daisydog: use minimalistic-mountns minijail profile
The only thing we need access to is /dev/watchdog.
BUG=None
TEST=starting daisydog still works, and killing it -9 causes system to reboot
Change-Id: I5d10636226eb5c13550f77f3af1fca8906842365
Reviewed-on: https://chromium-review.googlesource.com/1067159
Commit-Ready: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Reviewed-by: Luis Hector Chavez <lhchavez@chromium.org>
diff --git a/daisydog.conf b/daisydog.conf
index 0d4dfc8..856936f 100644
--- a/daisydog.conf
+++ b/daisydog.conf
@@ -10,7 +10,9 @@
respawn
expect fork
-env minijail_common_args="-I -p -e -l -r -v -n \
+env minijail_common_args=" \
+ -I -p -e -l -r -v -n --uts \
+ --profile minimalistic-mountns -b /dev/watchdog \
-u watchdog -g watchdog \
-- /usr/sbin/daisydog"