times in 10 seconds, stop trying.
 respawn limit 3 10
 # Do not respawn if we exited on purpose (e.g. service disabled).
 normal exit 0

 # "-100" is the default OOM score for ChromeOS daemons that can recover.
 oom score -100

 # Directory containing (u2f|g2f|verbose).force files.
 env FORCE_DIR=/var/lib/u2f/force

 script
   force_enabled() {
     [ -f "${FORCE_DIR}/$1.force" ]
   }

   ARGS=""
   force_enabled u2f && ARGS="${ARGS} --force_u2f"
   force_enabled g2f && ARGS="${ARGS} --force_g2f"
   force_enabled allowlist_data && ARGS="${ARGS} --g2f_allowlist_data"
   force_enabled disable_corp_protocol && \
     ARGS="${ARGS} --force_disable_corp_protocol"
   force_enabled activate_fips && ARGS="${ARGS} --force_activate_fips"
   force_enabled enable_global_key && ARGS="${ARGS} --force_enable_global_key"
   force_enabled verbose && ARGS="${ARGS} --verbose"

   TCSD_ARGS=""
   if [ -d "/run/tcsd" ]; then
     TCSD_ARGS=" -b /run/tcsd"
   fi

   PROFILING_ARGS=""
   if [ -d "/mnt/stateful_partition/unencrypted/profraws" ]; then
     PROFILING_ARGS="-b /mnt/stateful_partition/unencrypted/profraws,,1"
   fi

   # u2fd needs access /dev/uhid to create a new virtual USBHID device.
   exec minijail0 --config /usr/share/minijail/u2fd.conf   \
     ${TCSD_ARGS}                                          \
     ${PROFILING_ARGS}                                     \
     -- /usr/bin/u2fd ${ARGS}
 end script
	# Copyright 2017 The ChromiumOS Authors
	# Use of this source code is governed by a BSD-style license that can be
	# found in the LICENSE file.

	description "Start the U2FHID emulation daemon"
	author "chromium-os-dev@chromium.org"

	# TODO(crbug.com/770150) also start on device policy creation/update for OOBE.
	start on started system-services and started tpm_managerd
	stop on hwsec-stop-clients-signal
	respawn
	# if the job respawns 3 times in 10 seconds, stop trying.
	respawn limit 3 10
	# Do not respawn if we exited on purpose (e.g. service disabled).
	normal exit 0

	# "-100" is the default OOM score for ChromeOS daemons that can recover.
	oom score -100

	# Directory containing (u2f\|g2f\|verbose).force files.
	env FORCE_DIR=/var/lib/u2f/force

	script
	force_enabled() {
	[ -f "${FORCE_DIR}/$1.force" ]
	}

	ARGS=""
	force_enabled u2f && ARGS="${ARGS} --force_u2f"
	force_enabled g2f && ARGS="${ARGS} --force_g2f"
	force_enabled allowlist_data && ARGS="${ARGS} --g2f_allowlist_data"
	force_enabled disable_corp_protocol && \
	ARGS="${ARGS} --force_disable_corp_protocol"
	force_enabled activate_fips && ARGS="${ARGS} --force_activate_fips"
	force_enabled enable_global_key && ARGS="${ARGS} --force_enable_global_key"
	force_enabled verbose && ARGS="${ARGS} --verbose"

	TCSD_ARGS=""
	if [ -d "/run/tcsd" ]; then
	TCSD_ARGS=" -b /run/tcsd"
	fi

	PROFILING_ARGS=""
	if [ -d "/mnt/stateful_partition/unencrypted/profraws" ]; then
	PROFILING_ARGS="-b /mnt/stateful_partition/unencrypted/profraws,,1"
	fi

	# u2fd needs access /dev/uhid to create a new virtual USBHID device.
	exec minijail0 --config /usr/share/minijail/u2fd.conf \
	${TCSD_ARGS} \
	${PROFILING_ARGS} \
	-- /usr/bin/u2fd ${ARGS}
	end script