Print this page
2594 implement graceful shutdown for local zones in zoneadm
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/lib/brand/labeled/zone/config.xml
+++ new/usr/src/lib/brand/labeled/zone/config.xml
1 1 <?xml version="1.0"?>
2 2
3 3 <!--
4 4 CDDL HEADER START
5 5
6 6 The contents of this file are subject to the terms of the
7 7 Common Development and Distribution License (the "License").
8 8 You may not use this file except in compliance with the License.
9 9
10 10 You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
11 11 or http://www.opensolaris.org/os/licensing.
12 12 See the License for the specific language governing permissions
13 13 and limitations under the License.
14 14
15 15 When distributing Covered Code, include this CDDL HEADER in each
|
↓ open down ↓ |
15 lines elided |
↑ open up ↑ |
16 16 file and include the License file at usr/src/OPENSOLARIS.LICENSE.
17 17 If applicable, add the following below this CDDL HEADER, with the
18 18 fields enclosed by brackets "[]" replaced with your own identifying
19 19 information: Portions Copyright [yyyy] [name of copyright owner]
20 20
21 21 CDDL HEADER END
22 22
23 23 Copyright (c) 2006, 2010, Oracle and/or its affiliates. All rights reserved.
24 24
25 25 DO NOT EDIT THIS FILE.
26 + Copyright 2014 Nexenta Systems, Inc. All rights reserved.
26 27 -->
27 28
28 29 <!DOCTYPE brand PUBLIC "-//Sun Microsystems Inc//DTD Brands//EN"
29 30 "file:///usr/share/lib/xml/dtd/brand.dtd.1">
30 31
31 32 <brand name="labeled">
32 33 <modname></modname>
33 34
34 35 <initname>/sbin/init</initname>
35 36 <login_cmd>/usr/bin/login -z %Z %u</login_cmd>
36 37 <forcedlogin_cmd>/usr/bin/login -z %Z -f %u</forcedlogin_cmd>
37 38
38 39 <user_cmd>/usr/bin/getent passwd %u</user_cmd>
39 40
40 41 <!-- We may not be able to do the create in pkg(1) proper. -->
41 42 <install>/usr/lib/brand/ipkg/pkgcreatezone -z %z -R %R</install>
42 43 <installopts>a:c:d:e:hk:P:p:suv</installopts>
43 44 <boot></boot>
44 45 <sysboot>/usr/lib/brand/ipkg/prestate %z %R 2 0</sysboot>
45 46 <halt></halt>
47 + <shutdown>/usr/sbin/shutdown -y -g0 -i5</shutdown>
46 48 <verify_cfg></verify_cfg>
47 49 <verify_adm></verify_adm>
48 50 <postclone></postclone>
49 51 <postinstall></postinstall>
50 52 <attach>/usr/lib/brand/ipkg/attach %z %R</attach>
51 53 <detach>/usr/lib/brand/ipkg/detach -z %z -R %R</detach>
52 54 <clone>/usr/lib/brand/ipkg/clone -z %z -R %R</clone>
53 55 <uninstall>/usr/lib/brand/ipkg/uninstall %z %R</uninstall>
54 56 <prestatechange>/usr/lib/brand/ipkg/prestate %z %R</prestatechange>
55 57 <poststatechange>/usr/lib/brand/ipkg/poststate %z %R</poststatechange>
56 58 <query>/usr/lib/brand/shared/query %z %R</query>
57 59
58 60 <privilege set="default" name="contract_event" />
59 61 <privilege set="default" name="contract_identity" />
60 62 <privilege set="default" name="contract_observer" />
61 63 <privilege set="default" name="file_chown" />
62 64 <privilege set="default" name="file_chown_self" />
63 65 <privilege set="default" name="file_dac_execute" />
64 66 <privilege set="default" name="file_dac_read" />
65 67 <privilege set="default" name="file_dac_search" />
66 68 <privilege set="default" name="file_dac_write" />
67 69 <privilege set="default" name="file_owner" />
68 70 <privilege set="default" name="file_setid" />
69 71 <privilege set="default" name="ipc_dac_read" />
70 72 <privilege set="default" name="ipc_dac_write" />
71 73 <privilege set="default" name="ipc_owner" />
72 74 <privilege set="default" name="net_bindmlp" />
73 75 <privilege set="default" name="net_icmpaccess" />
74 76 <privilege set="default" name="net_mac_aware" />
75 77 <privilege set="default" name="net_observability" />
76 78 <privilege set="default" name="net_privaddr" />
77 79 <privilege set="default" name="net_rawaccess" ip-type="exclusive" />
78 80 <privilege set="default" name="proc_chroot" />
79 81 <privilege set="default" name="sys_audit" />
80 82 <privilege set="default" name="proc_audit" />
81 83 <privilege set="default" name="proc_lock_memory" />
82 84 <privilege set="default" name="proc_owner" />
83 85 <privilege set="default" name="proc_setid" />
84 86 <privilege set="default" name="proc_taskid" />
85 87 <privilege set="default" name="sys_acct" />
86 88 <privilege set="default" name="sys_admin" />
87 89 <privilege set="default" name="sys_ip_config" ip-type="exclusive" />
88 90 <privilege set="default" name="sys_iptun_config" ip-type="exclusive" />
89 91 <privilege set="default" name="sys_mount" />
90 92 <privilege set="default" name="sys_nfs" />
91 93 <privilege set="default" name="sys_resource" />
92 94 <privilege set="default" name="sys_ppp_config" ip-type="exclusive" />
93 95
94 96 <privilege set="prohibited" name="dtrace_kernel" />
95 97 <privilege set="prohibited" name="proc_zone" />
96 98 <privilege set="prohibited" name="sys_config" />
97 99 <privilege set="prohibited" name="sys_devices" />
98 100 <privilege set="prohibited" name="sys_ip_config" ip-type="shared" />
99 101 <privilege set="prohibited" name="sys_linkdir" />
100 102 <privilege set="prohibited" name="sys_net_config" />
101 103 <privilege set="prohibited" name="sys_res_config" />
102 104 <privilege set="prohibited" name="sys_suser_compat" />
103 105 <privilege set="prohibited" name="xvm_control" />
104 106 <privilege set="prohibited" name="virt_manage" />
105 107 <privilege set="prohibited" name="sys_ppp_config" ip-type="shared" />
106 108
107 109 <privilege set="required" name="proc_exec" />
108 110 <privilege set="required" name="proc_fork" />
109 111 <privilege set="required" name="sys_ip_config" ip-type="exclusive" />
110 112 <privilege set="required" name="sys_mount" />
111 113 </brand>
|
↓ open down ↓ |
56 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX