forked from OVALProject/Sandbox
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathx-linux-systemdunitdependency.xsd
142 lines (142 loc) · 12 KB
/
x-linux-systemdunitdependency.xsd
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
<?xml version="1.0" encoding="utf-8"?>
<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:oval-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" xmlns:linux-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux" xmlns:linux-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#linux" xmlns:x-linux-systemdunitdependency="http://oval.mitre.org/XMLSchema/x-linux-systemdunitdependency" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/x-linux-systemdunitdependency" elementFormDefault="qualified" version="5.11">
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-definitions-5" schemaLocation="oval-definitions-schema.xsd"/>
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" schemaLocation="oval-system-characteristics-schema.xsd"/>
<xsd:annotation>
<xsd:documentation>The following is a proposal for the experimental linux-def:systemdunitdependency_test and linux-sc:systemdunitdependency_item that will support checking the dependencies of systemd units.</xsd:documentation>
<xsd:appinfo>
<schema>Experimental Schema for the Linux systemd Unit Dependency Test</schema>
<version>5.11</version>
<date>04/30/2014 12:15:00 PM</date>
<terms_of_use>Copyright (c) 2002-2014, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
<sch:ns prefix="oval-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5"/>
<sch:ns prefix="oval-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5"/>
<sch:ns prefix="linux-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5#linux"/>
<sch:ns prefix="linux-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#linux"/>
<sch:ns prefix="x-linux-systemdunitdependency" uri="http://oval.mitre.org/XMLSchema/x-linux-systemdunitdependency"/>
<sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/>
</xsd:appinfo>
</xsd:annotation>
<!-- =============================================================================== -->
<!-- ====================== SYSTEMD UNIT DEPENDENCY TEST ========================= -->
<!-- =============================================================================== -->
<xsd:element name="systemdunitdependency_test" substitutionGroup="oval-def:test">
<xsd:annotation>
<xsd:documentation>The systemdunitdependency_test is used to retrieve information about dependencies of a single systemd unit in the form of a list. This list contains all dependencies, including transitive dependencies. For more information see the output generated by systemctl list-dependencies --plain $unit. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required object element references a systemdunitdependency_object and the optional state element specifies the data to check.</xsd:documentation>
<xsd:appinfo>
<oval:element_mapping>
<oval:test>systemdunitdependency_test</oval:test>
<oval:object>systemdunitdependency_object</oval:object>
<oval:state>systemdunitdependency_state</oval:state>
<oval:item>systemdunitdependency_item</oval:item>
</oval:element_mapping>
</xsd:appinfo>
<xsd:appinfo>
<sch:pattern id="linux-def_systemdunitdependencytst">
<sch:rule context="linux-def:systemdunitdependency_test/unix-def:object">
<sch:assert test="@object_ref=ancestor::oval-def:oval_definitions/oval-def:objects/linux-def:systemdunitdependency_object/@id"><sch:value-of select="../@id"/> - the object child element of a systemdunitdependency_test must reference a systemdunitdependency_object</sch:assert>
</sch:rule>
<sch:rule context="linux-def:systemdunitdependency_test/unix-def:state">
<sch:assert test="@state_ref=ancestor::oval-def:oval_definitions/oval-def:states/unix-def:systemdunitdependency_state/@id"><sch:value-of select="../@id"/> - the state child element of a systemdunitdependency_test must reference a systemdunitdependency_state</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval-def:TestType">
<xsd:sequence>
<xsd:element name="object" type="oval-def:ObjectRefType" />
<xsd:element name="state" type="oval-def:StateRefType" minOccurs="0" maxOccurs="unbounded"/>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<xsd:element name="systemdunitdependency_object" substitutionGroup="oval-def:object">
<xsd:annotation>
<xsd:documentation>The systemdunitdependency_object element is used by a systemdunitdependency_test to define the specific units to check the dependencies of. Each object extends the standard ObjectType as defined in the oval-definitions-schema and one should refer to the ObjectType description for more information. The common set element allows complex objects to be created using filters and set logic. Again, please refer to the description of the set element in the oval-definitions-schema.</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="x-linux-systemdunitdependency_object_verify_filter_state">
<sch:rule context="x-linux-systemdunitdependency:systemdunitdependency_object//oval-def:filter">
<sch:let name="parent_object" value="ancestor::x-linux-systemdunitdependency:systemdunitdependency_object"/>
<sch:let name="parent_object_id" value="$parent_object/@id"/>
<sch:let name="state_ref" value="."/>
<sch:let name="reffed_state" value="ancestor::oval-def:oval_definitions/oval-def:states/*[@id=$state_ref]"/>
<sch:let name="state_name" value="local-name($reffed_state)"/>
<sch:let name="state_namespace" value="namespace-uri($reffed_state)"/>
<sch:assert test="(($state_namespace='http://oval.mitre.org/XMLSchema/x-linux-systemdunitdependency') and ($state_name='systemdunitdependency_state'))">State referenced in filter for <sch:value-of select="name($parent_object)"/> '<sch:value-of select="$parent_object_id"/>' is of the wrong type. </sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval-def:ObjectType">
<xsd:sequence>
<xsd:choice>
<xsd:element ref="oval-def:set"/>
<xsd:sequence>
<xsd:element name="unit" type="oval-def:EntityObjectStringType">
<xsd:annotation>
<xsd:documentation>The unit entity refers to the full systemd unit name, which has a form of "$name.$type". For example "cupsd.service". This name is usually also the filename of the unit configuration file located in the /etc/systemd/ and /usr/lib/systemd/ directories.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element ref="oval-def:filter" minOccurs="0" maxOccurs="unbounded"/>
</xsd:sequence>
</xsd:choice>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<xsd:element name="systemdunitdependency_state" substitutionGroup="oval-def:state">
<xsd:annotation>
<xsd:documentation>The systemdunitdependency_state element holds dependencies of a specific systemd unit. Please refer to the individual elements in the schema for more details about what each represents.</xsd:documentation>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval-def:StateType">
<xsd:sequence>
<xsd:element name="unit" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The unit entity refers to the full systemd unit name, which has a form of "$name.$type". For example "cupsd.service". This name is usually also the filename of the unit configuration file located in the /etc/systemd/ and /usr/lib/systemd/ directories.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="dependency" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The dependency entity refers to the name of a unit that was confirmed to be a dependency of the given unit.</xsd:documentation>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- ======================= SYSTEMD UNIT PROPERTY ITEM ========================== -->
<!-- =============================================================================== -->
<xsd:element name="systemdunitdependency_item" substitutionGroup="oval-sc:item">
<xsd:annotation>
<xsd:documentation>This item stores the dependencies of the systemd unit. Please refer to the individual elements in the schema for more details about what each represents.</xsd:documentation>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval-sc:ItemType">
<xsd:sequence>
<xsd:element name="unit" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The unit entity refers to the full systemd unit name, which has a form of "$name.$type". For example "cupsd.service". This name is usually also the filename of the unit configuration file located in the /etc/systemd/ and /usr/lib/systemd/ directories.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="dependency" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="unbounded">
<xsd:annotation>
<xsd:documentation>The dependency entity refers to the name of a unit that was confirmed to be a dependency of the given unit.</xsd:documentation>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
</xsd:schema>