1<?xml version='1.0'?> 2<!DOCTYPE service_bundle SYSTEM '/usr/share/lib/xml/dtd/service_bundle.dtd.1'> 3 4<!-- 5 CDDL HEADER START 6 7 The contents of this file are subject to the terms of the 8 Common Development and Distribution License (the "License"). 9 You may not use this file except in compliance with the License. 10 11 You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 12 or http://www.opensolaris.org/os/licensing. 13 See the License for the specific language governing permissions 14 and limitations under the License. 15 16 When distributing Covered Code, include this CDDL HEADER in each 17 file and include the License file at usr/src/OPENSOLARIS.LICENSE. 18 If applicable, add the following below this CDDL HEADER, with the 19 fields enclosed by brackets "[]" replaced with your own identifying 20 information: Portions Copyright [yyyy] [name of copyright owner] 21 22 CDDL HEADER END 23 24 Copyright 2008 Sun Microsystems, Inc. All rights reserved. 25 Use is subject to license terms. 26 27 Service manifest for rpcbind 28 29 NOTE: This service manifest is not editable; its contents will 30 be overwritten by package or patch operations, including 31 operating system upgrade. Make customizations in a different 32 file. 33--> 34 35<service_bundle type='manifest' name='SUNWcsr:rpcbind'> 36 37<service 38 name='network/rpc/bind' 39 type='service' 40 version='1'> 41 42 <create_default_instance enabled='true' /> 43 44 <single_instance /> 45 46 <dependency 47 name='fs' 48 grouping='require_all' 49 restart_on='none' 50 type='service'> 51 <service_fmri value='svc:/system/filesystem/minimal' /> 52 </dependency> 53 54 <!-- 55 rpcbind(1M) has a strong dependency on the hostname. 56 --> 57 <dependency 58 name='identity' 59 grouping='require_all' 60 restart_on='refresh' 61 type='service'> 62 <service_fmri 63 value='svc:/system/identity:node' /> 64 </dependency> 65 66 <dependency 67 name='sysidtool' 68 grouping='require_all' 69 restart_on='none' 70 type='service'> 71 <service_fmri 72 value='svc:/system/sysidtool:net' /> 73 </dependency> 74 75 <!-- 76 rpcbind(1M) depends on multicast routes installed by the 77 routing-setup service, and should be started after any IPsec 78 policy is configured and TCP ndd tunables are set (both 79 currently carried out by network/initial). 80 --> 81 <dependency 82 name='network_initial' 83 grouping='optional_all' 84 restart_on='none' 85 type='service'> 86 <service_fmri value='svc:/network/routing-setup:default' /> 87 <service_fmri value='svc:/network/initial:default' /> 88 </dependency> 89 90 <exec_method 91 type='method' 92 name='start' 93 exec='/lib/svc/method/rpc-bind %m' 94 timeout_seconds='60'> 95 <method_context> 96 <method_credential 97 user='root' 98 group='root' 99 privileges='basic,file_chown,file_chown_self,file_owner,net_privaddr,proc_setid,sys_nfs,net_bindmlp' 100 /> 101 </method_context> 102 </exec_method> 103 104 <exec_method 105 type='method' 106 name='refresh' 107 exec=':kill -HUP' 108 timeout_seconds='0'> 109 </exec_method> 110 111 <exec_method 112 type='method' 113 name='stop' 114 exec='/lib/svc/method/rpc-bind %m %{restarter/contract}' 115 timeout_seconds='60'> 116 <method_context> 117 <method_credential 118 user='root' 119 group='root' 120 privileges='basic,proc_owner' 121 /> 122 </method_context> 123 </exec_method> 124 125 <property_group name='config' type='application' > 126 <!-- default property settings for rpcbind(1M). --> 127 128 <!-- enable_tcpwrappers affects the wrapping of rpcbind, 129 see rpcbind(1M) and tcpd(1M) for details. 130 The default value is 'false'. 131 A values of 'true' results in wrapping all UDP/TCP 132 calls to the portmapper with libwrap. Note that 133 rpcbind(1M) will not resolve or lookup names while 134 doing tcp wrapper processing. 135 --> 136 <propval 137 name='enable_tcpwrappers' 138 type='boolean' 139 value='false' /> 140 141 <!-- verbose_logging affects the amount of information 142 which is logged by the tcpwrapper code. 143 The default is 'false'. 144 This property has no effect when tcp wrappers are not 145 enabled. 146 --> 147 <propval 148 name='verbose_logging' 149 type='boolean' 150 value='false' /> 151 152 <!-- allow_indirect affects the forwarding of RPC calls 153 indirect rpcbind calls using rpcb_rmtcall(3NSL). 154 The default value is 'true'. By default this is allowed 155 for all services except for a handful. 156 A value of 'false' stops all indirect calls. This will 157 also disable broadcast rpc. NIS broadcast clients rely 158 on this functionality to exist on NIS servers. 159 --> 160 <propval 161 name='allow_indirect' 162 type='boolean' 163 value='true' /> 164 165 <!-- local_only specifies whether rpcbind should allow 166 calls from hosts other than the localhost. 167 Setting local_only to true will make rpcbind serve 168 only those requests that come in from the local machine. 169 Setting local_only to false will allow access from 170 other hosts. 171 --> 172 <propval 173 name='local_only' 174 type='boolean' 175 value='true' /> 176 177 <!-- to configure rpc/bind --> 178 <propval name='value_authorization' type='astring' 179 value='solaris.smf.value.rpc.bind' /> 180 </property_group> 181 182 <!-- Authorization --> 183 <property_group name='general' type='framework'> 184 <!-- to operate rpc/bind --> 185 <propval name='action_authorization' type='astring' 186 value='solaris.smf.manage.rpc.bind' /> 187 </property_group> 188 189 <stability value='Unstable' /> 190 191 <template> 192 <common_name> 193 <loctext xml:lang='C'> 194 RPC bindings 195 </loctext> 196 </common_name> 197 <documentation> 198 <manpage title='rpcbind' section='1M' 199 manpath='/usr/share/man' /> 200 </documentation> 201 </template> 202 203</service> 204 205</service_bundle> 206