| // Copyright 2022 The Fuchsia Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| { |
| include: [ |
| "inspect/client.shard.cml", |
| "syslog/client.shard.cml", |
| ], |
| program: { |
| runner: "elf", |
| binary: "bin/pkg_cache", |
| }, |
| capabilities: [ |
| { |
| protocol: [ |
| "fuchsia.component.resolution.Resolver", |
| "fuchsia.pkg.garbagecollector.Manager", |
| "fuchsia.pkg.PackageCache", |
| "fuchsia.pkg.PackageResolver", |
| "fuchsia.pkg.RetainedBlobs", |
| "fuchsia.pkg.RetainedPackages", |
| ], |
| }, |
| { |
| resolver: "base_resolver", |
| path: "/svc/fuchsia.component.resolution.Resolver", |
| }, |
| { |
| directory: "pkgfs", |
| rights: [ "rx*" ], |
| path: "/pkgfs", |
| }, |
| { |
| directory: "build-info", |
| rights: [ "r*" ], |
| path: "/specific-base-packages/build-info/meta/fuchsia.domain_config/data", |
| }, |
| { |
| directory: "config-data", |
| rights: [ "r*" ], |
| path: "/specific-base-packages/config-data/meta/data", |
| }, |
| { |
| directory: "root-ssl-certificates", |
| rights: [ "r*" ], |
| path: "/specific-base-packages/root_ssl_certificates/data", |
| }, |
| { |
| directory: "system", |
| rights: [ "rx*" ], |
| path: "/specific-base-packages/system_image", |
| }, |
| ], |
| use: [ |
| { |
| directory: "blob-exec", |
| rights: [ |
| "execute", |
| "rw*", |
| ], |
| path: "/blob", |
| }, |
| |
| // Served package directories will look for blobs in this directory, if it is available, |
| // before looking in the "blob-exec" directory. This enables de-duping of VMOs backed by |
| // files that are in both bootfs and blobfs. |
| { |
| directory: "bootfs-blobs", |
| rights: [ "rx*" ], |
| path: "/bootfs-blobs", |
| availability: "optional", |
| }, |
| { |
| protocol: [ |
| "fuchsia.fxfs.BlobCreator", |
| "fuchsia.fxfs.BlobReader", |
| "fuchsia.kernel.VmexResource", |
| "fuchsia.metrics.MetricEventLoggerFactory", |
| "fuchsia.update.CommitStatusProvider", |
| ], |
| }, |
| { |
| protocol: "fuchsia.tracing.provider.Registry", |
| availability: "optional", |
| }, |
| { |
| // TODO(https://fxbug.dev/331302451) Use this config value instead of the presence of file |
| // data/pkgfs_disable_executability_restrictions in the system_image package to determine |
| // whether executability should be enforced. |
| // |
| // If true, then all package directories will be executable. Otherwise, only base packages |
| // will be executable. |
| config: "fuchsia.pkgcache.AllPackagesExecutable", |
| key: "all_packages_executable", |
| type: "bool", |
| }, |
| { |
| // If true, pkg-cache will load the system_image package and use the settings contained |
| // therein. |
| // This is true except on some configurations that do not have a system_image package, such |
| // as recovery. |
| config: "fuchsia.pkgcache.UseSystemImage", |
| key: "use_system_image", |
| type: "bool", |
| }, |
| { |
| // If true, upgradable packages can be set and upgraded (outside of OTA) and base |
| // resolver will resolve them. |
| config: "fuchsia.pkgcache.EnableUpgradablePackages", |
| key: "enable_upgradable_packages", |
| type: "bool", |
| }, |
| { |
| config: "fuchsia.zircon.system.pkgfs.cmd", |
| key: "system_image_hash", |
| type: "string", |
| max_size: 100, |
| }, |
| ], |
| expose: [ |
| { |
| resolver: "base_resolver", |
| from: "self", |
| }, |
| { |
| protocol: [ |
| "fuchsia.component.resolution.Resolver", |
| "fuchsia.pkg.garbagecollector.Manager", |
| "fuchsia.pkg.PackageCache", |
| "fuchsia.pkg.PackageResolver", |
| "fuchsia.pkg.RetainedBlobs", |
| "fuchsia.pkg.RetainedPackages", |
| ], |
| from: "self", |
| }, |
| { |
| directory: [ |
| "build-info", |
| "config-data", |
| "pkgfs", |
| "root-ssl-certificates", |
| "system", |
| ], |
| from: "self", |
| }, |
| ], |
| } |
