8322 nl: misleading-indentation
[unleashed/tickless.git] / usr / src / lib / libbrand / dtd / brand.dtd.1
bloba579bee93c7c14785bc4d1824cfd687cbb11d314
1 <?xml version='1.0' encoding='UTF-8' ?>
3 <!--
4 CDDL HEADER START
6 The contents of this file are subject to the terms of the
7 Common Development and Distribution License (the "License").
8 You may not use this file except in compliance with the License.
10 You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
11 or http://www.opensolaris.org/os/licensing.
12 See the License for the specific language governing permissions
13 and limitations under the License.
15 When distributing Covered Code, include this CDDL HEADER in each
16 file and include the License file at usr/src/OPENSOLARIS.LICENSE.
17 If applicable, add the following below this CDDL HEADER, with the
18 fields enclosed by brackets "[]" replaced with your own identifying
19 information: Portions Copyright [yyyy] [name of copyright owner]
21 CDDL HEADER END
23 Copyright (c) 2006, 2010, Oracle and/or its affiliates. All rights reserved.
24 Copyright (c) 2011, Joyent, Inc. All rights reserved.
26 DO NOT EDIT THIS FILE.
28 Copyright 2014 Nexenta Systems, Inc. All rights reserved.
29 -->
31 <!--
32 verify_cfg
34 Identifies the program to be invoked by zonecfg to verify that the
35 zone's configuration is legal, and that all the configured devices,
36 attributes, etc. are legal for this brand.
38 The program is called with a single argument: the path to a file
39 containing a temporary config.xml file the zone. It should return 0
40 on success and non-0 on failure. Any detailed error messages should be
41 displayed to stderr.
43 It has no attributes.
45 -->
46 <!ELEMENT verify_cfg (#PCDATA) >
47 <!ATTLIST verify_cfg>
48 <!--
49 verify_adm
51 Identifies the program invoked by zoneadm to perform brand-specific
52 checks as to the viability of a zone on this specific machine.
54 The following replacements are performed:
56 %z Name of zone
57 %R Zonepath of zone
58 Additional arguments, if any, are appended.
60 The program should return 0 on success and non-0 on failure. Any
61 detailed error messages should be displayed to stderr.
63 It has no attributes.
65 -->
66 <!ELEMENT verify_adm (#PCDATA) >
67 <!ATTLIST verify_adm>
69 <!--
70 install
72 Identifies the program to invoke when installing a zone. The following
73 replacements are performed:
75 %z Name of zone
76 %R Zonepath of zone
77 Additional arguments, if any, are appended.
79 It has no attributes.
80 -->
81 <!ELEMENT install (#PCDATA) >
82 <!ATTLIST install>
84 <!--
85 installopts
87 Identifies the command-line options supported by the brand's
88 installation program, allowing zoneadm to parse the install line
89 properly.
91 It has no attributes.
92 -->
93 <!ELEMENT installopts (#PCDATA) >
94 <!ATTLIST installopts>
96 <!--
97 boot
99 This is a program which gets run by zoneadmd when a zone is booted.
100 The program will be invoked as the last step in the zone booting
101 process before the the first process is spawned inside the zone.
103 If this programs succeeds it should not generate any output.
104 If this program returns an error, any output generated by the
105 program will be sent to the zoneadmd message log.
107 The following replacements are performed:
109 %z Name of zone
110 %R Zonepath of zone
111 Additional arguments, if any, are appended.
113 It has no attributes.
115 <!ELEMENT boot (#PCDATA) >
116 <!ATTLIST boot>
118 <!--
119 sysboot
121 This is a program that will be run by zoneadm during system boot for an
122 installed zone that won't automatically boot.
124 If the program succeeds, then it should not generate output.
125 If the program returns an error, then the output it generates will be
126 sent to the zones SMF service's message log.
128 The following replacements are performed:
130 %z Name of the target zone
131 %R Zonepath of the target zone
132 Additional arguments, if any, are appended.
134 This element has no attributes.
136 <!ELEMENT sysboot (#PCDATA) >
137 <!ATTLIST sysboot>
139 <!--
140 halt
142 This is a program which gets run by zoneadmd when a zone is being
143 halted. This callback is provided to allow a brand to cleanup any
144 special configuration that was setup during boot.
146 This program will also be invoked by zoneadmd if any part of the zone
147 booting process fail, even if the booting process failed before the
148 brand boot program was invoked. It is also possible that if the zone
149 fails to halt after invoking this program, future attempts to halt the
150 zone will invoke this program again. So this program should be
151 designed to clean up any resources allocated to a zone but it should
152 also be able to gracefully handle the case where resources that it
153 expects to release are not actually allocated (or have been already
154 released.)
156 If this programs succeeds it should not generate any output. If this
157 program returns an error, any output generated by the program will be
158 sent to the zoneadmd message log.
160 The following replacements are performed:
162 %z Name of zone
163 %R Zonepath of zone
164 Additional arguments, if any, are appended.
166 It has no attributes.
168 <!ELEMENT halt (#PCDATA) >
169 <!ATTLIST halt>
171 <!--
172 shutdown
174 This is a program which gets run by zoneadmd when a zone is being
175 shutdown gracefully. Currently only asynchronous mode is supported.
177 If this program succeeds it should not generate any output. If this
178 program returns an error, any output generated by the program will be
179 sent to the zoneadmd message log.
181 The following replacements are performed:
183 %z Name of zone
184 %R Zonepath of zone
185 Additional arguments, if any, are appended.
187 It has no attributes.
189 <!ELEMENT shutdown (#PCDATA) >
190 <!ATTLIST shutdown>
192 <!--
193 modname
195 Path to the kernel module that implements the kernel-level
196 functionality of the brand.
198 It has no attributes.
200 <!ELEMENT modname (#PCDATA) >
201 <!ATTLIST modname>
203 <!--
204 initname
206 Path to the initial executable that should be launched when booting a
207 branded zone.
209 It has no attributes.
211 <!ELEMENT initname (#PCDATA) >
212 <!ATTLIST initname>
214 <!--
215 restartinit
217 Boolean indicating that the program specified by the initname attr
218 should be restarted, or not, if it exits. By default, the init program
219 will be restarted if this attribute is not provided. Specifying false
220 for this attr will prevent that.
222 It has no attributes.
224 <!ELEMENT restartinit (#PCDATA) >
225 <!ATTLIST restartinit>
227 <!--
228 login_cmd
230 Path to the initial login binary that should be executed when
231 attempting to zlogin into a branded zone.
233 The following replacements are performed:
235 %Z Name of the current zone
236 %u User login name
238 It has no attributes.
240 <!ELEMENT login_cmd (#PCDATA) >
241 <!ATTLIST login_cmd>
243 <!--
244 forcedlogin_cmd
246 Path to the initial login binary that should be executed when
247 attempting to zlogin into a branded zone without authentication.
249 The following replacements are performed:
251 %Z Name of the current zone
252 %u User login name
254 It has no attributes.
256 <!ELEMENT forcedlogin_cmd (#PCDATA) >
257 <!ATTLIST forcedlogin_cmd>
259 <!--
260 user_cmd
262 Path to the binary that will translate a user name to a passwd(4) entry.
264 The following replacements are performed:
266 %u User login name
268 It has no attributes. The passwd(4) entry is used to determine $LOGNAME,
269 $HOME, and $SHELL for non-interactive "zlogin -l <user> <cmd>".
271 <!ELEMENT user_cmd (#PCDATA) >
272 <!ATTLIST user_cmd>
274 <!--
275 attach
277 Path to a hook that will perform any necessary processing on
278 a zone to allow it to be attached. The zone will be in the "configured"
279 state when this hook is run. This hook is never called when the zone
280 is "force attached" (-F).
282 If this hook exits with a non-zero exit status, the attach operation
283 will fail.
285 The following replacements are performed:
287 %z Name of zone
288 %R Zonepath of zone
289 Additional arguments, if any, are appended.
291 If no hook is provided, the internal zoneadm attach code will be used.
293 It has no attributes.
295 <!ELEMENT attach (#PCDATA) >
296 <!ATTLIST attach>
298 <!--
299 postattach
301 Path to a hook that will perform any necessary post-processing on
302 a zone after it has been attached. The zone will be in the "installed"
303 state when this hook is run. This hook is never called when the zone
304 is "force attached" (-F).
306 If this hook exits with a non-zero exit status, the attach operation
307 will fail and the zone state will be reset to "configured".
309 The following replacements are performed:
311 %z Name of zone
312 %R Zonepath of zone
313 Additional arguments, if any, are appended.
315 It has no attributes.
317 <!ELEMENT postattach (#PCDATA) >
318 <!ATTLIST postattach>
320 <!--
321 postclone
323 Path to a hook that will perform any necessary post-processing on
324 a zone after it has been cloned. The zone will be in the "incomplete"
325 state when this hook is run.
327 If this hook exits with a non-zero exit status, the clone operation
328 will fail and the zone will be left in the "incomplete" state,
329 otherwise the state will be changed to the "installed" state.
331 The following replacements are performed:
333 %z Name of zone
334 %R Zonepath of zone
335 Additional arguments, if any, are appended.
337 It has no attributes.
339 <!ELEMENT postclone (#PCDATA) >
340 <!ATTLIST postclone>
342 <!--
343 postinstall
345 Path to a script that will perform any necessary post-processing on
346 a zone after it has been freshly installed. This hook will run after the
347 install hook completes and the zone is in the installed state. The
348 additional arguments are the same as what is passed to the install hook.
350 The following replacements are performed:
352 %z Name of zone
353 %R Zonepath of zone
354 Additional arguments, if any, are appended.
356 It has no attributes.
358 <!ELEMENT postinstall (#PCDATA) >
359 <!ATTLIST postinstall>
361 <!--
362 predetach
364 Path to a hook that will perform any necessary pre-processing on
365 a zone before it is detached. The zone will be in the "installed"
366 state when this hook is run.
368 It is possible that if the zone fails to detach after invoking this
369 hook, future attempts to detach the zone will invoke this hook again.
370 So this hook should be designed to gracefully handle the case where
371 it is run multiple times on the same zone. If this hook exits with
372 a non-zero exit status, the detach operation will fail.
374 This hook is most commonly used when there is pre-processing for detaching
375 a zone but the built-in detach support will be used for the actual
376 detach. Otherwise, if a detach hook is provided, then it can be used
377 to do both preprocessing as well as the actual detach.
379 The following replacements are performed:
381 %z Name of zone
382 %R Zonepath of zone
383 Additional arguments, if any, are appended.
385 It has no attributes.
387 <!ELEMENT predetach (#PCDATA) >
388 <!ATTLIST predetach>
390 <!--
391 detach
393 Path to a hook that will perform any necessary processing on
394 a zone to allow it to be detached. The zone will be in the "installed"
395 state when this hook is run.
397 It is possible that if the zone fails to detach while running this
398 hook, future attempts to detach the zone will invoke this hook again.
399 So this hook should be designed to gracefully handle the case where
400 it is run multiple times on the same zone. If this hook exits with
401 a non-zero exit status, the detach operation will fail and the zone will
402 be left in the "installed" state, otherwise the state will be changed
403 to "configured".
405 The following replacements are performed:
407 %z Name of zone
408 %R Zonepath of zone
409 Additional arguments, if any, are appended.
411 If no hook is provided, the internal zoneadm detach code will be used.
413 It has no attributes.
415 <!ELEMENT detach (#PCDATA) >
416 <!ATTLIST detach>
418 <!--
419 clone
420 Path to a hook that will perform any necessary processing on a zone to
421 allow it to be installed via cloning. Cloning is an alternative to
422 installing so this hook should result in the same effect for the zone.
423 The zone will be in the "incomplete" state when this hook is run.
425 If this hook exits with a non-zero exit status, the clone operation
426 will fail and the zone will be left in the "incomplete" state, otherwise
427 the state will be changed to "installed".
429 The following replacements are performed:
431 %z Name of zone
432 %R Zonepath of zone
433 1st arg name of source zone
434 Additional arguments, if any, are appended.
436 If no hook is provided, the internal zoneadm cloning code will be used.
438 <!ELEMENT clone (#PCDATA) >
439 <!ATTLIST clone>
441 <!--
442 preuninstall
444 Path to a script that will perform any necessary pre-processing on
445 a zone before it is uninstalled. The zone will be in the "installed"
446 state when this hook is run.
448 It is possible that if the zone fails to uninstall after invoking this
449 hook, future attempts to uninstall the zone will invoke this hook
450 again. So this hook should be designed to gracefully handle the case
451 where it is run multiple times on the same zone. If this hook exits
452 with a non-zero exit status, the uninstall operation will fail.
454 The following replacements are performed:
456 %z Name of zone
457 %R Zonepath of zone
458 Additional arguments, if any, are appended.
460 It has no attributes.
462 <!ELEMENT preuninstall (#PCDATA) >
463 <!ATTLIST preuninstall>
465 <!--
466 uninstall
467 Identifies the hook to invoke when uninstalling a zone. The zone will
468 be in the "incomplete" state when this hook is run.
470 If this hook exits with a non-zero exit status, the uninstall operation
471 will fail and the zone will be left in the "incomplete" state, otherwise
472 the state will be changed to "configured".
474 The following replacements are performed:
476 %z Name of zone
477 %R Zonepath of zone
478 Additional arguments, if any, are appended.
480 If no hook is provided, the internal zoneadm uninstall code will be used.
482 <!ELEMENT uninstall (#PCDATA) >
483 <!ATTLIST uninstall>
485 <!--
486 presnap
487 Identifies the hook to invoke before snapshotting a zone using the
488 built-in ZFS clone support.
490 If this hook exits with a non-zero exit status, the snapshot operation
491 will fail and the zfs clone operation will fail.
493 The following replacements are performed:
495 %z Name of zone
496 %R Zonepath of zone
498 <!ELEMENT presnap (#PCDATA) >
499 <!ATTLIST presnap>
501 <!--
502 postsnap
503 Identifies the hook to invoke after snapshotting a zone using the
504 built-in ZFS clone support.
506 If this hook exits with a non-zero exit status, the zfs clone operation
507 will fail.
509 The following replacements are performed:
511 %z Name of zone
512 %R Zonepath of zone
514 <!ELEMENT postsnap (#PCDATA) >
515 <!ATTLIST postsnap>
517 <!--
518 validatesnap
519 Identifies the hook to invoke to validate a snapshot of a zone using the
520 built-in ZFS clone support. This will validate a snapshot that was
521 explicitly specified to the clone command when the user wants to
522 re-use a snapshot from an earlier clone operation.
524 If this hook exits with a non-zero exit status, the snapshot validation
525 operation will fail, meaning the zfs snapshot cannot be used to install
526 the zone.
528 The following replacements are performed:
530 %z Name of zone
531 %R Zonepath of zone
532 1st arg snapshot name
533 2nd arg snapshot path
535 <!ELEMENT validatesnap (#PCDATA) >
536 <!ATTLIST validatesnap>
538 <!--
539 prestatechange
540 Identifies the hook to invoke before zoneadmd makes a state change.
541 If this hook exits with a non-zero exit status, the action failed
542 and no further state change activity will take place.
544 The following replacements are performed:
546 %z Name of zone
547 %R Zonepath of zone
548 1st arg integer representing current state of zone
549 2 - installed
550 3 - ready
551 4 - running
552 5 - shutting down
553 6 - down
554 7 - mounted
555 2nd arg integer representing transition command
556 0 - ready
557 1 - boot
558 4 - halt
559 3rd arg Alternate root (zonepath is mounted under this root)
560 empty string if zone not mounted under alternate root
562 <!ELEMENT prestatechange (#PCDATA) >
563 <!ATTLIST prestatechange>
565 <!--
566 poststatechange
567 Identifies the hook to invoke after zoneadmd makes a successful state
568 change. If this hook exits with a non-zero exit status, the action failed
569 and zoneadmd treats the overall state change as failed, although
570 all of the actions up to running the hook will have taken place.
572 The following replacements are performed:
574 %z Name of zone
575 %R Zonepath of zone
576 See prestatechange comment for 1st, 2nd and 3rd argument values.
578 <!ELEMENT poststatechange (#PCDATA) >
579 <!ATTLIST poststatechange>
581 <!--
582 query
583 Identifies a hook which can be called to get brand-specific information
584 about the zone. There is no specific place in zones where this is called,
585 calls within the zone infrastructure can be added as needed.
587 One example of the use of this hook is to query the implicit ZFS datasets
588 supported by the brand.
590 If this hook exits with a non-zero exit status, the query failed,
591 although in general, this hook shouldn't return non-zero.
593 The following replacements are performed:
595 %z Name of zone
596 %R Zonepath of zone
597 1st arg Arbitrary string which the hook can use to determine what
598 data to return. Brands implementing this hook should be
599 tolerant of arguments they don't support and simply do
600 nothing.
602 <!ELEMENT query (#PCDATA) >
603 <!ATTLIST query>
605 <!--
606 privilege
608 Add a privilege to the default, prohibited, or required set for all
609 zones of this brand with ip-type matched. If a privilege is added
610 to the default set all zones of this brand with ip-type matched on
611 the system will inherit this privilege unless the privilege is
612 removed via limitpriv in zonecfg(1m). If a privilege is added to
613 the prohibited set it can not be added to any zones with ip-type
614 matched via limitpriv in zonecfg(1m). If a privilege is added to
615 the required set then all zones of this brand with ip-type matched
616 on the system will inherit this privilege and it can't be removed via
617 limitpriv in zonecfg(1m).
619 Its attributes are
620 set The name of the set the privilege should go into.
621 name The name of the privilege.
622 ip-type Optional, indicates that adding of the privilege to the
623 set only applies to certain IP types. Can be "shared" or
624 "exclusive". If it is not specified, the default value
625 "all" will be used, which means it is applicable regardless
626 the IP type.
629 <!ELEMENT privilege (#PCDATA) >
630 <!ATTLIST privilege set ( default | prohibited | required ) #REQUIRED
631 name CDATA #REQUIRED
632 ip-type ( shared | exclusive ) "all" >
634 <!--
635 brand
637 The toplevel container for a brand configuration.
639 Its attributes are
641 name The name of the brand. This must match the name of the
642 directory in which the configuration file is stored.
645 <!ELEMENT brand (modname?, initname, restartinit?, login_cmd,
646 forcedlogin_cmd, user_cmd, install,
647 installopts?, boot?, sysboot?, halt?, shutdown?,
648 verify_cfg?, verify_adm?, postattach?, postclone?,
649 postinstall?, predetach?, attach?, detach?, clone?,
650 presnap?, postsnap?, validatesnap?,
651 preuninstall?, uninstall?,
652 prestatechange?, poststatechange?, query?,
653 privilege+)>
655 <!ATTLIST brand name CDATA #REQUIRED>