/usr/share/bcfg2/schemas/acl-metadata.xsd is in bcfg2-server 1.4.0~pre2+git141-g6d40dace6358-1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 | <xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:py="http://genshi.edgewall.org/" xml:lang="en">
<xsd:annotation>
<xsd:documentation>
Schema for metadata-based client ACLs:
:ref:`server-plugins-misc-acl` ``metadata.xml``
</xsd:documentation>
</xsd:annotation>
<xsd:import namespace="http://genshi.edgewall.org/"
schemaLocation="genshi.xsd"/>
<xsd:complexType name="MetadataACLGroupType">
<xsd:annotation>
<xsd:documentation>
An **MetadataACLGroupType** is a tag used to provide logic.
Child entries of a MetadataACLGroupType tag only apply to
machines that match the condition specified -- either
membership in a group, or a matching client name.
:xml:attribute:`MetadataACLGroupType:negate` can be set to
negate the sense of the match.
</xsd:documentation>
</xsd:annotation>
<xsd:group ref="MetadataACLElements" minOccurs="1" maxOccurs="unbounded"/>
<xsd:attribute name='name' type='xsd:string'>
<xsd:annotation>
<xsd:documentation>
The name of the client or group to match on. Child entries
will only apply to this client or group (unless
:xml:attribute:`MetadataACLGroupType:negate` is set).
</xsd:documentation>
</xsd:annotation>
</xsd:attribute>
<xsd:attribute name='negate' type='xsd:boolean'>
<xsd:annotation>
<xsd:documentation>
Negate the sense of the match, so that child entries only
apply to a client if it is not a member of the given group
or does not have the given name.
</xsd:documentation>
</xsd:annotation>
</xsd:attribute>
<xsd:attributeGroup ref="py:genshiAttrs"/>
</xsd:complexType>
<xsd:complexType name="MetadataACLType">
<xsd:attribute type="xsd:string" name="method" use="required">
<xsd:annotation>
<xsd:documentation>
The name of the XML-RPC method to allow or deny. Limited
wildcards are supported.
</xsd:documentation>
</xsd:annotation>
</xsd:attribute>
<xsd:attributeGroup ref="py:genshiAttrs"/>
</xsd:complexType>
<xsd:complexType name="MetadataACLContainerType">
<xsd:annotation>
<xsd:documentation>
Top-level tag for describing metadata-based client ACLs.
</xsd:documentation>
</xsd:annotation>
<xsd:group ref="MetadataACLElements" minOccurs="1" maxOccurs="unbounded"/>
<xsd:attribute name="lax_decryption" type="xsd:boolean">
<xsd:annotation>
<xsd:documentation>
Override the global lax_decryption setting in
``bcfg2.conf``.
</xsd:documentation>
</xsd:annotation>
</xsd:attribute>
</xsd:complexType>
<xsd:group name="MetadataACLElements">
<xsd:choice>
<xsd:group ref="py:genshiElements"/>
<xsd:element name="Allow" type="MetadataACLType"/>
<xsd:element name="Deny" type="MetadataACLType"/>
<xsd:element name="Group" type="MetadataACLGroupType"/>
<xsd:element name="Client" type="MetadataACLGroupType"/>
<xsd:element name="ACL" type="MetadataACLContainerType"/>
</xsd:choice>
</xsd:group>
<xsd:element name="ACL" type="MetadataACLContainerType"/>
</xsd:schema>
|