17c478bd9Sstevel@tonic-gate<?xml version='1.0'?> 27c478bd9Sstevel@tonic-gate<!DOCTYPE service_bundle SYSTEM '/usr/share/lib/xml/dtd/service_bundle.dtd.1'> 37c478bd9Sstevel@tonic-gate 47c478bd9Sstevel@tonic-gate<!-- 57c478bd9Sstevel@tonic-gate CDDL HEADER START 67c478bd9Sstevel@tonic-gate 77c478bd9Sstevel@tonic-gate The contents of this file are subject to the terms of the 845916cd2Sjpk Common Development and Distribution License (the "License"). 945916cd2Sjpk You may not use this file except in compliance with the License. 107c478bd9Sstevel@tonic-gate 117c478bd9Sstevel@tonic-gate You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 127c478bd9Sstevel@tonic-gate or http://www.opensolaris.org/os/licensing. 137c478bd9Sstevel@tonic-gate See the License for the specific language governing permissions 147c478bd9Sstevel@tonic-gate and limitations under the License. 157c478bd9Sstevel@tonic-gate 167c478bd9Sstevel@tonic-gate When distributing Covered Code, include this CDDL HEADER in each 177c478bd9Sstevel@tonic-gate file and include the License file at usr/src/OPENSOLARIS.LICENSE. 187c478bd9Sstevel@tonic-gate If applicable, add the following below this CDDL HEADER, with the 197c478bd9Sstevel@tonic-gate fields enclosed by brackets "[]" replaced with your own identifying 207c478bd9Sstevel@tonic-gate information: Portions Copyright [yyyy] [name of copyright owner] 217c478bd9Sstevel@tonic-gate 227c478bd9Sstevel@tonic-gate CDDL HEADER END 237c478bd9Sstevel@tonic-gate 24*ed1b5e11Sgww Copyright 2008 Sun Microsystems, Inc. All rights reserved. 250ea5e3a5Sjjj Use is subject to license terms. 2645916cd2Sjpk 277c478bd9Sstevel@tonic-gate ident "%Z%%M% %I% %E% SMI" 287c478bd9Sstevel@tonic-gate 290ea5e3a5Sjjj Service manifest for rpcbind 300ea5e3a5Sjjj 317c478bd9Sstevel@tonic-gate NOTE: This service manifest is not editable; its contents will 327c478bd9Sstevel@tonic-gate be overwritten by package or patch operations, including 337c478bd9Sstevel@tonic-gate operating system upgrade. Make customizations in a different 347c478bd9Sstevel@tonic-gate file. 357c478bd9Sstevel@tonic-gate--> 367c478bd9Sstevel@tonic-gate 377c478bd9Sstevel@tonic-gate<service_bundle type='manifest' name='SUNWcsr:rpcbind'> 387c478bd9Sstevel@tonic-gate 397c478bd9Sstevel@tonic-gate<service 407c478bd9Sstevel@tonic-gate name='network/rpc/bind' 417c478bd9Sstevel@tonic-gate type='service' 427c478bd9Sstevel@tonic-gate version='1'> 437c478bd9Sstevel@tonic-gate 447c478bd9Sstevel@tonic-gate <create_default_instance enabled='true' /> 457c478bd9Sstevel@tonic-gate 467c478bd9Sstevel@tonic-gate <single_instance /> 477c478bd9Sstevel@tonic-gate 487c478bd9Sstevel@tonic-gate <dependency 497c478bd9Sstevel@tonic-gate name='fs' 507c478bd9Sstevel@tonic-gate grouping='require_all' 517c478bd9Sstevel@tonic-gate restart_on='none' 527c478bd9Sstevel@tonic-gate type='service'> 537c478bd9Sstevel@tonic-gate <service_fmri value='svc:/system/filesystem/minimal' /> 547c478bd9Sstevel@tonic-gate </dependency> 557c478bd9Sstevel@tonic-gate 567c478bd9Sstevel@tonic-gate <!-- 577c478bd9Sstevel@tonic-gate rpcbind(1M) has a strong dependency on the hostname. 587c478bd9Sstevel@tonic-gate --> 597c478bd9Sstevel@tonic-gate <dependency 607c478bd9Sstevel@tonic-gate name='identity' 617c478bd9Sstevel@tonic-gate grouping='require_all' 627c478bd9Sstevel@tonic-gate restart_on='refresh' 637c478bd9Sstevel@tonic-gate type='service'> 647c478bd9Sstevel@tonic-gate <service_fmri 657c478bd9Sstevel@tonic-gate value='svc:/system/identity:node' /> 667c478bd9Sstevel@tonic-gate </dependency> 677c478bd9Sstevel@tonic-gate 687c478bd9Sstevel@tonic-gate <dependency 697c478bd9Sstevel@tonic-gate name='sysidtool' 707c478bd9Sstevel@tonic-gate grouping='require_all' 717c478bd9Sstevel@tonic-gate restart_on='none' 727c478bd9Sstevel@tonic-gate type='service'> 737c478bd9Sstevel@tonic-gate <service_fmri 747c478bd9Sstevel@tonic-gate value='svc:/system/sysidtool:net' /> 757c478bd9Sstevel@tonic-gate </dependency> 767c478bd9Sstevel@tonic-gate 771c55ce03Samaguire <!-- 781c55ce03Samaguire rpcbind(1M) depends on multicast routes installed by the 791c55ce03Samaguire routing-setup service, and should be started after any IPsec 801c55ce03Samaguire policy is configured and TCP ndd tunables are set (both 811c55ce03Samaguire currently carried out by network/initial). 821c55ce03Samaguire --> 837c478bd9Sstevel@tonic-gate <dependency 841c55ce03Samaguire name='network_initial' 857c478bd9Sstevel@tonic-gate grouping='optional_all' 867c478bd9Sstevel@tonic-gate restart_on='none' 877c478bd9Sstevel@tonic-gate type='service'> 881c55ce03Samaguire <service_fmri value='svc:/network/routing-setup:default' /> 891c55ce03Samaguire <service_fmri value='svc:/network/initial:default' /> 907c478bd9Sstevel@tonic-gate </dependency> 917c478bd9Sstevel@tonic-gate 927c478bd9Sstevel@tonic-gate <exec_method 937c478bd9Sstevel@tonic-gate type='method' 947c478bd9Sstevel@tonic-gate name='start' 957c478bd9Sstevel@tonic-gate exec='/lib/svc/method/rpc-bind %m' 967c478bd9Sstevel@tonic-gate timeout_seconds='60'> 977c478bd9Sstevel@tonic-gate <method_context> 987c478bd9Sstevel@tonic-gate <method_credential 997c478bd9Sstevel@tonic-gate user='root' 1007c478bd9Sstevel@tonic-gate group='root' 10145916cd2Sjpk privileges='basic,file_chown,file_chown_self,file_owner,net_privaddr,proc_setid,sys_nfs,net_bindmlp' 1027c478bd9Sstevel@tonic-gate /> 1037c478bd9Sstevel@tonic-gate </method_context> 1047c478bd9Sstevel@tonic-gate </exec_method> 1057c478bd9Sstevel@tonic-gate 1067c478bd9Sstevel@tonic-gate <exec_method 1077c478bd9Sstevel@tonic-gate type='method' 108064ed339Sjjj name='refresh' 109064ed339Sjjj exec=':kill -HUP' 110064ed339Sjjj timeout_seconds='0'> 111064ed339Sjjj </exec_method> 112064ed339Sjjj 113064ed339Sjjj <exec_method 114064ed339Sjjj type='method' 1157c478bd9Sstevel@tonic-gate name='stop' 1167c478bd9Sstevel@tonic-gate exec='/lib/svc/method/rpc-bind %m %{restarter/contract}' 1177c478bd9Sstevel@tonic-gate timeout_seconds='60'> 1187c478bd9Sstevel@tonic-gate <method_context> 1197c478bd9Sstevel@tonic-gate <method_credential 1207c478bd9Sstevel@tonic-gate user='root' 1217c478bd9Sstevel@tonic-gate group='root' 1227c478bd9Sstevel@tonic-gate privileges='basic,proc_owner' 1237c478bd9Sstevel@tonic-gate /> 1247c478bd9Sstevel@tonic-gate </method_context> 1257c478bd9Sstevel@tonic-gate </exec_method> 1267c478bd9Sstevel@tonic-gate 1277c478bd9Sstevel@tonic-gate <property_group name='config' type='application' > 1287c478bd9Sstevel@tonic-gate <!-- default property settings for rpcbind(1M). --> 1297c478bd9Sstevel@tonic-gate 1307c478bd9Sstevel@tonic-gate <!-- enable_tcpwrappers affects the wrapping of rpcbind, 1317c478bd9Sstevel@tonic-gate see rpcbind(1M) and tcpd(1M) for details. 1327c478bd9Sstevel@tonic-gate The default value is 'false'. 1337c478bd9Sstevel@tonic-gate A values of 'true' results in wrapping all UDP/TCP 1347c478bd9Sstevel@tonic-gate calls to the portmapper with libwrap. Note that 1357c478bd9Sstevel@tonic-gate rpcbind(1M) will not resolve or lookup names while 1367c478bd9Sstevel@tonic-gate doing tcp wrapper processing. 1377c478bd9Sstevel@tonic-gate --> 1387c478bd9Sstevel@tonic-gate <propval 1397c478bd9Sstevel@tonic-gate name='enable_tcpwrappers' 1407c478bd9Sstevel@tonic-gate type='boolean' 1417c478bd9Sstevel@tonic-gate value='false' /> 1427c478bd9Sstevel@tonic-gate 1437c478bd9Sstevel@tonic-gate <!-- verbose_logging affects the amount of information 1447c478bd9Sstevel@tonic-gate which is logged by the tcpwrapper code. 1457c478bd9Sstevel@tonic-gate The default is 'false'. 1467c478bd9Sstevel@tonic-gate This property has no effect when tcp wrappers are not 1477c478bd9Sstevel@tonic-gate enabled. 1487c478bd9Sstevel@tonic-gate --> 1497c478bd9Sstevel@tonic-gate <propval 1507c478bd9Sstevel@tonic-gate name='verbose_logging' 1517c478bd9Sstevel@tonic-gate type='boolean' 1527c478bd9Sstevel@tonic-gate value='false' /> 1537c478bd9Sstevel@tonic-gate 1547c478bd9Sstevel@tonic-gate <!-- allow_indirect affects the forwarding of RPC calls 1557c478bd9Sstevel@tonic-gate indirect rpcbind calls using rpcb_rmtcall(3NSL). 1567c478bd9Sstevel@tonic-gate The default value is 'true'. By default this is allowed 1577c478bd9Sstevel@tonic-gate for all services except for a handful. 1587c478bd9Sstevel@tonic-gate A value of 'false' stops all indirect calls. This will 1597c478bd9Sstevel@tonic-gate also disable broadcast rpc. NIS broadcast clients rely 1607c478bd9Sstevel@tonic-gate on this functionality to exist on NIS servers. 1617c478bd9Sstevel@tonic-gate --> 1627c478bd9Sstevel@tonic-gate <propval 1637c478bd9Sstevel@tonic-gate name='allow_indirect' 1647c478bd9Sstevel@tonic-gate type='boolean' 1657c478bd9Sstevel@tonic-gate value='true' /> 1660ea5e3a5Sjjj 1670ea5e3a5Sjjj <!-- local_only specifies whether rpcbind should allow 1680ea5e3a5Sjjj calls from hosts other than the localhost. 1690ea5e3a5Sjjj Setting local_only to true will make rpcbind serve 1700ea5e3a5Sjjj only those requests that come in from the local machine. 1710ea5e3a5Sjjj the default value is false, i.e. allow connections 1720ea5e3a5Sjjj from other systems too. 1730ea5e3a5Sjjj --> 1740ea5e3a5Sjjj <propval 1750ea5e3a5Sjjj name='local_only' 1760ea5e3a5Sjjj type='boolean' 177*ed1b5e11Sgww value='true' /> 1780ea5e3a5Sjjj 1790ea5e3a5Sjjj <!-- to configure rpc/bind --> 1800ea5e3a5Sjjj <propval name='value_authorization' type='astring' 1810ea5e3a5Sjjj value='solaris.smf.value.rpc.bind' /> 1820ea5e3a5Sjjj </property_group> 1830ea5e3a5Sjjj 1840ea5e3a5Sjjj <!-- Authorization --> 1850ea5e3a5Sjjj <property_group name='general' type='framework'> 186c817a439Sjohnz <!-- to operate rpc/bind --> 1870ea5e3a5Sjjj <propval name='action_authorization' type='astring' 1880ea5e3a5Sjjj value='solaris.smf.manage.rpc.bind' /> 1897c478bd9Sstevel@tonic-gate </property_group> 1907c478bd9Sstevel@tonic-gate 1917c478bd9Sstevel@tonic-gate <stability value='Unstable' /> 1927c478bd9Sstevel@tonic-gate 1937c478bd9Sstevel@tonic-gate <template> 1947c478bd9Sstevel@tonic-gate <common_name> 1957c478bd9Sstevel@tonic-gate <loctext xml:lang='C'> 1967c478bd9Sstevel@tonic-gate RPC bindings 1977c478bd9Sstevel@tonic-gate </loctext> 1987c478bd9Sstevel@tonic-gate </common_name> 1997c478bd9Sstevel@tonic-gate <documentation> 2007c478bd9Sstevel@tonic-gate <manpage title='rpcbind' section='1M' 2017c478bd9Sstevel@tonic-gate manpath='/usr/share/man' /> 2027c478bd9Sstevel@tonic-gate </documentation> 2037c478bd9Sstevel@tonic-gate </template> 2047c478bd9Sstevel@tonic-gate 2057c478bd9Sstevel@tonic-gate</service> 2067c478bd9Sstevel@tonic-gate 2077c478bd9Sstevel@tonic-gate</service_bundle> 208