1<?xml version='1.0'?> 2<!DOCTYPE service_bundle SYSTEM '/usr/share/lib/xml/dtd/service_bundle.dtd.1'> 3 4<!-- 5 CDDL HEADER START 6 7 The contents of this file are subject to the terms of the 8 Common Development and Distribution License (the "License"). 9 You may not use this file except in compliance with the License. 10 11 You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 12 or http://www.opensolaris.org/os/licensing. 13 See the License for the specific language governing permissions 14 and limitations under the License. 15 16 When distributing Covered Code, include this CDDL HEADER in each 17 file and include the License file at usr/src/OPENSOLARIS.LICENSE. 18 If applicable, add the following below this CDDL HEADER, with the 19 fields enclosed by brackets "[]" replaced with your own identifying 20 information: Portions Copyright [yyyy] [name of copyright owner] 21 22 CDDL HEADER END 23 24 Copyright 2008 Sun Microsystems, Inc. All rights reserved. 25 Use is subject to license terms. 26 27 ident "%Z%%M% %I% %E% SMI" 28 29 Service manifest for rpcbind 30 31 NOTE: This service manifest is not editable; its contents will 32 be overwritten by package or patch operations, including 33 operating system upgrade. Make customizations in a different 34 file. 35--> 36 37<service_bundle type='manifest' name='SUNWcsr:rpcbind'> 38 39<service 40 name='network/rpc/bind' 41 type='service' 42 version='1'> 43 44 <create_default_instance enabled='true' /> 45 46 <single_instance /> 47 48 <dependency 49 name='fs' 50 grouping='require_all' 51 restart_on='none' 52 type='service'> 53 <service_fmri value='svc:/system/filesystem/minimal' /> 54 </dependency> 55 56 <!-- 57 rpcbind(1M) has a strong dependency on the hostname. 58 --> 59 <dependency 60 name='identity' 61 grouping='require_all' 62 restart_on='refresh' 63 type='service'> 64 <service_fmri 65 value='svc:/system/identity:node' /> 66 </dependency> 67 68 <dependency 69 name='sysidtool' 70 grouping='require_all' 71 restart_on='none' 72 type='service'> 73 <service_fmri 74 value='svc:/system/sysidtool:net' /> 75 </dependency> 76 77 <!-- 78 rpcbind(1M) depends on multicast routes installed by the 79 routing-setup service, and should be started after any IPsec 80 policy is configured and TCP ndd tunables are set (both 81 currently carried out by network/initial). 82 --> 83 <dependency 84 name='network_initial' 85 grouping='optional_all' 86 restart_on='none' 87 type='service'> 88 <service_fmri value='svc:/network/routing-setup:default' /> 89 <service_fmri value='svc:/network/initial:default' /> 90 </dependency> 91 92 <exec_method 93 type='method' 94 name='start' 95 exec='/lib/svc/method/rpc-bind %m' 96 timeout_seconds='60'> 97 <method_context> 98 <method_credential 99 user='root' 100 group='root' 101 privileges='basic,file_chown,file_chown_self,file_owner,net_privaddr,proc_setid,sys_nfs,net_bindmlp' 102 /> 103 </method_context> 104 </exec_method> 105 106 <exec_method 107 type='method' 108 name='refresh' 109 exec=':kill -HUP' 110 timeout_seconds='0'> 111 </exec_method> 112 113 <exec_method 114 type='method' 115 name='stop' 116 exec='/lib/svc/method/rpc-bind %m %{restarter/contract}' 117 timeout_seconds='60'> 118 <method_context> 119 <method_credential 120 user='root' 121 group='root' 122 privileges='basic,proc_owner' 123 /> 124 </method_context> 125 </exec_method> 126 127 <property_group name='config' type='application' > 128 <!-- default property settings for rpcbind(1M). --> 129 130 <!-- enable_tcpwrappers affects the wrapping of rpcbind, 131 see rpcbind(1M) and tcpd(1M) for details. 132 The default value is 'false'. 133 A values of 'true' results in wrapping all UDP/TCP 134 calls to the portmapper with libwrap. Note that 135 rpcbind(1M) will not resolve or lookup names while 136 doing tcp wrapper processing. 137 --> 138 <propval 139 name='enable_tcpwrappers' 140 type='boolean' 141 value='false' /> 142 143 <!-- verbose_logging affects the amount of information 144 which is logged by the tcpwrapper code. 145 The default is 'false'. 146 This property has no effect when tcp wrappers are not 147 enabled. 148 --> 149 <propval 150 name='verbose_logging' 151 type='boolean' 152 value='false' /> 153 154 <!-- allow_indirect affects the forwarding of RPC calls 155 indirect rpcbind calls using rpcb_rmtcall(3NSL). 156 The default value is 'true'. By default this is allowed 157 for all services except for a handful. 158 A value of 'false' stops all indirect calls. This will 159 also disable broadcast rpc. NIS broadcast clients rely 160 on this functionality to exist on NIS servers. 161 --> 162 <propval 163 name='allow_indirect' 164 type='boolean' 165 value='true' /> 166 167 <!-- local_only specifies whether rpcbind should allow 168 calls from hosts other than the localhost. 169 Setting local_only to true will make rpcbind serve 170 only those requests that come in from the local machine. 171 the default value is false, i.e. allow connections 172 from other systems too. 173 --> 174 <propval 175 name='local_only' 176 type='boolean' 177 value='true' /> 178 179 <!-- to configure rpc/bind --> 180 <propval name='value_authorization' type='astring' 181 value='solaris.smf.value.rpc.bind' /> 182 </property_group> 183 184 <!-- Authorization --> 185 <property_group name='general' type='framework'> 186 <!-- to operate rpc/bind --> 187 <propval name='action_authorization' type='astring' 188 value='solaris.smf.manage.rpc.bind' /> 189 </property_group> 190 191 <stability value='Unstable' /> 192 193 <template> 194 <common_name> 195 <loctext xml:lang='C'> 196 RPC bindings 197 </loctext> 198 </common_name> 199 <documentation> 200 <manpage title='rpcbind' section='1M' 201 manpath='/usr/share/man' /> 202 </documentation> 203 </template> 204 205</service> 206 207</service_bundle> 208