xref: /illumos-gate/usr/src/cmd/smbsrv/smbd/server.xml (revision a1cdd5a67f3bf3e60db3f3a77baef63640ad91a4)
1<?xml version="1.0"?>
2<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
3<!--
4
5CDDL HEADER START
6
7The contents of this file are subject to the terms of the
8Common Development and Distribution License (the "License").
9You may not use this file except in compliance with the License.
10
11You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
12or http://www.opensolaris.org/os/licensing.
13See the License for the specific language governing permissions
14and limitations under the License.
15
16When distributing Covered Code, include this CDDL HEADER in each
17file and include the License file at usr/src/OPENSOLARIS.LICENSE.
18If applicable, add the following below this CDDL HEADER, with the
19fields enclosed by brackets "[]" replaced with your own identifying
20information: Portions Copyright [yyyy] [name of copyright owner]
21
22CDDL HEADER END
23
24Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
25Copyright 2018 Nexenta Systems, Inc.  All rights reserved.
26Copyright 2016 Hans Rosenfeld <rosenfeld@grumpf.hope-2000.org>
27Copyright 2019 RackTop Systems.
28
29NOTE:  This service manifest is not editable; its contents will
30be overwritten by package or patch operations, including
31operating system upgrade.  Make customizations in a different
32file.
33
34-->
35
36<service_bundle type='manifest' name='SUNWsmbsr:smb-server'>
37
38<!-- 1. Name the service to 'network/smb/server' -->
39<service
40    name='network/smb/server'
41    type='service'
42    version='2'>
43
44	<!-- 2. Create default service instance. -->
45	<create_default_instance enabled='false' />
46
47	<!-- 3. Service has single instance -->
48	<single_instance/>
49
50	<!-- 4. Identify dependencies -->
51
52	<dependency name='network'
53	    grouping='require_any'
54	    restart_on='error'
55	    type='service'>
56		<service_fmri value='svc:/milestone/network'/>
57	</dependency>
58
59	<!-- Must have all local filesystems mounted before we share them -->
60	<dependency name='filesystem-local'
61	    grouping='require_all'
62	    restart_on='error'
63	    type='service'>
64		<service_fmri value='svc:/system/filesystem/local'/>
65	</dependency>
66
67	<!-- Must have idmap service started -->
68	<dependency name='idmap'
69	    grouping='require_all'
70	    restart_on='none'
71	    type='service'>
72		<service_fmri value='svc:/system/idmap:default'/>
73	</dependency>
74
75	<!-- Must have SMB client service started -->
76	<dependency name='smb-client'
77	    grouping='require_all'
78	    restart_on='none'
79	    type='service'>
80		<service_fmri value='svc:/network/smb/client:default'/>
81	</dependency>
82
83	<!--
84	    Want to make sure that the network/shares/group service
85	    starts after the smb/server service.  It needs to be
86	    optional in order to not cause failure if smb is
87	    disabled.
88	-->
89	<dependent name='groups'
90	    grouping="optional_all"
91	    restart_on='error' >
92		    <service_fmri value='svc:/network/shares/group'/>
93	</dependent>
94
95	<!-- 5. Identify start/stop/refresh methods -->
96	<exec_method
97		type='method'
98		name='start'
99		exec='/usr/lib/smbsrv/smbd %m'
100		timeout_seconds='60' >
101		<!-- XXX: need method_context? -->
102	</exec_method>
103
104	<exec_method
105		type='method'
106		name='stop'
107		exec=':kill'
108		timeout_seconds='60' />
109
110	<exec_method
111		type='method'
112		name='refresh'
113		exec=':kill -HUP'
114		timeout_seconds='60' />
115
116	<property_group name='general' type='framework'>
117		<!-- To Start/Stop/Refresh the service -->
118		<propval name='action_authorization' type='astring'
119			value='solaris.smf.manage.smb' />
120		<propval name='value_authorization' type='astring'
121			value='solaris.smf.manage.smb' />
122	</property_group>
123
124	<property_group name='firewall_context' type='com.sun,fw_definition'>
125		<propval name='ipf_method' type='astring'
126		    value='/lib/svc/method/svc-smbd ipfilter' />
127	</property_group>
128
129	<property_group name='firewall_config' type='com.sun,fw_configuration'>
130		<propval name='policy' type='astring' value='use_global' />
131		<propval name='block_policy' type='astring'
132			value='use_global' />
133		<propval name='apply_to' type='astring' value='' />
134		<propval name='apply_to_6' type='astring' value='' />
135		<propval name='exceptions' type='astring' value='' />
136		<propval name='exceptions_6' type='astring' value='' />
137		<propval name='target' type='astring' value='' />
138		<propval name='target_6' type='astring' value='' />
139		<propval name='value_authorization' type='astring'
140			value='solaris.smf.value.firewall.config' />
141	</property_group>
142
143	<property_group name='read' type='application'>
144		<!-- To read protected parameters -->
145		<propval name='read_authorization' type='astring'
146			value='solaris.smf.read.smb' />
147		<propval name='value_authorization' type='astring'
148			value='solaris.smf.value.smb' />
149		<propval name='machine_passwd' type='astring' value='' />
150	</property_group>
151
152	<!-- SMB service-specific general configuration defaults -->
153	<property_group name='smbd' type='application'>
154		<stability value='Evolving' />
155		<propval name='value_authorization' type='astring'
156			value='solaris.smf.value.smb' />
157		<propval name='oplock_enable' type='boolean'
158			value='true' override='true'/>
159		<propval name='autohome_map' type='astring'
160			value='/etc' override='true'/>
161		<propval name='bypass_traverse_checking' type='boolean'
162			value='true' override='true'/>
163		<propval name='debug' type='integer'
164			value='0' override='true'/>
165		<propval name='domain_sid' type='astring'
166			value='' override='true'/>
167		<propval name='domain_member' type='boolean'
168			value='false' override='true'/>
169		<propval name='domain_name' type='astring'
170			value='WORKGROUP' override='true'/>
171		<propval name='fqdn' type='astring'
172			value='' override='true'/>
173		<propval name='forest' type='astring'
174			value='' override='true'/>
175		<propval name='domain_guid' type='astring'
176			value='' override='true'/>
177		<propval name='pdc' type='astring'
178			value='' override='true'/>
179		<propval name='wins_server_1' type='astring'
180			value='' override='true'/>
181		<propval name='wins_server_2' type='astring'
182			value='' override='true'/>
183		<propval name='wins_exclude' type='astring'
184			value='' override='true'/>
185		<propval name='max_workers' type='integer'
186			value='1024' override='true'/>
187		<propval name='max_connections' type='integer'
188			value='100000' override='true'/>
189		<propval name='keep_alive' type='integer'
190			value='0' override='true'/>
191		<propval name='restrict_anonymous' type='boolean'
192			value='false' override='true'/>
193		<propval name='signing_enabled' type='boolean'
194			value='true' override='true'/>
195		<propval name='signing_required' type='boolean'
196			value='true' override='true'/>
197		<propval name='sync_enable' type='boolean'
198			value='false' override='true'/>
199		<propval name='security' type='astring'
200			value='workgroup' override='true'/>
201		<propval name='netbios_enable' type='boolean'
202			value='false' override='true'/>
203		<propval name='netbios_scope' type='astring'
204			value='' override='true'/>
205		<propval name='system_comment' type='astring'
206			value='' override='true'/>
207		<propval name='lmauth_level' type='integer'
208			value='4' override='true'/>
209		<propval name='ads_site' type='astring'
210			value='' override='true'/>
211		<propval name='ddns_enable' type='boolean'
212			value='false' override='true'/>
213		<propval name='kpasswd_server' type='astring'
214			value='' override='true'/>
215		<propval name='kpasswd_domain' type='astring'
216			value='' override='true'/>
217		<propval name='kpasswd_seqnum' type='integer'
218			value='0' override='true'/>
219		<propval name='netlogon_seqnum' type='integer'
220			value='0' override='true'/>
221		<propval name='ipv6_enable' type='boolean'
222			value='false' override='true'/>
223		<propval name='sv_version' type='astring'
224			value='6.1' override='true'/>
225		<propval name='dfs_stdroot_num' type='integer'
226			value='0' override='true'/>
227		<propval name='print_enable' type='boolean'
228			value='false' override='true'/>
229		<propval name='traverse_mounts' type='boolean'
230			value='true' override='true'/>
231		<propval name='max_protocol' type='astring'
232			value='' override='true'/>
233		<propval name='min_protocol' type='astring'
234			value='' override='true'/>
235		<propval name='encrypt' type='astring'
236			value='disabled' override='true'/>
237		<propval name='initial_credits' type='integer'
238			value='20' override='true'/>
239		<propval name='maximum_credits' type='integer'
240			value='1000' override='true'/>
241	</property_group>
242
243	<!-- SMB service-specific shares exec configuration defaults -->
244	<property_group name='exec' type='application'>
245		<stability value='Evolving' />
246		<propval name='map' type='astring'
247			value='' override='true'/>
248		<propval name='unmap' type='astring'
249			value='' override='true'/>
250		<propval name='disposition' type='astring'
251			value='' override='true'/>
252	</property_group>
253
254	<!-- 6. Identify faults to be ignored. -->
255	<!-- 7. Identify service model. Default service model is 'contract' -->
256	<!-- 8. Identify dependents.
257		For Solaris NAS, we may want to have the smbd service start,
258		before it reaches the svc:/milestone/multi-user-server
259		milestone.
260		<dependent
261			name='smb-server_multi-user-server'
262			grouping='optional_all'
263			restart_on='none'>
264			<service_fmri value=
265			    'svc:/milestone/multi-user-server'/>
266		</dependent>
267	-->
268	<!-- 9. Insert service milestones. None. -->
269
270	<stability value='Evolving' />
271
272	<!-- 10. Create Service Template information -->
273	<template>
274		<common_name>
275			<loctext xml:lang='C'> smbd daemon</loctext>
276		</common_name>
277		<documentation>
278			<manpage title='smbd' section='1M'
279				manpath='/usr/share/man' />
280		</documentation>
281	</template>
282
283</service>
284
285</service_bundle>
286