szaydel
5/27/2014 - 7:31 PM

Solaris SMF, Projects and Security Snippets

Solaris SMF, Projects and Security Snippets

<?xml version="1.0" encoding="UTF-8"?>
<!--
 Copyright (c) 2004, 2010, Oracle and/or its affiliates. All rights reserved.

 CDDL HEADER START

 The contents of this file are subject to the terms of the
 Common Development and Distribution License (the "License").
 You may not use this file except in compliance with the License.

 You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
 or http://www.opensolaris.org/os/licensing.
 See the License for the specific language governing permissions
 and limitations under the License.

 When distributing Covered Code, include this CDDL HEADER in each
 file and include the License file at usr/src/OPENSOLARIS.LICENSE.
 If applicable, add the following below this CDDL HEADER, with the
 fields enclosed by brackets "[]" replaced with your own identifying
 information: Portions Copyright [yyyy] [name of copyright owner]

 CDDL HEADER END
-->

<!--
  Service description DTD

    Most attributes are string values (or an individual string from a
    restricted set), but attributes with a specific type requirement are
    noted in the comment describing the element.
-->

<!--
  XInclude support

    A series of service bundles may be composed via the xi:include tag.
    smf(5) tools enforce that all bundles be of the same type.
-->

<!--
     These entities are used for the property, propval and property_group
     elements, that require type attributes for manifest, while for profiles
     the type attributes are only implied.
-->

<!ENTITY % profile "IGNORE">
<!ENTITY % manifest "INCLUDE">

<!ELEMENT xi:include
  (xi:fallback)
  >
<!ATTLIST xi:include
  href CDATA #REQUIRED
  parse (xml|text) "xml"
  encoding CDATA #IMPLIED
  xmlns:xi CDATA #FIXED "http://www.w3.org/2001/XInclude"
  >

<!ELEMENT xi:fallback
  ANY
  >
<!ATTLIST xi:fallback
  xmlns:xi CDATA #FIXED "http://www.w3.org/2001/XInclude"
  >

<!--
  stability

    This element associates an SMI stability level with the parent
    element.  See attributes(5) for an explanation of interface
    stability levels.

    Its attribute is

	value	The stability level of the parent element.
-->

<!ELEMENT stability EMPTY>

<!ATTLIST stability
	value		( Standard | Stable | Evolving | Unstable |
			External | Obsolete ) #REQUIRED >

<!-- Property value lists -->

<!--
  value_node

    This element represents a single value within any of the typed
    property value lists.

    Its attribute is

	value	The value for this node in the list.
-->

<!ELEMENT value_node EMPTY>

<!ATTLIST value_node
	value CDATA #REQUIRED>

<!--
  count_list
  integer_list
  opaque_list
  host_list
  hostname_list
  net_address_list
  net_address_v4_list
  net_address_v6_list
  time_list
  astring_list
  ustring_list
  boolean_list
  fmri_list
  uri_list

    These elements represent the typed lists of values for a property.
    Each contains one or more value_node elements representing each
    value on the list.

    None of these elements has attributes.
-->

<!ELEMENT count_list
	( value_node+ )>

<!ATTLIST count_list>

<!ELEMENT integer_list
	( value_node+ )>

<!ATTLIST integer_list>

<!ELEMENT opaque_list
	( value_node+ )>

<!ATTLIST opaque_list>

<!ELEMENT host_list
	( value_node+ )>

<!ATTLIST host_list>

<!ELEMENT hostname_list
	( value_node+ )>

<!ATTLIST hostname_list>

<!ELEMENT net_address_list
	( value_node+ )>

<!ATTLIST net_address_list>

<!ELEMENT net_address_v4_list
	( value_node+ )>

<!ATTLIST net_address_v4_list>

<!ELEMENT net_address_v6_list
	( value_node+ )>

<!ATTLIST net_address_v6_list>

<!ELEMENT time_list
	( value_node+ )>

<!ATTLIST time_list>

<!ELEMENT astring_list
	( value_node+ )>

<!ATTLIST astring_list>

<!ELEMENT ustring_list
	( value_node+ )>

<!ATTLIST ustring_list>

<!ELEMENT boolean_list
	( value_node+ )>

<!ATTLIST boolean_list>

<!ELEMENT fmri_list
	( value_node+ )>

<!ATTLIST fmri_list>

<!ELEMENT uri_list
	( value_node+ )>

<!ATTLIST uri_list>

<!-- Properties and property groups -->

<!--
   property

     This element is for a singly or multiply valued property within a
     property group.  It contains an appropriate value list element,
     which is expected to be consistent with the type attribute.

     Its attributes are

	name	The name of this property.

	type	The data type for this property.

	override These values should replace values already in the
		repository.
-->

<![%profile;[
<!ELEMENT property
	( count_list | integer_list | opaque_list | host_list | hostname_list |
	net_address_list | net_address_v4_list | net_address_v6_list |
	time_list | astring_list | ustring_list | boolean_list | fmri_list |
	uri_list )? >

<!ATTLIST property
	name		CDATA #REQUIRED
	type		( count | integer | opaque | host | hostname |
			net_address | net_address_v4 | net_address_v6 | time |
			astring | ustring | boolean | fmri | uri ) #IMPLIED
	override	( true | false ) "false" >
]]>
	
<![%manifest;[
<!ELEMENT property
	( count_list | integer_list | opaque_list | host_list | hostname_list |
	net_address_list | net_address_v4_list | net_address_v6_list |
	time_list | astring_list | ustring_list | boolean_list | fmri_list |
	uri_list )? >

<!ATTLIST property
	name		CDATA #REQUIRED
	type		( count | integer | opaque | host | hostname |
			net_address | net_address_v4 | net_address_v6 | time |
			astring | ustring | boolean | fmri | uri ) #REQUIRED
	override	( true | false ) "false" >
]]>

<!--
   propval

     This element is for a singly valued property within a property
     group.  List-valued properties must use the property element above.

     Its attributes are

	name	The name of this property.

	type	The data type for this property.

	value	The value for this property.  Must match type
		restriction of type attribute.

	override This value should replace any values already in the
		repository.
-->

<![%profile;[
<!ELEMENT propval EMPTY>

<!ATTLIST propval
	name		CDATA #REQUIRED
	type		( count | integer | opaque | host | hostname |
			net_address | net_address_v4 | net_address_v6 | time |
			astring | ustring | boolean | fmri | uri ) #IMPLIED
	value		CDATA #REQUIRED
	override	( true | false ) "false" >
]]>

<![%manifest;[
<!ELEMENT propval EMPTY>

<!ATTLIST propval
	name		CDATA #REQUIRED
	type		( count | integer | opaque | host | hostname |
			net_address | net_address_v4 | net_address_v6 | time |
			astring | ustring | boolean | fmri | uri ) #REQUIRED
	value		CDATA #REQUIRED
	override	( true | false ) "false" >
]]>

<!--
  property_group

    This element is for a set of related properties on a service or
    instance.  It contains an optional stability element, as well as
    zero or more property-containing elements.

    Its attributes are

	name	The name of this property group.

	type	A category for this property group.  Groups of type
		"framework", "implementation" or "template" are primarily
		of interest to the service management facility, while
		groups of type "application" are expected to be only of
		interest to the service to which this group is attached.
		Other types may be introduced using the service symbol
		namespace conventions.

	delete	If in the repository, this property group should be removed.
-->

<![%profile;[
<!ELEMENT property_group
	( stability?, ( propval | property )* )>

<!ATTLIST property_group
	name		CDATA #REQUIRED
	type		CDATA #IMPLIED
	delete		( true | false ) "false" >
]]>

<![%manifest;[
<!ELEMENT property_group
	( stability?, ( propval | property )* )>

<!ATTLIST property_group
	name		CDATA #REQUIRED
	type		CDATA #REQUIRED
	delete		( true | false ) "false" >
]]>

<!--
  service_fmri

    This element defines a reference to a service FMRI (for either a
    service or an instance).

    Its attribute is

	value	The FMRI.
-->

<!ELEMENT service_fmri EMPTY>

<!ATTLIST service_fmri
	value		CDATA #REQUIRED>

<!-- Dependencies -->

<!--
  dependency

    This element identifies a group of FMRIs upon which the service is
    in some sense dependent.  Its interpretation is left to the
    restarter to which a particular service instance is delegated.  It
    contains a group of service FMRIs, as well as a block of properties.

    Its attributes are

	name	The name of this dependency.

	grouping The relationship between the various FMRIs grouped
		here; "require_all" of the FMRIs to be online, "require_any"
		of the FMRIs to be online, or "exclude_all" of the FMRIs
		from being online or in maintenance for the dependency to
		be satisfied.  "optional_all" dependencies are satisfied
		when all of the FMRIs are either online or unable to come
		online (because they are disabled, misconfigured, or one
		of their dependencies is unable to come online).

	restart_on The type of events from the FMRIs that the service should
		be restarted for.  "error" restarts the service if the
		dependency is restarted due to hardware fault.  "restart"
		restarts the service if the dependency is restarted for
		any reason, including hardware fault.  "refresh" restarts
		the service if the dependency is refreshed or restarted for
		any reason.  "none" will never restart the service due to
		dependency state changes.

	type	The type of dependency: on another service ('service'), on
		a filesystem path ('path'), or another dependency type.

	delete	This dependency should be deleted.
-->

<!ELEMENT dependency
	( service_fmri*, stability?, ( propval | property )* ) >

<!ATTLIST dependency
	name		CDATA #REQUIRED
	grouping	( require_all | require_any | exclude_all |
			optional_all ) #REQUIRED
	restart_on	( error | restart | refresh | none ) #REQUIRED
	type		CDATA #REQUIRED
	delete		( true | false ) "false" >

<!-- Dependents -->

<!--
  dependent

    This element identifies a service which should depend on this service.  It
    corresponds to a dependency in the named service.  The grouping and type
    attributes of that dependency are implied to be "require_all" and
    "service", respectively.

    Its attributes are

	name	The name of the dependency property group to create in the
		dependent entity.

	grouping The grouping relationship of the dependency property
		group to create in the dependent entity.  See "grouping"
		attribute on the dependency element.

	restart_on The type of events from this service that the named service
		should be restarted for.

	delete	True if this dependent should be deleted.

	override Whether to replace an existing dependent of the same name.

-->

<!ELEMENT dependent
	( service_fmri, stability?, ( propval | property )* ) >

<!ATTLIST dependent
	name		CDATA #REQUIRED
	grouping	( require_all | require_any | exclude_all |
			optional_all) #REQUIRED
	restart_on	( error | restart | refresh | none) #REQUIRED
	delete		( true | false ) "false"
	override	( true | false ) "false" >

<!-- Method execution context, security profile, and credential definitions -->

<!--
  envvar

    An environment variable. It has two attributes:

	name	The name of the environment variable.
	value	The value of the environment variable.
-->

<!ELEMENT envvar EMPTY>

<!ATTLIST envvar
	name		CDATA #REQUIRED
	value		CDATA #REQUIRED >

<!--
  method_environment

    This element defines the environment for a method. It has no
    attributes, and one or more envvar child elements.
-->

<!ELEMENT method_environment (envvar+) >

<!ATTLIST method_environment>

<!--
  method_profile

    This element indicates which exec_attr(5) profile applies to the
    method context being defined.

    Its attribute is

	name	The name of the profile.
-->

<!ELEMENT method_profile EMPTY>

<!ATTLIST method_profile
	name		CDATA #REQUIRED >

<!--
  method_credential

    This element specifies credential attributes for the execution
    method to use.

    Its attributes are

	user	The user ID, in numeric or text form.

	group	The group ID, in numeric or text form.  If absent or
		":default", the group associated with the user in the
		passwd database.

	supp_groups Supplementary group IDs to be associated with the
		method, separated by commas or spaces.  If absent or
		":default", initgroups(3C) will be used.

	privileges An optional string specifying the privilege set.

	limit_privileges An optional string specifying the limit
		privilege set.
-->

<!ELEMENT method_credential EMPTY>

<!ATTLIST method_credential
	user		CDATA #REQUIRED
	group		CDATA #IMPLIED
	supp_groups	CDATA #IMPLIED
	privileges	CDATA #IMPLIED
	limit_privileges CDATA #IMPLIED >

<!--
  method_context

    This element combines credential and resource management attributes
    for execution methods.  It may contain a method_environment, or
    a method_profile or method_credential element.

    Its attributes are

	working_directory The home directory to launch the method from.
		":default" can be used as a token to indicate use of the
		user specified by the credential or profile specified.

	project	The project ID, in numeric or text form.  ":default" can
		be used as a token to indicate use of the project
		identified by getdefaultproj(3PROJECT) for the non-root
		user specified by the credential or profile specified.
		If the user is root, ":default" designates the project
		the restarter is running in.

	resource_pool The resource pool name to launch the method on.
		":default" can be used as a token to indicate use of the
		pool specified in the project(4) entry given in the
		"project" attribute above.
-->
<!ELEMENT method_context
	( (method_profile | method_credential)?, method_environment? ) >

<!ATTLIST method_context
	working_directory	CDATA #IMPLIED
	project			CDATA #IMPLIED
	resource_pool		CDATA #IMPLIED >

<!-- Restarter delegation, methods, and monitors -->

<!--
  exec_method

    This element describes one of the methods used by the designated
    restarter to act on the service instance.  Its interpretation is
    left to the restarter to which a particular service instance is
    delegated.  It contains a set of attributes, an optional method
    context, and an optional stability element for the optional
    properties that can be included.

    Its attributes are

	type	The type of method, either "method" or "monitor".

	name	Name of this execution method.  The method names are
		usually a defined interface of the restarter to which an
		instance of this service is delegated.

	exec	The string identifying the action to take.  For
		svc.startd(1M), this is a string suitable to pass to
		exec(2).

	timeout_seconds [integer] Duration, in seconds, to wait for this
		method to complete.  A '0' or '-1' denotes an infinite
		timeout.

	delete	If in the repository, the property group for this method
		should be removed.
-->

<!ELEMENT exec_method
	( method_context?, stability?, ( propval | property )* ) >

<!ATTLIST exec_method
	type		( method | monitor ) #REQUIRED
	name		CDATA #REQUIRED
	exec		CDATA #REQUIRED
	timeout_seconds	CDATA #REQUIRED
	delete		( true | false ) "false" >

<!--
  restarter

    A flag element identifying the restarter to which this service or
    service instance is delegated.  Contains the FMRI naming the
    delegated restarter.

    This element has no attributes.
-->

<!ELEMENT restarter
	( service_fmri ) >

<!ATTLIST restarter>

<!--
  Templates
-->

<!--
  doc_link

    The doc_link relates a resource described by the given URI to the
    service described by the containing template.  The resource is
    expected to be a documentation or elucidatory reference of some
    kind.

    Its attributes are

      name      A label for this resource.

      uri       A URI to the resource.
-->

<!ELEMENT doc_link EMPTY>

<!ATTLIST doc_link
	name		CDATA #REQUIRED
	uri		CDATA #REQUIRED >

<!--
  manpage

    The manpage element connects the reference manual page to the
    template's service.

    Its attributes are

      title     The manual page title.

      section   The manual page's section.

      manpath   The MANPATH environment variable, as described in man(1)
                that is required to reach the named manual page
-->

<!ELEMENT manpage EMPTY>

<!ATTLIST manpage
	title		CDATA #REQUIRED
	section		CDATA #REQUIRED
	manpath		CDATA ":default" >

<!--
  documentation

    The documentation element groups an arbitrary number of doc_link
    and manpage references.

    It has no attributes.
-->

<!ELEMENT documentation
	( doc_link | manpage )* >

<!ATTLIST documentation>

<!--
  loctext

    The loctext element is a container for localized text.

    Its sole attribute is

	xml:lang The name of the locale, in the form accepted by LC_ALL,
		etc.  See locale(5).
-->
<!ELEMENT loctext
        (#PCDATA) >

<!ATTLIST loctext
        xml:lang	CDATA #REQUIRED >

<!--
  description

    The description holds a set of potentially longer, localized strings that
    consist of a short description of the service.

    The description has no attributes.
-->
<!ELEMENT description
        ( loctext+ ) >

<!ATTLIST description>

<!--
  common_name

    The common_name holds a set of short, localized strings that
    represent a well-known name for the service in the given locale.

    The common_name has no attributes.
-->
<!ELEMENT common_name
        ( loctext+ ) >

<!ATTLIST common_name>

<!--
  units

    The units a numerical property is expressed in.
-->

<!ELEMENT units
	( loctext+ ) >

<!ATTLIST units>

<!--
  visibility

    Expresses how a property is typically accessed.  This isn't
    intended as access control, but as an indicator as to how a
    property is used.

    Its attributes are:

      value     'hidden', 'readonly', or 'readwrite' indicating that
		the property should be hidden from the user, shown but
		read-only, or modifiable.
-->

<!ELEMENT visibility EMPTY>

<!ATTLIST visibility
	value	( hidden | readonly | readwrite ) #REQUIRED >

<!--
  value

    Describes a legal value for a property value, and optionally contains a
    human-readable name and description for the specified property
    value.

    Its attributes are:

      name	A string representation of the value.
-->

<!ELEMENT value
	( common_name?, description? ) >

<!ATTLIST value
	name	CDATA #REQUIRED >

<!--
  values

    Human-readable names and descriptions for valid values of a property.
-->

<!ELEMENT values
	(value+) >

<!ATTLIST values>

<!--
  cardinality

    Places a constraint on the number of values the property can take
    on.

    Its attributes are:
	min	minimum number of values
	max	maximum number of values

    Both attributes are optional.  If min is not specified, it defaults to
    0.  If max is not specified it indicates an unlimited number of values.
    If neither is specified this indicates 0 or more values.
-->

<!ELEMENT cardinality EMPTY>

<!ATTLIST cardinality
	min	CDATA "0"
	max	CDATA "18446744073709551615">

<!--
  internal_separators

    Indicates the separators used within a property's value used to
    separate the actual values.  Used in situations where multiple
    values are packed into a single property value instead of using a
    multi-valued property.
-->

<!ELEMENT internal_separators
	(#PCDATA) >

<!ATTLIST internal_separators>

<!--
  range

    Indicates a range of possible integer values.

    Its attributes are:

      min	The minimum value of the range (inclusive).
      max	The maximum value of the range (inclusive).
-->

<!ELEMENT range EMPTY>

<!ATTLIST range
	min	CDATA #REQUIRED
	max	CDATA #REQUIRED >

<!--
  constraints

    Provides a set of constraints on the values a property can take on.
-->

<!ELEMENT constraints
	( value*, range* ) >
<!ATTLIST constraints>

<!--
  include_values

    Includes an entire set of values in the choices block.

    Its attributes are:

	type    Either "constraints" or "values", indicating an
		inclusion of all values allowed by the property's
		constraints or all values for which there are
		human-readable names and descriptions, respectively.
-->

<!ELEMENT include_values EMPTY>

<!ATTLIST include_values
	type	( constraints | values ) #REQUIRED >

<!--
  choices

    Provides a set of common choices for the values a property can take
    on.  Useful in those cases where the possibilities are unenumerable
    or merely inconveniently legion, and a manageable subset is desired
    for presentation in a user interface.
-->

<!ELEMENT choices
	( value*, range*, include_values* ) >

<!ATTLIST choices>

<!--
  prop_pattern


    The prop_pattern describes one property of the enclosing property group
    pattern.

    Its attributes are:

	name    The property's name.
	type    The property's type.
	required
		If the property group is present, this property is required.

	type can be omitted if required is false.
-->

<!ELEMENT prop_pattern
	( common_name?, description?, units?, visibility?, cardinality?,
	  internal_separators?, values?, constraints?, choices? ) >

<!ATTLIST prop_pattern
	name		CDATA	#REQUIRED
	type		( count | integer | opaque | host | hostname |
			net_address | net_address_v4 | net_address_v6 | time |
			astring | ustring | boolean | fmri | uri ) #IMPLIED
	required	( true | false )	"false" >

<!--
  pg_pattern

    The pg_pattern describes one property group.
    Depending on the element's attributes, these descriptions may apply
    to just the enclosing service/instance, instances of the enclosing
    service, delegates of the service (assuming it is a restarter), or
    all services.

    Its attributes are:

	name    The property group's name.  If not specified, it
		matches all property groups with the specified type.
	type    The property group's type.  If not specified, it
		matches all property groups with the specified name.
	required
		If the property group is required.
	target	The scope of the pattern, which may be all, delegate,
		instance, or this.  'all' is reserved for framework use
		and applies the template to all services on the system.
		'delegate' is reserved for restarters, and means the
		template applies to all services which use the restarter.
		'this' would refer to the defining service or instance.
		'instance' can only be used in a service's template block,
		and means the definition applies to all instances of this
		service.

-->

<!ELEMENT pg_pattern
	( common_name?, description?, prop_pattern* ) >

<!ATTLIST pg_pattern
	name		CDATA	""
	type		CDATA	""
	required	( true | false )	"false"
	target		( this | instance | delegate | all )	"this" >

<!--
  template

    The template contains a collection of metadata about the service.
    It contains a localizable string that serves as a common,
    human-readable name for the service.  (This name should be less than
    60 characters in a single byte locale.)  The template may optionally
    contain a longer localizable description of the service, a
    collection of links to documentation, either in the form of manual
    pages or in the form of URI specifications to external documentation
    sources (such as docs.sun.com).

    The template has no attributes.
-->
<!ELEMENT template
        ( common_name, description?, documentation?, pg_pattern* ) >

<!ATTLIST template>

<!-- Notification Parameters -->

<!ELEMENT paramval EMPTY>

<!ATTLIST paramval
	name		CDATA #REQUIRED
	value		CDATA #REQUIRED>

<!ELEMENT parameter
	( value_node* )>

<!ATTLIST parameter
	name		CDATA #REQUIRED>

<!ELEMENT event EMPTY>

<!ATTLIST event
	value		CDATA #REQUIRED>

<!ELEMENT type
	( ( parameter | paramval )* )>

<!ATTLIST type
	name		CDATA #REQUIRED
	active		( true | false ) "true" >

<!--
  notification parameters

    This element sets the notification parameters for Software Events and
    Fault Management problem lifecycle events.
-->

<!ELEMENT notification_parameters
	( event, type+ )>

<!ATTLIST notification_parameters>

<!-- Services and instances -->

<!--
  create_default_instance

    A flag element indicating that an otherwise empty default instance
    of this service (named "default") should be created at install, with
    its enabled property set as given.

    Its attribute is

	enabled	[boolean] The initial value for the enabled state of
		this instance.
-->

<!ELEMENT create_default_instance EMPTY >

<!ATTLIST create_default_instance
	enabled		( true | false ) #REQUIRED >

<!--
  single_instance

    A flag element stating that this service can only have a single
    instance on a particular system.
-->

<!ELEMENT single_instance EMPTY>

<!ATTLIST single_instance>

<!--
  instance

    The service instance is the object representing a software component
    that will run on the system if enabled.  It contains an enabled
    element, a set of dependencies on other services, potentially
    customized methods or configuration data, an optional method
    context, and a pointer to its restarter.  (If no restarter is
    specified, the master restarter, svc.startd(1M), is assumed to be
    responsible for the service.)

    Its attributes are

	name	The canonical name for this instance of the service.

	enabled	[boolean] The initial value for the enabled state of
		this instance.
-->

<!ELEMENT instance
	( restarter?, dependency*, dependent*, method_context?,
	exec_method*, notification_parameters*, property_group*,
	template? ) >

<!ATTLIST instance
	name		CDATA #REQUIRED
	enabled		( true | false ) #REQUIRED >

<!--
  service

    The service contains the set of instances defined by default for
    this service, an optional method execution context, any default
    methods, the template, and various restrictions or advice applicable
    at installation.  The method execution context and template elements
    are required for service_bundle documents with type "manifest", but
    are optional for "profile" or "archive" documents.

    Its attributes are

	name	The canonical name for the service.

	version	[integer] The integer version for this service.

	type	Whether this service is a simple service, a delegated
		restarter, or a milestone (a synthetic service that
		collects a group of dependencies).
-->

<!ELEMENT service
	( create_default_instance?, single_instance?, restarter?,
	dependency*, dependent*, method_context?, exec_method*,
	notification_parameters*, property_group*, instance*,
	stability?, template? ) >

<!ATTLIST service
	name		CDATA #REQUIRED
	version		CDATA #REQUIRED
	type		( service | restarter | milestone ) #REQUIRED >

<!--
  service_bundle

    The bundle possesses two attributes:

	type	How this file is to be understood by the framework (or
		used in a non-framework compliant way). Standard types
		are 'archive', 'manifest', and 'profile'.
	
	name	A name for the bundle.  Manifests should be named after
		the package which delivered them; profiles should be
		named after the "feature set nickname" they intend to
		enable.
-->

<!ELEMENT service_bundle
	( service_bundle* | service* | xi:include* )>

<!ATTLIST service_bundle
	type		CDATA #REQUIRED
	name		CDATA #REQUIRED>
# ppriv -l -v
contract_event
	Allows a process to request critical events without limitation.
	Allows a process to request reliable delivery of all events on
	any event queue.
contract_identity
	Allows a process to set the service FMRI value of a process
	contract template.
contract_observer
	Allows a process to observe contract events generated by
	contracts created and owned by users other than the process's
	effective user ID.
	Allows a process to open contract event endpoints belonging to
	contracts created and owned by users other than the process's
	effective user ID.
cpc_cpu
	Allow a process to access per-CPU hardware performance counters.
dtrace_kernel
	Allows DTrace kernel-level tracing.
dtrace_proc
	Allows DTrace process-level tracing.
	Allows process-level tracing probes to be placed and enabled in
	processes to which the user has permissions.
dtrace_user
	Allows DTrace user-level tracing.
	Allows use of the syscall and profile DTrace providers to
	examine processes to which the user has permissions.
file_chown
	Allows a process to change a file's owner user ID.
	Allows a process to change a file's group ID to one other than
	the process' effective group ID or one of the process'
	supplemental group IDs.
file_chown_self
	Allows a process to give away its files; a process with this
	privilege will run as if {_POSIX_CHOWN_RESTRICTED} is not
	in effect.
file_dac_execute
	Allows a process to execute an executable file whose permission
	bits or ACL do not allow the process execute permission.
file_dac_read
	Allows a process to read a file or directory whose permission
	bits or ACL do not allow the process read permission.
file_dac_search
	Allows a process to search a directory whose permission bits or
	ACL do not allow the process search permission.
file_dac_write
	Allows a process to write a file or directory whose permission
	bits or ACL do not allow the process write permission.
	In order to write files owned by uid 0 in the absence of an
	effective uid of 0 ALL privileges are required.
file_downgrade_sl
	Allows a process to set the sensitivity label of a file or
	directory to a sensitivity label that does not dominate the
	existing sensitivity label.
	This privilege is interpreted only if the system is configured
	with Trusted Extensions.
file_flag_set
	Allows a process to set immutable, nounlink or appendonly
	file attributes.
file_link_any
	Allows a process to create hardlinks to files owned by a uid
	different from the process' effective uid.
file_owner
	Allows a process which is not the owner of a file or directory
	to perform the following operations that are normally permitted
	only for the file owner: modify that file's access and
	modification times; remove or rename a file or directory whose
	parent directory has the ``save text image after execution''
	(sticky) bit set; mount a ``namefs'' upon a file; modify
	permission bits or ACL except for the set-uid and set-gid
	bits.
file_read
	Allows a process to read objects in the filesystem.
file_setid
	Allows a process to change the ownership of a file or write to
	a file without the set-user-ID and set-group-ID bits being
	cleared.
	Allows a process to set the set-group-ID bit on a file or
	directory whose group is not the process' effective group or
	one of the process' supplemental groups.
	Allows a process to set the set-user-ID bit on a file with
	different ownership in the presence of PRIV_FILE_OWNER.
	Additional restrictions apply when creating or modifying a
	set-uid 0 file.
file_upgrade_sl
	Allows a process to set the sensitivity label of a file or
	directory to a sensitivity label that dominates the existing
	sensitivity label.
	This privilege is interpreted only if the system is configured
	with Trusted Extensions.
file_write
	Allows a process to modify objects in the filesystem.
graphics_access
	Allows a process to make privileged ioctls to graphics devices.
	Typically only xserver process needs to have this privilege.
	A process with this privilege is also allowed to perform
	privileged graphics device mappings.
graphics_map
	Allows a process to perform privileged mappings through a
	graphics device.
ipc_dac_read
	Allows a process to read a System V IPC
	Message Queue, Semaphore Set, or Shared Memory Segment whose
	permission bits do not allow the process read permission.
	Allows a process to read remote shared memory whose
	permission bits do not allow the process read permission.
ipc_dac_write
	Allows a process to write a System V IPC
	Message Queue, Semaphore Set, or Shared Memory Segment whose
	permission bits do not allow the process write permission.
	Allows a process to read remote shared memory whose
	permission bits do not allow the process write permission.
	Additional restrictions apply if the owner of the object has uid 0
	and the effective uid of the current process is not 0.
ipc_owner
	Allows a process which is not the owner of a System
	V IPC Message Queue, Semaphore Set, or Shared Memory Segment to
	remove, change ownership of, or change permission bits of the
	Message Queue, Semaphore Set, or Shared Memory Segment.
	Additional restrictions apply if the owner of the object has uid 0
	and the effective uid of the current process is not 0.
net_access
	Allows a process to open a TCP, UDP, SDP or SCTP network endpoint.
net_bindmlp
	Allow a process to bind to a port that is configured as a
	multi-level port(MLP) for the process's zone. This privilege
	applies to both shared address and zone-specific address MLPs.
	See tnzonecfg(4) from the Trusted Extensions manual pages for
	information on configuring MLP ports.
	This privilege is interpreted only if the system is configured
	with Trusted Extensions.
net_icmpaccess
	Allows a process to send and receive ICMP packets.
net_mac_aware
	Allows a process to set NET_MAC_AWARE process flag by using
	setpflags(2). This privilege also allows a process to set
	SO_MAC_EXEMPT socket option by using setsockopt(3SOCKET).
	The NET_MAC_AWARE process flag and the SO_MAC_EXEMPT socket
	option both allow a local process to communicate with an
	unlabeled peer if the local process' label dominates the
	peer's default label, or if the local process runs in the
	global zone.
	This privilege is interpreted only if the system is configured
	with Trusted Extensions.
net_mac_implicit
	Allows a process to set SO_MAC_IMPLICIT option by using
	setsockopt(3SOCKET).  This allows a privileged process to
	transmit implicitly-labeled packets to a peer.
	This privilege is interpreted only if the system is configured
	with Trusted Extensions.
net_observability
	Allows a process to access /dev/lo0 and the devices in /dev/ipnet/
	while not requiring them to need PRIV_NET_RAWACCESS.
net_privaddr
	Allows a process to bind to a privileged port
	number. The privilege port numbers are 1-1023 (the traditional
	UNIX privileged ports) as well as those ports marked as
	"udp/tcp_extra_priv_ports" with the exception of the ports
	reserved for use by NFS.
net_rawaccess
	Allows a process to have direct access to the network layer.
proc_audit
	Allows a process to generate audit records.
	Allows a process to get its own audit pre-selection information.
proc_chroot
	Allows a process to change its root directory.
proc_clock_highres
	Allows a process to use high resolution timers.
proc_exec
	Allows a process to call execve().
proc_fork
	Allows a process to call fork1()/forkall()/vfork()
proc_info
	Allows a process to examine the status of processes other
	than those it can send signals to.  Processes which cannot
	be examined cannot be seen in /proc and appear not to exist.
proc_lock_memory
	Allows a process to lock pages in physical memory.
proc_meminfo
	Allows a process to access physical memory information.
proc_owner
	Allows a process to send signals to other processes, inspect
	and modify process state to other processes regardless of
	ownership.  When modifying another process, additional
	restrictions apply:  the effective privilege set of the
	attaching process must be a superset of the target process'
	effective, permitted and inheritable sets; the limit set must
	be a superset of the target's limit set; if the target process
	has any uid set to 0 all privilege must be asserted unless the
	effective uid is 0.
	Allows a process to bind arbitrary processes to CPUs.
proc_prioup
	Allows a process to elevate its priority above its current level.
proc_priocntl
	Allows all that PRIV_PROC_PRIOUP allows.
	Allows a process to change its scheduling class to any scheduling class,
	including the RT class.
proc_secflags
proc_session
	Allows a process to send signals or trace processes outside its
	session.
proc_setid
	Allows a process to set its uids at will.
	Assuming uid 0 requires all privileges to be asserted.
proc_taskid
	Allows a process to assign a new task ID to the calling process.
proc_zone
	Allows a process to trace or send signals to processes in
	other zones.
sys_acct
	Allows a process to enable and disable and manage accounting through
	acct(2), getacct(2), putacct(2) and wracct(2).
sys_admin
	Allows a process to perform system administration tasks such
	as setting node and domain name and specifying nscd and coreadm
	settings.
sys_audit
	Allows a process to start the (kernel) audit daemon.
	Allows a process to view and set audit state (audit user ID,
	audit terminal ID, audit sessions ID, audit pre-selection mask).
	Allows a process to turn off and on auditing.
	Allows a process to configure the audit parameters (cache and
	queue sizes, event to class mappings, policy options).
sys_config
	Allows a process to perform various system configuration tasks.
	Allows a process to add and remove swap devices; when adding a swap
	device, a process must also have sufficient privileges to read from
	and write to the swap device.
sys_devices
	Allows a process to successfully call a kernel module that
	calls the kernel drv_priv(9F) function to check for allowed
	access.
	Allows a process to open the real console device directly.
	Allows a process to open devices that have been exclusively opened.
sys_ipc_config
	Allows a process to increase the size of a System V IPC Message
	Queue buffer.
sys_linkdir
	Allows a process to unlink and link directories.
sys_mount
	Allows filesystem specific administrative procedures, such as
	filesystem configuration ioctls, quota calls and creation/deletion
	of snapshots.
	Allows a process to mount and unmount filesystems which would
	otherwise be restricted (i.e., most filesystems except
	namefs).
	A process performing a mount operation needs to have
	appropriate access to the device being mounted (read-write for
	"rw" mounts, read for "ro" mounts).
	A process performing any of the aforementioned
	filesystem operations needs to have read/write/owner
	access to the mount point.
	Only regular files and directories can serve as mount points
	for processes which do not have all zone privileges asserted.
	Unless a process has all zone privileges, the mount(2)
	system call will force the "nosuid" and "restrict" options, the
	latter only for autofs mountpoints.
	Regardless of privileges, a process running in a non-global zone may
	only control mounts performed from within said zone.
	Outside the global zone, the "nodevices" option is always forced.
sys_iptun_config
	Allows a process to configure IP tunnel links.
sys_dl_config
	Allows a process to configure all classes of datalinks, including
	configuration allowed by PRIV_SYS_IPTUN_CONFIG.
sys_ip_config
	Allows a process to configure a system's IP interfaces and routes.
	Allows a process to configure network parameters using ndd.
	Allows a process access to otherwise restricted information using ndd.
	Allows a process to configure IPsec.
	Allows a process to pop anchored STREAMs modules with matching zoneid.
sys_net_config
	Allows all that PRIV_SYS_IP_CONFIG, PRIV_SYS_DL_CONFIG, and
	PRIV_SYS_PPP_CONFIG allow.
	Allows a process to push the rpcmod STREAMs module.
	Allows a process to INSERT/REMOVE STREAMs modules on locations other
	than the top of the module stack.
sys_nfs
	Allows a process to perform Sun private NFS specific system calls.
	Allows a process to bind to ports reserved by NFS: ports 2049 (nfs)
	and port 4045 (lockd).
sys_ppp_config
	Allows a process to create and destroy PPP (sppp) interfaces.
	Allows a process to configure PPP tunnels (sppptun).
sys_res_bind
	Allows a process to bind processes to processor sets.
sys_res_config
	Allows all that PRIV_SYS_RES_BIND allows.
	Allows a process to create and delete processor sets, assign
	CPUs to processor sets and override the PSET_NOESCAPE property.
	Allows a process to change the operational status of CPUs in
	the system using p_online(2).
	Allows a process to configure resource pools and to bind
	processes to pools
sys_resource
	Allows a process to modify the resource limits specified
	by setrlimit(2) and setrctl(2) without restriction.
	Allows a process to exceed the per-user maximum number of
	processes.
	Allows a process to extend or create files on a filesystem that
	has less than minfree space in reserve.
sys_smb
	Allows a process to access the Sun private SMB kernel module.
	Allows a process to bind to ports reserved by NetBIOS and SMB:
	ports 137 (NBNS), 138 (NetBIOS Datagram Service), 139 (NetBIOS
	Session Service and SMB-over-NBT) and 445 (SMB-over-TCP).
sys_suser_compat
	Allows a process to successfully call a third party loadable module
	that calls the kernel suser() function to check for allowed access.
	This privilege exists only for third party loadable module
	compatibility and is not used by Solaris proper.
sys_time
	Allows a process to manipulate system time using any of the
	appropriate system calls: stime, adjtime, ntp_adjtime and
	the IA specific RTC calls.
sys_trans_label
	Allows a process to translate labels that are not dominated
	by the process' sensitivity label to and from an external
	string form.
	This privilege is interpreted only if the system is configured
	with Trusted Extensions.
virt_manage
	Allows a process to manage virtualized environments such as
	xVM(5).
win_colormap
	Allows a process to override colormap restrictions.
	Allows a process to install or remove colormaps.
	Allows a process to retrieve colormap cell entries allocated
	by other processes.
	This privilege is interpreted only if the system is configured
	with Trusted Extensions.
win_config
	Allows a process to configure or destroy resources that are
	permanently retained by the X server.
	Allows a process to use SetScreenSaver to set the screen
	saver timeout value.
	Allows a process to use ChangeHosts to modify the display
	access control list.
	Allows a process to use GrabServer.
	Allows a process to use the SetCloseDownMode request which
	may retain window, pixmap, colormap, property, cursor, font,
	or graphic context resources.
	This privilege is interpreted only if the system is configured
	with Trusted Extensions.
win_dac_read
	Allows a process to read from a window resource that it does
	not own (has a different user ID).
	This privilege is interpreted only if the system is configured
	with Trusted Extensions.
win_dac_write
	Allows a process to write to or create a window resource that
	it does not own (has a different user ID). A newly created
	window property is created with the window's user ID.
	This privilege is interpreted only if the system is configured
	with Trusted Extensions.
win_devices
	Allows a process to perform operations on window input devices.
	Allows a process to get and set keyboard and pointer controls.
	Allows a process to modify pointer button and key mappings.
	This privilege is interpreted only if the system is configured
	with Trusted Extensions.
win_dga
	Allows a process to use the direct graphics access (DGA) X protocol
	extensions. Direct process access to the frame buffer is still
	required. Thus the process must have MAC and DAC privileges that
	allow access to the frame buffer, or the frame buffer must be
	allocated to the process.
	This privilege is interpreted only if the system is configured
	with Trusted Extensions.
win_downgrade_sl
	Allows a process to set the sensitivity label of a window resource
	to a sensitivity label that does not dominate the existing
	sensitivity label.
	This privilege is interpreted only if the system is configured
	with Trusted Extensions.
win_fontpath
	Allows a process to set a font path.
	This privilege is interpreted only if the system is configured
	with Trusted Extensions.
win_mac_read
	Allows a process to read from a window resource whose sensitivity
	label is not equal to the process sensitivity label.
	This privilege is interpreted only if the system is configured
	with Trusted Extensions.
win_mac_write
	Allows a process to create a window resource whose sensitivity
	label is not equal to the process sensitivity label.
	A newly created window property is created with the window's
	sensitivity label.
	This privilege is interpreted only if the system is configured
	with Trusted Extensions.
win_selection
	Allows a process to request inter-window data moves without the
	intervention of the selection confirmer.
	This privilege is interpreted only if the system is configured
	with Trusted Extensions.
win_upgrade_sl
	Allows a process to set the sensitivity label of a window
	resource to a sensitivity label that dominates the existing
	sensitivity label.
	This privilege is interpreted only if the system is configured
	with Trusted Extensions.
xvm_control
	Allows a process access to the xVM(5) control devices for
	managing guest domains and the hypervisor. This privilege is
	used only if booted into xVM on x86 platforms.
/*
 * CC=/opt/gcc-5.1.0/bin gcc -m64 -o getdefaultproj -Wall -lproject getdefaultproj.c
 */
#include <stdlib.h>
#include <stdio.h>
#include <unistd.h>
#include <string.h>
#include <project.h>

struct project proj;
void * buf;
char *user;

int main(int argc, char **argv) {
    if ((argc > 1) && (strcmp(argv[1], "") != 0)) {
        user = argv[1] ;
    } else {
        user = "root" ;
    }
    buf = malloc(PROJECT_BUFSZ);
    if (buf == NULL) return 1;
    if (getdefaultproj(user, &proj, buf, PROJECT_BUFSZ) == NULL) {
        printf("User does not exist or failed to get default project!\n");
    } else {
        printf("%s\n", proj.pj_name);
    }
    return 0;
}