17c478bd9Sstevel@tonic-gate<?xml version='1.0'?> 27c478bd9Sstevel@tonic-gate<!DOCTYPE service_bundle SYSTEM '/usr/share/lib/xml/dtd/service_bundle.dtd.1'> 37c478bd9Sstevel@tonic-gate 47c478bd9Sstevel@tonic-gate<!-- 57c478bd9Sstevel@tonic-gate CDDL HEADER START 67c478bd9Sstevel@tonic-gate 77c478bd9Sstevel@tonic-gate The contents of this file are subject to the terms of the 845916cd2Sjpk Common Development and Distribution License (the "License"). 945916cd2Sjpk You may not use this file except in compliance with the License. 107c478bd9Sstevel@tonic-gate 117c478bd9Sstevel@tonic-gate You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 127c478bd9Sstevel@tonic-gate or http://www.opensolaris.org/os/licensing. 137c478bd9Sstevel@tonic-gate See the License for the specific language governing permissions 147c478bd9Sstevel@tonic-gate and limitations under the License. 157c478bd9Sstevel@tonic-gate 167c478bd9Sstevel@tonic-gate When distributing Covered Code, include this CDDL HEADER in each 177c478bd9Sstevel@tonic-gate file and include the License file at usr/src/OPENSOLARIS.LICENSE. 187c478bd9Sstevel@tonic-gate If applicable, add the following below this CDDL HEADER, with the 197c478bd9Sstevel@tonic-gate fields enclosed by brackets "[]" replaced with your own identifying 207c478bd9Sstevel@tonic-gate information: Portions Copyright [yyyy] [name of copyright owner] 217c478bd9Sstevel@tonic-gate 227c478bd9Sstevel@tonic-gate CDDL HEADER END 237c478bd9Sstevel@tonic-gate 24*6935f61bSMarcel Telka Copyright 2015 Nexenta Systems, Inc. All rights reserved. 25*6935f61bSMarcel Telka 26eb1a3463STruong Nguyen Copyright 2009 Sun Microsystems, Inc. All rights reserved. 270ea5e3a5Sjjj Use is subject to license terms. 2845916cd2Sjpk 290ea5e3a5Sjjj Service manifest for rpcbind 300ea5e3a5Sjjj 317c478bd9Sstevel@tonic-gate NOTE: This service manifest is not editable; its contents will 327c478bd9Sstevel@tonic-gate be overwritten by package or patch operations, including 337c478bd9Sstevel@tonic-gate operating system upgrade. Make customizations in a different 347c478bd9Sstevel@tonic-gate file. 357c478bd9Sstevel@tonic-gate--> 367c478bd9Sstevel@tonic-gate 377c478bd9Sstevel@tonic-gate<service_bundle type='manifest' name='SUNWcsr:rpcbind'> 387c478bd9Sstevel@tonic-gate 397c478bd9Sstevel@tonic-gate<service 407c478bd9Sstevel@tonic-gate name='network/rpc/bind' 417c478bd9Sstevel@tonic-gate type='service' 427c478bd9Sstevel@tonic-gate version='1'> 437c478bd9Sstevel@tonic-gate 447c478bd9Sstevel@tonic-gate <create_default_instance enabled='true' /> 457c478bd9Sstevel@tonic-gate 467c478bd9Sstevel@tonic-gate <single_instance /> 477c478bd9Sstevel@tonic-gate 487c478bd9Sstevel@tonic-gate <dependency 497c478bd9Sstevel@tonic-gate name='fs' 507c478bd9Sstevel@tonic-gate grouping='require_all' 517c478bd9Sstevel@tonic-gate restart_on='none' 527c478bd9Sstevel@tonic-gate type='service'> 537c478bd9Sstevel@tonic-gate <service_fmri value='svc:/system/filesystem/minimal' /> 547c478bd9Sstevel@tonic-gate </dependency> 557c478bd9Sstevel@tonic-gate 567c478bd9Sstevel@tonic-gate <dependency 577c478bd9Sstevel@tonic-gate name='sysidtool' 587c478bd9Sstevel@tonic-gate grouping='require_all' 597c478bd9Sstevel@tonic-gate restart_on='none' 607c478bd9Sstevel@tonic-gate type='service'> 617c478bd9Sstevel@tonic-gate <service_fmri 627c478bd9Sstevel@tonic-gate value='svc:/system/sysidtool:net' /> 637c478bd9Sstevel@tonic-gate </dependency> 647c478bd9Sstevel@tonic-gate 651c55ce03Samaguire <!-- 661c55ce03Samaguire rpcbind(1M) depends on multicast routes installed by the 671c55ce03Samaguire routing-setup service, and should be started after any IPsec 681c55ce03Samaguire policy is configured and TCP ndd tunables are set (both 691c55ce03Samaguire currently carried out by network/initial). 701c55ce03Samaguire --> 717c478bd9Sstevel@tonic-gate <dependency 721c55ce03Samaguire name='network_initial' 737c478bd9Sstevel@tonic-gate grouping='optional_all' 747c478bd9Sstevel@tonic-gate restart_on='none' 757c478bd9Sstevel@tonic-gate type='service'> 761c55ce03Samaguire <service_fmri value='svc:/network/routing-setup:default' /> 771c55ce03Samaguire <service_fmri value='svc:/network/initial:default' /> 787c478bd9Sstevel@tonic-gate </dependency> 797c478bd9Sstevel@tonic-gate 80eb1a3463STruong Nguyen <dependency 81eb1a3463STruong Nguyen name='network_ipfilter' 82eb1a3463STruong Nguyen grouping='optional_all' 83eb1a3463STruong Nguyen restart_on='none' 84eb1a3463STruong Nguyen type='service'> 85eb1a3463STruong Nguyen <service_fmri value='svc:/network/ipfilter:default' /> 86eb1a3463STruong Nguyen </dependency> 87eb1a3463STruong Nguyen 887c478bd9Sstevel@tonic-gate <exec_method 897c478bd9Sstevel@tonic-gate type='method' 907c478bd9Sstevel@tonic-gate name='start' 917c478bd9Sstevel@tonic-gate exec='/lib/svc/method/rpc-bind %m' 927c478bd9Sstevel@tonic-gate timeout_seconds='60'> 937c478bd9Sstevel@tonic-gate <method_context> 947c478bd9Sstevel@tonic-gate <method_credential 957c478bd9Sstevel@tonic-gate user='root' 967c478bd9Sstevel@tonic-gate group='root' 9745916cd2Sjpk privileges='basic,file_chown,file_chown_self,file_owner,net_privaddr,proc_setid,sys_nfs,net_bindmlp' 987c478bd9Sstevel@tonic-gate /> 997c478bd9Sstevel@tonic-gate </method_context> 1007c478bd9Sstevel@tonic-gate </exec_method> 1017c478bd9Sstevel@tonic-gate 1027c478bd9Sstevel@tonic-gate <exec_method 1037c478bd9Sstevel@tonic-gate type='method' 104064ed339Sjjj name='refresh' 105064ed339Sjjj exec=':kill -HUP' 106064ed339Sjjj timeout_seconds='0'> 107064ed339Sjjj </exec_method> 108064ed339Sjjj 109064ed339Sjjj <exec_method 110064ed339Sjjj type='method' 1117c478bd9Sstevel@tonic-gate name='stop' 1127c478bd9Sstevel@tonic-gate exec='/lib/svc/method/rpc-bind %m %{restarter/contract}' 1137c478bd9Sstevel@tonic-gate timeout_seconds='60'> 1147c478bd9Sstevel@tonic-gate <method_context> 1157c478bd9Sstevel@tonic-gate <method_credential 1167c478bd9Sstevel@tonic-gate user='root' 1177c478bd9Sstevel@tonic-gate group='root' 1187c478bd9Sstevel@tonic-gate privileges='basic,proc_owner' 1197c478bd9Sstevel@tonic-gate /> 1207c478bd9Sstevel@tonic-gate </method_context> 1217c478bd9Sstevel@tonic-gate </exec_method> 1227c478bd9Sstevel@tonic-gate 1237c478bd9Sstevel@tonic-gate <property_group name='config' type='application' > 1247c478bd9Sstevel@tonic-gate <!-- default property settings for rpcbind(1M). --> 1257c478bd9Sstevel@tonic-gate 1267c478bd9Sstevel@tonic-gate <!-- enable_tcpwrappers affects the wrapping of rpcbind, 1277c478bd9Sstevel@tonic-gate see rpcbind(1M) and tcpd(1M) for details. 1287c478bd9Sstevel@tonic-gate The default value is 'false'. 1297c478bd9Sstevel@tonic-gate A values of 'true' results in wrapping all UDP/TCP 1307c478bd9Sstevel@tonic-gate calls to the portmapper with libwrap. Note that 1317c478bd9Sstevel@tonic-gate rpcbind(1M) will not resolve or lookup names while 1327c478bd9Sstevel@tonic-gate doing tcp wrapper processing. 1337c478bd9Sstevel@tonic-gate --> 1347c478bd9Sstevel@tonic-gate <propval 1357c478bd9Sstevel@tonic-gate name='enable_tcpwrappers' 1367c478bd9Sstevel@tonic-gate type='boolean' 1377c478bd9Sstevel@tonic-gate value='false' /> 1387c478bd9Sstevel@tonic-gate 1397c478bd9Sstevel@tonic-gate <!-- verbose_logging affects the amount of information 1407c478bd9Sstevel@tonic-gate which is logged by the tcpwrapper code. 1417c478bd9Sstevel@tonic-gate The default is 'false'. 1427c478bd9Sstevel@tonic-gate This property has no effect when tcp wrappers are not 1437c478bd9Sstevel@tonic-gate enabled. 1447c478bd9Sstevel@tonic-gate --> 1457c478bd9Sstevel@tonic-gate <propval 1467c478bd9Sstevel@tonic-gate name='verbose_logging' 1477c478bd9Sstevel@tonic-gate type='boolean' 1487c478bd9Sstevel@tonic-gate value='false' /> 1497c478bd9Sstevel@tonic-gate 1507c478bd9Sstevel@tonic-gate <!-- allow_indirect affects the forwarding of RPC calls 1517c478bd9Sstevel@tonic-gate indirect rpcbind calls using rpcb_rmtcall(3NSL). 1527c478bd9Sstevel@tonic-gate The default value is 'true'. By default this is allowed 1537c478bd9Sstevel@tonic-gate for all services except for a handful. 1547c478bd9Sstevel@tonic-gate A value of 'false' stops all indirect calls. This will 1557c478bd9Sstevel@tonic-gate also disable broadcast rpc. NIS broadcast clients rely 1567c478bd9Sstevel@tonic-gate on this functionality to exist on NIS servers. 1577c478bd9Sstevel@tonic-gate --> 1587c478bd9Sstevel@tonic-gate <propval 1597c478bd9Sstevel@tonic-gate name='allow_indirect' 1607c478bd9Sstevel@tonic-gate type='boolean' 1617c478bd9Sstevel@tonic-gate value='true' /> 1620ea5e3a5Sjjj 1630ea5e3a5Sjjj <!-- local_only specifies whether rpcbind should allow 1640ea5e3a5Sjjj calls from hosts other than the localhost. 1650ea5e3a5Sjjj Setting local_only to true will make rpcbind serve 1660ea5e3a5Sjjj only those requests that come in from the local machine. 167878f29a1Sgww Setting local_only to false will allow access from 168878f29a1Sgww other hosts. 1690ea5e3a5Sjjj --> 1700ea5e3a5Sjjj <propval 1710ea5e3a5Sjjj name='local_only' 1720ea5e3a5Sjjj type='boolean' 173ed1b5e11Sgww value='true' /> 1740ea5e3a5Sjjj 1750ea5e3a5Sjjj <!-- to configure rpc/bind --> 1760ea5e3a5Sjjj <propval name='value_authorization' type='astring' 1770ea5e3a5Sjjj value='solaris.smf.value.rpc.bind' /> 1788f6d9daeSMarcel Telka 1798f6d9daeSMarcel Telka <propval 1808f6d9daeSMarcel Telka name='listen_backlog' 1818f6d9daeSMarcel Telka type='integer' 1828f6d9daeSMarcel Telka value='64' /> 1838f6d9daeSMarcel Telka 1848f6d9daeSMarcel Telka <propval 1858f6d9daeSMarcel Telka name='max_threads' 1868f6d9daeSMarcel Telka type='integer' 1878f6d9daeSMarcel Telka value='72' /> 1880ea5e3a5Sjjj </property_group> 1890ea5e3a5Sjjj 1900ea5e3a5Sjjj <!-- Authorization --> 1910ea5e3a5Sjjj <property_group name='general' type='framework'> 192c817a439Sjohnz <!-- to operate rpc/bind --> 1930ea5e3a5Sjjj <propval name='action_authorization' type='astring' 1940ea5e3a5Sjjj value='solaris.smf.manage.rpc.bind' /> 1957c478bd9Sstevel@tonic-gate </property_group> 1967c478bd9Sstevel@tonic-gate 197eb1a3463STruong Nguyen <property_group name='firewall_context' type='com.sun,fw_definition'> 198eb1a3463STruong Nguyen <propval name='name' type='astring' value='sunrpc' /> 199eb1a3463STruong Nguyen </property_group> 200eb1a3463STruong Nguyen 201eb1a3463STruong Nguyen <property_group name='firewall_config' type='com.sun,fw_configuration'> 202eb1a3463STruong Nguyen <propval name='policy' type='astring' value='use_global' /> 203eb1a3463STruong Nguyen <propval name='apply_to' type='astring' value='' /> 204eb1a3463STruong Nguyen <propval name='exceptions' type='astring' value='' /> 205eb1a3463STruong Nguyen <propval name='value_authorization' type='astring' 206eb1a3463STruong Nguyen value='solaris.smf.value.firewall.config' /> 207eb1a3463STruong Nguyen </property_group> 208eb1a3463STruong Nguyen 2097c478bd9Sstevel@tonic-gate <stability value='Unstable' /> 2107c478bd9Sstevel@tonic-gate 2117c478bd9Sstevel@tonic-gate <template> 2127c478bd9Sstevel@tonic-gate <common_name> 2137c478bd9Sstevel@tonic-gate <loctext xml:lang='C'> 2147c478bd9Sstevel@tonic-gate RPC bindings 2157c478bd9Sstevel@tonic-gate </loctext> 2167c478bd9Sstevel@tonic-gate </common_name> 2177c478bd9Sstevel@tonic-gate <documentation> 2187c478bd9Sstevel@tonic-gate <manpage title='rpcbind' section='1M' 2197c478bd9Sstevel@tonic-gate manpath='/usr/share/man' /> 2207c478bd9Sstevel@tonic-gate </documentation> 2217c478bd9Sstevel@tonic-gate </template> 2227c478bd9Sstevel@tonic-gate 2237c478bd9Sstevel@tonic-gate</service> 2247c478bd9Sstevel@tonic-gate 2257c478bd9Sstevel@tonic-gate</service_bundle> 226