finished xsl metadata validation

author: Sumit Bose <sbose@nb.localdomain> 2008-11-04 20:29:31 +0100
committer: Sumit Bose <sbose@nb.localdomain> 2008-11-04 20:29:31 +0100
commit: 902dbd52745dfba1210fd8acb0e89088bdc7d91f (patch)
tree: 37bc78fd3985708b1b7473eab39d5d2a947358df
parent: cdcea0736bee3294e14dcf0f88321c6400948c5d (diff)
download: ipa_policy-902dbd52745dfba1210fd8acb0e89088bdc7d91f.tar.gz
ipa_policy-902dbd52745dfba1210fd8acb0e89088bdc7d91f.tar.xz
ipa_policy-902dbd52745dfba1210fd8acb0e89088bdc7d91f.zip
3 files changed, 70 insertions, 65 deletions
diff --git a/policy_metadata/xsl_md.xsl b/policy_metadata/xsl_md.xsl
deleted file mode 100644
index 8178615..0000000
--- a/policy_metadata/xsl_md.xsl
+++ /dev/null
@@ -1,36 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-Author: Sumit Bose <sbose@redhat.com>
-
-Copyright (C) 2008  Red Hat
-see file 'COPYING' for use and warranty information
-
-This program is free software; you can redistribute it and/or modify it under
-the terms of the GNU Lesser General Public License as published by the Free
-Software Foundation; version 2 only
-
-This program is distributed in the hope that it will be useful, but WITHOUT
-ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
-details.
-
-You should have received a copy of the GNU Lesser General Public License
-along with this program; see the file COPYING.LGPL.  If not, write to the
-Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
-MA 02111-1307, USA.
--->
-<xsl:stylesheet version="1.0"
-  xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
-  xmlns:md="http://freeipa.org/xsl/metadata/1.0">
-
-  <xsl:output method="xml" indent="yes"/>
-  <xsl:strip-space elements="*"/>
-
-  <xsl:template match="md:output_handler">
-    <xsl:copy-of select="."/>
-  </xsl:template>
-  <xsl:template match="text()">
-  </xsl:template>
-  
-
-</xsl:stylesheet>
diff --git a/policy_metadata/xsl_metadata.rng b/policy_metadata/xsl_metadata.rng
index b5445ca..0116d81 100644
--- a/policy_metadata/xsl_metadata.rng
+++ b/policy_metadata/xsl_metadata.rng
@@ -26,13 +26,22 @@ xmlns:md="http://freeipa.org/xsl/metadata/1.0"
 xmlns:pa="http://freeipa.org/xml/rng/ns/plugable_architecture/1.0">
 
 
+  <a:doc>md:output_handler should be the first element after xsl:stylesheet. The
+  content of the stylesheet can be validated separately.</a:doc>
   <start ns="http://freeipa.org/xsl/metadata/1.0">
+    <element>
+      <anyName/>
+      <ref name="output_handler"/>
+      <ref name="any"/>
+    </element>
+  </start>
 
-    <a:doc>With the md:output_handler element it is possible to define how the
-    policy data is processed after the XSLT transformation is applied. The idea
-    is that a driver program or script can access this metadata information with
-    a suitable XPath and can handle the output of the transformation
-    accordingly.</a:doc>
+  <a:doc>With the md:output_handler element it is possible to define how the
+  policy data is processed after the XSLT transformation is applied. The idea
+  is that a driver program or script can access this metadata information with
+  a suitable XPath and can handle the output of the transformation
+  accordingly.</a:doc>
+  <define name="output_handler">
     <element name="md:output_handler">
       <oneOrMore>
         <choice>
@@ -67,22 +76,11 @@ xmlns:pa="http://freeipa.org/xml/rng/ns/plugable_architecture/1.0">
             <ref name="selector"/>
           </element>
 
-          <a:doc>The following is a dummy element to catch all elements from
-          different namespaces, e.g. comments and documentation</a:doc>
-          <element>
-            <anyName>
-              <except>
-                <nsName/>
-                <nsName ns=""/>
-              </except>
-            </anyName>
-            <text/>
-          </element>
-
         </choice>
       </oneOrMore>
     </element>
-  </start>
+  </define>
+
 
   <a:doc>It is possible to generate more than one type of output for more than
   one output handler. To switch between different types of output a parameter
@@ -100,26 +98,38 @@ xmlns:pa="http://freeipa.org/xml/rng/ns/plugable_architecture/1.0">
     </optional>
   </define>
 
-  <a:doc></a:doc>
+  <a:doc>It is important that a file is created with the right access
+  permissions to avoid either security or usability troubles.</a:doc>
   <define name="file_properties">
+    <a:doc>md:name, the full name of the file, is the only required
+    attribute.</a:doc>
     <attribute name="md:name">
-      <text/>
+      <data type="string">
+        <param name="pattern">/.*</param>
+      </data>
     </attribute>
+    <a:doc>The standard unix access control to a file is determined by its
+    owner, its group and the access permissions. If this attributes are missing
+    a sensible default should be assumes. For example owner root, group root and
+    0400 permissions. You have to define either all three or none of the
+    attributes.</a:doc>
     <optional>
       <attribute name="md:owner">
         <text/>
       </attribute>
-    </optional>
-    <optional>
       <attribute name="md:group">
         <text/>
       </attribute>
-    </optional>
-    <optional>
+      <a:doc>The permission must be specified in octal mode.</a:doc>
       <attribute name="md:permission">
-        <text/>
+        <data type="string">
+          <param name="pattern">[0-7]{4}</param>
+        </data>
       </attribute>
     </optional>
+    <a:doc>If the client system supports SELinux you can specify the SELinux
+    context for the file, otherwise a sensible default will be used
+    (restorecon).</a:doc>
     <optional>
       <attribute name="md:selinux_context">
         <text/>
@@ -127,16 +137,47 @@ xmlns:pa="http://freeipa.org/xml/rng/ns/plugable_architecture/1.0">
     </optional>
   </define>
 
-  <a:doc></a:doc>
+  <a:doc>To execute a process we need the full path of the file to execute,
+  optional some arguments and the user and group context under which the procrss
+  should run. If md:user and md:group are missing, the least privileges, e.g.
+  nobody/nogroup should be assumed.</a:doc>
   <define name="exec_properties">
     <attribute name="md:command">
-      </text>
+      <data type="string">
+        <param name="pattern">/.*</param>
+      </data>
     </attribute>
     <optional>
       <attribute name="md:arguments">
-        </text>
+        <text/>
+      </attribute>
+    </optional>
+    <optional>
+      <attribute name="md:user">
+        <text/>
+      </attribute>
+      <attribute name="md:group">
+        <text/>
       </attribute>
     </optional>
   </define>
 
+  <a:doc>The following is a dummy element to catch all elements from
+  different namespaces, e.g. comments and documentation</a:doc>
+  <define name="any">
+    <zeroOrMore>
+      <choice>
+        <attribute>
+          <anyName/>
+        </attribute>
+        <text/>
+        <element>
+          <anyName/>
+          <ref name="any"/>
+        </element>
+      </choice>
+    </zeroOrMore>
+  </define>
+
+
 </grammar>
diff --git a/sudoers/sudoers.xsl b/sudoers/sudoers.xsl
index 577ccf8..70e4cc4 100644
--- a/sudoers/sudoers.xsl
+++ b/sudoers/sudoers.xsl
@@ -27,7 +27,7 @@ MA 02111-1307, USA.
   xmlns:sudoers="http://freeipa.org/xml/rng/sudo/1.0">
 
   <md:output_handler>
-    <md:file md:name="/etc/sudoers" md:owner="root" md:group="root" md:permission="440"/>
+    <md:file md:name="/etc/sudoers" md:owner="root" md:group="root" md:permission="0440"/>
   </md:output_handler>
 
   <xsl:output method="text" indent="no"/>
author	Sumit Bose <sbose@nb.localdomain>	2008-11-04 20:29:31 +0100
committer	Sumit Bose <sbose@nb.localdomain>	2008-11-04 20:29:31 +0100
commit	902dbd52745dfba1210fd8acb0e89088bdc7d91f (patch)
tree	37bc78fd3985708b1b7473eab39d5d2a947358df
parent	cdcea0736bee3294e14dcf0f88321c6400948c5d (diff)
download	ipa_policy-902dbd52745dfba1210fd8acb0e89088bdc7d91f.tar.gz ipa_policy-902dbd52745dfba1210fd8acb0e89088bdc7d91f.tar.xz ipa_policy-902dbd52745dfba1210fd8acb0e89088bdc7d91f.zip