xref: /illumos-gate/usr/src/cmd/smbsrv/smbd/server.xml (revision bc0ee17c150fbf29e52c0ff365163e4e7b1c2f0a)
1<?xml version="1.0"?>
2<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
3<!--
4
5CDDL HEADER START
6
7The contents of this file are subject to the terms of the
8Common Development and Distribution License (the "License").
9You may not use this file except in compliance with the License.
10
11You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
12or http://www.opensolaris.org/os/licensing.
13See the License for the specific language governing permissions
14and limitations under the License.
15
16When distributing Covered Code, include this CDDL HEADER in each
17file and include the License file at usr/src/OPENSOLARIS.LICENSE.
18If applicable, add the following below this CDDL HEADER, with the
19fields enclosed by brackets "[]" replaced with your own identifying
20information: Portions Copyright [yyyy] [name of copyright owner]
21
22CDDL HEADER END
23
24Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
25Copyright 2018 Nexenta Systems, Inc.  All rights reserved.
26Copyright 2016 Hans Rosenfeld <rosenfeld@grumpf.hope-2000.org>
27Copyright 2020 Tintri by DDN, Inc. All rights reserved.
28Copyright 2022 RackTop Systems, Inc.
29
30NOTE:  This service manifest is not editable; its contents will
31be overwritten by package or patch operations, including
32operating system upgrade.  Make customizations in a different
33file.
34
35-->
36
37<service_bundle type='manifest' name='SUNWsmbsr:smb-server'>
38
39<!-- 1. Name the service to 'network/smb/server' -->
40<service
41    name='network/smb/server'
42    type='service'
43    version='2'>
44
45	<!-- 2. Create default service instance. -->
46	<create_default_instance enabled='false' />
47
48	<!-- 3. Service has single instance -->
49	<single_instance/>
50
51	<!-- 4. Identify dependencies -->
52
53	<dependency name='network'
54	    grouping='require_any'
55	    restart_on='error'
56	    type='service'>
57		<service_fmri value='svc:/milestone/network'/>
58	</dependency>
59
60	<!-- Must have all local filesystems mounted before we share them -->
61	<dependency name='filesystem-local'
62	    grouping='require_all'
63	    restart_on='error'
64	    type='service'>
65		<service_fmri value='svc:/system/filesystem/local'/>
66	</dependency>
67
68	<!-- Must have idmap service started -->
69	<dependency name='idmap'
70	    grouping='require_all'
71	    restart_on='none'
72	    type='service'>
73		<service_fmri value='svc:/system/idmap:default'/>
74	</dependency>
75
76	<!-- Must have SMB client service started -->
77	<dependency name='smb-client'
78	    grouping='require_all'
79	    restart_on='none'
80	    type='service'>
81		<service_fmri value='svc:/network/smb/client:default'/>
82	</dependency>
83
84	<!--
85	    Want to make sure that the network/shares/group service
86	    starts after the smb/server service.  It needs to be
87	    optional in order to not cause failure if smb is
88	    disabled.
89	-->
90	<dependent name='groups'
91	    grouping="optional_all"
92	    restart_on='error' >
93		    <service_fmri value='svc:/network/shares/group'/>
94	</dependent>
95
96	<!-- 5. Identify start/stop/refresh methods -->
97	<exec_method
98		type='method'
99		name='start'
100		exec='/usr/lib/smbsrv/smbd %m'
101		timeout_seconds='60' >
102		<!-- XXX: need method_context? -->
103	</exec_method>
104
105	<exec_method
106		type='method'
107		name='stop'
108		exec=':kill'
109		timeout_seconds='60' />
110
111	<exec_method
112		type='method'
113		name='refresh'
114		exec=':kill -HUP'
115		timeout_seconds='60' />
116
117	<property_group name='general' type='framework'>
118		<!-- To Start/Stop/Refresh the service -->
119		<propval name='action_authorization' type='astring'
120			value='solaris.smf.manage.smb' />
121		<propval name='value_authorization' type='astring'
122			value='solaris.smf.manage.smb' />
123	</property_group>
124
125	<property_group name='firewall_context' type='com.sun,fw_definition'>
126		<propval name='ipf_method' type='astring'
127		    value='/lib/svc/method/svc-smbd ipfilter' />
128	</property_group>
129
130	<property_group name='firewall_config' type='com.sun,fw_configuration'>
131		<propval name='policy' type='astring' value='use_global' />
132		<propval name='block_policy' type='astring'
133			value='use_global' />
134		<propval name='apply_to' type='astring' value='' />
135		<propval name='apply_to_6' type='astring' value='' />
136		<propval name='exceptions' type='astring' value='' />
137		<propval name='exceptions_6' type='astring' value='' />
138		<propval name='target' type='astring' value='' />
139		<propval name='target_6' type='astring' value='' />
140		<propval name='value_authorization' type='astring'
141			value='solaris.smf.value.firewall.config' />
142	</property_group>
143
144	<property_group name='read' type='application'>
145		<!-- To read protected parameters -->
146		<propval name='read_authorization' type='astring'
147			value='solaris.smf.read.smb' />
148		<propval name='value_authorization' type='astring'
149			value='solaris.smf.value.smb' />
150		<propval name='machine_passwd' type='astring' value='' />
151	</property_group>
152
153	<!-- SMB service-specific general configuration defaults -->
154	<property_group name='smbd' type='application'>
155		<stability value='Evolving' />
156		<propval name='value_authorization' type='astring'
157			value='solaris.smf.value.smb' />
158		<propval name='oplock_enable' type='boolean'
159			value='true' override='true'/>
160		<propval name='autohome_map' type='astring'
161			value='/etc' override='true'/>
162		<propval name='bypass_traverse_checking' type='boolean'
163			value='true' override='true'/>
164		<propval name='debug' type='integer'
165			value='0' override='true'/>
166		<propval name='domain_sid' type='astring'
167			value='' override='true'/>
168		<propval name='domain_member' type='boolean'
169			value='false' override='true'/>
170		<propval name='domain_name' type='astring'
171			value='WORKGROUP' override='true'/>
172		<propval name='fqdn' type='astring'
173			value='' override='true'/>
174		<propval name='forest' type='astring'
175			value='' override='true'/>
176		<propval name='domain_guid' type='astring'
177			value='' override='true'/>
178		<propval name='pdc' type='astring'
179			value='' override='true'/>
180		<propval name='wins_server_1' type='astring'
181			value='' override='true'/>
182		<propval name='wins_server_2' type='astring'
183			value='' override='true'/>
184		<propval name='wins_exclude' type='astring'
185			value='' override='true'/>
186		<propval name='max_workers' type='integer'
187			value='1024' override='true'/>
188		<propval name='max_connections' type='integer'
189			value='100000' override='true'/>
190		<propval name='keep_alive' type='integer'
191			value='0' override='true'/>
192		<propval name='restrict_anonymous' type='boolean'
193			value='false' override='true'/>
194		<propval name='signing_enabled' type='boolean'
195			value='true' override='true'/>
196		<propval name='signing_required' type='boolean'
197			value='true' override='true'/>
198		<propval name='sync_enable' type='boolean'
199			value='false' override='true'/>
200		<propval name='security' type='astring'
201			value='workgroup' override='true'/>
202		<propval name='netbios_enable' type='boolean'
203			value='false' override='true'/>
204		<propval name='netbios_scope' type='astring'
205			value='' override='true'/>
206		<propval name='system_comment' type='astring'
207			value='' override='true'/>
208		<propval name='lmauth_level' type='integer'
209			value='4' override='true'/>
210		<propval name='ads_site' type='astring'
211			value='' override='true'/>
212		<propval name='ddns_enable' type='boolean'
213			value='false' override='true'/>
214		<propval name='kpasswd_server' type='astring'
215			value='' override='true'/>
216		<propval name='kpasswd_domain' type='astring'
217			value='' override='true'/>
218		<propval name='kpasswd_seqnum' type='integer'
219			value='0' override='true'/>
220		<propval name='netlogon_seqnum' type='integer'
221			value='0' override='true'/>
222		<propval name='ipv6_enable' type='boolean'
223			value='false' override='true'/>
224		<propval name='sv_version' type='astring'
225			value='6.1' override='true'/>
226		<propval name='dfs_stdroot_num' type='integer'
227			value='0' override='true'/>
228		<propval name='print_enable' type='boolean'
229			value='false' override='true'/>
230		<propval name='short_names' type='boolean'
231			value='false' override='true'/>
232		<propval name='traverse_mounts' type='boolean'
233			value='true' override='true'/>
234		<propval name='max_protocol' type='astring'
235			value='' override='true'/>
236		<propval name='min_protocol' type='astring'
237			value='2.1' override='true'/>
238		<propval name='encrypt' type='astring'
239			value='disabled' override='true'/>
240		<propval name='encrypt_ciphers' type='astring'
241			value='' override='true'/>
242		<propval name='initial_credits' type='integer'
243			value='20' override='true'/>
244		<propval name='maximum_credits' type='integer'
245			value='1000' override='true'/>
246		<propval name='netlogon_flags' type='integer'
247			value='0' override='true'/>
248		<propval name='max_opens' type='integer'
249			value='0' override='true'/>
250	</property_group>
251
252	<!-- SMB service-specific shares exec configuration defaults -->
253	<property_group name='exec' type='application'>
254		<stability value='Evolving' />
255		<propval name='map' type='astring'
256			value='' override='true'/>
257		<propval name='unmap' type='astring'
258			value='' override='true'/>
259		<propval name='disposition' type='astring'
260			value='' override='true'/>
261	</property_group>
262
263	<!-- 6. Identify faults to be ignored. -->
264	<!-- 7. Identify service model. Default service model is 'contract' -->
265	<!-- 8. Identify dependents.
266		For a NAS, we may want to have the smbd service start,
267		before it reaches the svc:/milestone/multi-user-server
268		milestone.
269		<dependent
270			name='smb-server_multi-user-server'
271			grouping='optional_all'
272			restart_on='none'>
273			<service_fmri value=
274			    'svc:/milestone/multi-user-server'/>
275		</dependent>
276	-->
277	<!-- 9. Insert service milestones. None. -->
278
279	<stability value='Evolving' />
280
281	<!-- 10. Create Service Template information -->
282	<template>
283		<common_name>
284			<loctext xml:lang='C'> smbd daemon</loctext>
285		</common_name>
286		<documentation>
287			<manpage title='smbd' section='8'
288				manpath='/usr/share/man' />
289		</documentation>
290	</template>
291
292</service>
293
294</service_bundle>
295