2N/A<?xml version="1.0"?>
2N/A
2N/A<!--
2N/A CDDL HEADER START
2N/A
2N/A The contents of this file are subject to the terms of the
2N/A Common Development and Distribution License (the "License").
2N/A You may not use this file except in compliance with the License.
2N/A
2N/A You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
2N/A or http://www.opensolaris.org/os/licensing.
2N/A See the License for the specific language governing permissions
2N/A and limitations under the License.
2N/A
2N/A When distributing Covered Code, include this CDDL HEADER in each
2N/A file and include the License file at usr/src/OPENSOLARIS.LICENSE.
2N/A If applicable, add the following below this CDDL HEADER, with the
2N/A fields enclosed by brackets "[]" replaced with your own identifying
2N/A information: Portions Copyright [yyyy] [name of copyright owner]
2N/A
2N/A CDDL HEADER END
2N/A
2N/A Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved.
2N/A
2N/A DO NOT EDIT THIS FILE.
2N/A-->
2N/A
2N/A<!DOCTYPE brand PUBLIC "-//Sun Microsystems Inc//DTD Brands//EN"
2N/A "file:///usr/share/lib/xml/dtd/brand.dtd.1">
2N/A
2N/A<brand name="solaris">
2N/A <modname></modname>
2N/A
2N/A <initname>/usr/sbin/init</initname>
2N/A <login_cmd>/usr/bin/login -z %Z %u</login_cmd>
2N/A <forcedlogin_cmd>/usr/bin/login -z %Z -f %u</forcedlogin_cmd>
2N/A <user_cmd>/usr/bin/getent passwd %u</user_cmd>
2N/A
2N/A <!-- We may not be able to do the create in pkg(1) proper. -->
2N/A <install>/usr/lib/brand/solaris/pkgcreatezone -z %z -R %R</install>
2N/A <installopts>Ua:c:d:hm:psuv</installopts>
2N/A <boot>/usr/lib/brand/solaris/boot.wrapper %z %R</boot>
2N/A <sysboot>/usr/lib/brand/solaris/sysboot %z %R</sysboot>
2N/A <halt>/usr/lib/brand/solaris/halt.wrapper %z %R</halt>
2N/A <verify_cfg>/usr/lib/brand/solaris/verify_cfg</verify_cfg>
2N/A <verify_adm>/usr/lib/brand/solaris/verify_adm %z</verify_adm>
2N/A <postattach></postattach>
2N/A <postclone></postclone>
2N/A <postinstall></postinstall>
2N/A <postmove>/usr/lib/brand/solaris/sysboot %z</postmove>
2N/A <attach>/usr/lib/brand/solaris/attach %z %R</attach>
2N/A <detach>/usr/lib/brand/solaris/detach -z %z -R %R</detach>
2N/A <clone>/usr/lib/brand/solaris/clone -z %z -R %R</clone>
2N/A <uninstall>/usr/lib/brand/solaris/uninstall %z %R</uninstall>
2N/A <prestatechange>/usr/lib/brand/solaris/prestate %z %R</prestatechange>
2N/A <poststatechange>/usr/lib/brand/solaris/poststate %z %R</poststatechange>
2N/A
2N/A <privilege set="default" name="contract_event" />
2N/A <privilege set="default" name="contract_identity" />
2N/A <privilege set="default" name="contract_observer" />
2N/A <privilege set="default" name="file_chown" />
2N/A <privilege set="default" name="file_chown_self" />
2N/A <privilege set="default" name="file_dac_execute" />
2N/A <privilege set="default" name="file_dac_read" />
2N/A <privilege set="default" name="file_dac_search" />
2N/A <privilege set="default" name="file_dac_write" />
2N/A <privilege set="default" name="file_owner" />
2N/A <privilege set="default" name="file_setid" />
2N/A <privilege set="default" name="ipc_dac_read" />
2N/A <privilege set="default" name="ipc_dac_write" />
2N/A <privilege set="default" name="ipc_owner" />
2N/A <privilege set="default" name="net_bindmlp" />
2N/A <privilege set="default" name="net_icmpaccess" />
2N/A <privilege set="default" name="net_mac_aware" />
2N/A <privilege set="default" name="net_observability" />
2N/A <privilege set="default" name="net_privaddr" />
2N/A <privilege set="default" name="net_rawaccess" ip-type="exclusive" />
2N/A <privilege set="default" name="proc_chroot" />
2N/A <privilege set="default" name="sys_audit" />
2N/A <privilege set="default" name="proc_audit" />
2N/A <privilege set="default" name="proc_lock_memory" />
2N/A <privilege set="default" name="proc_owner" />
2N/A <privilege set="default" name="proc_setid" />
2N/A <privilege set="default" name="proc_taskid" />
2N/A <privilege set="default" name="sys_acct" />
2N/A <privilege set="default" name="sys_admin" />
2N/A <privilege set="default" name="sys_ip_config" ip-type="exclusive" />
2N/A <privilege set="default" name="sys_iptun_config" ip-type="exclusive" />
2N/A <privilege set="default" name="sys_flow_config" ip-type="exclusive" />
2N/A <privilege set="default" name="sys_mount" />
2N/A <privilege set="default" name="sys_nfs" />
2N/A <privilege set="default" name="sys_resource" />
2N/A <privilege set="default" name="sys_ppp_config" ip-type="exclusive" />
2N/A <privilege set="default" name="sys_share" />
2N/A
2N/A <privilege set="prohibited" name="dtrace_kernel" />
2N/A <privilege set="prohibited" name="proc_zone" />
2N/A <privilege set="prohibited" name="sys_config" />
2N/A <privilege set="prohibited" name="sys_devices" />
2N/A <privilege set="prohibited" name="sys_ip_config" ip-type="shared" />
2N/A <privilege set="prohibited" name="sys_linkdir" />
2N/A <privilege set="prohibited" name="sys_net_config" />
2N/A <privilege set="prohibited" name="sys_res_config" />
2N/A <privilege set="prohibited" name="sys_suser_compat" />
2N/A <privilege set="prohibited" name="sys_ppp_config" ip-type="shared" />
2N/A
2N/A <privilege set="required" name="proc_exec" />
2N/A <privilege set="required" name="proc_fork" />
2N/A <privilege set="required" name="sys_ip_config" ip-type="exclusive" />
2N/A <privilege set="required" name="sys_mount" />
2N/A
2N/A <!--
2N/A The file-mac-profile definitions
2N/A
2N/A For all profiles:
2N/A - packages can't be installed.
2N/A
2N/A strict
2N/A No modification of stable storage. Reboot and it comes
2N/A back as it was when it was first installed. This profile
2N/A comes with the best security guarantee.
2N/A
2N/A - SMF services persistently enabled are fixed
2N/A - SMF manifests can't be added from the default locations
2N/A - Logging/auditing configuration is fixed and data can
2N/A only be logged remotely.
2N/A
2N/A fixed-configuration
2N/A Attempt to prevent privilege escalation via
2N/A introduction of new binaries and changes to core OS
2N/A configuration but allowing local logging/auditing with
2N/A a fixed configuration.
2N/A
2N/A - SMF manifests can't be added from the default locations
2N/A - SMF services persistently enabled are fixed
2N/A - Logging/auditing files can be local syslog & audit
2N/A configuration are fixed
2N/A
2N/A flexible-configuration
2N/A
2N/A Attempt to prevent privilege escalation via
2N/A introduction of new binaries, while allowing
2N/A configuration to be changed and local
2N/A logging/auditing. No security guarantee is made other
2N/A than binaries and libraries cannot be modified.
2N/A
2N/A - S11 closest equivalent to S10 sparse root zones
2N/A - SMF policy can be changed boot to boot the as repository
2N/A is writable
2N/A - Logging/auditing configuration & files can be local
2N/A
2N/A
2N/A NOTE: These profiles are currently exactly the same in
2N/A the labeled brand; make sure that if you change these that
2N/A you also update the labeled brand.
2N/A -->
2N/A
2N/A <file-mac-profile name="strict"/>
2N/A
2N/A <file-mac-profile name="fixed-configuration">
2N/A <readonly-path path="/var/ld/*"/>
2N/A <readonly-path path="/var/lib/postrun/*"/>
2N/A <readonly-path path="/var/pkg/*"/>
2N/A <readonly-path path="/var/sadm/*"/>
2N/A <readonly-path path="/var/spool/cron/*"/>
2N/A <readonly-path path="/var/spool/postrun/*"/>
2N/A <readonly-path path="/var/svc/manifest/*"/>
2N/A <readonly-path path="/var/svc/profile/*"/>
2N/A
2N/A <writable-path path="/var/*"/>
2N/A </file-mac-profile>
2N/A
2N/A <file-mac-profile name="flexible-configuration">
2N/A <readonly-path path="/var/ld/*"/>
2N/A <readonly-path path="/var/lib/postrun/*"/>
2N/A <readonly-path path="/var/pkg/*"/>
2N/A <readonly-path path="/var/sadm/*"/>
2N/A <readonly-path path="/var/spool/postrun/*"/>
2N/A <readonly-path path="/var/svc/manifest/*"/>
2N/A <readonly-path path="/var/svc/profile/*"/>
2N/A
2N/A <writable-path path="/etc/*"/>
2N/A <writable-path path="/var/*"/>
2N/A <writable-path path="/root/*"/>
2N/A </file-mac-profile>
2N/A</brand>