1 <?xml version='1.0'?>
2 <!DOCTYPE service_bundle SYSTEM '/usr/share/lib/xml/dtd/service_bundle.dtd.1'>
3
4 <!--
5 CDDL HEADER START
6
7 The contents of this file are subject to the terms of the
8 Common Development and Distribution License (the "License").
9 You may not use this file except in compliance with the License.
10
11 You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
12 or http://www.opensolaris.org/os/licensing.
13 See the License for the specific language governing permissions
14 and limitations under the License.
15
16 When distributing Covered Code, include this CDDL HEADER in each
17 file and include the License file at usr/src/OPENSOLARIS.LICENSE.
18 If applicable, add the following below this CDDL HEADER, with the
19 fields enclosed by brackets "[]" replaced with your own identifying
20 information: Portions Copyright [yyyy] [name of copyright owner]
21
22 CDDL HEADER END
23
24 Copyright 2015 Nexenta Systems, Inc. All rights reserved.
25
26 Copyright 2009 Sun Microsystems, Inc. All rights reserved.
27 Use is subject to license terms.
28
29 Service manifest for rpcbind
30
31 NOTE: This service manifest is not editable; its contents will
32 be overwritten by package or patch operations, including
33 operating system upgrade. Make customizations in a different
34 file.
35 -->
36
37 <service_bundle type='manifest' name='SUNWcsr:rpcbind'>
38
39 <service
40 name='network/rpc/bind'
41 type='service'
42 version='1'>
43
44 <create_default_instance enabled='true' />
45
46 <single_instance />
47
48 <dependency
49 name='fs'
50 grouping='require_all'
51 restart_on='none'
52 type='service'>
53 <service_fmri value='svc:/system/filesystem/minimal' />
54 </dependency>
55
56 <dependency
57 name='sysidtool'
58 grouping='require_all'
59 restart_on='none'
60 type='service'>
61 <service_fmri
62 value='svc:/system/sysidtool:net' />
63 </dependency>
64
65 <!--
66 rpcbind(1M) depends on multicast routes installed by the
67 routing-setup service, and should be started after any IPsec
68 policy is configured and TCP ndd tunables are set (both
69 currently carried out by network/initial).
70 -->
71 <dependency
72 name='network_initial'
73 grouping='optional_all'
74 restart_on='none'
75 type='service'>
76 <service_fmri value='svc:/network/routing-setup:default' />
77 <service_fmri value='svc:/network/initial:default' />
78 </dependency>
79
80 <dependency
81 name='network_ipfilter'
82 grouping='optional_all'
83 restart_on='none'
84 type='service'>
85 <service_fmri value='svc:/network/ipfilter:default' />
86 </dependency>
87
88 <exec_method
89 type='method'
90 name='start'
91 exec='/lib/svc/method/rpc-bind %m'
92 timeout_seconds='60'>
93 <method_context>
94 <method_credential
95 user='root'
96 group='root'
97 privileges='basic,file_chown,file_chown_self,file_owner,net_privaddr,proc_setid,sys_nfs,net_bindmlp'
98 />
99 </method_context>
100 </exec_method>
101
102 <exec_method
103 type='method'
104 name='refresh'
105 exec=':kill -HUP'
106 timeout_seconds='0'>
107 </exec_method>
108
109 <exec_method
110 type='method'
111 name='stop'
112 exec='/lib/svc/method/rpc-bind %m %{restarter/contract}'
113 timeout_seconds='60'>
114 <method_context>
115 <method_credential
116 user='root'
117 group='root'
118 privileges='basic,proc_owner'
119 />
120 </method_context>
121 </exec_method>
122
123 <property_group name='config' type='application' >
124 <!-- default property settings for rpcbind(1M). -->
125
126 <!-- enable_tcpwrappers affects the wrapping of rpcbind,
127 see rpcbind(1M) and tcpd(1M) for details.
128 The default value is 'false'.
129 A values of 'true' results in wrapping all UDP/TCP
130 calls to the portmapper with libwrap. Note that
131 rpcbind(1M) will not resolve or lookup names while
132 doing tcp wrapper processing.
133 -->
134 <propval
135 name='enable_tcpwrappers'
136 type='boolean'
137 value='false' />
138
139 <!-- verbose_logging affects the amount of information
140 which is logged by the tcpwrapper code.
141 The default is 'false'.
142 This property has no effect when tcp wrappers are not
143 enabled.
144 -->
145 <propval
146 name='verbose_logging'
147 type='boolean'
148 value='false' />
149
150 <!-- allow_indirect affects the forwarding of RPC calls
151 indirect rpcbind calls using rpcb_rmtcall(3NSL).
152 The default value is 'true'. By default this is allowed
153 for all services except for a handful.
154 A value of 'false' stops all indirect calls. This will
155 also disable broadcast rpc. NIS broadcast clients rely
156 on this functionality to exist on NIS servers.
157 -->
158 <propval
159 name='allow_indirect'
160 type='boolean'
161 value='true' />
162
163 <!-- local_only specifies whether rpcbind should allow
164 calls from hosts other than the localhost.
165 Setting local_only to true will make rpcbind serve
166 only those requests that come in from the local machine.
167 Setting local_only to false will allow access from
168 other hosts.
169 -->
170 <propval
171 name='local_only'
172 type='boolean'
173 value='true' />
174
175 <!-- to configure rpc/bind -->
176 <propval name='value_authorization' type='astring'
177 value='solaris.smf.value.rpc.bind' />
178
179 <propval
180 name='listen_backlog'
181 type='integer'
182 value='64' />
183
184 <propval
185 name='max_threads'
186 type='integer'
187 value='72' />
188 </property_group>
189
190 <!-- Authorization -->
191 <property_group name='general' type='framework'>
192 <!-- to operate rpc/bind -->
193 <propval name='action_authorization' type='astring'
194 value='solaris.smf.manage.rpc.bind' />
195 </property_group>
196
197 <property_group name='firewall_context' type='com.sun,fw_definition'>
198 <propval name='name' type='astring' value='sunrpc' />
199 </property_group>
200
201 <property_group name='firewall_config' type='com.sun,fw_configuration'>
202 <propval name='policy' type='astring' value='use_global' />
203 <propval name='apply_to' type='astring' value='' />
204 <propval name='exceptions' type='astring' value='' />
205 <propval name='value_authorization' type='astring'
206 value='solaris.smf.value.firewall.config' />
207 </property_group>
208
209 <stability value='Unstable' />
210
211 <template>
212 <common_name>
213 <loctext xml:lang='C'>
214 RPC bindings
215 </loctext>
216 </common_name>
217 <documentation>
218 <manpage title='rpcbind' section='1M'
219 manpath='/usr/share/man' />
220 </documentation>
221 </template>
222
223 </service>
224
225 </service_bundle>