xref: /titanic_44/usr/src/cmd/svc/profile/generic_limited_net.xml (revision ebd1706e95186ddae1d4c0d63c47544cf33832ee)
1<?xml version='1.0'?>
2<!DOCTYPE service_bundle SYSTEM '/usr/share/lib/xml/dtd/service_bundle.dtd.1'>
3<!--
4 Copyright 2005 Sun Microsystems, Inc.  All rights reserved.
5 Use is subject to license terms.
6
7 CDDL HEADER START
8
9 The contents of this file are subject to the terms of the
10 Common Development and Distribution License, Version 1.0 only
11 (the "License").  You may not use this file except in compliance
12 with the License.
13
14 You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
15 or http://www.opensolaris.org/os/licensing.
16 See the License for the specific language governing permissions
17 and limitations under the License.
18
19 When distributing Covered Code, include this CDDL HEADER in each
20 file and include the License file at usr/src/OPENSOLARIS.LICENSE.
21 If applicable, add the following below this CDDL HEADER, with the
22 fields enclosed by brackets "[]" replaced with your own identifying
23 information: Portions Copyright [yyyy] [name of copyright owner]
24
25 CDDL HEADER END
26
27    ident	"%Z%%M%	%I%	%E% SMI"
28
29    The purpose of the limited_net profile is to provide a set of active
30    services that allow one to connect to the machine via ssh (requires
31    sshd,) to be authenticated (requires rpc,) and to access network
32    filesystems (requires nfs.)  The services which are deactivated here
33    are those that are at odds with this goal.  Those which are activated
34    are explicit requirements for the goal's satisfaction.
35
36    NOTE:  Service profiles delivered by this package are not editable,
37    and their contents will be overwritten by package or patch
38    operations, including operating system upgrade.  Make customizations
39    in a distinct file.  The path, /var/svc/profile/site.xml, is a
40    distinguished location for a site-specific service profile, treated
41    otherwise equivalently to this file.
42-->
43<service_bundle type='profile' name='generic_limited_net'
44	 xmlns:xi='http://www.w3.org/2003/XInclude' >
45  <!--
46      Include name service profile, as set by system id tools.
47  -->
48  <xi:include href='file:/var/svc/profile/name_service.xml' />
49
50  <!--
51      svc.startd(1M) services
52  -->
53  <service name='system/coreadm' version='1' type='service'>
54    <instance name='default' enabled='true'/>
55  </service>
56  <service name='system/cron' version='1' type='service'>
57    <instance name='default' enabled='true'/>
58  </service>
59  <service name='system/cryptosvc' version='1' type='service'>
60    <instance name='default' enabled='true'/>
61  </service>
62  <service name='system/identity' version='1' type='service'>
63    <instance name='domain' enabled='true'/>
64  </service>
65  <service name='system/intrd' version='1' type='service'>
66    <instance name='default' enabled='true'/>
67  </service>
68  <service name='system/keymap' version='1' type='service'>
69    <instance name='default' enabled='true'/>
70  </service>
71  <service name='system/picl' version='1' type='service'>
72    <instance name='default' enabled='true'/>
73  </service>
74  <service name='system/sac' version='1' type='service'>
75    <instance name='default' enabled='true'/>
76  </service>
77  <service name='system/scheduler' version='1' type='service'>
78    <instance name='default' enabled='true'/>
79  </service>
80  <service name='system/system-log' version='1' type='service'>
81    <instance name='default' enabled='true'/>
82  </service>
83  <service name='system/utmp' version='1' type='service'>
84    <instance name='default' enabled='true'/>
85  </service>
86  <service name='system/zones' version='1' type='service'>
87    <instance name='default' enabled='true'/>
88  </service>
89  <service name='network/rpc/bind' version='1' type='service'>
90    <instance name='default' enabled='true'/>
91  </service>
92  <service name='system/name-service-cache' version='1' type='service'>
93    <instance name='default' enabled='true'/>
94  </service>
95  <service name='network/nfs/status' version='1' type='service'>
96    <instance name='default' enabled='true'/>
97  </service>
98  <service name='network/nfs/nlockmgr' version='1' type='service'>
99    <instance name='default' enabled='true'/>
100  </service>
101  <service name='network/nfs/client' version='1' type='service'>
102    <instance name='default' enabled='true'/>
103  </service>
104  <service name='network/nfs/server' version='1' type='service'>
105    <instance name='default' enabled='true'/>
106  </service>
107  <service name='network/nfs/rquota' version='1' type='service'>
108    <instance name='default' enabled='true'/>
109  </service>
110  <service name='network/ssh' version='1' type='service'>
111    <instance name='default' enabled='true'/>
112  </service>
113  <service name='network/smtp' version='1' type='service'>
114    <instance name='sendmail' enabled='true'/>
115  </service>
116  <service name='network/inetd' version='1' type='restarter'>
117    <instance name='default' enabled='true'/>
118  </service>
119  <service name='system/filesystem/autofs' version='1' type='service'>
120    <instance name='default' enabled='true'/>
121  </service>
122  <service name='system/filesystem/volfs' version='1' type='service'>
123    <instance name='default' enabled='true'/>
124  </service>
125  <service name='system/power' version='1' type='service'>
126    <instance name='default' enabled='true'/>
127  </service>
128  <service name='application/print/cleanup' version='1' type='service'>
129    <instance name='default' enabled='true' />
130  </service>
131  <service name='network/pfil' version='1' type='service'>
132    <instance name='default' enabled='true' />
133  </service>
134
135  <!--
136      non-default svc.startd(1M) services disabled
137  -->
138  <service name='network/dhcp-server' version='1' type='service'>
139    <instance name='default' enabled='false' />
140  </service>
141  <service name='network/ntp' version='1' type='service'>
142    <instance name='default' enabled='false' />
143  </service>
144  <service name='network/rarp' version='1' type='service'>
145    <instance name='default' enabled='false' />
146  </service>
147  <service name='network/slp' version='1' type='service'>
148    <instance name='default' enabled='false' />
149  </service>
150  <service name='network/security/kadmin' version='1' type='service'>
151    <instance name='default' enabled='false' />
152  </service>
153  <service name='network/security/krb5_prop' version='1' type='service'>
154    <instance name='default' enabled='false' />
155  </service>
156  <service name='network/security/krb5kdc' version='1' type='service'>
157    <instance name='default' enabled='false' />
158  </service>
159
160  <!--
161	default inetd(1M) services disabled
162  -->
163  <service name='network/finger' version='1' type='service'>
164    <instance name='default' enabled='false'/>
165  </service>
166  <service name='network/ftp' version='1' type='service'>
167    <instance name='default' enabled='false'/>
168  </service>
169  <service name='network/login' version='1' type='service'>
170    <instance name='rlogin' enabled='false'/>
171    <!--
172	non-default inetd(1M) instances disabled
173    -->
174    <instance name='klogin' enabled='false'/>
175    <instance name='eklogin' enabled='false'/>
176  </service>
177  <service name='network/shell' version='1' type='service'>
178    <instance name='default' enabled='false'/>
179    <!--
180	non-default inetd(1M) instance disabled
181    -->
182    <instance name='kshell' enabled='false'/>
183  </service>
184  <service name='network/telnet' version='1' type='service'>
185    <instance name='default' enabled='false'/>
186  </service>
187
188  <!--
189	non-default inetd(1M) services disabled
190  -->
191  <service name='network/tname' version='1' type='service'>
192    <instance name='default' enabled='false'/>
193  </service>
194  <service name='network/uucp' version='1' type='service'>
195    <instance name='default' enabled='false'/>
196  </service>
197  <service name='network/chargen' version='1' type='service'>
198    <instance name='stream' enabled='false'/>
199    <instance name='dgram' enabled='false'/>
200  </service>
201  <service name='network/daytime' version='1' type='service'>
202    <instance name='stream' enabled='false'/>
203    <instance name='dgram' enabled='false'/>
204  </service>
205  <service name='network/discard' version='1' type='service'>
206    <instance name='stream' enabled='false'/>
207    <instance name='dgram' enabled='false'/>
208  </service>
209  <service name='network/echo' version='1' type='service'>
210    <instance name='stream' enabled='false'/>
211    <instance name='dgram' enabled='false'/>
212  </service>
213  <service name='network/time' version='1' type='service'>
214    <instance name='stream' enabled='false'/>
215    <instance name='dgram' enabled='false'/>
216  </service>
217  <service name='network/comsat' version='1' type='service'>
218    <instance name='default' enabled='false'/>
219  </service>
220  <service name='network/rexec' version='1' type='service'>
221    <instance name='default' enabled='false'/>
222  </service>
223  <service name='network/talk' version='1' type='service'>
224    <instance name='default' enabled='false'/>
225  </service>
226
227  <!--
228	default inetd(1M) RPC services enabled
229  -->
230  <service name='network/rpc/gss' version='1' type='service'>
231    <instance name='default' enabled='true'/>
232  </service>
233  <service name='network/rpc/mdcomm' version='1' type='service'>
234    <instance name='default' enabled='true'/>
235  </service>
236  <service name='network/rpc/meta' version='1' type='service'>
237    <instance name='default' enabled='true'/>
238  </service>
239  <service name='network/rpc/metamed' version='1' type='service'>
240    <instance name='default' enabled='true'/>
241  </service>
242  <service name='network/rpc/metamh' version='1' type='service'>
243    <instance name='default' enabled='true'/>
244  </service>
245  <service name='network/rpc/smserver' version='1' type='service'>
246    <instance name='default' enabled='true'/>
247  </service>
248  <service name='network/security/ktkt_warn' version='1' type='service'>
249    <instance name='default' enabled='true'/>
250  </service>
251
252  <!--
253	default inetd(1M) RPC services disabled
254  -->
255  <service name='network/rpc/rstat' version='1' type='service'>
256    <instance name='default' enabled='false'/>
257  </service>
258  <service name='network/rpc/rusers' version='1' type='service'>
259    <instance name='default' enabled='false'/>
260  </service>
261
262  <!--
263	non-default inetd(1M) RPC services disabled
264  -->
265  <service name='network/rpc/ocfserv' version='1' type='service'>
266    <instance name='default' enabled='false'/>
267  </service>
268  <service name='network/rpc/rex' version='1' type='service'>
269    <instance name='default' enabled='false'/>
270  </service>
271  <service name='network/rpc/spray' version='1' type='service'>
272    <instance name='default' enabled='false'/>
273  </service>
274  <service name='network/rpc/wall' version='1' type='service'>
275    <instance name='default' enabled='false'/>
276  </service>
277
278</service_bundle>
279