svcadm(8)을 검색하려면 섹션에서 8 을 선택하고, 맨 페이지 이름에 svcadm을 입력하고 검색을 누른다.
project(5)
project(5) File Formats project(5)
NAME
project - project file
DESCRIPTION
The project file is a local source of project information. The project
file can be used in conjunction with other project sources, including
the NIS maps project.byname and project.bynumber and the LDAP database
project. Programs use the getprojent(3PROJECT) routines to access this
information.
The project file contains a one-line entry for each project recognized
by the system, of the form:
projname:projid:comment:user-list:group-list:attributes
where the fields are defined as:
projname The name of the project. The name must be a string that
consists of alphanumeric characters, underline (_) char‐
acters, hyphens (-), and periods (.). The period, which
is reserved for projects with special meaning to the
operating system, can be used only in the names of
default projects for users. projname cannot contain
colons (:) or newline characters.
projid The project's unique numerical ID (PROJID) within the
system. The maximum value of the projid field is MAXPRO‐
JID. Project IDs below 100 are reserved for the use of
the operating system.
comment The project's description.
user-list A comma-separated list of users allowed in the project.
With the exception of the special projects referred to
below, an empty field indicates no users are allowed.
group-list A comma-separated list of groups of users allowed in the
project. With the exception of the special projects
referred to below, an empty field indicates no groups are
allowed.
attributes A semicolon-separated list of name value pairs. Each pair
has the following format:
name[=value]
where name is the arbitrary string specifying the key's
name and value is the optional key value. An explanation
of the valid name-value pair syntax is provided in the
USAGE section of this page.
The attributes field can be used to specify the follow‐
ing:
o resource controls. For more information, see
the resource-controls(7) man page.
o A physical memory cap using the rcapd.max-rss
attribute. For more information, see the
rcapd(8) man page.
o A resource pool binding using the project.pool
attribute. For more information, see the pool‐
bind(8) man page.
o A multi-cpu-binding (MCB) using one of the
following attributes. For more information,
see the pbind(8) man page.
project.mcb.cpus
project.mcb.cores
project.mcb.sockets
project.mcb.pgs
project.mcb.lgroups
project.mcb.flags
See the setproject(3PROJECT) man page for a more detailed
description of the behavior of these attributes.
The attributes specified in the project database are
applied to processes joining a project, such when a user
logs in and joins their default project, or when the new‐
task command is used with the -p option.
Modifications to the attributes can be applied to pro‐
cesses already in a project using the -A option to the
projmod command.
Resource controls or attributes not understood by the
currently running Solaris operating System are ignored.
Null entries (empty fields) in the user-list and group-list fields,
which normally mean "no users" and "no groups", respectively, have a
different meaning in the entries for three special projects, user.user‐
name, group.groupname, and default. See getprojent(3PROJECT) for a
description of these projects.
Wildcards can be used in user-list and group-list fields of the project
database entry. The asterisk (*), allows all users or groups to join
the project. The exclamation mark followed by the asterisk (!*),
excludes all users or groups from the project. The exclamation mark (!)
followed by a username or groupname excludes the specified user or
group from the project. See EXAMPLES.
Malformed entries cause routines that read this file to halt, in which
case project assignments specified further along are never made. Blank
lines are treated as malformed entries in the project file, and cause
getprojent(3PROJECT) and derived interfaces to fail.
EXAMPLES
Example 1 Sample project File
The following is a sample project file:
system:0:System:::
user.root:1:Super-User:::
noproject:2:No Project:::
default:3::::
group.staff:10::::
beatles:100:The Beatles:john,paul,george,ringo::task.max-lwps=
(privileged,100,signal=SIGTERM),(privileged,110,deny);
process.max-file-descriptor
The two line breaks in the line that begins with beatles are not valid
in a project file. They are shown here only to allow the example to
display on a printed or displayed page. Each entry must be on one and
only one line.
An example project entry for nsswitch.conf(5) is:
project: files nis
With these entries, the project beatles has members john, paul, george,
and ringo. All projects listed in the NIS project table are effectively
incorporated after the entry for beatles.
The beatles project has two values set on the task.max-lwps resource
control. When a task in the beatles project requests (via one of its
member processes) its 100th and 110th LWPs, an action associated with
the encountered threshold triggers. Upon the request for the 100th LWP,
the process making the request is sent the signal SIGTERM and is
granted the request for an additional lightweight process (LWP). At
this point, the threshold for 110 LWPs becomes the active threshold.
When a request for the 110th LWP in the task is made, the requesting
process is denied the request--no LWP is created. Since the 110th LWP
is never granted, the threshold remains active, and all subsequent
requests for an 110th LWP fails. (If LWPs are given up, then subsequent
requests succeeds, unless they would take the total number of LWPs
across the task over 110.) The process.max-file-descriptor resource
control is given no values. This means that processes entering this
project only has the system resource control value on this rctl.
Example 2 Project Entry with Wildcards
The following entries use wildcards:
notroot:200:Shared Project:*,!root::
notused:300:Unused Project::!*:
In this example, any user except "root" is a member of project notroot.
For the project notused, all groups are excluded.
USAGE
The project database offers a reasonably flexible attribute mechanism
in the final name-value pair field. Name-value pairs are separated from
one another with the semicolon (;) character. The name is in turn dis‐
tinguished from the (optional) value by the equals (=) character. The
value field can contain multiple values separated by the comma (,)
character, with grouping support (into further values lists) by paren‐
theses. Each of these values can be composed of the alphabetic charac‐
ters, the digits '0' through '9', and the punctuation characters hyphen
(-), plus (+), period (.), slash (/), and underscore (_). Example
resource control value specifications are provided in EXAMPLES, above,
and in resource-controls(7) and getprojent(3PROJECT).
SEE ALSO
newtask(1), prctl(1), projects(1), setrctl(2), unistd.h(3HEAD), getpro‐
jent(3PROJECT), nsswitch.conf(5), resource-controls(7), resource-man‐
agement(7), pbind(8), poolbind(8), projmod(8), psrinfo(8), rcapd(8)
NOTES
The solaris.project.assign authorizations allow an administrator to add
a user to any project. The solaris.project.delegate authorization
allows an administrator to only add users to the projects of which the
administrator is a member.
Note that project 0 (system) attributes may not be taken into account
by the boot services unless a task is explicitly entered or created in
this project.
The project.mcb.sockets property will be removed in a future release of
Oracle Solaris.
Oracle Solaris 11.4 11 May 2021 project(5)