2N/A<?
xml version='1.0' encoding='UTF-8' ?>
2N/A The contents of this file are subject to the terms of the 2N/A Common Development and Distribution License (the "License"). 2N/A You may not use this file except in compliance with the License. 2N/A See the License for the specific language governing permissions 2N/A and limitations under the License. 2N/A When distributing Covered Code, include this CDDL HEADER in each 2N/A If applicable, add the following below this CDDL HEADER, with the 2N/A fields enclosed by brackets "[]" replaced with your own identifying 2N/A information: Portions Copyright [yyyy] [name of copyright owner] 2N/A Copyright (c) 2006, 2012, Oracle and/or its affiliates. All rights reserved. 2N/A DO NOT EDIT THIS FILE. 2N/A Identifies the program to be invoked by zonecfg to verify that the 2N/A zone's configuration is legal, and that all the configured devices, 2N/A attributes, etc. are legal for this brand. 2N/A The program is called with a single argument: the path to a file 2N/A containing a temporary config.xml file the zone. It should return 0 2N/A on success and non-0 on failure. Any detailed error messages should be 2N/A displayed to stderr. 2N/A It has no attributes. 2N/A<!
ELEMENT verify_cfg (#
PCDATA) >
2N/A<!
ATTLIST verify_cfg>
2N/A Identifies the program invoked by zoneadm to perform brand-specific 2N/A checks as to the viability of a zone on this specific machine. 2N/A The following replacements are performed: 2N/A Additional arguments, if any, are appended. 2N/A The program should return 0 on success and non-0 on failure. Any 2N/A detailed error messages should be displayed to stderr. 2N/A It has no attributes. 2N/A<!
ELEMENT verify_adm (#
PCDATA) >
2N/A<!
ATTLIST verify_adm>
2N/A Identifies the program to invoke when installing a zone. The following 2N/A replacements are performed: 2N/A Additional arguments, if any, are appended. 2N/A It has no attributes. 2N/A<!
ELEMENT install (#
PCDATA) >
2N/A Identifies the command-line options supported by the brand's 2N/A installation program, allowing zoneadm to parse the install line 2N/A It has no attributes. 2N/A<!
ELEMENT installopts (#
PCDATA) >
2N/A<!
ATTLIST installopts>
2N/A This is a program which gets run by zoneadmd when a zone is booted. 2N/A The program will be invoked as the last step in the zone booting 2N/A process before the the first process is spawned inside the zone. 2N/A If this programs succeeds it should not generate any output. 2N/A If this program returns an error, any output generated by the 2N/A program will be sent to the zoneadmd message log. 2N/A The following replacements are performed: 2N/A Additional arguments, if any, are appended. 2N/A It has no attributes. 2N/A<!
ELEMENT boot (#
PCDATA) >
2N/A This is a program that will be run by zoneadm during system boot for an 2N/A installed zone that won't automatically boot. 2N/A If the program succeeds, then it should not generate output. 2N/A If the program returns an error, then the output it generates will be 2N/A sent to the zones SMF service's message log. 2N/A The following replacements are performed: 2N/A %z Name of the target zone 2N/A %R Zonepath of the target zone 2N/A Additional arguments, if any, are appended. 2N/A This element has no attributes. 2N/A<!
ELEMENT sysboot (#
PCDATA) >
2N/A This is a program which gets run by zoneadmd when a zone is being 2N/A halted. This callback is provided to allow a brand to cleanup any 2N/A special configuration that was setup during boot. 2N/A This program will also be invoked by zoneadmd if any part of the zone 2N/A booting process fail, even if the booting process failed before the 2N/A brand boot program was invoked. It is also possible that if the zone 2N/A fails to halt after invoking this program, future attempts to halt the 2N/A zone will invoke this program again. So this program should be 2N/A designed to clean up any resources allocated to a zone but it should 2N/A also be able to gracefully handle the case where resources that it 2N/A expects to release are not actually allocated (or have been already 2N/A If this programs succeeds it should not generate any output. If this 2N/A program returns an error, any output generated by the program will be 2N/A sent to the zoneadmd message log. 2N/A The following replacements are performed: 2N/A Additional arguments, if any, are appended. 2N/A It has no attributes. 2N/A<!
ELEMENT halt (#
PCDATA) >
2N/A Path to the kernel module that implements the kernel-level 2N/A functionality of the brand. 2N/A It has no attributes. 2N/A<!
ELEMENT modname (#
PCDATA) >
2N/A Describes a brand specific resource, property or property value configuration. 2N/A Resources, properties and values can be disabled. Property values can be set 2N/A If "state" indicates the configuration is disabled and only the resource is 2N/A specified the entire resource is disabled. Similarly entire properties can 2N/A be disabled if both its resource and the property is specified. Specific 2N/A property values can also be selectively disabled by specifying the entire 2N/A resource, property, value tuple. 2N/A If the "state" indicates the configuration is fixed then resource, 2N/A property and value must all be specified. 2N/A If resource is not specified the global resource is implied. 2N/A resource The resource being modified, or "global" for global 2N/A property The property being modified. 2N/A value The value of the property being modified. 2N/A state The state of the property, resource or value. 2N/A<!
ELEMENT config EMPTY >
2N/A<!
ATTLIST config resource CDATA #
IMPLIED 2N/A property CDATA #
IMPLIED 2N/A value CDATA #
IMPLIED 2N/A state (
disabled |
fixed) #
REQUIRED >
2N/A Path to the initial executable that should be launched when booting a 2N/A It has no attributes. 2N/A<!
ELEMENT initname (#
PCDATA) >
2N/A Path to the initial login binary that should be executed when 2N/A attempting to zlogin into a branded zone. 2N/A The following replacements are performed: 2N/A %Z Name of the current zone 2N/A It has no attributes. 2N/A<!
ELEMENT login_cmd (#
PCDATA) >
2N/A Path to the initial login binary that should be executed when 2N/A attempting to zlogin into a branded zone without authentication. 2N/A The following replacements are performed: 2N/A %Z Name of the current zone 2N/A It has no attributes. 2N/A<!
ELEMENT forcedlogin_cmd (#
PCDATA) >
2N/A<!
ATTLIST forcedlogin_cmd>
2N/A Path to the binary that will translate a user name to a passwd(4) entry. 2N/A The following replacements are performed: 2N/A It has no attributes. The passwd(4) entry is used to determine $LOGNAME, 2N/A $HOME, and $SHELL for non-interactive "zlogin -l <user> <cmd>". 2N/A<!
ELEMENT user_cmd (#
PCDATA) >
2N/A Path to a hook that will perform any necessary processing on 2N/A a zone to allow it to be attached. The zone will be in the "configured" 2N/A state when this hook is run. This hook is never called when the zone 2N/A is "force attached" (-F). 2N/A If this hook exits with a non-zero exit status, the attach operation 2N/A The following replacements are performed: 2N/A Additional arguments, if any, are appended. 2N/A If no hook is provided, the internal zoneadm attach code will be used. 2N/A It has no attributes. 2N/A<!
ELEMENT attach (#
PCDATA) >
2N/A Path to a hook that will perform any necessary post-processing on 2N/A a zone after it has been attached. The zone will be in the "installed" 2N/A state when this hook is run. This hook is never called when the zone 2N/A is "force attached" (-F). 2N/A If this hook exits with a non-zero exit status, the attach operation 2N/A will fail and the zone state will be reset to "configured". 2N/A The following replacements are performed: 2N/A Additional arguments, if any, are appended. 2N/A It has no attributes. 2N/A<!
ELEMENT postattach (#
PCDATA) >
2N/A<!
ATTLIST postattach>
2N/A Path to a hook that will perform any necessary post-processing on 2N/A a zone after it has been cloned. The zone will be in the "incomplete" 2N/A state when this hook is run. 2N/A If this hook exits with a non-zero exit status, the clone operation 2N/A will fail and the zone will be left in the "incomplete" state, 2N/A otherwise the state will be changed to the "installed" state. 2N/A The following replacements are performed: 2N/A Additional arguments, if any, are appended. 2N/A It has no attributes. 2N/A<!
ELEMENT postclone (#
PCDATA) >
2N/A Path to a script that will perform any necessary post-processing on 2N/A a zone after it has been freshly installed. This hook will run after the 2N/A install hook completes and the zone is in the installed state. The 2N/A additional arguments are the same as what is passed to the install hook. 2N/A The following replacements are performed: 2N/A Additional arguments, if any, are appended. 2N/A It has no attributes. 2N/A<!
ELEMENT postinstall (#
PCDATA) >
2N/A<!
ATTLIST postinstall>
2N/A Path to a script that will perform any necessary post-processing on 2N/A a zone after it has been moved. This hook will run after the zone path 2N/A has been moved and the dataset previously mounted on the old zone root is 2N/A remounted on the new zone root. 2N/A The following replacements are performed: 2N/A Additional arguments, if any, are appended. 2N/A It has no attributes. 2N/A<!
ELEMENT postmove (#
PCDATA) >
2N/A Path to a hook that will perform any necessary pre-processing on 2N/A a zone before it is detached. The zone will be in the "installed" 2N/A state when this hook is run. 2N/A It is possible that if the zone fails to detach after invoking this 2N/A hook, future attempts to detach the zone will invoke this hook again. 2N/A So this hook should be designed to gracefully handle the case where 2N/A it is run multiple times on the same zone. If this hook exits with 2N/A a non-zero exit status, the detach operation will fail. 2N/A This hook is most commonly used when there is pre-processing for detaching 2N/A a zone but the built-in detach support will be used for the actual 2N/A detach. Otherwise, if a detach hook is provided, then it can be used 2N/A to do both preprocessing as well as the actual detach. 2N/A The following replacements are performed: 2N/A Additional arguments, if any, are appended. 2N/A It has no attributes. 2N/A<!
ELEMENT predetach (#
PCDATA) >
2N/A Path to a hook that will perform any necessary processing on 2N/A a zone to allow it to be detached. The zone will be in the "installed" 2N/A state when this hook is run. 2N/A It is possible that if the zone fails to detach while running this 2N/A hook, future attempts to detach the zone will invoke this hook again. 2N/A So this hook should be designed to gracefully handle the case where 2N/A it is run multiple times on the same zone. If this hook exits with 2N/A a non-zero exit status, the detach operation will fail and the zone will 2N/A be left in the "installed" state, otherwise the state will be changed 2N/A The following replacements are performed: 2N/A Additional arguments, if any, are appended. 2N/A If no hook is provided, the internal zoneadm detach code will be used. 2N/A It has no attributes. 2N/A<!
ELEMENT detach (#
PCDATA) >
2N/A Path to a hook that will perform any necessary processing on a zone to 2N/A allow it to be installed via cloning. Cloning is an alternative to 2N/A installing so this hook should result in the same effect for the zone. 2N/A The zone will be in the "incomplete" state when this hook is run. 2N/A If this hook exits with a non-zero exit status, the clone operation 2N/A will fail and the zone will be left in the "incomplete" state, otherwise 2N/A the state will be changed to "installed". 2N/A The following replacements are performed: 2N/A 1st arg name of source zone 2N/A Additional arguments, if any, are appended. 2N/A If no hook is provided, the internal zoneadm cloning code will be used. 2N/A<!
ELEMENT clone (#
PCDATA) >
2N/A Path to a script that will perform any necessary pre-processing on 2N/A a zone before it is uninstalled. The zone will be in the "installed" 2N/A state when this hook is run. 2N/A It is possible that if the zone fails to uninstall after invoking this 2N/A hook, future attempts to uninstall the zone will invoke this hook 2N/A again. So this hook should be designed to gracefully handle the case 2N/A where it is run multiple times on the same zone. If this hook exits 2N/A with a non-zero exit status, the uninstall operation will fail. 2N/A The following replacements are performed: 2N/A Additional arguments, if any, are appended. 2N/A It has no attributes. 2N/A<!
ELEMENT preuninstall (#
PCDATA) >
2N/A<!
ATTLIST preuninstall>
2N/A Identifies the hook to invoke when uninstalling a zone. The zone will 2N/A be in the "incomplete" state when this hook is run. 2N/A If this hook exits with a non-zero exit status, the uninstall operation 2N/A will fail and the zone will be left in the "incomplete" state, otherwise 2N/A the state will be changed to "configured". 2N/A The following replacements are performed: 2N/A Additional arguments, if any, are appended. 2N/A If no hook is provided, the internal zoneadm uninstall code will be used. 2N/A<!
ELEMENT uninstall (#
PCDATA) >
2N/A Identifies the hook to invoke before snapshotting a zone using the 2N/A built-in ZFS clone support. 2N/A If this hook exits with a non-zero exit status, the snapshot operation 2N/A will fail and the zfs clone operation will fail. 2N/A The following replacements are performed: 2N/A<!
ELEMENT presnap (#
PCDATA) >
2N/A Identifies the hook to invoke after snapshotting a zone using the 2N/A built-in ZFS clone support. 2N/A If this hook exits with a non-zero exit status, the zfs clone operation 2N/A The following replacements are performed: 2N/A<!
ELEMENT postsnap (#
PCDATA) >
2N/A Identifies the hook to invoke to validate a snapshot of a zone using the 2N/A built-in ZFS clone support. This will validate a snapshot that was 2N/A explicitly specified to the clone command when the user wants to 2N/A re-use a snapshot from an earlier clone operation. 2N/A If this hook exits with a non-zero exit status, the snapshot validation 2N/A operation will fail, meaning the zfs snapshot cannot be used to install 2N/A The following replacements are performed: 2N/A 1st arg snapshot name 2N/A 2nd arg snapshot path 2N/A<!
ELEMENT validatesnap (#
PCDATA) >
2N/A<!
ATTLIST validatesnap>
2N/A Identifies the hook to invoke before zoneadmd makes a state change. 2N/A If this hook exits with a non-zero exit status, the action failed 2N/A and no further state change activity will take place. 2N/A The following replacements are performed: 2N/A 1st arg integer representing current state of zone 2N/A 2nd arg integer representing transition command 2N/A 3rd arg Alternate root (zonepath is mounted under this root) 2N/A empty string if zone not mounted under alternate root 2N/A<!
ELEMENT prestatechange (#
PCDATA) >
2N/A<!
ATTLIST prestatechange>
2N/A Identifies the hook to invoke after zoneadmd makes a successful state 2N/A change. If this hook exits with a non-zero exit status, the action failed 2N/A and zoneadmd treats the overall state change as failed, although 2N/A all of the actions up to running the hook will have taken place. 2N/A The following replacements are performed: 2N/A See prestatechange comment for 1st, 2nd and 3rd argument values. 2N/A<!
ELEMENT poststatechange (#
PCDATA) >
2N/A<!
ATTLIST poststatechange>
2N/A Add a privilege to the default, prohibited, or required set for all 2N/A zones of this brand with ip-type matched. If a privilege is added 2N/A to the default set all zones of this brand with ip-type matched on 2N/A the system will inherit this privilege unless the privilege is 2N/A removed via limitpriv in zonecfg(1m). If a privilege is added to 2N/A the prohibited set it can not be added to any zones with ip-type 2N/A matched via limitpriv in zonecfg(1m). If a privilege is added to 2N/A the required set then all zones of this brand with ip-type matched 2N/A on the system will inherit this privilege and it can't be removed via 2N/A limitpriv in zonecfg(1m). 2N/A set The name of the set the privilege should go into. 2N/A name The name of the privilege. 2N/A ip-type Optional, indicates that adding of the privilege to the 2N/A set only applies to certain IP types. Can be "shared" or 2N/A "exclusive". If it is not specified, the default value 2N/A "all" will be used, which means it is applicable regardless 2N/A<!
ELEMENT privilege (#
PCDATA) >
2N/A<!
ATTLIST privilege set (
default |
prohibited |
required ) #
REQUIRED 2N/A name CDATA #
REQUIRED 2N/A ip-
type (
shared |
exclusive )
"all" >
2N/A Support for readonly (read-mostly) zones. 2N/A In order to configure a brand for read-only zones, it should be 2N/A configured with readonly-support enabled and define several 2N/A file-mac-profiles. Each file-mac-profile can have multiple 2N/A readonly-paths and writable-paths defined. 2N/A<!
ELEMENT writable-
path EMPTY>
2N/A<!
ATTLIST writable-
path path CDATA #
REQUIRED>
2N/A<!
ELEMENT readonly-
path EMPTY>
2N/A<!
ATTLIST readonly-
path path CDATA #
REQUIRED>
2N/A<!
ELEMENT file-
mac-
profile (
readonly-
path |
writable-
path)* >
2N/A<!
ATTLIST file-
mac-
profile name CDATA #
REQUIRED>
2N/A The toplevel container for a brand configuration. 2N/A name The name of the brand. This must match the name of the 2N/A directory in which the configuration file is stored. 2N/A<!
ELEMENT brand (
modname?,
initname,
login_cmd,
forcedlogin_cmd,
2N/A installopts?,
boot?,
sysboot?,
halt?,
verify_cfg?,
2N/A verify_adm?,
postattach?,
postclone?,
postinstall?,
2N/A postmove?,
predetach?,
attach?,
detach?,
clone?,
2N/A presnap?,
postsnap?,
validatesnap?,
2N/A preuninstall?,
uninstall?,
2N/A prestatechange?,
poststatechange?,
query?,
2N/A privilege+,
file-
mac-
profile*,
config*)>
2N/A<!
ATTLIST brand name CDATA #
REQUIRED>