xref: /titanic_44/usr/src/cmd/rpcbind/bind.xml (revision 98573c1925f3692d1e8ea9eb018cb915fc0becc5)
1<?xml version='1.0'?>
2<!DOCTYPE service_bundle SYSTEM '/usr/share/lib/xml/dtd/service_bundle.dtd.1'>
3
4<!--
5    CDDL HEADER START
6
7    The contents of this file are subject to the terms of the
8    Common Development and Distribution License (the "License").
9    You may not use this file except in compliance with the License.
10
11    You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
12    or http://www.opensolaris.org/os/licensing.
13    See the License for the specific language governing permissions
14    and limitations under the License.
15
16    When distributing Covered Code, include this CDDL HEADER in each
17    file and include the License file at usr/src/OPENSOLARIS.LICENSE.
18    If applicable, add the following below this CDDL HEADER, with the
19    fields enclosed by brackets "[]" replaced with your own identifying
20    information: Portions Copyright [yyyy] [name of copyright owner]
21
22    CDDL HEADER END
23
24    Copyright 2015 Nexenta Systems, Inc.  All rights reserved.
25
26    Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
27    Use is subject to license terms.
28
29    Service manifest for rpcbind
30
31    NOTE:  This service manifest is not editable; its contents will
32    be overwritten by package or patch operations, including
33    operating system upgrade.  Make customizations in a different
34    file.
35-->
36
37<service_bundle type='manifest' name='SUNWcsr:rpcbind'>
38
39<service
40    name='network/rpc/bind'
41    type='service'
42    version='1'>
43
44    	<create_default_instance enabled='true' />
45
46	<single_instance />
47
48	<dependency
49		name='fs'
50		grouping='require_all'
51		restart_on='none'
52		type='service'>
53		<service_fmri value='svc:/system/filesystem/minimal' />
54	</dependency>
55
56	<dependency
57		name='sysidtool'
58		grouping='require_all'
59		restart_on='none'
60		type='service'>
61		<service_fmri
62			value='svc:/system/sysidtool:net' />
63	</dependency>
64
65	<!--
66		rpcbind(1M) depends on multicast routes installed by the
67		routing-setup service, and should be started after any IPsec
68		policy is configured and TCP ndd tunables are set (both
69		currently carried out by network/initial).
70	-->
71	<dependency
72		name='network_initial'
73		grouping='optional_all'
74		restart_on='none'
75		type='service'>
76		<service_fmri value='svc:/network/routing-setup:default' />
77		<service_fmri value='svc:/network/initial:default' />
78	</dependency>
79
80	<dependency
81		name='network_ipfilter'
82		grouping='optional_all'
83		restart_on='none'
84		type='service'>
85		<service_fmri value='svc:/network/ipfilter:default' />
86	</dependency>
87
88	<exec_method
89		type='method'
90		name='start'
91		exec='/lib/svc/method/rpc-bind %m'
92		timeout_seconds='60'>
93		<method_context>
94			<method_credential
95				user='root'
96				group='root'
97				privileges='basic,file_chown,file_chown_self,file_owner,net_privaddr,proc_setid,sys_nfs,net_bindmlp'
98				/>
99		</method_context>
100	</exec_method>
101
102	<exec_method
103		type='method'
104		name='refresh'
105		exec=':kill -HUP'
106		timeout_seconds='0'>
107	</exec_method>
108
109	<exec_method
110		type='method'
111		name='stop'
112		exec='/lib/svc/method/rpc-bind %m %{restarter/contract}'
113		timeout_seconds='60'>
114		<method_context>
115			<method_credential
116				user='root'
117				group='root'
118				privileges='basic,proc_owner'
119				/>
120		</method_context>
121	</exec_method>
122
123	<property_group name='config' type='application' >
124		<!-- default property settings for rpcbind(1M). -->
125
126		<!-- enable_tcpwrappers affects the wrapping of rpcbind,
127		     see rpcbind(1M) and tcpd(1M) for details.
128		     The default value is 'false'.
129		     A values of 'true' results in wrapping all UDP/TCP
130		     calls to the portmapper with libwrap. Note that
131		     rpcbind(1M) will not resolve or lookup names while
132		     doing tcp wrapper processing.
133		-->
134		<propval
135			name='enable_tcpwrappers'
136			type='boolean'
137			value='false' />
138
139		<!-- verbose_logging affects the amount of information
140		     which is logged by the tcpwrapper code.
141		     The default is 'false'.
142		     This property has no effect when tcp wrappers are not
143		     enabled.
144		-->
145		<propval
146			name='verbose_logging'
147			type='boolean'
148			value='false' />
149
150		<!-- allow_indirect affects the forwarding of RPC calls
151		     indirect rpcbind calls using rpcb_rmtcall(3NSL).
152		     The default value is 'true'. By default this is allowed
153		     for all services except for a handful.
154		     A value of 'false' stops all indirect calls. This will
155		     also disable broadcast rpc. NIS broadcast clients rely
156		     on this functionality to exist on NIS servers.
157		-->
158		<propval
159			name='allow_indirect'
160			type='boolean'
161			value='true' />
162
163		<!-- local_only specifies whether rpcbind should allow
164		     calls from hosts other than the localhost.
165		     Setting local_only to true will make rpcbind serve
166		     only those requests that come in from the local machine.
167		     Setting local_only to false will allow access from
168		     other hosts.
169		-->
170		<propval
171			name='local_only'
172			type='boolean'
173			value='true' />
174
175		<!-- to configure rpc/bind -->
176		<propval name='value_authorization' type='astring'
177			value='solaris.smf.value.rpc.bind' />
178
179		<propval
180			name='listen_backlog'
181			type='integer'
182			value='64' />
183
184		<propval
185			name='max_threads'
186			type='integer'
187			value='72' />
188	</property_group>
189
190	<!-- Authorization -->
191	<property_group name='general' type='framework'>
192		<!-- to operate rpc/bind -->
193		<propval name='action_authorization' type='astring'
194			value='solaris.smf.manage.rpc.bind' />
195	</property_group>
196
197	<property_group name='firewall_context' type='com.sun,fw_definition'>
198		<propval name='name' type='astring' value='sunrpc' />
199	</property_group>
200
201	<property_group name='firewall_config' type='com.sun,fw_configuration'>
202		<propval name='policy' type='astring' value='use_global' />
203		<propval name='apply_to' type='astring' value='' />
204		<propval name='exceptions' type='astring' value='' />
205		<propval name='value_authorization' type='astring'
206			value='solaris.smf.value.firewall.config' />
207	</property_group>
208
209	<stability value='Unstable' />
210
211	<template>
212		<common_name>
213			<loctext xml:lang='C'>
214				RPC bindings
215			</loctext>
216		</common_name>
217		<documentation>
218			<manpage title='rpcbind' section='1M'
219				manpath='/usr/share/man' />
220		</documentation>
221	</template>
222
223</service>
224
225</service_bundle>
226