Skip to content
This repository has been archived by the owner on Oct 2, 2024. It is now read-only.

Commit

Permalink
Updated x-macos:corestoreage_object to accept a UUID (necessary for a…
Browse files Browse the repository at this point in the history 
…ctually getting plist information about storage), and added the x-unix:symlink_test.
  • Loading branch information
David A. Solin committed Aug 21, 2014
1 parent 6757c90 commit d9d30da
Show file tree
Hide file tree
Showing 4 changed files with 177 additions and 1 deletion.
12 changes: 11 additions & 1 deletion x-macos-definitions-schema.xsd
View file
Original file line number Diff line number Diff line change
Expand Up @@ -169,7 +169,7 @@
<xsd:element name="corestorage_object" substitutionGroup="oval-def:object">
<xsd:annotation>
<xsd:documentation>The corestorage_object element is used by an corestorage_test to define the object to be evaluated. Each object extends the standard ObjectType as defined in the oval-definitions-schema and one should refer to the ObjectType description for more information. The common set element allows complex objects to be created using filters and set logic. Again, please refer to the description of the set element in the oval-definitions-schema.</xsd:documentation>
<xsd:documentation>An corestorage_object consists of a right_name entity that contains the name of the right to be read from the authorization dabatase. The resulting plist data can be queried using the xpath entity.</xsd:documentation>
<xsd:documentation>An corestorage_object consists of a uuid entity that contains the UUID of the volume whose information should be read (i.e., 'diskutil cs info -plist [UUID]'). The resulting plist data can be queried using the xpath entity.</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="x-macos-def_macos_object_verify_filter_state">
<sch:rule context="x-macos-def:macos_object//oval-def:filter">
Expand All @@ -191,6 +191,11 @@
<xsd:choice>
<xsd:element ref="oval-def:set"/>
<xsd:sequence>
<xsd:element name="uuid" type="oval-def:EntityObjectStringType">
<xsd:annotation>
<xsd:documentation>Specifies the UUID of the volume about which the plist information should be retrieved.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="xpath" type="oval-def:EntityObjectStringType">
<xsd:annotation>
<xsd:documentation>Specifies an Xpath expression describing the text node(s) or attribute(s) to look at. Any valid Xpath 1.0 statement is usable with one exception, at most one field may be identified in the Xpath. This is because the value_of element in the data section is only designed to work against a single field. The only valid operator for xpath is equals since there is an infinite number of possible xpaths and determinining all those that do not equal a given xpath would be impossible.</xsd:documentation>
Expand Down Expand Up @@ -219,6 +224,11 @@
<xsd:complexContent>
<xsd:extension base="oval-def:StateType">
<xsd:sequence>
<xsd:element name="uuid" type="oval-def:EntityStateStringType">
<xsd:annotation>
<xsd:documentation>Specifies the UUID of the volume about which the plist information was retrieved.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="xpath" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Specifies an Xpath expression describing the text node(s) or attribute(s) to look at.</xsd:documentation>
Expand Down
5 changes: 5 additions & 0 deletions x-macos-system-characteristics-schema.xsd
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,11 @@
<xsd:complexContent>
<xsd:extension base="oval-sc:ItemType">
<xsd:sequence>
<xsd:element name="uuid" type="oval-sc:EntityItemStringType">
<xsd:annotation>
<xsd:documentation>Specifies the UUID of the volume about which the plist information was retrieved.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="xpath" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Specifies an Xpath expression describing the text node(s) or attribute(s) to look at.</xsd:documentation>
Expand Down
116 changes: 116 additions & 0 deletions x-unix-definitions-schema.xsd
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,116 @@
<?xml version="1.0" encoding="UTF-8"?>
<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:oval-def="http://oval.mitre.org/XMLSchema/oval-definitions-5" xmlns:unix-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix" xmlns:x-unix-def="http://oval.mitre.org/XMLSchema/oval-definitions-5#x-unix" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-definitions-5#x-unix" elementFormDefault="qualified" version="5.10.1">
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-common-5"/>
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-definitions-5"/>
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-definitions-5#unix"/>
<xsd:annotation>
<xsd:documentation>The following is a description of the elements, types, and attributes that compose extensions to the standard Unix OVAL schema, found in Open Vulnerability and Assessment Language (OVAL). Each test is an extension of the standard test element defined in the Core Definition Schema. Through extension, each test inherits a set of elements and attributes that are shared amongst all OVAL tests. Each test is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core Definition Schema is not outlined here</xsd:documentation>
<xsd:documentation>This schema was originally developed by David Solin at jOVAL.org. The OVAL Schema is maintained by The MITRE Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
<xsd:appinfo>
<schema>X-Unix Definition</schema>
<version>5.10.1</version>
<date>8/12/2014 12:08:32 PM</date>
<terms_of_use>Copyright (c) 2014, jOVAL.org. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
<sch:ns prefix="oval-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5"/>
<sch:ns prefix="x-unix-def" uri="http://oval.mitre.org/XMLSchema/oval-definitions-5#x-unix"/>
<sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/>
</xsd:appinfo>
</xsd:annotation>
<!-- =============================================================================== -->
<!-- ================================= SYMLINK TEST ================================= -->
<!-- =============================================================================== -->
<xsd:element name="symlink_test" substitutionGroup="oval-def:test">
<xsd:annotation>
<xsd:documentation>The symlink_test is used to obtain canonical path information for symbolic links.</xsd:documentation>
<xsd:appinfo>
<oval:element_mapping>
<oval:test>symlink_test</oval:test>
<oval:object>symlink_object</oval:object>
<oval:state>symlink_state</oval:state>
<oval:item target_namespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#x-unix">symlink_item</oval:item>
</oval:element_mapping>
</xsd:appinfo>
<xsd:appinfo>
<sch:pattern id="x-unix-def_symlinktst">
<sch:rule context="x-unix-def:symlink_test/x-unix-def:object">
<sch:assert test="@object_ref=ancestor::oval-def:oval_definitions/oval-def:objects/x-unix-def:symlink_object/@id"><sch:value-of select="../@id"/> - the object child element of a symlink_test must reference a symlink_object</sch:assert>
</sch:rule>
<sch:rule context="x-macos-def:authorizationdb_test/x-macos-def:state">
<sch:assert test="@state_ref=ancestor::oval-def:oval_definitions/oval-def:states/x-unix-def:symlink_state/@id"><sch:value-of select="../@id"/> - the state child element of a symlink_test must reference a symlink_state</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval-def:TestType">
<xsd:sequence>
<xsd:element name="object" type="oval-def:ObjectRefType"/>
<xsd:element name="state" type="oval-def:StateRefType" minOccurs="0" maxOccurs="unbounded"/>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<xsd:element name="symlink_object" substitutionGroup="oval-def:object">
<xsd:annotation>
<xsd:documentation>The symlink_object element is used by a symlink_test to define the object to be evaluated. Each object extends the standard ObjectType as defined in the oval-definitions-schema and one should refer to the ObjectType description for more information. The common set element allows complex objects to be created using filters and set logic. Again, please refer to the description of the set element in the oval-definitions-schema.</xsd:documentation>
<xsd:documentation>A symlink_object consists of a filepath entity that contains the path to a symbolic link file. The resulting item identifies the canonical path of the link target (followed to its final destination, if there are intermediate links), an error if the link target does not exist or is a circular link (e.g., a link to itself). If the file located at filepath is not a symlink, or if there is no file located at the filepath, then any resulting item would itself have a status of does not exist.</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="x-unix-def_unix_object_verify_filter_state">
<sch:rule context="x-unix-def:unix_object//oval-def:filter">
<sch:let name="parent_object" value="ancestor::x-unix-def:symlink_object"/>
<sch:let name="parent_object_id" value="$parent_object/@id"/>
<sch:let name="state_ref" value="."/>
<sch:let name="reffed_state" value="ancestor::oval-def:oval_definitions/oval-def:states/*[@id=$state_ref]"/>
<sch:let name="state_name" value="local-name($reffed_state)"/>
<sch:let name="state_namespace" value="namespace-uri($reffed_state)"/>
<sch:assert test="(($state_namespace='http://oval.mitre.org/XMLSchema/oval-definitions-5#x-unix') and ($state_name='symlink_state'))">State referenced in filter for <sch:value-of select="name($parent_object)"/> '<sch:value-of select="$parent_object_id"/>' is of the wrong type. </sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval-def:ObjectType">
<xsd:sequence>
<xsd:choice>
<xsd:element ref="oval-def:set"/>
<xsd:sequence>
<xsd:element name="filepath" type="oval-def:EntityObjectStringType">
<xsd:annotation>
<xsd:documentation>Specifies the filepath for the symbolic link.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element ref="oval-def:filter" minOccurs="0" maxOccurs="unbounded"/>
</xsd:sequence>
</xsd:choice>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<xsd:element name="symlink_state" substitutionGroup="oval-def:state">
<xsd:annotation>
<xsd:documentation>The symlink_state element defines a value used to evaluate the result of a specific symlink_object item.</xsd:documentation>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval-def:StateType">
<xsd:sequence>
<xsd:element name="filepath" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Specifies the filepath used to create the object.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="canonical_path" type="oval-def:EntityStateStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Specifies the canonical path for the target of a symbolic link file specified by the filepath.</xsd:documentation>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
</xsd:schema>
45 changes: 45 additions & 0 deletions x-unix-system-characteristics-schema.xsd
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
<?xml version="1.0" encoding="UTF-8"?>
<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" xmlns:unix-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#unix" xmlns:x-unix-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#x-unix" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#x-unix" elementFormDefault="qualified" version="5.10.1">
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5"/>
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#unix"/>
<xsd:annotation>
<xsd:documentation>This document outlines the items of the OVAL System Characteristics XML schema that are composed of extensions to the OVAL Macintosh schema. Each item is an extention of a basic System Characteristics item defined in the core System Characteristics XML schema.</xsd:documentation>
<xsd:documentation>This schema was originally developed by David Solin at jOVAL.org. The OVAL Schema is maintained by The MITRE Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
<xsd:appinfo>
<schema>X-Unix System Characteristics</schema>
<version>5.10.1</version>
<date>8/12/2014 12:08:32 PM</date>
<terms_of_use>Copyright (c) 2014, jOVAL.org. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
<sch:ns prefix="oval-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5"/>
<sch:ns prefix="unix-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#unix"/>
<sch:ns prefix="x-unix-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#x-unix"/>
<sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/>
</xsd:appinfo>
</xsd:annotation>
<!-- =============================================================================== -->
<!-- =========================== SYMLINK ITEM =========================== -->
<!-- =============================================================================== -->
<xsd:element name="symlink_item" substitutionGroup="oval-sc:item">
<xsd:annotation>
<xsd:documentation>The symlink_item element identifies the result generated for a symlink_object.</xsd:documentation>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval-sc:ItemType">
<xsd:sequence>
<xsd:element name="filepath" type="oval-sc:EntityItemStringType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Specifies the filepath to the subject symbolic link file, specified by the symlink_object.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="canonical_path" type="oval-sc:EntityItemStringType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Specifies the canonical path for the target of the symbolic link file specified by the filepath.</xsd:documentation>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
</xsd:schema>

0 comments on commit d9d30da

Please sign in to comment.