xref: /illumos-gate/usr/src/cmd/cmd-inet/usr.sbin/shell.xml (revision 7f3d7c9289dee6488b3cd2848a68c0b8580d750c)
1<?xml version='1.0'?>
2<!DOCTYPE service_bundle SYSTEM '/usr/share/lib/xml/dtd/service_bundle.dtd.1'>
3
4<!--
5 Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
6 Use is subject to license terms.
7
8 Copyright 2016 Hans Rosenfeld <rosenfeld@grumpf.hope-2000.org>
9
10 CDDL HEADER START
11
12 The contents of this file are subject to the terms of the
13 Common Development and Distribution License (the "License").
14 You may not use this file except in compliance with the License.
15
16 You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
17 or http://www.opensolaris.org/os/licensing.
18 See the License for the specific language governing permissions
19 and limitations under the License.
20
21 When distributing Covered Code, include this CDDL HEADER in each
22 file and include the License file at usr/src/OPENSOLARIS.LICENSE.
23 If applicable, add the following below this CDDL HEADER, with the
24 fields enclosed by brackets "[]" replaced with your own identifying
25 information: Portions Copyright [yyyy] [name of copyright owner]
26
27 CDDL HEADER END
28
29	NOTE:  This service manifest is not editable; its contents will
30	be overwritten by package or patch operations, including
31	operating system upgrade.  Make customizations in a different
32	file.
33
34	Service manifests for in.rshd.
35-->
36
37<service_bundle type='manifest' name='SUNWrcmdr:rsh'>
38
39<service
40	name='network/shell'
41	type='service'
42	version='1'>
43
44	<restarter>
45		<service_fmri value='svc:/network/inetd:default' />
46	</restarter>
47
48	<dependency
49		name='loopback'
50		grouping='require_any'
51		restart_on='error'
52		type='service'>
53		<service_fmri value='svc:/network/loopback' />
54	</dependency>
55
56	<dependency
57		name='network'
58		grouping='optional_all'
59		restart_on='error'
60		type='service'>
61		<service_fmri value='svc:/milestone/network' />
62	</dependency>
63
64	<!--
65	    The proto setting here of both tcp and tcp6only is required in order
66	    to prevent breaking applications which assume that the socket they
67	    are handed by rsh is of the AF_INET family.
68	-->
69	<property_group name='inetd' type='framework'>
70		<stability value='Evolving' />
71		<propval name='name' type='astring' value='shell' />
72		<propval name='endpoint_type' type='astring' value='stream' />
73		<propval name='wait' type='boolean' value='false' />
74		<propval name='isrpc' type='boolean' value='false' />
75		<property name='proto' type='astring' override='true'>
76			<astring_list>
77				<value_node value='tcp'/>
78				<value_node value='tcp6only'/>
79			</astring_list>
80		</property>
81	</property_group>
82
83	<instance name='default' enabled='false' >
84		<exec_method
85			type='method'
86			name='inetd_start'
87			exec='/usr/sbin/in.rshd'
88			timeout_seconds='0'>
89			<method_context working_directory='/'>
90				<method_credential user='root' group='root' />
91			</method_context>
92		</exec_method>
93
94		<exec_method
95			type='method'
96			name='inetd_disable'
97			exec=':kill'
98			timeout_seconds='0'>
99		</exec_method>
100
101		<property_group name='firewall_config' type='com.sun,fw_configuration'>
102			<propval name='policy' type='astring' value='use_global' />
103			<propval name='block_policy' type='astring'
104				value='use_global' />
105			<propval name='apply_to' type='astring' value='' />
106			<propval name='apply_to_6' type='astring' value='' />
107			<propval name='exceptions' type='astring' value='' />
108			<propval name='exceptions_6' type='astring' value='' />
109			<propval name='target' type='astring' value='' />
110			<propval name='target_6' type='astring' value='' />
111			<propval name='value_authorization' type='astring'
112				value='solaris.smf.value.firewall.config' />
113		</property_group>
114
115		<template>
116			<common_name>
117				<loctext xml:lang='C'>
118					remote shell
119				</loctext>
120			</common_name>
121		</template>
122	</instance>
123
124	<!--
125	    RSH - with kerberos authentication (only works over IPv4)
126	-->
127	<instance name='kshell' enabled='false' >
128		<exec_method
129		    type='method'
130		    name='inetd_start'
131		    exec='/usr/sbin/in.rshd -kc'
132		    timeout_seconds='0'>
133		    <method_context working_directory='/'>
134			<method_credential user='root' group='root' />
135		    </method_context>
136		</exec_method>
137
138		<exec_method
139		    type='method'
140		    name='inetd_disable'
141		    exec=':kill'
142		    timeout_seconds='0'>
143		</exec_method>
144
145		<property_group name='inetd' type='framework'>
146			<propval name='name' type='astring' value='kshell' />
147			<propval name='proto' type='astring' value='tcp' />
148		</property_group>
149
150		<property_group name='firewall_config' type='com.sun,fw_configuration'>
151			<propval name='policy' type='astring' value='use_global' />
152			<propval name='block_policy' type='astring'
153				value='use_global' />
154			<propval name='apply_to' type='astring' value='' />
155			<propval name='exceptions' type='astring' value='' />
156			<propval name='target' type='astring' value='' />
157			<propval name='value_authorization' type='astring'
158				value='solaris.smf.value.firewall.config' />
159		</property_group>
160
161		<template>
162			<common_name>
163				<loctext xml:lang='C'>
164remote shell with Kerberos authentication
165				</loctext>
166			</common_name>
167		</template>
168	</instance>
169
170	<stability value='Unstable' />
171
172	<template>
173		<common_name>
174			<loctext xml:lang='C'>
175				rsh
176			</loctext>
177		</common_name>
178		<documentation>
179			<manpage title='in.rshd' section='8'
180			    manpath='/usr/share/man' />
181			<manpage title='rshd' section='8'
182			    manpath='/usr/share/man' />
183		</documentation>
184	</template>
185</service>
186
187</service_bundle>
188