1<?xml version='1.0'?> 2<!DOCTYPE service_bundle SYSTEM '/usr/share/lib/xml/dtd/service_bundle.dtd.1'> 3 4<!-- 5 CDDL HEADER START 6 7 The contents of this file are subject to the terms of the 8 Common Development and Distribution License (the "License"). 9 You may not use this file except in compliance with the License. 10 11 You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 12 or http://www.opensolaris.org/os/licensing. 13 See the License for the specific language governing permissions 14 and limitations under the License. 15 16 When distributing Covered Code, include this CDDL HEADER in each 17 file and include the License file at usr/src/OPENSOLARIS.LICENSE. 18 If applicable, add the following below this CDDL HEADER, with the 19 fields enclosed by brackets "[]" replaced with your own identifying 20 information: Portions Copyright [yyyy] [name of copyright owner] 21 22 CDDL HEADER END 23 24 Copyright 2016 Hans Rosenfeld <rosenfeld@grumpf.hope-2000.org> 25 Copyright 2015 Nexenta Systems, Inc. All rights reserved. 26 Copyright 2014 OmniTI Computer Consulting, Inc. All rights reserved. 27 Copyright 2009 Sun Microsystems, Inc. All rights reserved. 28 Use is subject to license terms. 29 30 Service manifest for rpcbind 31 32 NOTE: This service manifest is not editable; its contents will 33 be overwritten by package or patch operations, including 34 operating system upgrade. Make customizations in a different 35 file. 36--> 37 38<service_bundle type='manifest' name='SUNWcsr:rpcbind'> 39 40<service 41 name='network/rpc/bind' 42 type='service' 43 version='1'> 44 45 <create_default_instance enabled='true' /> 46 47 <single_instance /> 48 49 <dependency 50 name='fs' 51 grouping='require_all' 52 restart_on='none' 53 type='service'> 54 <service_fmri value='svc:/system/filesystem/minimal' /> 55 </dependency> 56 57 <!-- 58 rpcbind(1M) depends on multicast routes installed by the 59 routing-setup service, and should be started after any IPsec 60 policy is configured and TCP ndd tunables are set (both 61 currently carried out by network/initial). 62 --> 63 <dependency 64 name='network_initial' 65 grouping='optional_all' 66 restart_on='none' 67 type='service'> 68 <service_fmri value='svc:/network/routing-setup:default' /> 69 <service_fmri value='svc:/network/initial:default' /> 70 </dependency> 71 72 <dependency 73 name='network_ipfilter' 74 grouping='optional_all' 75 restart_on='none' 76 type='service'> 77 <service_fmri value='svc:/network/ipfilter:default' /> 78 </dependency> 79 80 <exec_method 81 type='method' 82 name='start' 83 exec='/lib/svc/method/rpc-bind %m' 84 timeout_seconds='60'> 85 <method_context> 86 <method_credential 87 user='root' 88 group='root' 89 privileges='basic,file_chown,file_chown_self,file_owner,net_privaddr,proc_setid,sys_nfs,net_bindmlp' 90 /> 91 </method_context> 92 </exec_method> 93 94 <exec_method 95 type='method' 96 name='refresh' 97 exec=':kill -HUP' 98 timeout_seconds='0'> 99 </exec_method> 100 101 <exec_method 102 type='method' 103 name='stop' 104 exec='/lib/svc/method/rpc-bind %m %{restarter/contract}' 105 timeout_seconds='60'> 106 <method_context> 107 <method_credential 108 user='root' 109 group='root' 110 privileges='basic,proc_owner' 111 /> 112 </method_context> 113 </exec_method> 114 115 <property_group name='config' type='application' > 116 <!-- default property settings for rpcbind(1M). --> 117 118 <!-- enable_tcpwrappers affects the wrapping of rpcbind, 119 see rpcbind(1M) and tcpd(1M) for details. 120 The default value is 'false'. 121 A values of 'true' results in wrapping all UDP/TCP 122 calls to the portmapper with libwrap. Note that 123 rpcbind(1M) will not resolve or lookup names while 124 doing tcp wrapper processing. 125 --> 126 <propval 127 name='enable_tcpwrappers' 128 type='boolean' 129 value='false' /> 130 131 <!-- verbose_logging affects the amount of information 132 which is logged by the tcpwrapper code. 133 The default is 'false'. 134 This property has no effect when tcp wrappers are not 135 enabled. 136 --> 137 <propval 138 name='verbose_logging' 139 type='boolean' 140 value='false' /> 141 142 <!-- allow_indirect affects the forwarding of RPC calls 143 indirect rpcbind calls using rpcb_rmtcall(3NSL). 144 The default value is 'true'. By default this is allowed 145 for all services except for a handful. 146 A value of 'false' stops all indirect calls. This will 147 also disable broadcast rpc. NIS broadcast clients rely 148 on this functionality to exist on NIS servers. 149 --> 150 <propval 151 name='allow_indirect' 152 type='boolean' 153 value='true' /> 154 155 <!-- local_only specifies whether rpcbind should allow 156 calls from hosts other than the localhost. 157 Setting local_only to true will make rpcbind serve 158 only those requests that come in from the local machine. 159 Setting local_only to false will allow access from 160 other hosts. 161 --> 162 <propval 163 name='local_only' 164 type='boolean' 165 value='true' /> 166 167 <!-- to configure rpc/bind --> 168 <propval name='value_authorization' type='astring' 169 value='solaris.smf.value.rpc.bind' /> 170 171 <propval 172 name='listen_backlog' 173 type='integer' 174 value='64' /> 175 176 <propval 177 name='max_threads' 178 type='integer' 179 value='72' /> 180 </property_group> 181 182 <!-- Authorization --> 183 <property_group name='general' type='framework'> 184 <!-- to operate rpc/bind --> 185 <propval name='action_authorization' type='astring' 186 value='solaris.smf.manage.rpc.bind' /> 187 </property_group> 188 189 <property_group name='firewall_context' type='com.sun,fw_definition'> 190 <propval name='name' type='astring' value='sunrpc' /> 191 </property_group> 192 193 <property_group name='firewall_config' type='com.sun,fw_configuration'> 194 <propval name='policy' type='astring' value='use_global' /> 195 <propval name='block_policy' type='astring' 196 value='use_global' /> 197 <propval name='apply_to' type='astring' value='' /> 198 <propval name='apply_to_6' type='astring' value='' /> 199 <propval name='exceptions' type='astring' value='' /> 200 <propval name='exceptions_6' type='astring' value='' /> 201 <propval name='target' type='astring' value='' /> 202 <propval name='target_6' type='astring' value='' /> 203 <propval name='value_authorization' type='astring' 204 value='solaris.smf.value.firewall.config' /> 205 </property_group> 206 207 <stability value='Unstable' /> 208 209 <template> 210 <common_name> 211 <loctext xml:lang='C'> 212 RPC bindings 213 </loctext> 214 </common_name> 215 <documentation> 216 <manpage title='rpcbind' section='1M' 217 manpath='/usr/share/man' /> 218 </documentation> 219 </template> 220 221</service> 222 223</service_bundle> 224