Print this page
smf: switch to a tri-state for process-security properties true=on,false=off,nil=default


  24 -->
  25 
  26 <service_bundle type="manifest" name="process-security">
  27         <service name="system/process-security" type="service" version="1">
  28                 <!-- Initial state of the service is disabled -->
  29                 <create_default_instance enabled="false" />
  30 
  31                 <single_instance />
  32 
  33                 <!-- We don't actually have any methods, but we create a
  34                      default instance so that we show up in svcs -a -->
  35 
  36                 <exec_method type="method" name="start"      exec=":true" timeout_seconds="0"/>
  37                 <exec_method type="method" name="stop" exec=":true" timeout_seconds="30"/>
  38 
  39                 <property_group name='startd' type='framework'>
  40                   <propval name='duration' type='astring' value='transient' />
  41                 </property_group>
  42 
  43                 <property_group name='default' type='application'>
  44                   <propval name='aslr' type='boolean' value='false' />
  45                   <propval name='forbidnullmap' type='boolean' value='false' />
  46                   <propval name='noexecstack' type='boolean' value='false' />
  47 
  48                   <propval name='value_authorization' type='astring'
  49                            value='solaris.smf.value.process-security' />
  50                 </property_group>
  51 
  52                 <property_group name='lower' type='application'>
  53                   <propval name='aslr' type='boolean' value='false' />
  54                   <propval name='forbidnullmap' type='boolean' value='false' />
  55                   <propval name='noexecstack' type='boolean' value='false' />
  56 
  57                   <propval name='value_authorization' type='astring'
  58                            value='solaris.smf.value.process-security' />
  59                 </property_group>
  60 
  61                 <property_group name='upper' type='application'>
  62                   <propval name='aslr' type='boolean' value='true' />
  63                   <propval name='forbidnullmap' type='boolean' value='true' />
  64                   <propval name='noexecstack' type='boolean' value='true' />
  65 
  66                   <propval name='value_authorization' type='astring'
  67                            value='solaris.smf.value.process-security' />
  68                 </property_group>
  69 
  70 
  71 
  72                 <stability value="Unstable" />
  73 
  74                 <template>
  75                         <common_name>
  76                                 <loctext xml:lang='C'>Security Flag Configuration</loctext>
  77                         </common_name>
  78                         <documentation>
  79                                 <manpage title='security-flags' section='5'
  80                                          manpath='/usr/share/man' />
  81                                 <manpage title='psecflags' section='1'
  82                                          manpath='/usr/share/man' />
  83                         </documentation>
  84                 </template>


  24 -->
  25 
  26 <service_bundle type="manifest" name="process-security">
  27         <service name="system/process-security" type="service" version="1">
  28                 <!-- Initial state of the service is disabled -->
  29                 <create_default_instance enabled="false" />
  30 
  31                 <single_instance />
  32 
  33                 <!-- We don't actually have any methods, but we create a
  34                      default instance so that we show up in svcs -a -->
  35 
  36                 <exec_method type="method" name="start"      exec=":true" timeout_seconds="0"/>
  37                 <exec_method type="method" name="stop" exec=":true" timeout_seconds="30"/>
  38 
  39                 <property_group name='startd' type='framework'>
  40                   <propval name='duration' type='astring' value='transient' />
  41                 </property_group>
  42 
  43                 <property_group name='default' type='application'>
  44                   <property name='aslr' type='boolean' />
  45                   <property name='forbidnullmap' type='boolean' />
  46                   <property name='noexecstack' type='boolean' />
  47 
  48                   <propval name='value_authorization' type='astring'
  49                            value='solaris.smf.value.process-security' />
  50                 </property_group>
  51 
  52                 <property_group name='lower' type='application'>
  53                   <property name='aslr' type='boolean' />
  54                   <property name='forbidnullmap' type='boolean' />
  55                   <property name='noexecstack' type='boolean' />
  56 
  57                   <propval name='value_authorization' type='astring'
  58                            value='solaris.smf.value.process-security' />
  59                 </property_group>
  60 
  61                 <property_group name='upper' type='application'>
  62                   <property name='aslr' type='boolean' />
  63                   <property name='forbidnullmap' type='boolean' />
  64                   <property name='noexecstack' type='boolean' />
  65 
  66                   <propval name='value_authorization' type='astring'
  67                            value='solaris.smf.value.process-security' />
  68                 </property_group>
  69 
  70 
  71 
  72                 <stability value="Unstable" />
  73 
  74                 <template>
  75                         <common_name>
  76                                 <loctext xml:lang='C'>Security Flag Configuration</loctext>
  77                         </common_name>
  78                         <documentation>
  79                                 <manpage title='security-flags' section='5'
  80                                          manpath='/usr/share/man' />
  81                                 <manpage title='psecflags' section='1'
  82                                          manpath='/usr/share/man' />
  83                         </documentation>
  84                 </template>