xref: /titanic_41/usr/src/cmd/svc/milestone/global.xml (revision eb42280b2139f489ab9ba5890cd6208cf3e58b38)
1<?xml version="1.0"?>
2<!DOCTYPE service_bundle SYSTEM "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
3<!--
4 Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
5 Use is subject to license terms.
6
7 CDDL HEADER START
8
9 The contents of this file are subject to the terms of the
10 Common Development and Distribution License (the "License").
11 You may not use this file except in compliance with the License.
12
13 You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
14 or http://www.opensolaris.org/os/licensing.
15 See the License for the specific language governing permissions
16 and limitations under the License.
17
18 When distributing Covered Code, include this CDDL HEADER in each
19 file and include the License file at usr/src/OPENSOLARIS.LICENSE.
20 If applicable, add the following below this CDDL HEADER, with the
21 fields enclosed by brackets "[]" replaced with your own identifying
22 information: Portions Copyright [yyyy] [name of copyright owner]
23
24 CDDL HEADER END
25
26	NOTE:  This service manifest is not editable; its contents will
27	be overwritten by package or patch operations, including
28	operating system upgrade.  Make customizations in a different
29	file.
30-->
31
32<service_bundle type='manifest' name='SUNWcsr:global'>
33
34<service
35	name='system/svc/global'
36	type='service'
37	version='1'>
38
39	<!--
40	    There's no running configuration to manage here.  However,
41	    this service stores the system-wide definitions for
42	    templates.
43	-->
44
45	<create_default_instance enabled='false' />
46
47	<single_instance/>
48
49	<exec_method
50		type='method'
51		name='start'
52		exec=':true'
53		timeout_seconds='0' />
54
55	<exec_method
56		type='method'
57		name='stop'
58		exec=':true'
59		timeout_seconds='0' />
60
61	<stability value='Unstable' />
62
63	<template>
64		<common_name>
65			<loctext xml:lang='C'>
66system-wide configuration definitions
67			</loctext>
68		</common_name>
69		<documentation>
70			<manpage title='smf' section='5'
71			    manpath='/usr/share/man' />
72			<manpage title='smf_template' section='5'
73			    manpath='/usr/share/man' />
74		</documentation>
75
76		<pg_pattern name='general' type='framework'
77		    target='all' required='true'>
78                        <description>
79                                <loctext xml:lang='C'>
80Basic information about a service instance which is supplied by the service author, sometimes modified by the administrator, and consumed by SMF and the service's restarter.
81                                </loctext>
82                        </description>
83			<prop_pattern name='enabled' type='boolean'
84			    required='true'>
85				<description>
86					<loctext xml:lang='C'>
87The service instance is expected to be started once all of its dependencies are satisfied.  If this property is not defined, the restarter will not be notified about this service instance.
88					</loctext>
89				</description>
90				<cardinality min='1' max='1'/>
91			</prop_pattern>
92			<prop_pattern name='restarter' type='fmri'
93			    required='false'>
94				<description>
95					<loctext xml:lang='C'>
96The restarter responsible for managing this service instance.  If the property is unset, the default restarter, svc.startd, is assumed.
97					</loctext>
98				</description>
99				<cardinality min='1' max='1'/>
100			</prop_pattern>
101			<prop_pattern name='single_instance' type='boolean'
102			    required='false'>
103				<description>
104					<loctext xml:lang='C'>
105Only one instance of this service may be run.  This property is currently unenforced, but will be at some point in the future.
106					</loctext>
107				</description>
108				<cardinality min='1' max='1'/>
109			</prop_pattern>
110		</pg_pattern>
111
112		<pg_pattern type='dependency' target='all' required='false'>
113                        <description>
114                                <loctext xml:lang='C'>
115A dependency declares a required condition for a service instance to start or stay running.  It is defined by the service author and consumed by SMF.
116                                </loctext>
117                        </description>
118			<prop_pattern name='entities' type='fmri'
119			    required='true'>
120				<description>
121					<loctext xml:lang='C'>
122The services, service instances, or files used to calculate this dependency.
123					</loctext>
124				</description>
125				<cardinality min='1'/>
126			</prop_pattern>
127			<prop_pattern name='external' type='boolean'>
128				<description>
129					<loctext xml:lang='C'>
130This dependency was declared by the service defined in entities.  It will be removed only when that service is deleted.
131					</loctext>
132				</description>
133				<visibility value='readonly'/>
134				<cardinality min='1' max='1'/>
135			</prop_pattern>
136			<prop_pattern name='grouping' type='astring'
137			    required='true'>
138				<description>
139					<loctext xml:lang='C'>
140How to decide whether this dependency is satisfied.
141					</loctext>
142				</description>
143				<cardinality min='1' max='1'/>
144				<constraints>
145				<value name='require_all'>
146					<description>
147						<loctext xml:lang='C'>
148Satisfied when all cited services are running (online or degraded), or when all indicated files are present.
149						</loctext>
150					</description>
151				</value>
152				<value name='require_any'>
153					<description>
154						<loctext xml:lang='C'>
155Satisfied when one of the cited services is running (online or degraded), or when at least one of the indicated files is present.
156						</loctext>
157					</description>
158				</value>
159				<value name='optional_all'>
160					<description>
161						<loctext xml:lang='C'>
162Satisfied if the cited services are running (online or degraded) or will not run without administrative action (disabled, maintenance, not present, or offline waiting for dependencies which will not start without administrative action).
163
164						</loctext>
165					</description>
166				</value>
167				<value name='exclude_all'>
168					<description>
169						<loctext xml:lang='C'>
170Satisfied when all of the cited services are disabled, in the maintenance state, or when cited services or files are not present.
171						</loctext>
172					</description>
173				</value>
174				</constraints>
175				<choices>
176					<include_values type='constraints'/>
177				</choices>
178			</prop_pattern>
179			<prop_pattern name='restart_on' type='astring'
180			    required='true'>
181				<description>
182					<loctext xml:lang='C'>
183Determines whether to restart the service due to a dependency refresh, restart, or failure.
184					</loctext>
185				</description>
186				<cardinality min='1' max='1'/>
187				<constraints>
188				<value name='none'>
189					<description>
190						<loctext xml:lang='C'>
191Never restart due to dependency refresh, restart, or failure.
192						</loctext>
193					</description>
194				</value>
195				<value name='error'>
196					<description>
197						<loctext xml:lang='C'>
198Restart only if the dependency encounters an error, such as an uncorrectable hardware error, or a software error such as a core dump.
199						</loctext>
200					</description>
201				</value>
202				<value name='restart'>
203					<description>
204						<loctext xml:lang='C'>
205Restart if the dependency encounters an error or is explicitly restarted.
206						</loctext>
207					</description>
208				</value>
209				<value name='refresh'>
210					<description>
211						<loctext xml:lang='C'>
212Restart if the dependency encounters an error, is explicitly restarted, or explicitly refreshed.
213						</loctext>
214					</description>
215				</value>
216				</constraints>
217				<choices>
218					<include_values type='constraints'/>
219				</choices>
220			</prop_pattern>
221			<prop_pattern name='type' type='astring'
222			    required='true'>
223				<description>
224					<loctext xml:lang='C'>
225The type of the dependency: service or file.
226					</loctext>
227				</description>
228				<cardinality min='1' max='1'/>
229				<constraints>
230				<value name='service'>
231					<description>
232						<loctext xml:lang='C'>
233Depend on services or instances.
234						</loctext>
235					</description>
236				</value>
237				<value name='path'>
238					<description>
239						<loctext xml:lang='C'>
240Depend on the existance of a file path.
241						</loctext>
242					</description>
243				</value>
244				</constraints>
245				<choices>
246					<include_values type='constraints'/>
247				</choices>
248			</prop_pattern>
249		</pg_pattern>
250
251		<pg_pattern type='template_pg_pattern' target='all'
252		    required='false'>
253			<description>
254				<loctext xml:lang='C'>
255Template data about property groups.  This information is provided in the manifest by the service author and should not be modified directly.
256				</loctext>
257			</description>
258
259			<prop_pattern name='name' type='astring'
260			    required='false'>
261				<description>
262					<loctext xml:lang='C'>
263Optional name of a property group which is described by this template.  No name means the name is wildcarded.
264					</loctext>
265				</description>
266				<visibility value='hidden'/>
267				<cardinality min='1' max='1'/>
268			</prop_pattern>
269			<prop_pattern name='type' type='astring'
270			    required='false'>
271				<description>
272					<loctext xml:lang='C'>
273Optional type of property groups which are described by this template.  No type means that the type is wildcarded.
274					</loctext>
275				</description>
276				<visibility value='hidden'/>
277				<cardinality min='1' max='1'/>
278			</prop_pattern>
279			<prop_pattern name='required' type='boolean'
280			    required='false'>
281				<description>
282					<loctext xml:lang='C'>
283If true, entities without a property group which matches this pattern are considered invalid.
284					</loctext>
285				</description>
286				<visibility value='hidden'/>
287				<cardinality min='1' max='1'/>
288			</prop_pattern>
289			<prop_pattern name='target' type='astring'
290			    required='false'>
291				<description>
292					<loctext xml:lang='C'>
293The services or service instances to which this template should be applied.
294					</loctext>
295				</description>
296				<visibility value='hidden'/>
297				<cardinality min='1' max='1'/>
298				<constraints>
299				<value name='this'>
300					<description>
301						<loctext xml:lang='C'>
302The service or instance on which the property group resides.
303						</loctext>
304					</description>
305				</value>
306				<value name='instance'>
307					<description>
308						<loctext xml:lang='C'>
309This instance, or any instance of this service.
310						</loctext>
311					</description>
312				</value>
313				<value name='delegate'>
314					<description>
315						<loctext xml:lang='C'>
316All instances which currently define this service as their restarter.
317						</loctext>
318					</description>
319				</value>
320				<value name='all'>
321					<description>
322						<loctext xml:lang='C'>
323All services and instances on the system.  "all" may only be set on the global service.
324						</loctext>
325					</description>
326				</value>
327				</constraints>
328			</prop_pattern>
329		</pg_pattern>
330
331		<pg_pattern type='template_prop_pattern' target='all'
332		    required='false'>
333			<description>
334				<loctext xml:lang='C'>
335Template data about properties.  This information is provided in the manifest by the service author and should not be modified directly.
336				</loctext>
337			</description>
338			<prop_pattern name='name' type='astring'
339			    required='true'>
340				<description>
341					<loctext xml:lang='C'>
342Name of property this template applies to.
343					</loctext>
344				</description>
345				<visibility value='hidden'/>
346				<cardinality min='1' max='1'/>
347			</prop_pattern>
348			<prop_pattern name='pg_pattern' type='astring'
349			    required='true'>
350				<description>
351					<loctext xml:lang='C'>
352Name of property group that describes the enclosing property group pattern.
353					</loctext>
354				</description>
355				<visibility value='hidden'/>
356				<cardinality min='1' max='1'/>
357			</prop_pattern>
358			<prop_pattern name='required' type='boolean'
359			    required='false'>
360				<description>
361					<loctext xml:lang='C'>
362Defines whether a property matched by this template is required.
363					</loctext>
364				</description>
365				<visibility value='hidden'/>
366				<cardinality min='1' max='1'/>
367			</prop_pattern>
368			<prop_pattern name='type' type='astring'
369			    required='false'>
370				<description>
371					<loctext xml:lang='C'>
372The type that a property which this template refers to should be.
373					</loctext>
374				</description>
375				<visibility value='hidden'/>
376				<cardinality min='1' max='1'/>
377			</prop_pattern>
378			<prop_pattern name='visibility' type='astring'
379			    required='false'>
380				<description>
381					<loctext xml:lang='C'>
382The visibility of this property, which is readwrite by default.  Visibility is only a cue to the user interface, and will not be explicitly enforced by SMF.
383					</loctext>
384				</description>
385				<visibility value='hidden'/>
386				<cardinality min='1' max='1'/>
387				<constraints>
388				<value name='hidden'>
389					<description>
390						<loctext xml:lang='C'>
391Hidden in default user interface views.
392						</loctext>
393					</description>
394				</value>
395				<value name='readonly'>
396					<description>
397						<loctext xml:lang='C'>
398Expected to be read only in most user interfaces.
399						</loctext>
400					</description>
401				</value>
402				<value name='readwrite'>
403					<description>
404						<loctext xml:lang='C'>
405Expected to be manipulated in many user interfaces.
406						</loctext>
407					</description>
408				</value>
409				</constraints>
410			</prop_pattern>
411			<prop_pattern name='cardinality_min' type='count'
412			    required='false'>
413				<description>
414					<loctext xml:lang='C'>
415Minimum number of required values.
416					</loctext>
417				</description>
418				<cardinality min='1' max='1'/>
419			</prop_pattern>
420			<prop_pattern name='cardinality_max' type='count'
421			    required='false'>
422				<description>
423					<loctext xml:lang='C'>
424Maximum number of required values.
425					</loctext>
426				</description>
427				<visibility value='hidden'/>
428				<cardinality min='1' max='1'/>
429			</prop_pattern>
430			<prop_pattern name='internal_separators' type='astring'
431			    required='false'>
432				<description>
433					<loctext xml:lang='C'>
434List of separator characters for values.
435					</loctext>
436				</description>
437				<visibility value='hidden'/>
438				<cardinality min='1'/>
439			</prop_pattern>
440			<prop_pattern name='constraint_name' type='astring'
441			    required='false'>
442				<description>
443					<loctext xml:lang='C'>
444Values the property is expected to be constrained to.
445					</loctext>
446				</description>
447				<visibility value='hidden'/>
448				<cardinality min='1'/>
449			</prop_pattern>
450			<prop_pattern name='constraint_range' type='astring'
451			    required='false'>
452				<description>
453					<loctext xml:lang='C'>
454Ranges the property is expected to be constrained to.
455					</loctext>
456				</description>
457				<visibility value='hidden'/>
458				<cardinality min='1'/>
459				<internal_separators>,</internal_separators>
460			</prop_pattern>
461			<prop_pattern name='choices_range' type='astring'
462			    required='false'>
463				<description>
464					<loctext xml:lang='C'>
465Ranges a user should be offered as a choice for this property.
466					</loctext>
467				</description>
468				<visibility value='hidden'/>
469				<cardinality min='1'/>
470				<internal_separators>,</internal_separators>
471			</prop_pattern>
472			<prop_pattern name='choices_name' type='astring'
473			    required='false'>
474				<description>
475					<loctext xml:lang='C'>
476Values a users should be offered as a choice for this property.
477					</loctext>
478				</description>
479				<visibility value='hidden'/>
480				<cardinality min='1'/>
481			</prop_pattern>
482			<prop_pattern name='choices_include_values'
483			    type='astring' required='false'>
484				<description>
485					<loctext xml:lang='C'>
486Whether the choices should include the defined constraints or values.
487					</loctext>
488				</description>
489				<visibility value='hidden'/>
490				<cardinality min='1' max='1'/>
491				<constraints>
492				<value name='constraints'>
493					<description>
494						<loctext xml:lang='C'>
495Include all defined constraints as choices.
496						</loctext>
497					</description>
498				</value>
499				<value name='values'>
500					<description>
501						<loctext xml:lang='C'>
502Include all defined values as choices.
503						</loctext>
504					</description>
505				</value>
506				</constraints>
507			</prop_pattern>
508		</pg_pattern>
509
510		<pg_pattern name='method_context' type='framework'
511		    target='all' required='false'>
512			<description>
513				<loctext xml:lang='C'>
514Specifies the default execution context for all service methods.  It is defined by the service author, may be augmented by an administrator, and is consumed by the service's restarter.
515				</loctext>
516			</description>
517
518			<!-- method_context direct properties -->
519			<prop_pattern name='working_directory' type='astring'
520			    required='false'>
521				<description>
522					<loctext xml:lang='C'>
523The working directory to launch the method from.  ":default" can be used as a token to indicate the home directory of the user specified by the credential or profile.
524					</loctext>
525				</description>
526				<cardinality min='1' max='1'/>
527			</prop_pattern>
528			<prop_pattern name='project' type='astring'
529			    required='false'>
530				<description>
531					<loctext xml:lang='C'>
532The project ID in numeric or text form.  ":default" can be used as a token to indicate a project identified by getdefaultproj(3PROJECT) for the user whose uid is used to launch the method.
533					</loctext>
534				</description>
535				<cardinality min='1' max='1'/>
536			</prop_pattern>
537			<prop_pattern name='resource_pool' type='astring'
538			    required='false'>
539				<description>
540					<loctext xml:lang='C'>
541The resource pool name in which to launch the method.  ":default" can be used
542as a token to indicate the pool specified in the project(4) entry given in
543the project attribute.
544					</loctext>
545				</description>
546				<cardinality min='1' max='1'/>
547			</prop_pattern>
548
549			<!-- method_credential properties -->
550			<prop_pattern name='user' type='astring'
551			    required='false'>
552				<description>
553					<loctext xml:lang='C'>
554The user ID in numeric or text form.
555					</loctext>
556				</description>
557				<cardinality min='1' max='1'/>
558			</prop_pattern>
559			<prop_pattern name='group' type='astring'
560			    required='false'>
561				<description>
562					<loctext xml:lang='C'>
563The group ID in numeric or text form.
564					</loctext>
565				</description>
566				<cardinality min='1' max='1'/>
567			</prop_pattern>
568			<prop_pattern name='supp_groups' type='astring'
569			    required='false'>
570				<description>
571					<loctext xml:lang='C'>
572An optional string that specifies the supplemental group memberships by ID,
573in numeric or text form.
574					</loctext>
575				</description>
576				<cardinality min='1' max='1'/>
577			</prop_pattern>
578			<prop_pattern name='privileges' type='astring'
579			    required='false'>
580				<description>
581					<loctext xml:lang='C'>
582An optional string specifying the privilege set as defined in privileges(5).
583					</loctext>
584				</description>
585				<cardinality min='1' max='1'/>
586			</prop_pattern>
587			<prop_pattern name='limit_privileges' type='astring'
588			    required='false'>
589				<description>
590					<loctext xml:lang='C'>
591An optional string specifying the limit privilege set as defined in
592privileges(5).
593					</loctext>
594				</description>
595				<cardinality min='1' max='1'/>
596			</prop_pattern>
597
598			<!-- method_profile properties -->
599			<prop_pattern name='use_profile' type='boolean'
600			    required='false'>
601				<description>
602					<loctext xml:lang='C'>
603A boolean that specifies whether the profile should be used instead of the
604user, group, privileges, and limit_privileges properties.
605					</loctext>
606				</description>
607				<cardinality min='1' max='1'/>
608			</prop_pattern>
609			<prop_pattern name='profile' type='astring'
610			    required='false'>
611				<description>
612					<loctext xml:lang='C'>
613The name of an RBAC (role-based access control) profile which, along with the
614method executable, identifies an entry in exec_attr(4).
615					</loctext>
616				</description>
617				<cardinality min='1' max='1'/>
618			</prop_pattern>
619		</pg_pattern>
620
621		<pg_pattern name='firewall_context'
622		    type='com.sun,fw_definition' target='all' required='false'>
623			<common_name>
624				<loctext xml:lang='C'>
625Static definition
626				</loctext>
627			</common_name>
628			<description>
629				<loctext xml:lang='C'>
630Service static network and firewall definition.
631				</loctext>
632			</description>
633			<prop_pattern name='name' type='astring'
634			    required='false'>
635				<common_name>
636					<loctext xml:lang='C'>
637Service name
638					</loctext>
639				</common_name>
640				<description>
641					<loctext xml:lang='C'>
642IANA name or RPC name for non-inetd service, equivalent to inetd/name property. For RPC services, the value of this property is not an IANA name but is either an RPC program number or name, see rpc(4).
643					</loctext>
644				</description>
645			</prop_pattern>
646			<prop_pattern name='isrpc' type='boolean'
647			    required='false'>
648				<common_name>
649					<loctext xml:lang='C'>
650RPC service
651					</loctext>
652				</common_name>
653				<description>
654					<loctext xml:lang='C'>
655A boolean property where a "true" value indicates an RPC service, equivalent to inetd/isrpc property.
656					</loctext>
657				</description>
658			</prop_pattern>
659			<prop_pattern name='ipf_method' type='astring'
660			    required='false'>
661				<common_name>
662					<loctext xml:lang='C'>
663Custom firewall script
664					</loctext>
665				</common_name>
666				<description>
667					<loctext xml:lang='C'>
668A script that generates ipf rules for a service. Services that require custom IPfilter configuration can use this mechanism to generate and supply their own ipf rules.  The firewall framework does not generate rules for services that has this property definition but expect these services to provide their own rules.
669					</loctext>
670				</description>
671			</prop_pattern> </pg_pattern>
672
673		<pg_pattern name='firewall_config'
674		    type='com.sun,fw_configuration' target='all'
675		    required='false'>
676			<common_name>
677				<loctext xml:lang='C'>
678Firewall configuration
679				</loctext>
680			</common_name>
681			<description>
682				<loctext xml:lang='C'>
683Service firewall configuration.
684				</loctext>
685			</description>
686			<prop_pattern name='policy' type='astring'
687			    required='true'>
688				<common_name>
689					<loctext xml:lang='C'>
690Firewall policy
691					</loctext>
692				</common_name>
693				<description>
694					<loctext xml:lang='C'>
695Service firewall policy.
696					</loctext>
697				</description>
698				<visibility value='readwrite'/>
699				<cardinality min='1' max='1'/>
700				<values>
701					<value name='use_global'>
702						<description>
703							<loctext xml:lang='C'>
704Apply Global Default policy, specified in network/ipfilter for the service. This is the default value.
705							</loctext>
706						</description>
707					</value>
708					<value name='none'>
709						<description>
710							<loctext xml:lang='C'>
711No firewall (allow all).
712							</loctext>
713						</description>
714					</value>
715					<value name='deny'>
716						<description>
717							<loctext xml:lang='C'>
718Deny access to entities specified in 'apply_to' property.
719							</loctext>
720						</description>
721					</value>
722					<value name='allow'>
723						<description>
724							<loctext xml:lang='C'>
725Allow access to entities specified in 'apply_to' property.
726							</loctext>
727						</description>
728					</value>
729				</values>
730				<choices>
731					<include_values type='values'/>
732				</choices>
733			</prop_pattern>
734			<prop_pattern name="apply_to" type="astring"
735			    required="false">
736				<common_name>
737					<loctext xml:lang='C'>
738Apply policy to
739					</loctext>
740				</common_name>
741				<description>
742					<loctext xml:lang="C">
743The host and network IPs, network interfaces, and ippools to deny if the policy is set to deny, or accept if the policy is set to accept.
744					</loctext>
745				</description>
746			</prop_pattern>
747			<prop_pattern name="exceptions" type="astring"
748			    required="false">
749				<common_name>
750					<loctext xml:lang='C'>
751Make exceptions to
752					</loctext>
753				</common_name>
754				<description>
755					<loctext xml:lang="C">
756The host and network IPs, network interfaces, and ippools to exempt from the set policy. That is, those to accept if the policy is set to deny, or to deny if the policy is set to accept.
757					</loctext>
758				</description>
759			</prop_pattern>
760		</pg_pattern>
761
762	</template>
763</service>
764
765</service_bundle>
766