| # Copyright (c) 2012 The Chromium OS Authors. All rights reserved. |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| |
| description "Chrome OS user interface" |
| author "chromium-os-dev@chromium.org" |
| |
| # Note, the 'start on' line is modified by the chromeos-factoryinstall |
| # ebuild. Please do not change it without also changing that |
| # reference. |
| # |
| # This job's post-stop script depends on cryptohomed being running; |
| # cryptohomed in turn depends on chapsd and dbus-daemon. This job's |
| # stop condition uses a special stop job to keep those processes |
| # from terminating until after this job has cleaned up. See the |
| # pre-shutdown job for more details. |
| # NB: Respawning is now handled by ui-respawn.conf, as the logic is |
| # more complex than upstart was designed to handle. |
| start on started boot-services |
| stop on starting pre-shutdown |
| |
| # Enables chrome to renice background tabs (lower priority), and to set the |
| # priority of realtime threads to real time. |
| limit nice 20 20 |
| limit rtprio 10 10 |
| |
| # Uncomment line below to output to VT02 |
| #console output |
| |
| # Directory where Chrome logs are written and prefix of files there. |
| env CHROME_LOG_DIR=/var/log/chrome |
| env CHROME_LOG_PREFIX=chrome |
| |
| # Directory where session manager logs are written and prefix of files there. |
| env UI_LOG_DIR=/var/log/ui |
| env UI_LOG_FILE=ui.LATEST |
| |
| pre-start script |
| X_SOCKET_DIR=/tmp/.X11-unix |
| X_ICE_DIR=/tmp/.ICE-unix |
| mkdir -p $X_SOCKET_DIR $X_ICE_DIR |
| chown root:root $X_SOCKET_DIR $X_ICE_DIR |
| chmod 1777 $X_SOCKET_DIR $X_ICE_DIR |
| |
| # XKB writes keymaps here; otherwise things like Ctrl-Alt-Fx VT switching |
| # don't work. |
| mkdir -p /var/lib/xkb |
| chown xorg:xorg /var/lib/xkb |
| |
| # Make sure we we can easily track UI state. |
| rm -rf /var/run/state |
| mkdir -p /var/run/state |
| |
| # Create a directory where the session manager can store a copy of the user |
| # policy key, that will be readable by the chrome process as chronos. |
| rm -rf /var/run/user_policy |
| mkdir -m 0710 -p /var/run/user_policy |
| chown root:chronos /var/run/user_policy |
| |
| # Create a directory where the chrome process can store a reboot request so |
| # that it persists across browser crashes but is always removed on reboot. |
| mkdir -m 0700 -p /var/run/chrome |
| chown chronos:chronos /var/run/chrome |
| |
| # Ensure the existence of the directory in which the whitelist and other |
| # Ownership-related state will live. Yes, it should be owned by root. |
| # The permissions are set such that the chronos user can see the content |
| # of known files inside whitelist, but not anything else. |
| mkdir -m 0710 -p /var/lib/whitelist |
| chown root:chronos /var/lib/whitelist |
| |
| # Create the directory where external data referenced by policies is cached |
| # for device-local accounts. This data is read and written by chronos. |
| mkdir -m 0700 -p /var/cache/device_local_account_external_policy_data |
| chown chronos:chronos /var/cache/device_local_account_external_policy_data |
| |
| # Create the directory where the AppPack extensions are cached. |
| # These extensions are read and written by chronos. |
| mkdir -m 0700 -p /var/cache/app_pack |
| chown chronos:chronos /var/cache/app_pack |
| |
| # Create the directory where extensions for device-local accounts are cached. |
| # These extensions are read and written by chronos. |
| mkdir -m 0700 -p /var/cache/device_local_account_extensions |
| chown chronos:chronos /var/cache/device_local_account_extensions |
| |
| # Enable us to keep track of the user's chosen TZ. |
| # Default to Pacific timezone if we don't have one set |
| TIMEZONE_DIR=/var/lib/timezone |
| TIMEZONE_FILE=$TIMEZONE_DIR/localtime |
| if [ ! -f $TIMEZONE_FILE ]; then |
| mkdir -p $TIMEZONE_DIR |
| ln -sf /usr/share/zoneinfo/US/Pacific ${TIMEZONE_FILE} |
| chown -R chronos:chronos ${TIMEZONE_DIR} |
| fi |
| |
| mkdir -p $CHROME_LOG_DIR |
| chown chronos:chronos $CHROME_LOG_DIR |
| |
| mkdir -p $UI_LOG_DIR |
| ln -sf ui.$(date +%Y%m%d-%H%M%S) $UI_LOG_DIR/$UI_LOG_FILE |
| |
| # Set up cgroups for chrome. We create two task groups, one for at most one |
| # foreground renderer and one for all the background renderers and set the |
| # background group to a very low priority. We specifically do not set it to |
| # the lowest "2" such that other processes like the update-engine can be even |
| # lower. The default value is 1024. |
| CHROME_CGROUP_DIR=/sys/fs/cgroup/cpu/chrome_renderers |
| if [ ! -d $CHROME_CGROUP_DIR ]; then |
| mkdir -p ${CHROME_CGROUP_DIR} |
| mkdir -p ${CHROME_CGROUP_DIR}/foreground |
| mkdir -p ${CHROME_CGROUP_DIR}/background |
| echo "10" > ${CHROME_CGROUP_DIR}/background/cpu.shares |
| chown -R chronos ${CHROME_CGROUP_DIR} |
| fi |
| end script # pre-start |
| |
| exec session_manager_setup.sh >$UI_LOG_DIR/$UI_LOG_FILE 2>&1 |
| |
| post-stop script |
| bootstat ui-post-stop |
| set +e |
| . /sbin/killers |
| |
| # Terminate PKCS #11 services. |
| cryptohome --action=pkcs11_terminate |
| |
| # Terminate any processes with files open on the mount point |
| # TODO(wad) parallelize with VFS/PID namespaces. |
| kill_with_open_files_on /home/chronos/u-* |
| |
| # Make sure everything is going down. No exceptions. |
| # The loop is so that clever daemons can't evade the kill by |
| # racing us and killing us first; we'll just try over and over |
| # until we win the race, and kill with pid -1 is atomic with |
| # respect to process creation. |
| while ! sudo -u chronos kill -9 -- -1 ; do |
| sleep .1 |
| done |
| |
| # Check for still-living chronos processes and log their status. |
| ps -u chronos --no-headers -o pid,stat,args | |
| logger -i -t "${UPSTART_JOB}-unkillable" -p crit |
| |
| bootstat other-processes-terminated |
| |
| term_process '^X$' |
| bootstat x-terminated |
| |
| cryptohome --action=unmount |
| bootstat cryptohome-unmounted |
| end script |