/usr/share/openscap/xsl/xccdf-tailor.xsl is in libopenscap1 0.8.0-4build1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 | <?xml version="1.0" encoding="UTF-8" ?>
<!--
Copyright 2010 Red Hat Inc., Durham, North Carolina.
All Rights Reserved.
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2.1 of the License, or (at your option) any later version.
This library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
License along with this library; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
Authors:
Lukas Kuklinek <lkuklinek@redhat.com>
-->
<xsl:stylesheet version="1.0"
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
xmlns:htm="http://www.w3.org/1999/xhtml"
xmlns="http://www.w3.org/1999/xhtml"
xmlns:cdf="http://checklists.nist.gov/xccdf/1.1"
>
<xsl:param name='profile'/>
<xsl:param name='keep-profiles'/>
<xsl:param name='clean-profile-notes'/>
<xsl:variable name='theprofile' select='/cdf:Benchmark/cdf:Profile[@id=$profile]'/>
<!-- identity transform -->
<xsl:template mode='profile' match='node()|@*'>
<xsl:copy><xsl:apply-templates mode='profile' select="node()|@*"/></xsl:copy>
</xsl:template>
<!-- omit profiles if needed -->
<xsl:template mode='profile' match='cdf:Profile'>
<xsl:if test='$keep-profiles'>
<xsl:copy><xsl:apply-templates mode='profile' select="node()|@*"/></xsl:copy>
</xsl:if>
</xsl:template>
<!-- adjust 'selected' attribute and refine-rules -->
<xsl:template mode='profile' match='cdf:Group|cdf:Rule'>
<xsl:variable name='id' select='@id'/>
<xsl:variable name='cid' select='@cluster-id'/>
<xsl:variable name='sel' select='$theprofile/cdf:select[@idref=$id or @idref=$cid][1]'/>
<xsl:variable name='rr' select='$theprofile/cdf:refine-rule[@idref=$id or @idref=$cid][1]'/>
<xsl:copy>
<xsl:apply-templates select='@*' mode='profile'/>
<xsl:if test='self::cdf:Rule and $rr'><xsl:copy-of select='$rr/@role|$rr/@severity|$rr/@weight'/></xsl:if>
<xsl:if test='$sel'><xsl:attribute name='selected'><xsl:value-of select='$sel/@selected'/></xsl:attribute></xsl:if>
<xsl:apply-templates mode='profile' select="node()"/>
</xsl:copy>
</xsl:template>
<!-- apply refine-rule selectors -->
<xsl:template mode='profile' match='cdf:check'>
<xsl:variable name='name' select='name()'/>
<xsl:variable name='rule' select='ancestor::cdf:Rule[1]'/>
<xsl:variable name='rr' select='$theprofile/cdf:refine-rule[@idref=$rule/@id or @idref=$rule/@cluster-id][1]'/>
<xsl:for-each select='self::*[@selector=$rr/@selector or (not(@selector) and count($rule/*[name()=$name][@selector=$rr/@selector])=0)]'>
<xsl:copy><xsl:apply-templates mode='profile' select="node()|@*"/></xsl:copy>
</xsl:for-each>
</xsl:template>
<!-- remove irelevant profile-notes -->
<xsl:template mode='profile' match='cdf:profile-note'>
<xsl:if test='not($clean-profile-notes) or (@tag = $theprofile/@note-tag)'>
<xsl:copy><xsl:apply-templates mode='profile' select="node()|@*"/></xsl:copy>
</xsl:if>
</xsl:template>
<!-- implement refine-value -->
<xsl:template mode='profile' match='cdf:Value'>
<xsl:variable name='id' select='@id'/>
<xsl:variable name='cid' select='@cluster-id'/>
<xsl:variable name='rv' select='$theprofile/cdf:refine-value[@idref=$id or @idref=$cid][1]'/>
<xsl:variable name='sv' select='$theprofile/cdf:set-value[@idref=$id or @idref=$cid][1]'/>
<xsl:copy>
<xsl:apply-templates select='@*' mode='profile'/>
<xsl:if test='$rv'><xsl:copy-of select='$rv/@operator'/></xsl:if>
<xsl:apply-templates mode='profile' select="cdf:status|cdf:version|cdf:title|cdf:description|cdf:warning|cdf:question|cdf:reference"/>
<xsl:choose>
<xsl:when test='$sv'><cdf:value><xsl:value-of select='$sv'/></cdf:value></xsl:when>
<xsl:otherwise><xsl:apply-templates mode='profile' select="cdf:value"/></xsl:otherwise>
</xsl:choose>
<xsl:apply-templates mode='profile' select="cdf:default|cdf:match|cdf:lower-bound|cdf:upper-bound|cdf:choices|cdf:source"/>
</xsl:copy>
</xsl:template>
<!-- refine-value selector -->
<xsl:template mode='profile' match='cdf:value|cdf:default|cdf:match|cdf:lower-bound|cdf:upper-bound|cdf:choices'>
<xsl:variable name='val' select='ancestor::cdf:Value'/>
<xsl:variable name='name' select='name()'/>
<xsl:variable name='rv' select='$theprofile/cdf:refine-value[@idref=$val/@id or @idref=$val/@cluster-id][1]'/>
<xsl:for-each select='self::*[@selector=$rv/@selector or (not(@selector) and count($val/*[name()=$name][@selector=$rv/@selector])=0)]'>
<xsl:copy><xsl:apply-templates mode='profile' select="node()|@*"/></xsl:copy>
</xsl:for-each>
</xsl:template>
<!-- erase @selector -->
<xsl:template mode='profile' match='@selector[not(ancestor::cdf:Profile)]'/>
<!-- top-level template -->
<xsl:template match='/'>
<xsl:apply-templates mode='apply-profile'/>
</xsl:template>
<xsl:template mode='apply-profile' match='cdf:Benchmark'>
<xsl:call-template name='warn-unresolved'/>
<xsl:apply-templates select='.' mode='profile'/>
</xsl:template>
</xsl:stylesheet>
|