buffet: Start buffet under buffet user. BUG=chromium:390697 TEST=manual Change-Id: Ib2e96d361f47da01720cc68522bc1e0209a5d18f Reviewed-on: https://chromium-review.googlesource.com/230850 Tested-by: Anton Muhin <antonm@chromium.org> Reviewed-by: Christopher Wiley <wiley@chromium.org> Reviewed-by: Jorge Lucangeli Obes <jorgelo@chromium.org> Commit-Queue: Anton Muhin <antonm@chromium.org>

commit: 1738fbe1eaf592270f7a0d3704addaa8e1dac133 [log] [tgz]
author: Anton Muhin <antonm@google.com> Thu Nov 20 01:10:08 2014 +0400
committer: chrome-internal-fetch <chrome-internal-fetch@google.com> Thu Nov 20 01:45:58 2014 +0000
tree: 4c68b2b26adc29770076026af5bc00686f0868ac
parent: 42e3a720a8e87fb45d535989830066b343c4a940 [diff] [blame]
diff --git a/buffet/etc/init/buffet.conf b/buffet/etc/init/buffet.conf
index 6965b7c..9e628c5 100644
--- a/buffet/etc/init/buffet.conf
+++ b/buffet/etc/init/buffet.conf

@@ -13,4 +13,8 @@
   mkdir -p /var/lib/buffet
 end script
 
-exec buffet --v="${V:-1}"
+# Minijail actually forks off our desired process.
+expect fork
+
+exec minijail0 -i -g buffet -u buffet \
+	/usr/bin/buffet --v="${V:-1}"
commit	1738fbe1eaf592270f7a0d3704addaa8e1dac133	[log] [tgz]
author	Anton Muhin <antonm@google.com>	Thu Nov 20 01:10:08 2014 +0400
committer	chrome-internal-fetch <chrome-internal-fetch@google.com>	Thu Nov 20 01:45:58 2014 +0000
tree	4c68b2b26adc29770076026af5bc00686f0868ac
parent	42e3a720a8e87fb45d535989830066b343c4a940 [diff] [blame]