xref: /titanic_51/usr/src/cmd/rpcbind/bind.xml (revision 52978630c494bee8d54ed3f55387ab291818be9d)
1<?xml version='1.0'?>
2<!DOCTYPE service_bundle SYSTEM '/usr/share/lib/xml/dtd/service_bundle.dtd.1'>
3
4<!--
5    CDDL HEADER START
6
7    The contents of this file are subject to the terms of the
8    Common Development and Distribution License (the "License").
9    You may not use this file except in compliance with the License.
10
11    You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
12    or http://www.opensolaris.org/os/licensing.
13    See the License for the specific language governing permissions
14    and limitations under the License.
15
16    When distributing Covered Code, include this CDDL HEADER in each
17    file and include the License file at usr/src/OPENSOLARIS.LICENSE.
18    If applicable, add the following below this CDDL HEADER, with the
19    fields enclosed by brackets "[]" replaced with your own identifying
20    information: Portions Copyright [yyyy] [name of copyright owner]
21
22    CDDL HEADER END
23
24    Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
25    Use is subject to license terms.
26
27    ident	"%Z%%M%	%I%	%E% SMI"
28
29    Service manifest for rpcbind
30
31    NOTE:  This service manifest is not editable; its contents will
32    be overwritten by package or patch operations, including
33    operating system upgrade.  Make customizations in a different
34    file.
35-->
36
37<service_bundle type='manifest' name='SUNWcsr:rpcbind'>
38
39<service
40    name='network/rpc/bind'
41    type='service'
42    version='1'>
43
44    	<create_default_instance enabled='true' />
45
46	<single_instance />
47
48	<dependency
49		name='fs'
50		grouping='require_all'
51		restart_on='none'
52		type='service'>
53		<service_fmri value='svc:/system/filesystem/minimal' />
54	</dependency>
55
56	<!--
57		rpcbind(1M) has a strong dependency on the hostname.
58	-->
59	<dependency
60		name='identity'
61		grouping='require_all'
62		restart_on='refresh'
63		type='service'>
64		<service_fmri
65			value='svc:/system/identity:node' />
66	</dependency>
67
68	<dependency
69		name='sysidtool'
70		grouping='require_all'
71		restart_on='none'
72		type='service'>
73		<service_fmri
74			value='svc:/system/sysidtool:net' />
75	</dependency>
76
77	<dependency
78		name='routing'
79		grouping='optional_all'
80		restart_on='none'
81		type='service'>
82		<service_fmri
83			value='svc:/network/initial:default' />
84	</dependency>
85
86	<exec_method
87		type='method'
88		name='start'
89		exec='/lib/svc/method/rpc-bind %m'
90		timeout_seconds='60'>
91		<method_context>
92			<method_credential
93				user='root'
94				group='root'
95				privileges='basic,file_chown,file_chown_self,file_owner,net_privaddr,proc_setid,sys_nfs,net_bindmlp'
96				/>
97		</method_context>
98	</exec_method>
99
100	<exec_method
101		type='method'
102		name='refresh'
103		exec=':kill -HUP'
104		timeout_seconds='0'>
105	</exec_method>
106
107	<exec_method
108		type='method'
109		name='stop'
110		exec='/lib/svc/method/rpc-bind %m %{restarter/contract}'
111		timeout_seconds='60'>
112		<method_context>
113			<method_credential
114				user='root'
115				group='root'
116				privileges='basic,proc_owner'
117				/>
118		</method_context>
119	</exec_method>
120
121	<property_group name='config' type='application' >
122		<!-- default property settings for rpcbind(1M). -->
123
124		<!-- enable_tcpwrappers affects the wrapping of rpcbind,
125		     see rpcbind(1M) and tcpd(1M) for details.
126		     The default value is 'false'.
127		     A values of 'true' results in wrapping all UDP/TCP
128		     calls to the portmapper with libwrap. Note that
129		     rpcbind(1M) will not resolve or lookup names while
130		     doing tcp wrapper processing.
131		-->
132		<propval
133			name='enable_tcpwrappers'
134			type='boolean'
135			value='false' />
136
137		<!-- verbose_logging affects the amount of information
138		     which is logged by the tcpwrapper code.
139		     The default is 'false'.
140		     This property has no effect when tcp wrappers are not
141		     enabled.
142		-->
143		<propval
144			name='verbose_logging'
145			type='boolean'
146			value='false' />
147
148		<!-- allow_indirect affects the forwarding of RPC calls
149		     indirect rpcbind calls using rpcb_rmtcall(3NSL).
150		     The default value is 'true'. By default this is allowed
151		     for all services except for a handful.
152		     A value of 'false' stops all indirect calls. This will
153		     also disable broadcast rpc. NIS broadcast clients rely
154		     on this functionality to exist on NIS servers.
155		-->
156		<propval
157			name='allow_indirect'
158			type='boolean'
159			value='true' />
160
161		<!-- local_only specifies whether rpcbind should allow
162		     calls from hosts other than the localhost.
163		     Setting local_only to true will make rpcbind serve
164		     only those requests that come in from the local machine.
165		     the default value is false, i.e. allow connections
166		     from other systems too.
167		-->
168		<propval
169			name='local_only'
170			type='boolean'
171			value='false' />
172
173		<!-- to configure rpc/bind -->
174		<propval name='value_authorization' type='astring'
175			value='solaris.smf.value.rpc.bind' />
176	</property_group>
177
178	<!-- Authorization -->
179	<property_group name='general' type='framework'>
180		<!-- to operate rpc/bind -->
181		<propval name='action_authorization' type='astring'
182			value='solaris.smf.manage.rpc.bind' />
183	</property_group>
184
185	<stability value='Unstable' />
186
187	<template>
188		<common_name>
189			<loctext xml:lang='C'>
190				RPC bindings
191			</loctext>
192		</common_name>
193		<documentation>
194			<manpage title='rpcbind' section='1M'
195				manpath='/usr/share/man' />
196		</documentation>
197	</template>
198
199</service>
200
201</service_bundle>
202