/usr/share/bcfg2/schemas/rules.xsd is in bcfg2-server 1.4.0~pre2+git141-g6d40dace6358-1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 | <xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:py="http://genshi.edgewall.org/" xml:lang="en">
<xsd:annotation>
<xsd:documentation>
string enumeration definitions for bcfg2
Narayan Desai, Argonne National Laboratory
</xsd:documentation>
</xsd:annotation>
<xsd:include schemaLocation="servicetype.xsd"/>
<xsd:include schemaLocation="types.xsd"/>
<xsd:include schemaLocation="pkgtype.xsd"/>
<xsd:import namespace="http://genshi.edgewall.org/"
schemaLocation="genshi.xsd"/>
<xsd:group name="rulesElements">
<xsd:choice>
<xsd:group ref="py:genshiElements"/>
<xsd:element name='Package' type='PackageType'>
<xsd:annotation>
<xsd:documentation>
Fully bound description of a software package to be managed.
</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name='Path' type='PathType'>
<xsd:annotation>
<xsd:documentation>
Fully bound description of a filesystem path to be handled
by the POSIX driver.
</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name='Service' type='ServiceType'>
<xsd:annotation>
<xsd:documentation>
Fully bound description of a system service to be managed.
</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name='Action' type='ActionType'>
<xsd:annotation>
<xsd:documentation>
Fully bound description of a command to be run.
</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name='SEBoolean' type='SEBooleanType'>
<xsd:annotation>
<xsd:documentation>
Fully bound description of an SELinux boolean entry.
</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name='SEPort' type='SEPortType'>
<xsd:annotation>
<xsd:documentation>
Fully bound description of an SELinux port entry.
</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name='SEFcontext' type='SEFcontextType'>
<xsd:annotation>
<xsd:documentation>
Fully bound description of an SELinux file context entry.
</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name='SENode' type='SENodeType'>
<xsd:annotation>
<xsd:documentation>
Fully bound description of an SELinux node entry.
</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name='SELogin' type='SELoginType'>
<xsd:annotation>
<xsd:documentation>
Fully bound description of an SELinux login entry.
</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name='SEUser' type='SEUserType'>
<xsd:annotation>
<xsd:documentation>
Fully bound description of an SELinux user entry.
</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name='SEInterface' type='SEInterfaceType'>
<xsd:annotation>
<xsd:documentation>
Fully bound description of an SELinux interface entry.
</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name='SEPermissive' type='SEPermissiveType'>
<xsd:annotation>
<xsd:documentation>
Fully bound description of an SELinux permissive domain entry.
</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name='SEModule' type='SEModuleType'>
<xsd:annotation>
<xsd:documentation>
Fully bound description of an SELinux module entry.
</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name='POSIXUser' type='POSIXUserType'>
<xsd:annotation>
<xsd:documentation>
Fully bound description of a POSIXUser entry.
</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name='POSIXGroup' type='POSIXGroupType'>
<xsd:annotation>
<xsd:documentation>
Fully bound description of a POSIXGroup entry.
</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name='Group' type='RContainerType'>
<xsd:annotation>
<xsd:documentation>
Elements within Group tags only apply to clients that are
members of that group (or vice-versa, if
:xml:attribute:`RContainerType:negate` is set)
</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name='Client' type='RContainerType'>
<xsd:annotation>
<xsd:documentation>
Elements within Client tags only apply to the named client
(or vice-versa, if :xml:attribute:`RContainerType:negate`
is set)
</xsd:documentation>
</xsd:annotation>
</xsd:element>
</xsd:choice>
</xsd:group>
<xsd:complexType name='RContainerType'>
<xsd:annotation>
<xsd:documentation>
An **RContainerType** is a Rules tag used to provide logic.
Child entries of an RContainerType tag only apply to machines
that match the condition specified -- either membership in a
group, or a matching client name.
:xml:attribute:`RContainerType:negate` can be set to negate
the sense of the match.
</xsd:documentation>
</xsd:annotation>
<xsd:choice minOccurs='0' maxOccurs='unbounded'>
<xsd:group ref="rulesElements"/>
</xsd:choice>
<xsd:attribute name='name' type='xsd:string'>
<xsd:annotation>
<xsd:documentation>
The name of the client or group to match on. Child entries
will only apply to this client or group (unless
:xml:attribute:`RContainerType:negate` is set).
</xsd:documentation>
</xsd:annotation>
</xsd:attribute>
<xsd:attribute name='negate' type='xsd:boolean' default="false">
<xsd:annotation>
<xsd:documentation>
Negate the sense of the match, so that child entries only
apply to a client if it is not a member of the given group
or does not have the given name.
</xsd:documentation>
</xsd:annotation>
</xsd:attribute>
<xsd:attributeGroup ref="py:genshiAttrs"/>
</xsd:complexType>
<xsd:element name='Rules'>
<xsd:annotation>
<xsd:documentation>
The top-level tag for concrete descriptions of entries in
:ref:`server-plugins-generators-rules`.
</xsd:documentation>
</xsd:annotation>
<xsd:complexType>
<xsd:choice minOccurs='0' maxOccurs='unbounded'>
<xsd:group ref="rulesElements"/>
</xsd:choice>
<xsd:attribute name='priority' type='xsd:integer' use='required'>
<xsd:annotation>
<xsd:documentation>
Sets the priority for rules in this file for
:ref:`server-plugins-generators-rules`. The higher value
wins.
</xsd:documentation>
</xsd:annotation>
</xsd:attribute>
<xsd:attribute name="lax_decryption" type="xsd:boolean">
<xsd:annotation>
<xsd:documentation>
Override the global lax_decryption setting in
``bcfg2.conf``.
</xsd:documentation>
</xsd:annotation>
</xsd:attribute>
<xsd:attributeGroup ref="py:genshiAttrs"/>
</xsd:complexType>
</xsd:element>
</xsd:schema>
|