| // Copyright 2022 The Fuchsia Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| { |
| include: [ "syslog/client.shard.cml" ], |
| program: { |
| runner: "elf", |
| binary: "bin/sshd-host", |
| forward_stdout_to: "log", |
| forward_stderr_to: "log", |
| }, |
| use: [ |
| // Needed to configure sshd-host. |
| { |
| directory: "config-data", |
| rights: [ "r*" ], |
| path: "/config/data", |
| }, |
| { |
| protocol: [ |
| // Needed to get ssh keys from the bootloader file. |
| "fuchsia.boot.Items", |
| |
| // Needed to listen on TCP port 22. |
| "fuchsia.posix.socket.Provider", |
| |
| // Needed to launch `ssh` child processes. |
| "fuchsia.process.Launcher", |
| ], |
| }, |
| |
| // Needed to create the shell environment |
| // for the ssh child process and its children. |
| // TODO(fxbug.dev/97903): try to remove each one of the below. |
| // TODO(fxbug.dev/98086): specifically reduce /bin. |
| { |
| directory: "bin", |
| rights: [ "rx*" ], |
| path: "/bin", |
| }, |
| { |
| directory: "blob", |
| rights: [ "rw*" ], |
| path: "/blob", |
| }, |
| { |
| directory: "boot", |
| rights: [ "rx*" ], |
| path: "/boot", |
| }, |
| { |
| directory: "build-info", |
| rights: [ "r*" ], |
| path: "/config/build-info", |
| }, |
| { |
| directory: "root-ssl-certificates", |
| rights: [ "r*" ], |
| path: "/config/ssl", |
| }, |
| { |
| directory: "minfs", |
| rights: [ "rw*" ], |
| path: "/data", |
| }, |
| { |
| directory: "dev", |
| rights: [ "rw*" ], |
| path: "/dev", |
| }, |
| { |
| directory: "hub-legacy", |
| rights: [ "rw*" ], |
| path: "/hub", |
| }, |
| { |
| directory: "hub", |
| rights: [ "rw*" ], |
| path: "/hub-v2", |
| }, |
| { |
| directory: "mnt", |
| rights: [ "rw*" ], |
| path: "/mnt", |
| }, |
| { |
| directory: "pkgfs", |
| rights: [ "rx*" ], |
| path: "/pkgfs", |
| }, |
| { |
| directory: "system", |
| rights: [ "rx*" ], |
| path: "/system", |
| }, |
| { |
| directory: "tmp", |
| rights: [ "rw*" ], |
| path: "/tmp", |
| }, |
| ], |
| } |