blob: 9fa8a9d65d581bc780ebb2b48d6d25bcc771a9d3 [file] [log] [blame]
Jooyung Han347d9f22021-05-28 00:05:14 +09001service microdroid_manager /system/bin/microdroid_manager
2 disabled
Inseob Kim7ff121c2022-11-14 18:13:23 +09003 # print android log to kmsg
Jiyong Park79b88012021-06-25 13:06:25 +09004 file /dev/kmsg w
Jooyung Han607191c2021-06-16 10:32:02 +09005 setenv RUST_LOG info
Jooyung Han347d9f22021-05-28 00:05:14 +09006 # TODO(jooyung) remove this when microdroid_manager becomes a daemon
Jiyong Park79b88012021-06-25 13:06:25 +09007 oneshot
Nikita Ioffe3452ee22022-12-15 00:31:56 +00008 # CAP_SYS_BOOT is required to exec kexecload from microdroid_manager
Alan Stokes1294f942023-08-21 14:34:12 +01009 # CAP_SETPCAP is required to allow microdroid_manager to drop capabilities
Nikita Ioffe3452ee22022-12-15 00:31:56 +000010 # before executing the payload
Alan Stokes1294f942023-08-21 14:34:12 +010011 capabilities AUDIT_CONTROL SYS_ADMIN SYS_BOOT SETPCAP SETUID SETGID
Steven Morelandf0a33542023-04-10 20:45:19 +000012 user root
Alice Wang43c884b2022-10-24 09:42:40 +000013 socket vm_payload_service stream 0666 system system