xref: /titanic_52/usr/src/cmd/rpcbind/bind.xml (revision 88447a05f537aabe9a1bc3d5313f22581ec992a7)
1<?xml version='1.0'?>
2<!DOCTYPE service_bundle SYSTEM '/usr/share/lib/xml/dtd/service_bundle.dtd.1'>
3
4<!--
5    CDDL HEADER START
6
7    The contents of this file are subject to the terms of the
8    Common Development and Distribution License (the "License").
9    You may not use this file except in compliance with the License.
10
11    You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
12    or http://www.opensolaris.org/os/licensing.
13    See the License for the specific language governing permissions
14    and limitations under the License.
15
16    When distributing Covered Code, include this CDDL HEADER in each
17    file and include the License file at usr/src/OPENSOLARIS.LICENSE.
18    If applicable, add the following below this CDDL HEADER, with the
19    fields enclosed by brackets "[]" replaced with your own identifying
20    information: Portions Copyright [yyyy] [name of copyright owner]
21
22    CDDL HEADER END
23
24    Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
25    Use is subject to license terms.
26
27    Service manifest for rpcbind
28
29    NOTE:  This service manifest is not editable; its contents will
30    be overwritten by package or patch operations, including
31    operating system upgrade.  Make customizations in a different
32    file.
33-->
34
35<service_bundle type='manifest' name='SUNWcsr:rpcbind'>
36
37<service
38    name='network/rpc/bind'
39    type='service'
40    version='1'>
41
42    	<create_default_instance enabled='true' />
43
44	<single_instance />
45
46	<dependency
47		name='fs'
48		grouping='require_all'
49		restart_on='none'
50		type='service'>
51		<service_fmri value='svc:/system/filesystem/minimal' />
52	</dependency>
53
54	<!--
55		rpcbind(1M) has a strong dependency on the hostname.
56	-->
57	<dependency
58		name='identity'
59		grouping='require_all'
60		restart_on='refresh'
61		type='service'>
62		<service_fmri
63			value='svc:/system/identity:node' />
64	</dependency>
65
66	<dependency
67		name='sysidtool'
68		grouping='require_all'
69		restart_on='none'
70		type='service'>
71		<service_fmri
72			value='svc:/system/sysidtool:net' />
73	</dependency>
74
75	<!--
76		rpcbind(1M) depends on multicast routes installed by the
77		routing-setup service, and should be started after any IPsec
78		policy is configured and TCP ndd tunables are set (both
79		currently carried out by network/initial).
80	-->
81	<dependency
82		name='network_initial'
83		grouping='optional_all'
84		restart_on='none'
85		type='service'>
86		<service_fmri value='svc:/network/routing-setup:default' />
87		<service_fmri value='svc:/network/initial:default' />
88	</dependency>
89
90	<dependency
91		name='network_ipfilter'
92		grouping='optional_all'
93		restart_on='none'
94		type='service'>
95		<service_fmri value='svc:/network/ipfilter:default' />
96	</dependency>
97
98	<exec_method
99		type='method'
100		name='start'
101		exec='/lib/svc/method/rpc-bind %m'
102		timeout_seconds='60'>
103		<method_context>
104			<method_credential
105				user='root'
106				group='root'
107				privileges='basic,file_chown,file_chown_self,file_owner,net_privaddr,proc_setid,sys_nfs,net_bindmlp'
108				/>
109		</method_context>
110	</exec_method>
111
112	<exec_method
113		type='method'
114		name='refresh'
115		exec=':kill -HUP'
116		timeout_seconds='0'>
117	</exec_method>
118
119	<exec_method
120		type='method'
121		name='stop'
122		exec='/lib/svc/method/rpc-bind %m %{restarter/contract}'
123		timeout_seconds='60'>
124		<method_context>
125			<method_credential
126				user='root'
127				group='root'
128				privileges='basic,proc_owner'
129				/>
130		</method_context>
131	</exec_method>
132
133	<property_group name='config' type='application' >
134		<!-- default property settings for rpcbind(1M). -->
135
136		<!-- enable_tcpwrappers affects the wrapping of rpcbind,
137		     see rpcbind(1M) and tcpd(1M) for details.
138		     The default value is 'false'.
139		     A values of 'true' results in wrapping all UDP/TCP
140		     calls to the portmapper with libwrap. Note that
141		     rpcbind(1M) will not resolve or lookup names while
142		     doing tcp wrapper processing.
143		-->
144		<propval
145			name='enable_tcpwrappers'
146			type='boolean'
147			value='false' />
148
149		<!-- verbose_logging affects the amount of information
150		     which is logged by the tcpwrapper code.
151		     The default is 'false'.
152		     This property has no effect when tcp wrappers are not
153		     enabled.
154		-->
155		<propval
156			name='verbose_logging'
157			type='boolean'
158			value='false' />
159
160		<!-- allow_indirect affects the forwarding of RPC calls
161		     indirect rpcbind calls using rpcb_rmtcall(3NSL).
162		     The default value is 'true'. By default this is allowed
163		     for all services except for a handful.
164		     A value of 'false' stops all indirect calls. This will
165		     also disable broadcast rpc. NIS broadcast clients rely
166		     on this functionality to exist on NIS servers.
167		-->
168		<propval
169			name='allow_indirect'
170			type='boolean'
171			value='true' />
172
173		<!-- local_only specifies whether rpcbind should allow
174		     calls from hosts other than the localhost.
175		     Setting local_only to true will make rpcbind serve
176		     only those requests that come in from the local machine.
177		     Setting local_only to false will allow access from
178		     other hosts.
179		-->
180		<propval
181			name='local_only'
182			type='boolean'
183			value='true' />
184
185		<!-- to configure rpc/bind -->
186		<propval name='value_authorization' type='astring'
187			value='solaris.smf.value.rpc.bind' />
188	</property_group>
189
190	<!-- Authorization -->
191	<property_group name='general' type='framework'>
192		<!-- to operate rpc/bind -->
193		<propval name='action_authorization' type='astring'
194			value='solaris.smf.manage.rpc.bind' />
195	</property_group>
196
197	<property_group name='firewall_context' type='com.sun,fw_definition'>
198		<propval name='name' type='astring' value='sunrpc' />
199	</property_group>
200
201	<property_group name='firewall_config' type='com.sun,fw_configuration'>
202		<propval name='policy' type='astring' value='use_global' />
203		<propval name='apply_to' type='astring' value='' />
204		<propval name='exceptions' type='astring' value='' />
205		<propval name='value_authorization' type='astring'
206			value='solaris.smf.value.firewall.config' />
207	</property_group>
208
209	<stability value='Unstable' />
210
211	<template>
212		<common_name>
213			<loctext xml:lang='C'>
214				RPC bindings
215			</loctext>
216		</common_name>
217		<documentation>
218			<manpage title='rpcbind' section='1M'
219				manpath='/usr/share/man' />
220		</documentation>
221	</template>
222
223</service>
224
225</service_bundle>
226