<?xml version='1.0'?> <!DOCTYPE service_bundle SYSTEM '/usr/share/lib/xml/dtd/service_bundle.dtd.1'> <!-- CDDL HEADER START The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License. You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. See the License for the specific language governing permissions and limitations under the License. When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner] CDDL HEADER END Copyright 2016 Hans Rosenfeld <rosenfeld@grumpf.hope-2000.org> Copyright 2015 Nexenta Systems, Inc. All rights reserved. Copyright 2014 OmniTI Computer Consulting, Inc. All rights reserved. Copyright 2009 Sun Microsystems, Inc. All rights reserved. Use is subject to license terms. Service manifest for rpcbind NOTE: This service manifest is not editable; its contents will be overwritten by package or patch operations, including operating system upgrade. Make customizations in a different file. --> <service_bundle type='manifest' name='SUNWcsr:rpcbind'> <service name='network/rpc/bind' type='service' version='1'> <create_default_instance enabled='true' /> <single_instance /> <dependency name='fs' grouping='require_all' restart_on='none' type='service'> <service_fmri value='svc:/system/filesystem/minimal' /> </dependency> <!-- rpcbind(1M) depends on multicast routes installed by the routing-setup service, and should be started after any IPsec policy is configured and TCP ndd tunables are set (both currently carried out by network/initial). --> <dependency name='network_initial' grouping='optional_all' restart_on='none' type='service'> <service_fmri value='svc:/network/routing-setup:default' /> <service_fmri value='svc:/network/initial:default' /> </dependency> <dependency name='network_ipfilter' grouping='optional_all' restart_on='none' type='service'> <service_fmri value='svc:/network/ipfilter:default' /> </dependency> <exec_method type='method' name='start' exec='/lib/svc/method/rpc-bind %m' timeout_seconds='60'> <method_context> <method_credential user='root' group='root' privileges='basic,file_chown,file_chown_self,file_owner,net_privaddr,proc_setid,sys_nfs,net_bindmlp' /> </method_context> </exec_method> <exec_method type='method' name='refresh' exec=':kill -HUP' timeout_seconds='0'> </exec_method> <exec_method type='method' name='stop' exec='/lib/svc/method/rpc-bind %m %{restarter/contract}' timeout_seconds='60'> <method_context> <method_credential user='root' group='root' privileges='basic,proc_owner' /> </method_context> </exec_method> <property_group name='config' type='application' > <!-- default property settings for rpcbind(1M). --> <!-- enable_tcpwrappers affects the wrapping of rpcbind, see rpcbind(1M) and tcpd(1M) for details. The default value is 'false'. A values of 'true' results in wrapping all UDP/TCP calls to the portmapper with libwrap. Note that rpcbind(1M) will not resolve or lookup names while doing tcp wrapper processing. --> <propval name='enable_tcpwrappers' type='boolean' value='false' /> <!-- verbose_logging affects the amount of information which is logged by the tcpwrapper code. The default is 'false'. This property has no effect when tcp wrappers are not enabled. --> <propval name='verbose_logging' type='boolean' value='false' /> <!-- allow_indirect affects the forwarding of RPC calls indirect rpcbind calls using rpcb_rmtcall(3NSL). The default value is 'true'. By default this is allowed for all services except for a handful. A value of 'false' stops all indirect calls. This will also disable broadcast rpc. NIS broadcast clients rely on this functionality to exist on NIS servers. --> <propval name='allow_indirect' type='boolean' value='true' /> <!-- local_only specifies whether rpcbind should allow calls from hosts other than the localhost. Setting local_only to true will make rpcbind serve only those requests that come in from the local machine. Setting local_only to false will allow access from other hosts. --> <propval name='local_only' type='boolean' value='true' /> <!-- to configure rpc/bind --> <propval name='value_authorization' type='astring' value='solaris.smf.value.rpc.bind' /> <propval name='listen_backlog' type='integer' value='64' /> <propval name='max_threads' type='integer' value='72' /> </property_group> <!-- Authorization --> <property_group name='general' type='framework'> <!-- to operate rpc/bind --> <propval name='action_authorization' type='astring' value='solaris.smf.manage.rpc.bind' /> </property_group> <property_group name='firewall_context' type='com.sun,fw_definition'> <propval name='name' type='astring' value='sunrpc' /> </property_group> <property_group name='firewall_config' type='com.sun,fw_configuration'> <propval name='policy' type='astring' value='use_global' /> <propval name='block_policy' type='astring' value='use_global' /> <propval name='apply_to' type='astring' value='' /> <propval name='apply_to_6' type='astring' value='' /> <propval name='exceptions' type='astring' value='' /> <propval name='exceptions_6' type='astring' value='' /> <propval name='target' type='astring' value='' /> <propval name='target_6' type='astring' value='' /> <propval name='value_authorization' type='astring' value='solaris.smf.value.firewall.config' /> </property_group> <stability value='Unstable' /> <template> <common_name> <loctext xml:lang='C'> RPC bindings </loctext> </common_name> <documentation> <manpage title='rpcbind' section='1M' manpath='/usr/share/man' /> </documentation> </template> </service> </service_bundle>