xref: /titanic_52/usr/src/cmd/rpcbind/bind.xml (revision db02be5754449d8a49e2d5a695ba0237d964b5dc)
1<?xml version='1.0'?>
2<!DOCTYPE service_bundle SYSTEM '/usr/share/lib/xml/dtd/service_bundle.dtd.1'>
3
4<!--
5    CDDL HEADER START
6
7    The contents of this file are subject to the terms of the
8    Common Development and Distribution License (the "License").
9    You may not use this file except in compliance with the License.
10
11    You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
12    or http://www.opensolaris.org/os/licensing.
13    See the License for the specific language governing permissions
14    and limitations under the License.
15
16    When distributing Covered Code, include this CDDL HEADER in each
17    file and include the License file at usr/src/OPENSOLARIS.LICENSE.
18    If applicable, add the following below this CDDL HEADER, with the
19    fields enclosed by brackets "[]" replaced with your own identifying
20    information: Portions Copyright [yyyy] [name of copyright owner]
21
22    CDDL HEADER END
23
24    Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
25    Use is subject to license terms.
26
27    Service manifest for rpcbind
28
29    NOTE:  This service manifest is not editable; its contents will
30    be overwritten by package or patch operations, including
31    operating system upgrade.  Make customizations in a different
32    file.
33-->
34
35<service_bundle type='manifest' name='SUNWcsr:rpcbind'>
36
37<service
38    name='network/rpc/bind'
39    type='service'
40    version='1'>
41
42    	<create_default_instance enabled='true' />
43
44	<single_instance />
45
46	<dependency
47		name='fs'
48		grouping='require_all'
49		restart_on='none'
50		type='service'>
51		<service_fmri value='svc:/system/filesystem/minimal' />
52	</dependency>
53
54	<!--
55		rpcbind(1M) has a strong dependency on the hostname.
56	-->
57	<dependency
58		name='identity'
59		grouping='require_all'
60		restart_on='refresh'
61		type='service'>
62		<service_fmri
63			value='svc:/system/identity:node' />
64	</dependency>
65
66	<dependency
67		name='sysidtool'
68		grouping='require_all'
69		restart_on='none'
70		type='service'>
71		<service_fmri
72			value='svc:/system/sysidtool:net' />
73	</dependency>
74
75	<!--
76		rpcbind(1M) depends on multicast routes installed by the
77		routing-setup service, and should be started after any IPsec
78		policy is configured and TCP ndd tunables are set (both
79		currently carried out by network/initial).
80	-->
81	<dependency
82		name='network_initial'
83		grouping='optional_all'
84		restart_on='none'
85		type='service'>
86		<service_fmri value='svc:/network/routing-setup:default' />
87		<service_fmri value='svc:/network/initial:default' />
88	</dependency>
89
90	<exec_method
91		type='method'
92		name='start'
93		exec='/lib/svc/method/rpc-bind %m'
94		timeout_seconds='60'>
95		<method_context>
96			<method_credential
97				user='root'
98				group='root'
99				privileges='basic,file_chown,file_chown_self,file_owner,net_privaddr,proc_setid,sys_nfs,net_bindmlp'
100				/>
101		</method_context>
102	</exec_method>
103
104	<exec_method
105		type='method'
106		name='refresh'
107		exec=':kill -HUP'
108		timeout_seconds='0'>
109	</exec_method>
110
111	<exec_method
112		type='method'
113		name='stop'
114		exec='/lib/svc/method/rpc-bind %m %{restarter/contract}'
115		timeout_seconds='60'>
116		<method_context>
117			<method_credential
118				user='root'
119				group='root'
120				privileges='basic,proc_owner'
121				/>
122		</method_context>
123	</exec_method>
124
125	<property_group name='config' type='application' >
126		<!-- default property settings for rpcbind(1M). -->
127
128		<!-- enable_tcpwrappers affects the wrapping of rpcbind,
129		     see rpcbind(1M) and tcpd(1M) for details.
130		     The default value is 'false'.
131		     A values of 'true' results in wrapping all UDP/TCP
132		     calls to the portmapper with libwrap. Note that
133		     rpcbind(1M) will not resolve or lookup names while
134		     doing tcp wrapper processing.
135		-->
136		<propval
137			name='enable_tcpwrappers'
138			type='boolean'
139			value='false' />
140
141		<!-- verbose_logging affects the amount of information
142		     which is logged by the tcpwrapper code.
143		     The default is 'false'.
144		     This property has no effect when tcp wrappers are not
145		     enabled.
146		-->
147		<propval
148			name='verbose_logging'
149			type='boolean'
150			value='false' />
151
152		<!-- allow_indirect affects the forwarding of RPC calls
153		     indirect rpcbind calls using rpcb_rmtcall(3NSL).
154		     The default value is 'true'. By default this is allowed
155		     for all services except for a handful.
156		     A value of 'false' stops all indirect calls. This will
157		     also disable broadcast rpc. NIS broadcast clients rely
158		     on this functionality to exist on NIS servers.
159		-->
160		<propval
161			name='allow_indirect'
162			type='boolean'
163			value='true' />
164
165		<!-- local_only specifies whether rpcbind should allow
166		     calls from hosts other than the localhost.
167		     Setting local_only to true will make rpcbind serve
168		     only those requests that come in from the local machine.
169		     Setting local_only to false will allow access from
170		     other hosts.
171		-->
172		<propval
173			name='local_only'
174			type='boolean'
175			value='true' />
176
177		<!-- to configure rpc/bind -->
178		<propval name='value_authorization' type='astring'
179			value='solaris.smf.value.rpc.bind' />
180	</property_group>
181
182	<!-- Authorization -->
183	<property_group name='general' type='framework'>
184		<!-- to operate rpc/bind -->
185		<propval name='action_authorization' type='astring'
186			value='solaris.smf.manage.rpc.bind' />
187	</property_group>
188
189	<stability value='Unstable' />
190
191	<template>
192		<common_name>
193			<loctext xml:lang='C'>
194				RPC bindings
195			</loctext>
196		</common_name>
197		<documentation>
198			<manpage title='rpcbind' section='1M'
199				manpath='/usr/share/man' />
200		</documentation>
201	</template>
202
203</service>
204
205</service_bundle>
206