added a small tool to explore libxml2 and libxslt

5 files changed, 156 insertions, 15 deletions

diff --git a/sudoers/Makefile b/sudoers/Makefile
new file mode 100644
index 0000000..e3866ab
--- /dev/null
+++ b/sudoers/Makefile
@@ -0,0 +1,5 @@
+
+CFLAGS=`xml2-config --cflags`
+LDFLAGS=`xml2-config --libs`
+worker: worker.c
+	$(CC)  $(CFLAGS) $(LDFLAGS) -o $@ $+
diff --git a/sudoers/policy_metadata.rng b/sudoers/policy_metadata.rng
index 810d32c..ca5ac19 100644
--- a/sudoers/policy_metadata.rng
+++ b/sudoers/policy_metadata.rng
@@ -2,7 +2,8 @@
 <grammar xmlns="http://relaxng.org/ns/structure/1.0"
 datatypeLibrary="http://www.w3.org/2001/XMLSchema-datatypes"
 xmlns:a="http://freeipa.org/xml/rng/ns/annotations/1.0"
-xmlns:ui="http://freeipa.org/xml/rng/ns/ui/1.0">
+xmlns:pa="http://freeipa.org/xml/rng/ns/plugable_architecture/1.0">
+
 
 <define name="policy_metadata">
 <element name="metadata">
@@ -13,44 +14,44 @@ xmlns:ui="http://freeipa.org/xml/rng/ns/ui/1.0">
     <text/>
   </element>
 
-  <element name="author" ui:edit="no">
+  <element name="author" pa:edit="no">
     <a:doc>should be added automatically, use login information</a:doc>
     <text/>
   </element>
 
-  <element name="version" ui:edit="no">
+  <element name="version" pa:edit="no">
     <a:doc>should be added automatically</a:doc>
     <text/>
   </element>
 
-  <element name="RNGfile" ui:label="Name of the RELAX NG file">
+  <element name="RNGfile" pa:label="Name of the RELAX NG file">
     <a:doc>should be added automatically from RelaxNG metadata</a:doc>
     <ref name="rng_filename"/>
   </element>
 
-  <element name="XSLTfile" ui:label="Name of the XSLT file">
+  <element name="XSLTfile" pa:label="Name of the XSLT file">
     <a:doc>should be added automatically from RelaxNG metadata</a:doc>
     <ref name="xslt_filename"/>
   </element>
 
 <optional>
-  <element name="mergeStrategyXML" ui:label="Howto merge with other policies">
+  <element name="mergeStrategyXML" pa:label="Howto merge with other policies">
     <choice>
-      <value ui:label="Use only this policy">exclusive</value>
-      <value ui:label="Merge with other policies">merge</value>
-      <value ui:label="Ignore this, if other policies apply">ignore</value>
+      <value pa:label="Use only this policy">exclusive</value>
+      <value pa:label="Merge with other policies">merge</value>
+      <value pa:label="Ignore this, if other policies apply">ignore</value>
     </choice>
   </element>
 
-  <element name="mergeStrategyLocal" ui:label="Howto merge with local files">
+  <element name="mergeStrategyLocal" pa:label="Howto merge with local files">
     <choice>
-      <value ui:label="Use only this policy">exclusive</value>
-      <value ui:label="Merge with local file">merge</value>
-      <value ui:label="Ignore this, if local file exsits">ignore</value>
+      <value pa:label="Use only this policy">exclusive</value>
+      <value pa:label="Merge with local file">merge</value>
+      <value pa:label="Ignore this, if local file exsits">ignore</value>
     </choice>
   </element>
 
-  <element name="description" ui:label="Description, what should the policy do and why, maybe a changelog">
+  <element name="description" pa:label="Description, what should the policy do and why, maybe a changelog">
     <text/>
   </element>
 
diff --git a/sudoers/sudoers.rng b/sudoers/sudoers.rng
index e15bca6..d916e2d 100644
--- a/sudoers/sudoers.rng
+++ b/sudoers/sudoers.rng
@@ -3,7 +3,7 @@
 xmlns="http://relaxng.org/ns/structure/1.0"
 datatypeLibrary="http://www.w3.org/2001/XMLSchema-datatypes"
 xmlns:a="http://relaxng.org/ns/compatibility/annotations/1.0"
-xmlns:ui="http://freeipa.org/xml/rng/ns/ui/1.0">
+xmlns:pa="http://freeipa.org/xml/rng/ns/plugable_architecture/1.0">
 
   <a:documentation>Sudo configuration (/etc/sudoers)</a:documentation>
 
diff --git a/sudoers/sudoers_example_policy.xml b/sudoers/sudoers_example_policy.xml
new file mode 100644
index 0000000..10d097a
--- /dev/null
+++ b/sudoers/sudoers_example_policy.xml
@@ -0,0 +1,29 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<ipa xmlns="http://freeipa.org/xml/rng/sudo/sudoers/1.0"> 
+<metadata>
+  <name>simple sudoers example, allowing mount/umount of a CD-ROM</name>
+  <author>sbose@redhat.com</author>
+  <version>0.7071</version>
+  <RNGfile>sudoers.rng</RNGfile>
+  <XSLTfile>sudoers.xslt</XSLTfile>
+</metadata>
+
+<ipaconfig>
+<sudoers>
+  <subject><name>abc</name><type>netgroup</type></subject>
+	<command><path>/sbin/umount /CDROM</path><tag>NOPASSWD</tag><runas>root</runas></command>
+  <option><authenticate>on</authenticate></option>
+	<command><path>/sbin/mount -o nosuid,nodev /dev/cd0a /CDROM</path></command>
+</sudoers>
+<sudoers>
+  <subject><name>def</name><type>posixGroup</type></subject>
+  <option><authenticate>off</authenticate></option>
+</sudoers>
+<sudoers>
+  <subject><name>EWLFKFKJKFwe</name><type>ALL</type></subject>
+  <command><path>/sbin/shutdown -r now</path></command>
+  <option><lecture>always</lecture></option>
+</sudoers>
+</ipaconfig>
+
+</ipa>
diff --git a/sudoers/worker.c b/sudoers/worker.c
new file mode 100644
index 0000000..3d5d637
--- /dev/null
+++ b/sudoers/worker.c
@@ -0,0 +1,106 @@
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <assert.h>
+
+#include <libxml/tree.h>
+#include <libxml/parser.h>
+#include <libxml/xpath.h>
+#include <libxml/xpathInternals.h>
+
+
+int main(int argc, char **argv) {
+
+  int i;
+  xmlChar *str;
+  xmlDocPtr doc;
+  xmlXPathContextPtr xpathCtx;
+  xmlXPathObjectPtr xpathObj;
+/* If a default namespace is defined
+ *  
+ * IMPORTANT: XPath 1.0 has no concept of a default namespace. Unprefixed names in XPath only match names which have no namespace.
+ * So, if the document uses a default namespace, it is required to associate a non-empty prefix with the default namespace
+ * via register-namespace  and add that prefix to names in XPath expressions intended to match nodes in the default namespace.
+ */
+  xmlChar *xpathExpr_rng = (xmlChar *) "//su:RNGfile";
+  xmlChar *xpathExpr_xslt = (xmlChar *) "//su:XSLTfile";
+  xmlNodeSetPtr nodeset;
+
+  if (argc!=2) {
+    fprintf(stderr, "missing or to many arguments, I expect a single filename!\n");
+    exit(1);
+  }
+
+  doc = xmlParseFile(argv[1]);
+  if (doc==NULL) {
+    fprintf(stderr, "Cannot parse document %s!\n", argv[1]);
+    exit(1);
+  }
+
+  /* Create xpath evaluation context */
+  xpathCtx = xmlXPathNewContext(doc);
+  if(xpathCtx == NULL) {
+      fprintf(stderr,"Error: unable to create new XPath context\n");
+      xmlFreeDoc(doc); 
+      exit(1);
+  }
+
+
+  /* Register a namespace */
+  if(xmlXPathRegisterNs(xpathCtx, "su", "http://freeipa.org/xml/rng/sudo/sudoers/1.0") != 0) {
+    fprintf(stderr,"Error: unable to register NS with prefix=\"%s\" and href=\"%s\"\n", "", "http://freeipa.org/xml/rng/sudo/sudoers/1.0");
+    xmlXPathFreeContext(xpathCtx); 
+    xmlFreeDoc(doc); 
+    exit(1);
+  }
+
+
+  /* Evaluate xpath expression */
+  xpathObj = xmlXPathEvalExpression(xpathExpr_xslt, xpathCtx);
+  if(xpathObj == NULL) {
+      fprintf(stderr,"Error: unable to evaluate xpath expression \"%s\"\n", xpathExpr_xslt);
+      xmlXPathFreeContext(xpathCtx); 
+      xmlFreeDoc(doc); 
+      return(-1);
+  }
+
+  if (xmlXPathNodeSetIsEmpty(xpathObj->nodesetval)) {
+    printf("Nothing found ...\n");
+  } else {
+    nodeset=xpathObj->nodesetval;
+    for(i=0; i<nodeset->nodeNr; i++) {
+      str = xmlNodeListGetString(doc, nodeset->nodeTab[i]->xmlChildrenNode, 1);
+      printf("--%s--\n", str);
+      xmlFree(str);
+    }
+  }
+  /* Evaluate xpath expression */
+  xpathObj = xmlXPathEvalExpression(xpathExpr_rng, xpathCtx);
+  if(xpathObj == NULL) {
+      fprintf(stderr,"Error: unable to evaluate xpath expression \"%s\"\n", xpathExpr_rng);
+      xmlXPathFreeContext(xpathCtx); 
+      xmlFreeDoc(doc); 
+      return(-1);
+  }
+
+  if (xmlXPathNodeSetIsEmpty(xpathObj->nodesetval)) {
+    printf("Nothing found ...\n");
+  } else {
+    nodeset=xpathObj->nodesetval;
+    for(i=0; i<nodeset->nodeNr; i++) {
+      str = xmlNodeListGetString(doc, nodeset->nodeTab[i]->xmlChildrenNode, 1);
+      printf("--%s--\n", str);
+      xmlFree(str);
+    }
+  }
+
+  /* Cleanup */
+  xmlXPathFreeObject(xpathObj);
+  xmlXPathFreeContext(xpathCtx); 
+  xmlFreeDoc(doc); 
+
+  
+
+
+  return(0);
+}