forked from OVALProject/Sandbox
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathx-linux-systemdunitproperty.xsd
157 lines (157 loc) · 12.8 KB
/
x-linux-systemdunitproperty.xsd
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
<?xml version="1.0" encoding="utf-8"?>
<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:oval-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" xmlns:linux-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" xmlns:linux-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#linux" xmlns:x-linux-systemdunitproperty="http://oval.mitre.org/XMLSchema/x-linux-systemdunitproperty" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/x-linux-systemdunitproperty" elementFormDefault="qualified" version="5.11">
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-definitions-5" schemaLocation="oval-definitions-schema.xsd"/>
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" schemaLocation="oval-system-characteristics-schema.xsd"/>
<xsd:annotation>
<xsd:documentation>The following is a proposal for the experimental linux-def:systemdunitproperty_test and linux-sc:systemdunitproperty_item that will support checking the properties associated with systemd units.</xsd:documentation>
<xsd:appinfo>
<schema>Experimental Schema for the Linux systemd Unit Property Test</schema>
<version>5.11</version>
<date>04/30/2014 12:15:00 PM</date>
<terms_of_use>Copyright (c) 2002-2014, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
<sch:ns prefix="oval-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5"/>
<sch:ns prefix="oval-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5"/>
<sch:ns prefix="linux-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"/>
<sch:ns prefix="linux-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#linux"/>
<sch:ns prefix="x-linux-systemdunitproperty" uri="http://oval.mitre.org/XMLSchema/x-linux-systemdunitproperty"/>
<sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/>
</xsd:appinfo>
</xsd:annotation>
<!-- =============================================================================== -->
<!-- ======================= SYSTEMD UNIT PROPERTY TEST ========================== -->
<!-- =============================================================================== -->
<xsd:element name="systemdunitproperty_test" substitutionGroup="oval-def:test">
<xsd:annotation>
<xsd:documentation>The systemdunitproperty_test is used to retrieve information about systemd units in form of properties. For more information see the output generated by systemctl show $unit. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required object element references a systemctlshow_object and the optional state element specifies the data to check.</xsd:documentation>
<xsd:appinfo>
<oval:element_mapping>
<oval:test>systemdunitproperty_test</oval:test>
<oval:object>systemdunitproperty_object</oval:object>
<oval:state>systemdunitproperty_state</oval:state>
<oval:item>systemdunitproperty_item</oval:item>
</oval:element_mapping>
</xsd:appinfo>
<xsd:appinfo>
<sch:pattern id="linux-def_systemdunitpropertytst">
<sch:rule context="linux-def:systemdunitproperty_test/unix-def:object">
<sch:assert test="@object_ref=ancestor::oval-def:oval_definitions/oval-def:objects/linux-def:systemdunitproperty_object/@id"><sch:value-of select="../@id"/> - the object child element of a systemdunitproperty_test must reference a systemdunitproperty_object</sch:assert>
</sch:rule>
<sch:rule context="linux-def:systemdunitproperty_test/unix-def:state">
<sch:assert test="@state_ref=ancestor::oval-def:oval_definitions/oval-def:states/unix-def:systemdunitproperty_state/@id"><sch:value-of select="../@id"/> - the state child element of a systemdunitproperty_test must reference a systemdunitproperty_state</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval-def:TestType">
<xsd:sequence>
<xsd:element name="object" type="oval-def:ObjectRefType" />
<xsd:element name="state" type="oval-def:StateRefType" minOccurs="0" maxOccurs="unbounded"/>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<xsd:element name="systemdunitproperty_object" substitutionGroup="oval-def:object">
<xsd:annotation>
<xsd:documentation>The systemdunitproperty_object element is used by a systemdunitproperty_test to define the specific unit and property combination to be evaluated. Each object extends the standard ObjectType as defined in the oval-definitions-schema and one should refer to the ObjectType description for more information. The common set element allows complex objects to be created using filters and set logic. Again, please refer to the description of the set element in the oval-definitions-schema.</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="x-linux-systemdunitproperty_object_verify_filter_state">
<sch:rule context="x-linux-systemdunitproperty:systemdunitproperty_object//oval-def:filter">
<sch:let name="parent_object" value="ancestor::x-linux-systemdunitproperty:systemdunitproperty_object"/>
<sch:let name="parent_object_id" value="$parent_object/@id"/>
<sch:let name="state_ref" value="."/>
<sch:let name="reffed_state" value="ancestor::oval-def:oval_definitions/oval-def:states/*[@id=$state_ref]"/>
<sch:let name="state_name" value="local-name($reffed_state)"/>
<sch:let name="state_namespace" value="namespace-uri($reffed_state)"/>
<sch:assert test="(($state_namespace='http://oval.mitre.org/XMLSchema/x-linux-systemdunitproperty') and ($state_name='systemdunitproperty_state'))">State referenced in filter for <sch:value-of select="name($parent_object)"/> '<sch:value-of select="$parent_object_id"/>' is of the wrong type. </sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval-def:ObjectType">
<xsd:sequence>
<xsd:choice>
<xsd:element ref="oval-def:set"/>
<xsd:sequence>
<xsd:element name="unit" type="oval-def:EntityObjectStringType">
<xsd:annotation>
<xsd:documentation>The unit entity refers to the full systemd unit name, which has a form of "$name.$type". For example "cupsd.service". This name is usually also the filename of the unit configuration file located in the /etc/systemd/ and /usr/lib/systemd/ directories.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="property" type="oval-def:EntityObjectStringType">
<xsd:annotation>
<xsd:documentation>The property entity refers to the systemd unit property that we are interested in.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element ref="oval-def:filter" minOccurs="0" maxOccurs="unbounded"/>
</xsd:sequence>
</xsd:choice>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<xsd:element name="systemdunitproperty_state" substitutionGroup="oval-def:state">
<xsd:annotation>
<xsd:documentation>The systemdunitproperty_state element holds information about properties of a specific systemd unit. Please refer to the individual elements in the schema for more details about what each represents.</xsd:documentation>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval-def:StateType">
<xsd:sequence>
<xsd:element name="unit" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The unit entity refers to the full systemd unit name, which has a form of "$name.$type". For example "cupsd.service". This name is usually also the filename of the unit configuration file located in the /etc/systemd/ and /usr/lib/systemd/ directories.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="property" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The name of the property associated with a systemd unit.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="value" type="oval-def:EntityStateAnySimpleType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The value of the property associated with a systemd unit.</xsd:documentation>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- ======================= SYSTEMD UNIT PROPERTY ITEM ========================== -->
<!-- =============================================================================== -->
<xsd:element name="systemdunitproperty_item" substitutionGroup="oval-sc:item">
<xsd:annotation>
<xsd:documentation>This item stores the properties and values of a systemd unit.</xsd:documentation>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval-sc:ItemType">
<xsd:sequence>
<xsd:element name="unit" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The unit entity refers to the full systemd unit name, which has a form of "$name.$type". For example "cupsd.service". This name is usually also the filename of the unit configuration file located in the /etc/systemd/ and /usr/lib/systemd/ directories.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="property" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The name of the property associated with a systemd unit.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="value" type="oval-sc:EntityItemAnySimpleType" minOccurs="0" maxOccurs="unbounded">
<xsd:annotation>
<xsd:documentation>The value of the property associated with a systemd unit.</xsd:documentation>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
</xsd:schema>