1 <?xml version='1.0' encoding='UTF-8' ?> 2 3 <!-- 4 CDDL HEADER START 5 6 The contents of this file are subject to the terms of the 7 Common Development and Distribution License (the "License"). 8 You may not use this file except in compliance with the License. 9 10 You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 11 or http://www.opensolaris.org/os/licensing. 12 See the License for the specific language governing permissions 13 and limitations under the License. 14 15 When distributing Covered Code, include this CDDL HEADER in each 16 file and include the License file at usr/src/OPENSOLARIS.LICENSE. 17 If applicable, add the following below this CDDL HEADER, with the 18 fields enclosed by brackets "[]" replaced with your own identifying 19 information: Portions Copyright [yyyy] [name of copyright owner] 20 21 CDDL HEADER END 22 23 Copyright (c) 2006, 2010, Oracle and/or its affiliates. All rights reserved. 24 25 DO NOT EDIT THIS FILE. 26 --> 27 28 <!-- 29 verify_cfg 30 31 Identifies the program to be invoked by zonecfg to verify that the 32 zone's configuration is legal, and that all the configured devices, 33 attributes, etc. are legal for this brand. 34 35 The program is called with a single argument: the path to a file 36 containing a temporary config.xml file the zone. It should return 0 37 on success and non-0 on failure. Any detailed error messages should be 38 displayed to stderr. 39 40 It has no attributes. 41 42 --> 43 <!ELEMENT verify_cfg (#PCDATA) > 44 <!ATTLIST verify_cfg> 45 <!-- 46 verify_adm 47 48 Identifies the program invoked by zoneadm to perform brand-specific 49 checks as to the viability of a zone on this specific machine. 50 51 The following replacements are performed: 52 53 %z Name of zone 54 %R Zonepath of zone 55 Additional arguments, if any, are appended. 56 57 The program should return 0 on success and non-0 on failure. Any 58 detailed error messages should be displayed to stderr. 59 60 It has no attributes. 61 62 --> 63 <!ELEMENT verify_adm (#PCDATA) > 64 <!ATTLIST verify_adm> 65 66 <!-- 67 install 68 69 Identifies the program to invoke when installing a zone. The following 70 replacements are performed: 71 72 %z Name of zone 73 %R Zonepath of zone 74 Additional arguments, if any, are appended. 75 76 It has no attributes. 77 --> 78 <!ELEMENT install (#PCDATA) > 79 <!ATTLIST install> 80 81 <!-- 82 installopts 83 84 Identifies the command-line options supported by the brand's 85 installation program, allowing zoneadm to parse the install line 86 properly. 87 88 It has no attributes. 89 --> 90 <!ELEMENT installopts (#PCDATA) > 91 <!ATTLIST installopts> 92 93 <!-- 94 boot 95 96 This is a program which gets run by zoneadmd when a zone is booted. 97 The program will be invoked as the last step in the zone booting 98 process before the the first process is spawned inside the zone. 99 100 If this programs succeeds it should not generate any output. 101 If this program returns an error, any output generated by the 102 program will be sent to the zoneadmd message log. 103 104 The following replacements are performed: 105 106 %z Name of zone 107 %R Zonepath of zone 108 Additional arguments, if any, are appended. 109 110 It has no attributes. 111 --> 112 <!ELEMENT boot (#PCDATA) > 113 <!ATTLIST boot> 114 115 <!-- 116 sysboot 117 118 This is a program that will be run by zoneadm during system boot for an 119 installed zone that won't automatically boot. 120 121 If the program succeeds, then it should not generate output. 122 If the program returns an error, then the output it generates will be 123 sent to the zones SMF service's message log. 124 125 The following replacements are performed: 126 127 %z Name of the target zone 128 %R Zonepath of the target zone 129 Additional arguments, if any, are appended. 130 131 This element has no attributes. 132 --> 133 <!ELEMENT sysboot (#PCDATA) > 134 <!ATTLIST sysboot> 135 136 <!-- 137 halt 138 139 This is a program which gets run by zoneadmd when a zone is being 140 halted. This callback is provided to allow a brand to cleanup any 141 special configuration that was setup during boot. 142 143 This program will also be invoked by zoneadmd if any part of the zone 144 booting process fail, even if the booting process failed before the 145 brand boot program was invoked. It is also possible that if the zone 146 fails to halt after invoking this program, future attempts to halt the 147 zone will invoke this program again. So this program should be 148 designed to clean up any resources allocated to a zone but it should 149 also be able to gracefully handle the case where resources that it 150 expects to release are not actually allocated (or have been already 151 released.) 152 153 If this programs succeeds it should not generate any output. If this 154 program returns an error, any output generated by the program will be 155 sent to the zoneadmd message log. 156 157 The following replacements are performed: 158 159 %z Name of zone 160 %R Zonepath of zone 161 Additional arguments, if any, are appended. 162 163 It has no attributes. 164 --> 165 <!ELEMENT halt (#PCDATA) > 166 <!ATTLIST halt> 167 168 <!-- 169 modname 170 171 Path to the kernel module that implements the kernel-level 172 functionality of the brand. 173 174 It has no attributes. 175 --> 176 <!ELEMENT modname (#PCDATA) > 177 <!ATTLIST modname> 178 179 <!-- 180 initname 181 182 Path to the initial executable that should be launched when booting a 183 branded zone. 184 185 It has no attributes. 186 --> 187 <!ELEMENT initname (#PCDATA) > 188 <!ATTLIST initname> 189 190 <!-- 191 login_cmd 192 193 Path to the initial login binary that should be executed when 194 attempting to zlogin into a branded zone. 195 196 The following replacements are performed: 197 198 %Z Name of the current zone 199 %u User login name 200 201 It has no attributes. 202 --> 203 <!ELEMENT login_cmd (#PCDATA) > 204 <!ATTLIST login_cmd> 205 206 <!-- 207 forcedlogin_cmd 208 209 Path to the initial login binary that should be executed when 210 attempting to zlogin into a branded zone without authentication. 211 212 The following replacements are performed: 213 214 %Z Name of the current zone 215 %u User login name 216 217 It has no attributes. 218 --> 219 <!ELEMENT forcedlogin_cmd (#PCDATA) > 220 <!ATTLIST forcedlogin_cmd> 221 222 <!-- 223 user_cmd 224 225 Path to the binary that will translate a user name to a passwd(4) entry. 226 227 The following replacements are performed: 228 229 %u User login name 230 231 It has no attributes. The passwd(4) entry is used to determine $LOGNAME, 232 $HOME, and $SHELL for non-interactive "zlogin -l <user> <cmd>". 233 --> 234 <!ELEMENT user_cmd (#PCDATA) > 235 <!ATTLIST user_cmd> 236 237 <!-- 238 attach 239 240 Path to a hook that will perform any necessary processing on 241 a zone to allow it to be attached. The zone will be in the "configured" 242 state when this hook is run. This hook is never called when the zone 243 is "force attached" (-F). 244 245 If this hook exits with a non-zero exit status, the attach operation 246 will fail. 247 248 The following replacements are performed: 249 250 %z Name of zone 251 %R Zonepath of zone 252 Additional arguments, if any, are appended. 253 254 If no hook is provided, the internal zoneadm attach code will be used. 255 256 It has no attributes. 257 --> 258 <!ELEMENT attach (#PCDATA) > 259 <!ATTLIST attach> 260 261 <!-- 262 postattach 263 264 Path to a hook that will perform any necessary post-processing on 265 a zone after it has been attached. The zone will be in the "installed" 266 state when this hook is run. This hook is never called when the zone 267 is "force attached" (-F). 268 269 If this hook exits with a non-zero exit status, the attach operation 270 will fail and the zone state will be reset to "configured". 271 272 The following replacements are performed: 273 274 %z Name of zone 275 %R Zonepath of zone 276 Additional arguments, if any, are appended. 277 278 It has no attributes. 279 --> 280 <!ELEMENT postattach (#PCDATA) > 281 <!ATTLIST postattach> 282 283 <!-- 284 postclone 285 286 Path to a hook that will perform any necessary post-processing on 287 a zone after it has been cloned. The zone will be in the "incomplete" 288 state when this hook is run. 289 290 If this hook exits with a non-zero exit status, the clone operation 291 will fail and the zone will be left in the "incomplete" state, 292 otherwise the state will be changed to the "installed" state. 293 294 The following replacements are performed: 295 296 %z Name of zone 297 %R Zonepath of zone 298 Additional arguments, if any, are appended. 299 300 It has no attributes. 301 --> 302 <!ELEMENT postclone (#PCDATA) > 303 <!ATTLIST postclone> 304 305 <!-- 306 postinstall 307 308 Path to a script that will perform any necessary post-processing on 309 a zone after it has been freshly installed. This hook will run after the 310 install hook completes and the zone is in the installed state. The 311 additional arguments are the same as what is passed to the install hook. 312 313 The following replacements are performed: 314 315 %z Name of zone 316 %R Zonepath of zone 317 Additional arguments, if any, are appended. 318 319 It has no attributes. 320 --> 321 <!ELEMENT postinstall (#PCDATA) > 322 <!ATTLIST postinstall> 323 324 <!-- 325 predetach 326 327 Path to a hook that will perform any necessary pre-processing on 328 a zone before it is detached. The zone will be in the "installed" 329 state when this hook is run. 330 331 It is possible that if the zone fails to detach after invoking this 332 hook, future attempts to detach the zone will invoke this hook again. 333 So this hook should be designed to gracefully handle the case where 334 it is run multiple times on the same zone. If this hook exits with 335 a non-zero exit status, the detach operation will fail. 336 337 This hook is most commonly used when there is pre-processing for detaching 338 a zone but the built-in detach support will be used for the actual 339 detach. Otherwise, if a detach hook is provided, then it can be used 340 to do both preprocessing as well as the actual detach. 341 342 The following replacements are performed: 343 344 %z Name of zone 345 %R Zonepath of zone 346 Additional arguments, if any, are appended. 347 348 It has no attributes. 349 --> 350 <!ELEMENT predetach (#PCDATA) > 351 <!ATTLIST predetach> 352 353 <!-- 354 detach 355 356 Path to a hook that will perform any necessary processing on 357 a zone to allow it to be detached. The zone will be in the "installed" 358 state when this hook is run. 359 360 It is possible that if the zone fails to detach while running this 361 hook, future attempts to detach the zone will invoke this hook again. 362 So this hook should be designed to gracefully handle the case where 363 it is run multiple times on the same zone. If this hook exits with 364 a non-zero exit status, the detach operation will fail and the zone will 365 be left in the "installed" state, otherwise the state will be changed 366 to "configured". 367 368 The following replacements are performed: 369 370 %z Name of zone 371 %R Zonepath of zone 372 Additional arguments, if any, are appended. 373 374 If no hook is provided, the internal zoneadm detach code will be used. 375 376 It has no attributes. 377 --> 378 <!ELEMENT detach (#PCDATA) > 379 <!ATTLIST detach> 380 381 <!-- 382 clone 383 Path to a hook that will perform any necessary processing on a zone to 384 allow it to be installed via cloning. Cloning is an alternative to 385 installing so this hook should result in the same effect for the zone. 386 The zone will be in the "incomplete" state when this hook is run. 387 388 If this hook exits with a non-zero exit status, the clone operation 389 will fail and the zone will be left in the "incomplete" state, otherwise 390 the state will be changed to "installed". 391 392 The following replacements are performed: 393 394 %z Name of zone 395 %R Zonepath of zone 396 1st arg name of source zone 397 Additional arguments, if any, are appended. 398 399 If no hook is provided, the internal zoneadm cloning code will be used. 400 --> 401 <!ELEMENT clone (#PCDATA) > 402 <!ATTLIST clone> 403 404 <!-- 405 preuninstall 406 407 Path to a script that will perform any necessary pre-processing on 408 a zone before it is uninstalled. The zone will be in the "installed" 409 state when this hook is run. 410 411 It is possible that if the zone fails to uninstall after invoking this 412 hook, future attempts to uninstall the zone will invoke this hook 413 again. So this hook should be designed to gracefully handle the case 414 where it is run multiple times on the same zone. If this hook exits 415 with a non-zero exit status, the uninstall operation will fail. 416 417 The following replacements are performed: 418 419 %z Name of zone 420 %R Zonepath of zone 421 Additional arguments, if any, are appended. 422 423 It has no attributes. 424 --> 425 <!ELEMENT preuninstall (#PCDATA) > 426 <!ATTLIST preuninstall> 427 428 <!-- 429 uninstall 430 Identifies the hook to invoke when uninstalling a zone. The zone will 431 be in the "incomplete" state when this hook is run. 432 433 If this hook exits with a non-zero exit status, the uninstall operation 434 will fail and the zone will be left in the "incomplete" state, otherwise 435 the state will be changed to "configured". 436 437 The following replacements are performed: 438 439 %z Name of zone 440 %R Zonepath of zone 441 Additional arguments, if any, are appended. 442 443 If no hook is provided, the internal zoneadm uninstall code will be used. 444 --> 445 <!ELEMENT uninstall (#PCDATA) > 446 <!ATTLIST uninstall> 447 448 <!-- 449 presnap 450 Identifies the hook to invoke before snapshotting a zone using the 451 built-in ZFS clone support. 452 453 If this hook exits with a non-zero exit status, the snapshot operation 454 will fail and the zfs clone operation will fail. 455 456 The following replacements are performed: 457 458 %z Name of zone 459 %R Zonepath of zone 460 --> 461 <!ELEMENT presnap (#PCDATA) > 462 <!ATTLIST presnap> 463 464 <!-- 465 postsnap 466 Identifies the hook to invoke after snapshotting a zone using the 467 built-in ZFS clone support. 468 469 If this hook exits with a non-zero exit status, the zfs clone operation 470 will fail. 471 472 The following replacements are performed: 473 474 %z Name of zone 475 %R Zonepath of zone 476 --> 477 <!ELEMENT postsnap (#PCDATA) > 478 <!ATTLIST postsnap> 479 480 <!-- 481 validatesnap 482 Identifies the hook to invoke to validate a snapshot of a zone using the 483 built-in ZFS clone support. This will validate a snapshot that was 484 explicitly specified to the clone command when the user wants to 485 re-use a snapshot from an earlier clone operation. 486 487 If this hook exits with a non-zero exit status, the snapshot validation 488 operation will fail, meaning the zfs snapshot cannot be used to install 489 the zone. 490 491 The following replacements are performed: 492 493 %z Name of zone 494 %R Zonepath of zone 495 1st arg snapshot name 496 2nd arg snapshot path 497 --> 498 <!ELEMENT validatesnap (#PCDATA) > 499 <!ATTLIST validatesnap> 500 501 <!-- 502 prestatechange 503 Identifies the hook to invoke before zoneadmd makes a state change. 504 If this hook exits with a non-zero exit status, the action failed 505 and no further state change activity will take place. 506 507 The following replacements are performed: 508 509 %z Name of zone 510 %R Zonepath of zone 511 1st arg integer representing current state of zone 512 2 - installed 513 3 - ready 514 4 - running 515 5 - shutting down 516 6 - down 517 7 - mounted 518 2nd arg integer representing transition command 519 0 - ready 520 1 - boot 521 4 - halt 522 3rd arg Alternate root (zonepath is mounted under this root) 523 empty string if zone not mounted under alternate root 524 --> 525 <!ELEMENT prestatechange (#PCDATA) > 526 <!ATTLIST prestatechange> 527 528 <!-- 529 poststatechange 530 Identifies the hook to invoke after zoneadmd makes a successful state 531 change. If this hook exits with a non-zero exit status, the action failed 532 and zoneadmd treats the overall state change as failed, although 533 all of the actions up to running the hook will have taken place. 534 535 The following replacements are performed: 536 537 %z Name of zone 538 %R Zonepath of zone 539 See prestatechange comment for 1st, 2nd and 3rd argument values. 540 --> 541 <!ELEMENT poststatechange (#PCDATA) > 542 <!ATTLIST poststatechange> 543 544 <!-- 545 query 546 Identifies a hook which can be called to get brand-specific information 547 about the zone. There is no specific place in zones where this is called, 548 calls within the zone infrastructure can be added as needed. 549 550 One example of the use of this hook is to query the implicit ZFS datasets 551 supported by the brand. 552 553 If this hook exits with a non-zero exit status, the query failed, 554 although in general, this hook shouldn't return non-zero. 555 556 The following replacements are performed: 557 558 %z Name of zone 559 %R Zonepath of zone 560 1st arg Arbitrary string which the hook can use to determine what 561 data to return. Brands implementing this hook should be 562 tolerant of arguments they don't support and simply do 563 nothing. 564 --> 565 <!ELEMENT query (#PCDATA) > 566 <!ATTLIST query> 567 568 <!-- 569 privilege 570 571 Add a privilege to the default, prohibited, or required set for all 572 zones of this brand with ip-type matched. If a privilege is added 573 to the default set all zones of this brand with ip-type matched on 574 the system will inherit this privilege unless the privilege is 575 removed via limitpriv in zonecfg(1m). If a privilege is added to 576 the prohibited set it can not be added to any zones with ip-type 577 matched via limitpriv in zonecfg(1m). If a privilege is added to 578 the required set then all zones of this brand with ip-type matched 579 on the system will inherit this privilege and it can't be removed via 580 limitpriv in zonecfg(1m). 581 582 Its attributes are 583 set The name of the set the privilege should go into. 584 name The name of the privilege. 585 ip-type Optional, indicates that adding of the privilege to the 586 set only applies to certain IP types. Can be "shared" or 587 "exclusive". If it is not specified, the default value 588 "all" will be used, which means it is applicable regardless 589 the IP type. 590 591 --> 592 <!ELEMENT privilege (#PCDATA) > 593 <!ATTLIST privilege set ( default | prohibited | required ) #REQUIRED 594 name CDATA #REQUIRED 595 ip-type ( shared | exclusive ) "all" > 596 597 <!-- 598 brand 599 600 The toplevel container for a brand configuration. 601 602 Its attributes are 603 604 name The name of the brand. This must match the name of the 605 directory in which the configuration file is stored. 606 --> 607 608 <!ELEMENT brand (modname?, initname, login_cmd, forcedlogin_cmd, 609 user_cmd, install, 610 installopts?, boot?, sysboot?, halt?, verify_cfg?, 611 verify_adm?, postattach?, postclone?, postinstall?, 612 predetach?, attach?, detach?, clone?, 613 presnap?, postsnap?, validatesnap?, 614 preuninstall?, uninstall?, 615 prestatechange?, poststatechange?, query?, 616 privilege+)> 617 618 <!ATTLIST brand name CDATA #REQUIRED>