--- /dev/null
+<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="m-1">
+ <data xmlns="urn:ietf:params:xml:ns:yang:ietf-netconf-monitoring"><?xml version="1.0" encoding="UTF-8"?>
+<module name="ietf-system"
+ xmlns="urn:ietf:params:xml:ns:yang:yin:1"
+ xmlns:sys="urn:ietf:params:xml:ns:yang:ietf-system"
+ xmlns:yang="urn:ietf:params:xml:ns:yang:ietf-yang-types"
+ xmlns:inet="urn:ietf:params:xml:ns:yang:ietf-inet-types"
+ xmlns:nacm="urn:ietf:params:xml:ns:yang:ietf-netconf-acm"
+ xmlns:ianach="urn:ietf:params:xml:ns:yang:iana-crypt-hash">
+ <namespace uri="urn:ietf:params:xml:ns:yang:ietf-system"/>
+ <prefix value="sys"/>
+ <import module="ietf-yang-types">
+ <prefix value="yang"/>
+ </import>
+ <import module="ietf-inet-types">
+ <prefix value="inet"/>
+ </import>
+ <import module="ietf-netconf-acm">
+ <prefix value="nacm"/>
+ </import>
+ <import module="iana-crypt-hash">
+ <prefix value="ianach"/>
+ </import>
+ <organization>
+ <text>IETF NETMOD (NETCONF Data Modeling Language) Working Group</text>
+ </organization>
+ <contact>
+ <text>WG Web: &lt;http://tools.ietf.org/wg/netmod/&gt;
+WG List: &lt;mailto:netmod@ietf.org&gt;
+
+WG Chair: Thomas Nadeau
+ &lt;mailto:tnadeau@lucidvision.com&gt;
+
+WG Chair: Juergen Schoenwaelder
+ &lt;mailto:j.schoenwaelder@jacobs-university.de&gt;
+
+Editor: Andy Bierman
+ &lt;mailto:andy@yumaworks.com&gt;
+
+Editor: Martin Bjorklund
+ &lt;mailto:mbj@tail-f.com&gt;</text>
+ </contact>
+ <description>
+ <text>This module contains a collection of YANG definitions for the
+configuration and identification of some common system
+properties within a device containing a NETCONF server. This
+includes data node definitions for system identification,
+time-of-day management, user management, DNS resolver
+configuration, and some protocol operations for system
+management.
+
+Copyright (c) 2014 IETF Trust and the persons identified as
+authors of the code. All rights reserved.
+
+Redistribution and use in source and binary forms, with or
+without modification, is permitted pursuant to, and subject
+to the license terms contained in, the Simplified BSD License
+set forth in Section 4.c of the IETF Trust's Legal Provisions
+Relating to IETF Documents
+(http://trustee.ietf.org/license-info).
+
+This version of this YANG module is part of RFC 7317; see
+the RFC itself for full legal notices.</text>
+ </description>
+ <revision date="2014-08-06">
+ <description>
+ <text>Initial revision.</text>
+ </description>
+ <reference>
+ <text>RFC 7317: A YANG Data Model for System Management</text>
+ </reference>
+ </revision>
+ <feature name="radius">
+ <description>
+ <text>Indicates that the device can be configured as a RADIUS
+client.</text>
+ </description>
+ <reference>
+ <text>RFC 2865: Remote Authentication Dial In User Service (RADIUS)</text>
+ </reference>
+ </feature>
+ <feature name="authentication">
+ <description>
+ <text>Indicates that the device supports configuration of
+user authentication.</text>
+ </description>
+ </feature>
+ <feature name="local-users">
+ <if-feature name="authentication"/>
+ <description>
+ <text>Indicates that the device supports configuration of
+local user authentication.</text>
+ </description>
+ </feature>
+ <feature name="radius-authentication">
+ <if-feature name="radius"/>
+ <if-feature name="authentication"/>
+ <description>
+ <text>Indicates that the device supports configuration of user
+authentication over RADIUS.</text>
+ </description>
+ <reference>
+ <text>RFC 2865: Remote Authentication Dial In User Service (RADIUS)
+RFC 5607: Remote Authentication Dial-In User Service (RADIUS)
+ Authorization for Network Access Server (NAS)
+ Management</text>
+ </reference>
+ </feature>
+ <feature name="ntp">
+ <description>
+ <text>Indicates that the device can be configured to use one or
+more NTP servers to set the system date and time.</text>
+ </description>
+ </feature>
+ <feature name="ntp-udp-port">
+ <if-feature name="ntp"/>
+ <description>
+ <text>Indicates that the device supports the configuration of
+the UDP port for NTP servers.
+
+This is a 'feature', since many implementations do not support
+any port other than the default port.</text>
+ </description>
+ </feature>
+ <feature name="timezone-name">
+ <description>
+ <text>Indicates that the local time zone on the device
+can be configured to use the TZ database
+to set the time zone and manage daylight saving time.</text>
+ </description>
+ <reference>
+ <text>RFC 6557: Procedures for Maintaining the Time Zone Database</text>
+ </reference>
+ </feature>
+ <feature name="dns-udp-tcp-port">
+ <description>
+ <text>Indicates that the device supports the configuration of
+the UDP and TCP port for DNS servers.
+
+This is a 'feature', since many implementations do not support
+any port other than the default port.</text>
+ </description>
+ </feature>
+ <identity name="authentication-method">
+ <description>
+ <text>Base identity for user authentication methods.</text>
+ </description>
+ </identity>
+ <identity name="radius">
+ <base name="authentication-method"/>
+ <description>
+ <text>Indicates user authentication using RADIUS.</text>
+ </description>
+ <reference>
+ <text>RFC 2865: Remote Authentication Dial In User Service (RADIUS)
+RFC 5607: Remote Authentication Dial-In User Service (RADIUS)
+ Authorization for Network Access Server (NAS)
+ Management</text>
+ </reference>
+ </identity>
+ <identity name="local-users">
+ <base name="authentication-method"/>
+ <description>
+ <text>Indicates password-based authentication of locally
+configured users.</text>
+ </description>
+ </identity>
+ <identity name="radius-authentication-type">
+ <description>
+ <text>Base identity for RADIUS authentication types.</text>
+ </description>
+ </identity>
+ <identity name="radius-pap">
+ <base name="radius-authentication-type"/>
+ <description>
+ <text>The device requests Password Authentication Protocol (PAP)
+authentication from the RADIUS server.</text>
+ </description>
+ <reference>
+ <text>RFC 2865: Remote Authentication Dial In User Service (RADIUS)</text>
+ </reference>
+ </identity>
+ <identity name="radius-chap">
+ <base name="radius-authentication-type"/>
+ <description>
+ <text>The device requests Challenge Handshake Authentication
+Protocol (CHAP) authentication from the RADIUS server.</text>
+ </description>
+ <reference>
+ <text>RFC 2865: Remote Authentication Dial In User Service (RADIUS)</text>
+ </reference>
+ </identity>
+ <typedef name="timezone-name">
+ <type name="string"/>
+ <description>
+ <text>A time zone name as used by the Time Zone Database,
+sometimes referred to as the 'Olson Database'.
+
+The exact set of valid values is an implementation-specific
+matter. Client discovery of the exact set of time zone names
+for a particular server is out of scope.</text>
+ </description>
+ <reference>
+ <text>RFC 6557: Procedures for Maintaining the Time Zone Database</text>
+ </reference>
+ </typedef>
+ <container name="system">
+ <description>
+ <text>System group configuration.</text>
+ </description>
+ <leaf name="contact">
+ <type name="string"/>
+ <description>
+ <text>The administrator contact information for the system.
+
+A server implementation MAY map this leaf to the sysContact
+MIB object. Such an implementation needs to use some
+mechanism to handle the differences in size and characters
+allowed between this leaf and sysContact. The definition of
+such a mechanism is outside the scope of this document.</text>
+ </description>
+ <reference>
+ <text>RFC 3418: Management Information Base (MIB) for the
+ Simple Network Management Protocol (SNMP)
+ SNMPv2-MIB.sysContact</text>
+ </reference>
+ </leaf>
+ <leaf name="hostname">
+ <type name="inet:domain-name"/>
+ <description>
+ <text>The name of the host. This name can be a single domain
+label or the fully qualified domain name of the host.</text>
+ </description>
+ </leaf>
+ <leaf name="location">
+ <type name="string"/>
+ <description>
+ <text>The system location.
+
+A server implementation MAY map this leaf to the sysLocation
+MIB object. Such an implementation needs to use some
+mechanism to handle the differences in size and characters
+allowed between this leaf and sysLocation. The definition
+of such a mechanism is outside the scope of this document.</text>
+ </description>
+ <reference>
+ <text>RFC 3418: Management Information Base (MIB) for the
+ Simple Network Management Protocol (SNMP)
+ SNMPv2-MIB.sysLocation</text>
+ </reference>
+ </leaf>
+ <container name="clock">
+ <description>
+ <text>Configuration of the system date and time properties.</text>
+ </description>
+ <choice name="timezone">
+ <description>
+ <text>The system time zone information.</text>
+ </description>
+ <case name="timezone-name">
+ <if-feature name="timezone-name"/>
+ <leaf name="timezone-name">
+ <type name="timezone-name"/>
+ <description>
+ <text>The TZ database name to use for the system, such
+as 'Europe/Stockholm'.</text>
+ </description>
+ </leaf>
+ </case>
+ <case name="timezone-utc-offset">
+ <leaf name="timezone-utc-offset">
+ <type name="int16">
+ <range value="-1500 .. 1500"/>
+ </type>
+ <units name="minutes"/>
+ <description>
+ <text>The number of minutes to add to UTC time to
+identify the time zone for this system. For example,
+'UTC - 8:00 hours' would be represented as '-480'.
+Note that automatic daylight saving time adjustment
+is not provided if this object is used.</text>
+ </description>
+ </leaf>
+ </case>
+ </choice>
+ </container>
+ <container name="ntp">
+ <if-feature name="ntp"/>
+ <presence value="Enables the NTP client unless the 'enabled' leaf
+(which defaults to 'true') is set to 'false'"/>
+ <description>
+ <text>Configuration of the NTP client.</text>
+ </description>
+ <leaf name="enabled">
+ <type name="boolean"/>
+ <default value="true"/>
+ <description>
+ <text>Indicates that the system should attempt to
+synchronize the system clock with an NTP server
+from the 'ntp/server' list.</text>
+ </description>
+ </leaf>
+ <list name="server">
+ <key value="name"/>
+ <description>
+ <text>List of NTP servers to use for system clock
+synchronization. If '/system/ntp/enabled'
+is 'true', then the system will attempt to
+contact and utilize the specified NTP servers.</text>
+ </description>
+ <leaf name="name">
+ <type name="string"/>
+ <description>
+ <text>An arbitrary name for the NTP server.</text>
+ </description>
+ </leaf>
+ <choice name="transport">
+ <mandatory value="true"/>
+ <description>
+ <text>The transport-protocol-specific parameters for this
+server.</text>
+ </description>
+ <case name="udp">
+ <container name="udp">
+ <description>
+ <text>Contains UDP-specific configuration parameters
+for NTP.</text>
+ </description>
+ <leaf name="address">
+ <type name="inet:host"/>
+ <mandatory value="true"/>
+ <description>
+ <text>The address of the NTP server.</text>
+ </description>
+ </leaf>
+ <leaf name="port">
+ <if-feature name="ntp-udp-port"/>
+ <type name="inet:port-number"/>
+ <default value="123"/>
+ <description>
+ <text>The port number of the NTP server.</text>
+ </description>
+ </leaf>
+ </container>
+ </case>
+ </choice>
+ <leaf name="association-type">
+ <type name="enumeration">
+ <enum name="server">
+ <description>
+ <text>Use client association mode. This device
+will not provide synchronization to the
+configured NTP server.</text>
+ </description>
+ </enum>
+ <enum name="peer">
+ <description>
+ <text>Use symmetric active association mode.
+This device may provide synchronization
+to the configured NTP server.</text>
+ </description>
+ </enum>
+ <enum name="pool">
+ <description>
+ <text>Use client association mode with one or
+more of the NTP servers found by DNS
+resolution of the domain name given by
+the 'address' leaf. This device will not
+provide synchronization to the servers.</text>
+ </description>
+ </enum>
+ </type>
+ <default value="server"/>
+ <description>
+ <text>The desired association type for this NTP server.</text>
+ </description>
+ </leaf>
+ <leaf name="iburst">
+ <type name="boolean"/>
+ <default value="false"/>
+ <description>
+ <text>Indicates whether this server should enable burst
+synchronization or not.</text>
+ </description>
+ </leaf>
+ <leaf name="prefer">
+ <type name="boolean"/>
+ <default value="false"/>
+ <description>
+ <text>Indicates whether this server should be preferred
+or not.</text>
+ </description>
+ </leaf>
+ </list>
+ </container>
+ <container name="dns-resolver">
+ <description>
+ <text>Configuration of the DNS resolver.</text>
+ </description>
+ <leaf-list name="search">
+ <type name="inet:domain-name"/>
+ <ordered-by value="user"/>
+ <description>
+ <text>An ordered list of domains to search when resolving
+a host name.</text>
+ </description>
+ </leaf-list>
+ <list name="server">
+ <key value="name"/>
+ <ordered-by value="user"/>
+ <description>
+ <text>List of the DNS servers that the resolver should query.
+
+When the resolver is invoked by a calling application, it
+sends the query to the first name server in this list. If
+no response has been received within 'timeout' seconds,
+the resolver continues with the next server in the list.
+If no response is received from any server, the resolver
+continues with the first server again. When the resolver
+has traversed the list 'attempts' times without receiving
+any response, it gives up and returns an error to the
+calling application.
+
+Implementations MAY limit the number of entries in this
+list.</text>
+ </description>
+ <leaf name="name">
+ <type name="string"/>
+ <description>
+ <text>An arbitrary name for the DNS server.</text>
+ </description>
+ </leaf>
+ <choice name="transport">
+ <mandatory value="true"/>
+ <description>
+ <text>The transport-protocol-specific parameters for this
+server.</text>
+ </description>
+ <case name="udp-and-tcp">
+ <container name="udp-and-tcp">
+ <description>
+ <text>Contains UDP- and TCP-specific configuration
+parameters for DNS.</text>
+ </description>
+ <reference>
+ <text>RFC 1035: Domain Names - Implementation and
+ Specification
+RFC 5966: DNS Transport over TCP - Implementation
+ Requirements</text>
+ </reference>
+ <leaf name="address">
+ <type name="inet:ip-address"/>
+ <mandatory value="true"/>
+ <description>
+ <text>The address of the DNS server.</text>
+ </description>
+ </leaf>
+ <leaf name="port">
+ <if-feature name="dns-udp-tcp-port"/>
+ <type name="inet:port-number"/>
+ <default value="53"/>
+ <description>
+ <text>The UDP and TCP port number of the DNS server.</text>
+ </description>
+ </leaf>
+ </container>
+ </case>
+ </choice>
+ </list>
+ <container name="options">
+ <description>
+ <text>Resolver options. The set of available options has been
+limited to those that are generally available across
+different resolver implementations and generally useful.</text>
+ </description>
+ <leaf name="timeout">
+ <type name="uint8">
+ <range value="1..max"/>
+ </type>
+ <units name="seconds"/>
+ <default value="5"/>
+ <description>
+ <text>The amount of time the resolver will wait for a
+response from each remote name server before
+retrying the query via a different name server.</text>
+ </description>
+ </leaf>
+ <leaf name="attempts">
+ <type name="uint8">
+ <range value="1..max"/>
+ </type>
+ <default value="2"/>
+ <description>
+ <text>The number of times the resolver will send a query to
+all of its name servers before giving up and returning
+an error to the calling application.</text>
+ </description>
+ </leaf>
+ </container>
+ </container>
+ <container name="radius">
+ <if-feature name="radius"/>
+ <description>
+ <text>Configuration of the RADIUS client.</text>
+ </description>
+ <list name="server">
+ <key value="name"/>
+ <ordered-by value="user"/>
+ <description>
+ <text>List of RADIUS servers used by the device.
+
+When the RADIUS client is invoked by a calling
+application, it sends the query to the first server in
+this list. If no response has been received within
+'timeout' seconds, the client continues with the next
+server in the list. If no response is received from any
+server, the client continues with the first server again.
+When the client has traversed the list 'attempts' times
+without receiving any response, it gives up and returns an
+error to the calling application.</text>
+ </description>
+ <leaf name="name">
+ <type name="string"/>
+ <description>
+ <text>An arbitrary name for the RADIUS server.</text>
+ </description>
+ </leaf>
+ <choice name="transport">
+ <mandatory value="true"/>
+ <description>
+ <text>The transport-protocol-specific parameters for this
+server.</text>
+ </description>
+ <case name="udp">
+ <container name="udp">
+ <description>
+ <text>Contains UDP-specific configuration parameters
+for RADIUS.</text>
+ </description>
+ <leaf name="address">
+ <type name="inet:host"/>
+ <mandatory value="true"/>
+ <description>
+ <text>The address of the RADIUS server.</text>
+ </description>
+ </leaf>
+ <leaf name="authentication-port">
+ <type name="inet:port-number"/>
+ <default value="1812"/>
+ <description>
+ <text>The port number of the RADIUS server.</text>
+ </description>
+ </leaf>
+ <leaf name="shared-secret">
+ <nacm:default-deny-all/>
+ <type name="string"/>
+ <mandatory value="true"/>
+ <description>
+ <text>The shared secret, which is known to both the
+RADIUS client and server.</text>
+ </description>
+ <reference>
+ <text>RFC 2865: Remote Authentication Dial In User
+ Service (RADIUS)</text>
+ </reference>
+ </leaf>
+ </container>
+ </case>
+ </choice>
+ <leaf name="authentication-type">
+ <type name="identityref">
+ <base name="radius-authentication-type"/>
+ </type>
+ <default value="radius-pap"/>
+ <description>
+ <text>The authentication type requested from the RADIUS
+server.</text>
+ </description>
+ </leaf>
+ </list>
+ <container name="options">
+ <description>
+ <text>RADIUS client options.</text>
+ </description>
+ <leaf name="timeout">
+ <type name="uint8">
+ <range value="1..max"/>
+ </type>
+ <units name="seconds"/>
+ <default value="5"/>
+ <description>
+ <text>The number of seconds the device will wait for a
+response from each RADIUS server before trying with a
+different server.</text>
+ </description>
+ </leaf>
+ <leaf name="attempts">
+ <type name="uint8">
+ <range value="1..max"/>
+ </type>
+ <default value="2"/>
+ <description>
+ <text>The number of times the device will send a query to
+all of its RADIUS servers before giving up.</text>
+ </description>
+ </leaf>
+ </container>
+ </container>
+ <container name="authentication">
+ <nacm:default-deny-write/>
+ <if-feature name="authentication"/>
+ <description>
+ <text>The authentication configuration subtree.</text>
+ </description>
+ <leaf-list name="user-authentication-order">
+ <type name="identityref">
+ <base name="authentication-method"/>
+ </type>
+ <must condition="(. != &quot;sys:radius&quot; or ../../radius/server)">
+ <error-message>
+ <value>When 'radius' is used, a RADIUS server must be configured.</value>
+ </error-message>
+ <description>
+ <text>When 'radius' is used as an authentication method,
+a RADIUS server must be configured.</text>
+ </description>
+ </must>
+ <ordered-by value="user"/>
+ <description>
+ <text>When the device authenticates a user with a password,
+it tries the authentication methods in this leaf-list in
+order. If authentication with one method fails, the next
+method is used. If no method succeeds, the user is
+denied access.
+
+An empty user-authentication-order leaf-list still allows
+authentication of users using mechanisms that do not
+involve a password.
+
+If the 'radius-authentication' feature is advertised by
+the NETCONF server, the 'radius' identity can be added to
+this list.
+
+If the 'local-users' feature is advertised by the
+NETCONF server, the 'local-users' identity can be
+added to this list.</text>
+ </description>
+ </leaf-list>
+ <list name="user">
+ <if-feature name="local-users"/>
+ <key value="name"/>
+ <description>
+ <text>The list of local users configured on this device.</text>
+ </description>
+ <leaf name="name">
+ <type name="string"/>
+ <description>
+ <text>The user name string identifying this entry.</text>
+ </description>
+ </leaf>
+ <leaf name="password">
+ <type name="ianach:crypt-hash"/>
+ <description>
+ <text>The password for this entry.</text>
+ </description>
+ </leaf>
+ <list name="authorized-key">
+ <key value="name"/>
+ <description>
+ <text>A list of public SSH keys for this user. These keys
+are allowed for SSH authentication, as described in
+RFC 4253.</text>
+ </description>
+ <reference>
+ <text>RFC 4253: The Secure Shell (SSH) Transport Layer
+ Protocol</text>
+ </reference>
+ <leaf name="name">
+ <type name="string"/>
+ <description>
+ <text>An arbitrary name for the SSH key.</text>
+ </description>
+ </leaf>
+ <leaf name="algorithm">
+ <type name="string"/>
+ <mandatory value="true"/>
+ <description>
+ <text>The public key algorithm name for this SSH key.
+
+Valid values are the values in the IANA 'Secure Shell
+(SSH) Protocol Parameters' registry, Public Key
+Algorithm Names.</text>
+ </description>
+ <reference>
+ <text>IANA 'Secure Shell (SSH) Protocol Parameters'
+registry, Public Key Algorithm Names</text>
+ </reference>
+ </leaf>
+ <leaf name="key-data">
+ <type name="binary"/>
+ <mandatory value="true"/>
+ <description>
+ <text>The binary public key data for this SSH key, as
+specified by RFC 4253, Section 6.6, i.e.:
+
+ string certificate or public key format
+ identifier
+ byte[n] key/certificate data.</text>
+ </description>
+ <reference>
+ <text>RFC 4253: The Secure Shell (SSH) Transport Layer
+ Protocol</text>
+ </reference>
+ </leaf>
+ </list>
+ </list>
+ </container>
+ </container>
+ <container name="system-state">
+ <config value="false"/>
+ <description>
+ <text>System group operational state.</text>
+ </description>
+ <container name="platform">
+ <description>
+ <text>Contains vendor-specific information for
+identifying the system platform and operating system.</text>
+ </description>
+ <reference>
+ <text>IEEE Std 1003.1-2008 - sys/utsname.h</text>
+ </reference>
+ <leaf name="os-name">
+ <type name="string"/>
+ <description>
+ <text>The name of the operating system in use -
+for example, 'Linux'.</text>
+ </description>
+ <reference>
+ <text>IEEE Std 1003.1-2008 - utsname.sysname</text>
+ </reference>
+ </leaf>
+ <leaf name="os-release">
+ <type name="string"/>
+ <description>
+ <text>The current release level of the operating
+system in use. This string MAY indicate
+the OS source code revision.</text>
+ </description>
+ <reference>
+ <text>IEEE Std 1003.1-2008 - utsname.release</text>
+ </reference>
+ </leaf>
+ <leaf name="os-version">
+ <type name="string"/>
+ <description>
+ <text>The current version level of the operating
+system in use. This string MAY indicate
+the specific OS build date and target variant
+information.</text>
+ </description>
+ <reference>
+ <text>IEEE Std 1003.1-2008 - utsname.version</text>
+ </reference>
+ </leaf>
+ <leaf name="machine">
+ <type name="string"/>
+ <description>
+ <text>A vendor-specific identifier string representing
+the hardware in use.</text>
+ </description>
+ <reference>
+ <text>IEEE Std 1003.1-2008 - utsname.machine</text>
+ </reference>
+ </leaf>
+ </container>
+ <container name="clock">
+ <description>
+ <text>Monitoring of the system date and time properties.</text>
+ </description>
+ <leaf name="current-datetime">
+ <type name="yang:date-and-time"/>
+ <description>
+ <text>The current system date and time.</text>
+ </description>
+ </leaf>
+ <leaf name="boot-datetime">
+ <type name="yang:date-and-time"/>
+ <description>
+ <text>The system date and time when the system last restarted.</text>
+ </description>
+ </leaf>
+ </container>
+ </container>
+ <rpc name="set-current-datetime">
+ <nacm:default-deny-all/>
+ <description>
+ <text>Set the /system-state/clock/current-datetime leaf
+to the specified value.
+
+If the system is using NTP (i.e., /system/ntp/enabled
+is set to 'true'), then this operation will fail with
+error-tag 'operation-failed' and error-app-tag value of
+'ntp-active'.</text>
+ </description>
+ <input>
+ <leaf name="current-datetime">
+ <type name="yang:date-and-time"/>
+ <mandatory value="true"/>
+ <description>
+ <text>The current system date and time.</text>
+ </description>
+ </leaf>
+ </input>
+ </rpc>
+ <rpc name="system-restart">
+ <nacm:default-deny-all/>
+ <description>
+ <text>Request that the entire system be restarted immediately.
+A server SHOULD send an rpc reply to the client before
+restarting the system.</text>
+ </description>
+ </rpc>
+ <rpc name="system-shutdown">
+ <nacm:default-deny-all/>
+ <description>
+ <text>Request that the entire system be shut down immediately.
+A server SHOULD send an rpc reply to the client before
+shutting down the system.</text>
+ </description>
+ </rpc>
+</module>
+</data>
+</rpc-reply>