Created
May 9, 2016 14:14
-
-
Save chris-rock/1f680cbc6f1fe1bc78a17864b858e4d6 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version="1.0" encoding="utf-8"?> | |
| <xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:unix-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" xmlns:x-ihdo="http://oval.mitre.org/XMLSchema/x-unix-invalidhomedirownership" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/x-unix-invalidhomedirownership" elementFormDefault="qualified" version="5.11"> | |
| <xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-definitions-5" schemaLocation="oval-definitions-schema.xsd"/> | |
| <xsd:annotation> | |
| <xsd:documentation>The following is a description of the elements, types, and attributes that compose generic UNIX tests found in Open Vulnerability and Assessment Language (OVAL). Each test is an extension of the standard test element defined in the Core Definition Schema. Through extension, each test inherits a set of elements and attributes that are shared amongst all OVAL tests. Each test is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core Definition Schema is not outlined here.</xsd:documentation> | |
| <xsd:documentation>The OVAL Schema is maintained by The MITRE Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation> | |
| <xsd:appinfo> | |
| <schema>Invalid User Home Directory Ownership Definition</schema> | |
| <version>5.11</version> | |
| <date>1/27/2012 1:22:32 PM</date> | |
| <terms_of_use>Copyright (c) 2002-2012, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use> | |
| <sch:ns prefix="oval-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5"/> | |
| <sch:ns prefix="unix-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix"/> | |
| <sch:ns prefix="x-unix-invalidhomedirownership" uri="http://oval.mitre.org/XMLSchema/x-unix-invalidhomedirownership"/> | |
| <sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/> | |
| </xsd:appinfo> | |
| </xsd:annotation> | |
| <!-- =============================================================================== --> | |
| <!-- ================== INVALID HOME DIRECTORY OWNERSHIP TEST ==================== --> | |
| <!-- =============================================================================== --> | |
| <xsd:element name="invalidhomedirownership_test" substitutionGroup="oval-def:test"> | |
| <xsd:annotation> | |
| <xsd:documentation> The invalidhomedirownership_test is used to check that all user home directories, as noted in /etc/passwd are owned by the appropriate users. This test should always be a "none_exist" and the state is just here for completeness. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required object element references a dnscache_object and the optional state element specifies the metadata to check.</xsd:documentation> | |
| <xsd:appinfo> | |
| <oval:element_mapping> | |
| <oval:test>invalidhomedirownership_test</oval:test> | |
| <oval:object>invalidhomedirownership_object</oval:object> | |
| <oval:state>invalidhomedirownership_state</oval:state> | |
| <oval:item target_namespace="http://oval.mitre.org/XMLSchema/x-unix-invalidhomedirownership-sc">invalidhomedirownership_item</oval:item> | |
| </oval:element_mapping> | |
| </xsd:appinfo> | |
| <xsd:appinfo> | |
| <sch:pattern id="unix-def_invalidhomedirownershiptst"> | |
| <sch:rule context="unix-def:invalidhomedirownership_test/unix-def:object"> | |
| <sch:assert test="@object_ref=ancestor::oval-def:oval_definitions/oval-def:objects/unix-def:invalidhomedirownership_object/@id"><sch:value-of select="../@id"/> - the object child element of a invalidhomedirownership_test must reference a invalidhomedirownership_object</sch:assert> | |
| </sch:rule> | |
| <sch:rule context="unix-def:dnscache_test/unix-def:state"> | |
| <sch:assert test="@state_ref=ancestor::oval-def:oval_definitions/oval-def:states/unix-def:invalidhomedirownership_state/@id"><sch:value-of select="../@id"/> - the state child element of a invalidhomedirownership_test must reference a invalidhomedirownership_state</sch:assert> | |
| </sch:rule> | |
| </sch:pattern> | |
| </xsd:appinfo> | |
| </xsd:annotation> | |
| <xsd:complexType> | |
| <xsd:complexContent> | |
| <xsd:extension base="oval-def:TestType"> | |
| <xsd:sequence> | |
| <xsd:element name="object" type="oval-def:ObjectRefType"/> | |
| <xsd:element name="state" type="oval-def:StateRefType" minOccurs="0" maxOccurs="unbounded"/> | |
| </xsd:sequence> | |
| </xsd:extension> | |
| </xsd:complexContent> | |
| </xsd:complexType> | |
| </xsd:element> | |
| <xsd:element name="invalidhomedirownership_object" substitutionGroup="oval-def:object"> | |
| <xsd:annotation> | |
| <xsd:documentation>An empty object, no sets no filters</xsd:documentation> | |
| </xsd:annotation> | |
| <xsd:complexType> | |
| <xsd:complexContent> | |
| <xsd:extension base="oval-def:ObjectType"/> | |
| </xsd:complexContent> | |
| </xsd:complexType> | |
| </xsd:element> | |
| <xsd:element name="invalidhomedirownership_state" substitutionGroup="oval-def:state"> | |
| <xsd:annotation> | |
| <xsd:documentation>The invalidhomedirownership_state contains entries for home directories NOT owned by the appropriate user.</xsd:documentation> | |
| </xsd:annotation> | |
| <xsd:complexType> | |
| <xsd:complexContent> | |
| <xsd:extension base="oval-def:StateType"> | |
| <xsd:sequence> | |
| <xsd:element name="home_dir" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1"> | |
| <xsd:annotation> | |
| <xsd:documentation>The users home directory from /etc/passwd</xsd:documentation> | |
| </xsd:annotation> | |
| </xsd:element> | |
| <xsd:element name="expected_owner" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1"> | |
| <xsd:annotation> | |
| <xsd:documentation>The expected owner from /etc/passwd</xsd:documentation> | |
| </xsd:annotation> | |
| </xsd:element> | |
| <xsd:element name="actual_owner" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1"> | |
| <xsd:annotation> | |
| <xsd:documentation>The actual owner of the directory from the file system</xsd:documentation> | |
| </xsd:annotation> | |
| </xsd:element> | |
| </xsd:sequence> | |
| </xsd:extension> | |
| </xsd:complexContent> | |
| </xsd:complexType> | |
| </xsd:element> | |
| </xsd:schema> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment