1<?xml version='1.0' encoding='UTF-8' ?> 2 3<!-- 4 CDDL HEADER START 5 6 The contents of this file are subject to the terms of the 7 Common Development and Distribution License (the "License"). 8 You may not use this file except in compliance with the License. 9 10 You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 11 or http://www.opensolaris.org/os/licensing. 12 See the License for the specific language governing permissions 13 and limitations under the License. 14 15 When distributing Covered Code, include this CDDL HEADER in each 16 file and include the License file at usr/src/OPENSOLARIS.LICENSE. 17 If applicable, add the following below this CDDL HEADER, with the 18 fields enclosed by brackets "[]" replaced with your own identifying 19 information: Portions Copyright [yyyy] [name of copyright owner] 20 21 CDDL HEADER END 22 23 Copyright (c) 2006, 2010, Oracle and/or its affiliates. All rights reserved. 24 Copyright (c) 2011, Joyent, Inc. All rights reserved. 25 26 DO NOT EDIT THIS FILE. 27 28 Copyright 2014 Nexenta Systems, Inc. All rights reserved. 29--> 30 31<!-- 32 verify_cfg 33 34 Identifies the program to be invoked by zonecfg to verify that the 35 zone's configuration is legal, and that all the configured devices, 36 attributes, etc. are legal for this brand. 37 38 The program is called with a single argument: the path to a file 39 containing a temporary config.xml file the zone. It should return 0 40 on success and non-0 on failure. Any detailed error messages should be 41 displayed to stderr. 42 43 It has no attributes. 44 45--> 46<!ELEMENT verify_cfg (#PCDATA) > 47<!ATTLIST verify_cfg> 48<!-- 49 verify_adm 50 51 Identifies the program invoked by zoneadm to perform brand-specific 52 checks as to the viability of a zone on this specific machine. 53 54 The following replacements are performed: 55 56 %z Name of zone 57 %R Zonepath of zone 58 Additional arguments, if any, are appended. 59 60 The program should return 0 on success and non-0 on failure. Any 61 detailed error messages should be displayed to stderr. 62 63 It has no attributes. 64 65--> 66<!ELEMENT verify_adm (#PCDATA) > 67<!ATTLIST verify_adm> 68 69<!-- 70 install 71 72 Identifies the program to invoke when installing a zone. The following 73 replacements are performed: 74 75 %z Name of zone 76 %R Zonepath of zone 77 Additional arguments, if any, are appended. 78 79 It has no attributes. 80--> 81<!ELEMENT install (#PCDATA) > 82<!ATTLIST install> 83 84<!-- 85 installopts 86 87 Identifies the command-line options supported by the brand's 88 installation program, allowing zoneadm to parse the install line 89 properly. 90 91 It has no attributes. 92--> 93<!ELEMENT installopts (#PCDATA) > 94<!ATTLIST installopts> 95 96<!-- 97 boot 98 99 This is a program which gets run by zoneadmd when a zone is booted. 100 The program will be invoked as the last step in the zone booting 101 process before the the first process is spawned inside the zone. 102 103 If this programs succeeds it should not generate any output. 104 If this program returns an error, any output generated by the 105 program will be sent to the zoneadmd message log. 106 107 The following replacements are performed: 108 109 %z Name of zone 110 %R Zonepath of zone 111 Additional arguments, if any, are appended. 112 113 It has no attributes. 114--> 115<!ELEMENT boot (#PCDATA) > 116<!ATTLIST boot> 117 118<!-- 119 sysboot 120 121 This is a program that will be run by zoneadm during system boot for an 122 installed zone that won't automatically boot. 123 124 If the program succeeds, then it should not generate output. 125 If the program returns an error, then the output it generates will be 126 sent to the zones SMF service's message log. 127 128 The following replacements are performed: 129 130 %z Name of the target zone 131 %R Zonepath of the target zone 132 Additional arguments, if any, are appended. 133 134 This element has no attributes. 135--> 136<!ELEMENT sysboot (#PCDATA) > 137<!ATTLIST sysboot> 138 139<!-- 140 halt 141 142 This is a program which gets run by zoneadmd when a zone is being 143 halted. This callback is provided to allow a brand to cleanup any 144 special configuration that was setup during boot. 145 146 This program will also be invoked by zoneadmd if any part of the zone 147 booting process fail, even if the booting process failed before the 148 brand boot program was invoked. It is also possible that if the zone 149 fails to halt after invoking this program, future attempts to halt the 150 zone will invoke this program again. So this program should be 151 designed to clean up any resources allocated to a zone but it should 152 also be able to gracefully handle the case where resources that it 153 expects to release are not actually allocated (or have been already 154 released.) 155 156 If this programs succeeds it should not generate any output. If this 157 program returns an error, any output generated by the program will be 158 sent to the zoneadmd message log. 159 160 The following replacements are performed: 161 162 %z Name of zone 163 %R Zonepath of zone 164 Additional arguments, if any, are appended. 165 166 It has no attributes. 167--> 168<!ELEMENT halt (#PCDATA) > 169<!ATTLIST halt> 170 171<!-- 172 shutdown 173 174 This is a program which gets run by zoneadmd when a zone is being 175 shutdown gracefully. Currently only asynchronous mode is supported. 176 177 If this program succeeds it should not generate any output. If this 178 program returns an error, any output generated by the program will be 179 sent to the zoneadmd message log. 180 181 The following replacements are performed: 182 183 %z Name of zone 184 %R Zonepath of zone 185 Additional arguments, if any, are appended. 186 187 It has no attributes. 188--> 189<!ELEMENT shutdown (#PCDATA) > 190<!ATTLIST shutdown> 191 192<!-- 193 modname 194 195 Path to the kernel module that implements the kernel-level 196 functionality of the brand. 197 198 It has no attributes. 199--> 200<!ELEMENT modname (#PCDATA) > 201<!ATTLIST modname> 202 203<!-- 204 initname 205 206 Path to the initial executable that should be launched when booting a 207 branded zone. 208 209 It has no attributes. 210--> 211<!ELEMENT initname (#PCDATA) > 212<!ATTLIST initname> 213 214<!-- 215 restartinit, restartinit0 and restartinitreboot 216 217 These three boolean elements control what action is taken when the 218 program specified by the 'initname' element exits. 219 220 The default values are: 221 222 restartinit: true 223 restartinit0: false 224 restartinitreboot: false 225 226 If 'restartinit' is set to false then the init process will never be 227 restarted and the zone will shut down once init exits. In this case, the 228 other restartinit elements are ignored. 229 230 When 'restartinit0' is set, init will only be restarted if it exited with 231 an exit status of 0, otherwise the zone will shut down. 232 233 If 'restartinitreboot' is set to true then whenever init should be 234 restarted, based on the other restartinit elements, the zone will instead 235 be rebooted. 236 237 These have no attributes. 238--> 239<!ELEMENT restartinit (#PCDATA) > 240<!ATTLIST restartinit> 241<!ELEMENT restartinit0 (#PCDATA) > 242<!ATTLIST restartinit0> 243<!ELEMENT restartinitreboot (#PCDATA) > 244<!ATTLIST restartinitreboot> 245 246<!-- 247 login_cmd 248 249 Path to the initial login binary that should be executed when 250 attempting to zlogin into a branded zone. 251 252 The following replacements are performed: 253 254 %Z Name of the current zone 255 %u User login name 256 257 It has no attributes. 258--> 259<!ELEMENT login_cmd (#PCDATA) > 260<!ATTLIST login_cmd> 261 262<!-- 263 forcedlogin_cmd 264 265 Path to the initial login binary that should be executed when 266 attempting to zlogin into a branded zone without authentication. 267 268 The following replacements are performed: 269 270 %Z Name of the current zone 271 %u User login name 272 273 It has no attributes. 274--> 275<!ELEMENT forcedlogin_cmd (#PCDATA) > 276<!ATTLIST forcedlogin_cmd> 277 278<!-- 279 user_cmd 280 281 Path to the binary that will translate a user name to a passwd(5) entry. 282 283 The following replacements are performed: 284 285 %u User login name 286 287 It has no attributes. The passwd(5) entry is used to determine $LOGNAME, 288 $HOME, and $SHELL for non-interactive "zlogin -l <user> <cmd>". 289--> 290<!ELEMENT user_cmd (#PCDATA) > 291<!ATTLIST user_cmd> 292 293<!-- 294 attach 295 296 Path to a hook that will perform any necessary processing on 297 a zone to allow it to be attached. The zone will be in the "configured" 298 state when this hook is run. This hook is never called when the zone 299 is "force attached" (-F). 300 301 If this hook exits with a non-zero exit status, the attach operation 302 will fail. 303 304 The following replacements are performed: 305 306 %z Name of zone 307 %R Zonepath of zone 308 Additional arguments, if any, are appended. 309 310 If no hook is provided, the internal zoneadm attach code will be used. 311 312 It has no attributes. 313--> 314<!ELEMENT attach (#PCDATA) > 315<!ATTLIST attach> 316 317<!-- 318 postattach 319 320 Path to a hook that will perform any necessary post-processing on 321 a zone after it has been attached. The zone will be in the "installed" 322 state when this hook is run. This hook is never called when the zone 323 is "force attached" (-F). 324 325 If this hook exits with a non-zero exit status, the attach operation 326 will fail and the zone state will be reset to "configured". 327 328 The following replacements are performed: 329 330 %z Name of zone 331 %R Zonepath of zone 332 Additional arguments, if any, are appended. 333 334 It has no attributes. 335--> 336<!ELEMENT postattach (#PCDATA) > 337<!ATTLIST postattach> 338 339<!-- 340 postclone 341 342 Path to a hook that will perform any necessary post-processing on 343 a zone after it has been cloned. The zone will be in the "incomplete" 344 state when this hook is run. 345 346 If this hook exits with a non-zero exit status, the clone operation 347 will fail and the zone will be left in the "incomplete" state, 348 otherwise the state will be changed to the "installed" state. 349 350 The following replacements are performed: 351 352 %z Name of zone 353 %R Zonepath of zone 354 Additional arguments, if any, are appended. 355 356 It has no attributes. 357--> 358<!ELEMENT postclone (#PCDATA) > 359<!ATTLIST postclone> 360 361<!-- 362 postinstall 363 364 Path to a script that will perform any necessary post-processing on 365 a zone after it has been freshly installed. This hook will run after the 366 install hook completes and the zone is in the installed state. The 367 additional arguments are the same as what is passed to the install hook. 368 369 The following replacements are performed: 370 371 %z Name of zone 372 %R Zonepath of zone 373 Additional arguments, if any, are appended. 374 375 It has no attributes. 376--> 377<!ELEMENT postinstall (#PCDATA) > 378<!ATTLIST postinstall> 379 380<!-- 381 predetach 382 383 Path to a hook that will perform any necessary pre-processing on 384 a zone before it is detached. The zone will be in the "installed" 385 state when this hook is run. 386 387 It is possible that if the zone fails to detach after invoking this 388 hook, future attempts to detach the zone will invoke this hook again. 389 So this hook should be designed to gracefully handle the case where 390 it is run multiple times on the same zone. If this hook exits with 391 a non-zero exit status, the detach operation will fail. 392 393 This hook is most commonly used when there is pre-processing for detaching 394 a zone but the built-in detach support will be used for the actual 395 detach. Otherwise, if a detach hook is provided, then it can be used 396 to do both preprocessing as well as the actual detach. 397 398 The following replacements are performed: 399 400 %z Name of zone 401 %R Zonepath of zone 402 Additional arguments, if any, are appended. 403 404 It has no attributes. 405--> 406<!ELEMENT predetach (#PCDATA) > 407<!ATTLIST predetach> 408 409<!-- 410 detach 411 412 Path to a hook that will perform any necessary processing on 413 a zone to allow it to be detached. The zone will be in the "installed" 414 state when this hook is run. 415 416 It is possible that if the zone fails to detach while running this 417 hook, future attempts to detach the zone will invoke this hook again. 418 So this hook should be designed to gracefully handle the case where 419 it is run multiple times on the same zone. If this hook exits with 420 a non-zero exit status, the detach operation will fail and the zone will 421 be left in the "installed" state, otherwise the state will be changed 422 to "configured". 423 424 The following replacements are performed: 425 426 %z Name of zone 427 %R Zonepath of zone 428 Additional arguments, if any, are appended. 429 430 If no hook is provided, the internal zoneadm detach code will be used. 431 432 It has no attributes. 433--> 434<!ELEMENT detach (#PCDATA) > 435<!ATTLIST detach> 436 437<!-- 438 clone 439 Path to a hook that will perform any necessary processing on a zone to 440 allow it to be installed via cloning. Cloning is an alternative to 441 installing so this hook should result in the same effect for the zone. 442 The zone will be in the "incomplete" state when this hook is run. 443 444 If this hook exits with a non-zero exit status, the clone operation 445 will fail and the zone will be left in the "incomplete" state, otherwise 446 the state will be changed to "installed". 447 448 The following replacements are performed: 449 450 %z Name of zone 451 %R Zonepath of zone 452 1st arg name of source zone 453 Additional arguments, if any, are appended. 454 455 If no hook is provided, the internal zoneadm cloning code will be used. 456--> 457<!ELEMENT clone (#PCDATA) > 458<!ATTLIST clone> 459 460<!-- 461 preuninstall 462 463 Path to a script that will perform any necessary pre-processing on 464 a zone before it is uninstalled. The zone will be in the "installed" 465 state when this hook is run. 466 467 It is possible that if the zone fails to uninstall after invoking this 468 hook, future attempts to uninstall the zone will invoke this hook 469 again. So this hook should be designed to gracefully handle the case 470 where it is run multiple times on the same zone. If this hook exits 471 with a non-zero exit status, the uninstall operation will fail. 472 473 The following replacements are performed: 474 475 %z Name of zone 476 %R Zonepath of zone 477 Additional arguments, if any, are appended. 478 479 It has no attributes. 480--> 481<!ELEMENT preuninstall (#PCDATA) > 482<!ATTLIST preuninstall> 483 484<!-- 485 uninstall 486 Identifies the hook to invoke when uninstalling a zone. The zone will 487 be in the "incomplete" state when this hook is run. 488 489 If this hook exits with a non-zero exit status, the uninstall operation 490 will fail and the zone will be left in the "incomplete" state, otherwise 491 the state will be changed to "configured". 492 493 The following replacements are performed: 494 495 %z Name of zone 496 %R Zonepath of zone 497 Additional arguments, if any, are appended. 498 499 If no hook is provided, the internal zoneadm uninstall code will be used. 500--> 501<!ELEMENT uninstall (#PCDATA) > 502<!ATTLIST uninstall> 503 504<!-- 505 presnap 506 Identifies the hook to invoke before snapshotting a zone using the 507 built-in ZFS clone support. 508 509 If this hook exits with a non-zero exit status, the snapshot operation 510 will fail and the zfs clone operation will fail. 511 512 The following replacements are performed: 513 514 %z Name of zone 515 %R Zonepath of zone 516--> 517<!ELEMENT presnap (#PCDATA) > 518<!ATTLIST presnap> 519 520<!-- 521 postsnap 522 Identifies the hook to invoke after snapshotting a zone using the 523 built-in ZFS clone support. 524 525 If this hook exits with a non-zero exit status, the zfs clone operation 526 will fail. 527 528 The following replacements are performed: 529 530 %z Name of zone 531 %R Zonepath of zone 532--> 533<!ELEMENT postsnap (#PCDATA) > 534<!ATTLIST postsnap> 535 536<!-- 537 validatesnap 538 Identifies the hook to invoke to validate a snapshot of a zone using the 539 built-in ZFS clone support. This will validate a snapshot that was 540 explicitly specified to the clone command when the user wants to 541 re-use a snapshot from an earlier clone operation. 542 543 If this hook exits with a non-zero exit status, the snapshot validation 544 operation will fail, meaning the zfs snapshot cannot be used to install 545 the zone. 546 547 The following replacements are performed: 548 549 %z Name of zone 550 %R Zonepath of zone 551 1st arg snapshot name 552 2nd arg snapshot path 553--> 554<!ELEMENT validatesnap (#PCDATA) > 555<!ATTLIST validatesnap> 556 557<!-- 558 prestatechange 559 Identifies the hook to invoke before zoneadmd makes a state change. 560 If this hook exits with a non-zero exit status, the action failed 561 and no further state change activity will take place. 562 563 The following replacements are performed: 564 565 %z Name of zone 566 %R Zonepath of zone 567 1st arg integer representing current state of zone 568 2 - installed 569 3 - ready 570 4 - running 571 5 - shutting down 572 6 - down 573 7 - mounted 574 2nd arg integer representing transition command 575 0 - ready 576 1 - boot 577 4 - halt 578 3rd arg Alternate root (zonepath is mounted under this root) 579 empty string if zone not mounted under alternate root 580--> 581<!ELEMENT prestatechange (#PCDATA) > 582<!ATTLIST prestatechange> 583 584<!-- 585 poststatechange 586 Identifies the hook to invoke after zoneadmd makes a successful state 587 change. If this hook exits with a non-zero exit status, the action failed 588 and zoneadmd treats the overall state change as failed, although 589 all of the actions up to running the hook will have taken place. 590 591 The following replacements are performed: 592 593 %z Name of zone 594 %R Zonepath of zone 595 See prestatechange comment for 1st, 2nd and 3rd argument values. 596--> 597<!ELEMENT poststatechange (#PCDATA) > 598<!ATTLIST poststatechange> 599 600<!-- 601 query 602 Identifies a hook which can be called to get brand-specific information 603 about the zone. There is no specific place in zones where this is called, 604 calls within the zone infrastructure can be added as needed. 605 606 One example of the use of this hook is to query the implicit ZFS datasets 607 supported by the brand. 608 609 If this hook exits with a non-zero exit status, the query failed, 610 although in general, this hook shouldn't return non-zero. 611 612 The following replacements are performed: 613 614 %z Name of zone 615 %R Zonepath of zone 616 1st arg Arbitrary string which the hook can use to determine what 617 data to return. Brands implementing this hook should be 618 tolerant of arguments they don't support and simply do 619 nothing. 620--> 621<!ELEMENT query (#PCDATA) > 622<!ATTLIST query> 623 624<!-- 625 security-flags 626 Specifies the default security flags applied to zones of this brand. This 627 set can be overridden via security-flags in zonecfg(8). 628--> 629<!ELEMENT security-flags (#PCDATA) > 630<!ATTLIST security-flags> 631 632<!-- 633 privilege 634 635 Add a privilege to the default, prohibited, or required set for all 636 zones of this brand with ip-type matched. If a privilege is added 637 to the default set all zones of this brand with ip-type matched on 638 the system will inherit this privilege unless the privilege is 639 removed via limitpriv in zonecfg(8). If a privilege is added to 640 the prohibited set it can not be added to any zones with ip-type 641 matched via limitpriv in zonecfg(8). If a privilege is added to 642 the required set then all zones of this brand with ip-type matched 643 on the system will inherit this privilege and it can't be removed via 644 limitpriv in zonecfg(8). 645 646 Its attributes are 647 set The name of the set the privilege should go into. 648 name The name of the privilege. 649 ip-type Optional, indicates that adding of the privilege to the 650 set only applies to certain IP types. Can be "shared" or 651 "exclusive". If it is not specified, the default value 652 "all" will be used, which means it is applicable regardless 653 the IP type. 654 655--> 656<!ELEMENT privilege (#PCDATA) > 657<!ATTLIST privilege set ( default | prohibited | required ) #REQUIRED 658 name CDATA #REQUIRED 659 ip-type ( shared | exclusive ) "all" > 660 661<!-- 662 brand 663 664 The toplevel container for a brand configuration. 665 666 Its attributes are 667 668 name The name of the brand. This must match the name of the 669 directory in which the configuration file is stored. 670--> 671 672<!ELEMENT brand (modname?, initname, restartinit?, 673 restartinit0?, restartinitreboot?, 674 login_cmd, 675 forcedlogin_cmd, user_cmd, install, 676 installopts?, boot?, sysboot?, halt?, shutdown?, 677 verify_cfg?, verify_adm?, postattach?, postclone?, 678 postinstall?, predetach?, attach?, detach?, clone?, 679 presnap?, postsnap?, validatesnap?, 680 preuninstall?, uninstall?, 681 prestatechange?, poststatechange?, query?, 682 security-flags?, privilege+)> 683 684<!ATTLIST brand name CDATA #REQUIRED> 685