added license information

11 files changed, 387 insertions, 1 deletions

diff --git a/ipaaction/ipaaction.rng b/ipaaction/ipaaction.rng
index bb49d87..952e05e 100644
--- a/ipaaction/ipaaction.rng
+++ b/ipaaction/ipaaction.rng
@@ -1,4 +1,24 @@
 <?xml version="1.0" encoding="utf-8"?>
+<!--
+Author: Sumit Bose <sbose@redhat.com>
+
+Copyright (C) 2008  Red Hat
+see file 'COPYING' for use and warranty information
+
+This program is free software; you can redistribute it and/or modify it under
+the terms of the GNU Lesser General Public License as published by the Free
+Software Foundation; version 2 only
+
+This program is distributed in the hope that it will be useful, but WITHOUT
+ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+details.
+
+You should have received a copy of the GNU Lesser General Public License
+along with this program; see the file COPYING.LGPL.  If not, write to the
+Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
+MA 02111-1307, USA.
+-->
 <grammar ns="http://freeipa.org/xml/rng/ipaaction/1.0"
 xmlns="http://relaxng.org/ns/structure/1.0"
 datatypeLibrary="http://www.w3.org/2001/XMLSchema-datatypes"
@@ -39,6 +59,7 @@ xmlns:pa="http://freeipa.org/xml/rng/ns/plugable_architecture/1.0">
       </s:pattern>
         <optional>
           <element name="condition">
+          <!-- what kind of command would we allow? Only [A-Za-z0-9/ ]? -->
             <element name="command">
               <data type="string">
                 <param name="pattern">/.*</param>
diff --git a/ipaaction/ipaaction.xsl b/ipaaction/ipaaction.xsl
index cb4be34..543c687 100644
--- a/ipaaction/ipaaction.xsl
+++ b/ipaaction/ipaaction.xsl
@@ -1,4 +1,24 @@
 <?xml version="1.0" encoding="UTF-8"?>
+<!--
+Author: Sumit Bose <sbose@redhat.com>
+
+Copyright (C) 2008  Red Hat
+see file 'COPYING' for use and warranty information
+
+This program is free software; you can redistribute it and/or modify it under
+the terms of the GNU Lesser General Public License as published by the Free
+Software Foundation; version 2 only
+
+This program is distributed in the hope that it will be useful, but WITHOUT
+ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+details.
+
+You should have received a copy of the GNU Lesser General Public License
+along with this program; see the file COPYING.LGPL.  If not, write to the
+Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
+MA 02111-1307, USA.
+-->
 <xsl:stylesheet version="1.0"
   xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
   xmlns:xs="http://www.w3.org/2001/XMLSchema"
diff --git a/pam_selinux_roles/pam_selinux_roles.rng b/pam_selinux_roles/pam_selinux_roles.rng
index d72ee06..c00ea43 100644
--- a/pam_selinux_roles/pam_selinux_roles.rng
+++ b/pam_selinux_roles/pam_selinux_roles.rng
@@ -1,4 +1,24 @@
 <?xml version="1.0" encoding="utf-8"?>
+<!--
+Author: Sumit Bose <sbose@redhat.com>
+
+Copyright (C) 2008  Red Hat
+see file 'COPYING' for use and warranty information
+
+This program is free software; you can redistribute it and/or modify it under
+the terms of the GNU Lesser General Public License as published by the Free
+Software Foundation; version 2 only
+
+This program is distributed in the hope that it will be useful, but WITHOUT
+ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+details.
+
+You should have received a copy of the GNU Lesser General Public License
+along with this program; see the file COPYING.LGPL.  If not, write to the
+Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
+MA 02111-1307, USA.
+-->
 <grammar ns="http://freeipa.org/xml/rng/pam_selinux_roles/1.0"
 xmlns="http://relaxng.org/ns/structure/1.0"
 datatypeLibrary="http://www.w3.org/2001/XMLSchema-datatypes"
diff --git a/pam_selinux_roles/pam_selinux_roles.xsl b/pam_selinux_roles/pam_selinux_roles.xsl
new file mode 100644
index 0000000..587133c
--- /dev/null
+++ b/pam_selinux_roles/pam_selinux_roles.xsl
@@ -0,0 +1,144 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+Author: Sumit Bose <sbose@redhat.com>
+
+Copyright (C) 2008  Red Hat
+see file 'COPYING' for use and warranty information
+
+This program is free software; you can redistribute it and/or modify it under
+the terms of the GNU Lesser General Public License as published by the Free
+Software Foundation; version 2 only
+
+This program is distributed in the hope that it will be useful, but WITHOUT
+ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+details.
+
+You should have received a copy of the GNU Lesser General Public License
+along with this program; see the file COPYING.LGPL.  If not, write to the
+Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
+MA 02111-1307, USA.
+-->
+<xsl:stylesheet version="1.0"
+  xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
+  xmlns:xs="http://www.w3.org/2001/XMLSchema"
+  xmlns:md="http://freeipa.org/xsl/metadata/1.0"
+  xmlns:xd="http://www.pnp-software.com/XSLTdoc"
+  xmlns:pse="http://freeipa.org/xml/rng/pam_selinux_roles/1.0">
+
+  <md:output_handler>
+    <file name="/tmp/pam_selinux-SAFE.ldif" owner="root" group="root" permission="400"/>
+  </md:output_handler>
+
+  <xsl:output method="text" indent="no"/>
+  <xsl:strip-space elements="*"/>
+
+  <xsl:template match="/">
+    <xsl:text># IPA generated ldif for pam_selinux roles. DO NOT EDIT&#xA;&#xA;</xsl:text>
+    <xsl:apply-templates select="pse:ipa"/>
+  </xsl:template>
+
+  <xsl:template match="pse:ipa">
+    <xsl:apply-templates>
+      <xsl:with-param name="pse:iparole"/>
+    </xsl:apply-templates>
+  </xsl:template>
+
+  <xsl:template match="pse:metadata">
+  </xsl:template>
+
+  <xsl:template match="pse:iparole">
+      <xsl:apply-templates select="pse:role"/>
+  </xsl:template>
+
+  <xsl:template match="pse:role">
+    <xsl:text># role: </xsl:text>
+    <xsl:value-of select="pse:name"/>
+    <xsl:text>&#xA;</xsl:text>
+    <xsl:text>dn: ou=</xsl:text>
+    <xsl:value-of select="pse:name"/>
+    <xsl:text>,ou=pam_selinux_roles,xx=some,xx=ldap,xx=path&#xA;&#xA;&#xA;</xsl:text>
+
+    <xsl:apply-templates select="pse:default_context">
+      <xsl:with-param name="rolename" select="pse:name"/>
+    </xsl:apply-templates>
+
+    <xsl:apply-templates select="pse:context">
+      <xsl:with-param name="rolename" select="pse:name"/>
+    </xsl:apply-templates>
+  </xsl:template>
+
+  <xsl:template match="pse:default_context">
+    <xsl:param name="rolename"/>
+    <xsl:call-template name="context_start">
+      <xsl:with-param name="rolename" select="$rolename"/>
+      <xsl:with-param name="selinux_user" select="pse:selinux_user"/>
+      <xsl:with-param name="mls" select="pse:mls"/>
+    </xsl:call-template>
+    <xsl:text>&#xa;&#xA;</xsl:text>
+  </xsl:template>
+
+  <xsl:template match="pse:context">
+    <xsl:param name="rolename"/>
+    <xsl:call-template name="context_start">
+      <xsl:with-param name="rolename" select="$rolename"/>
+      <xsl:with-param name="selinux_user" select="pse:selinux_user"/>
+      <xsl:with-param name="mls" select="pse:mls"/>
+    </xsl:call-template>
+    <xsl:apply-templates select="pse:service">
+      <xsl:with-param name="rolename" select="pse:name"/>
+    </xsl:apply-templates>
+    <xsl:text>&#xa;&#xA;</xsl:text>
+  </xsl:template>
+
+  <xsl:template match="pse:service">
+    <xsl:if test="position()=1">
+      <xsl:text>-&#xa;changetype: modify&#xA;</xsl:text>
+      <xsl:text>replace: service&#xA;</xsl:text>
+    </xsl:if>
+    <xsl:text>service: </xsl:text>
+    <xsl:value-of select="."/>
+    <xsl:text>&#xa;</xsl:text>
+  </xsl:template>
+
+  <xsl:template name="context_start">
+    <xsl:param name="rolename"/>
+    <xsl:param name="selinux_user"/>
+    <xsl:param name="mls"/>
+    <xsl:text>dn: ou=</xsl:text>
+    <xsl:value-of select="$selinux_user"/>
+    <xsl:text>,ou=</xsl:text>
+    <xsl:value-of select="$rolename"/>
+    <xsl:text>,ou=pam_selinux_roles,xx=some,xx=ldap,xx=path&#xA;</xsl:text>
+    <xsl:text>changetype: modify&#xA;</xsl:text>
+    <xsl:text>replace: selinux_user&#xA;selinux_user: </xsl:text>
+    <xsl:value-of select="$selinux_user"/>
+    <xsl:if test="$mls != ''">
+      <xsl:text>&#xa;-&#xa;changetype: modify&#xA;</xsl:text>
+      <xsl:text>replace: mls&#xA;mls: </xsl:text>
+      <xsl:value-of select="$mls"/>
+      <xsl:text>&#xa;</xsl:text>
+    </xsl:if>
+  </xsl:template>
+
+  <xsl:template match="pse:action">
+    <xsl:param name="rolename"/>
+
+    <xsl:text>dn: ou=</xsl:text>
+    <xsl:value-of select="pse:action_id"/>
+    <xsl:text>,ou=</xsl:text>
+    <xsl:value-of select="$rolename"/>
+    <xsl:text>,ou=PolicyKitRoles,xx=some,xx=ldap,xx=path&#xA;</xsl:text>
+    <xsl:text>changetype: modify&#xA;</xsl:text>
+    <xsl:text>replace: allow_any&#xA;allow_any: </xsl:text>
+    <xsl:value-of select="pse:allow_any"/>
+    <xsl:text>&#xa;-&#xa;changetype: modify&#xA;</xsl:text>
+    <xsl:text>replace: allow_inactive&#xA;allow_inactive: </xsl:text>
+    <xsl:value-of select="pse:allow_inactive"/>
+    <xsl:text>&#xa;-&#xa;changetype: modify&#xA;</xsl:text>
+    <xsl:text>replace: allow_active&#xA;allow_active: </xsl:text>
+    <xsl:value-of select="pse:allow_active"/>
+    <xsl:text>&#xa;&#xA;</xsl:text>
+  </xsl:template>
+   
+</xsl:stylesheet>
diff --git a/policy_metadata/policy_metadata.rng b/policy_metadata/policy_metadata.rng
index 404d64d..cfe1e1d 100644
--- a/policy_metadata/policy_metadata.rng
+++ b/policy_metadata/policy_metadata.rng
@@ -1,4 +1,24 @@
 <?xml version="1.0" encoding="utf-8"?>
+<!--
+Author: Sumit Bose <sbose@redhat.com>
+
+Copyright (C) 2008  Red Hat
+see file 'COPYING' for use and warranty information
+
+This program is free software; you can redistribute it and/or modify it under
+the terms of the GNU Lesser General Public License as published by the Free
+Software Foundation; version 2 only
+
+This program is distributed in the hope that it will be useful, but WITHOUT
+ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+details.
+
+You should have received a copy of the GNU Lesser General Public License
+along with this program; see the file COPYING.LGPL.  If not, write to the
+Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
+MA 02111-1307, USA.
+-->
 <grammar xmlns="http://relaxng.org/ns/structure/1.0"
 datatypeLibrary="http://www.w3.org/2001/XMLSchema-datatypes"
 xmlns:a="http://freeipa.org/xml/rng/ns/annotations/1.0"
diff --git a/policykit_roles/policykit_roles.rng b/policykit_roles/policykit_roles.rng
index 1803b84..a071944 100644
--- a/policykit_roles/policykit_roles.rng
+++ b/policykit_roles/policykit_roles.rng
@@ -1,4 +1,24 @@
 <?xml version="1.0" encoding="utf-8"?>
+<!--
+Author: Sumit Bose <sbose@redhat.com>
+
+Copyright (C) 2008  Red Hat
+see file 'COPYING' for use and warranty information
+
+This program is free software; you can redistribute it and/or modify it under
+the terms of the GNU Lesser General Public License as published by the Free
+Software Foundation; version 2 only
+
+This program is distributed in the hope that it will be useful, but WITHOUT
+ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+details.
+
+You should have received a copy of the GNU Lesser General Public License
+along with this program; see the file COPYING.LGPL.  If not, write to the
+Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
+MA 02111-1307, USA.
+-->
 <grammar ns="http://freeipa.org/xml/rng/policykit_roles/1.0"
 xmlns="http://relaxng.org/ns/structure/1.0"
 datatypeLibrary="http://www.w3.org/2001/XMLSchema-datatypes"
diff --git a/policykit_roles/policykit_roles.xsl b/policykit_roles/policykit_roles.xsl
index a02f503..f3c9007 100644
--- a/policykit_roles/policykit_roles.xsl
+++ b/policykit_roles/policykit_roles.xsl
@@ -1,4 +1,24 @@
 <?xml version="1.0" encoding="UTF-8"?>
+<!--
+Author: Sumit Bose <sbose@redhat.com>
+
+Copyright (C) 2008  Red Hat
+see file 'COPYING' for use and warranty information
+
+This program is free software; you can redistribute it and/or modify it under
+the terms of the GNU Lesser General Public License as published by the Free
+Software Foundation; version 2 only
+
+This program is distributed in the hope that it will be useful, but WITHOUT
+ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+details.
+
+You should have received a copy of the GNU Lesser General Public License
+along with this program; see the file COPYING.LGPL.  If not, write to the
+Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
+MA 02111-1307, USA.
+-->
 <xsl:stylesheet version="1.0"
   xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
   xmlns:xs="http://www.w3.org/2001/XMLSchema"
diff --git a/selinux_booleans/selinux_booleans.rng b/selinux_booleans/selinux_booleans.rng
index fdb9025..eea4cb3 100644
--- a/selinux_booleans/selinux_booleans.rng
+++ b/selinux_booleans/selinux_booleans.rng
@@ -1,4 +1,24 @@
 <?xml version="1.0" encoding="utf-8"?>
+<!--
+Author: Sumit Bose <sbose@redhat.com>
+
+Copyright (C) 2008  Red Hat
+see file 'COPYING' for use and warranty information
+
+This program is free software; you can redistribute it and/or modify it under
+the terms of the GNU Lesser General Public License as published by the Free
+Software Foundation; version 2 only
+
+This program is distributed in the hope that it will be useful, but WITHOUT
+ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+details.
+
+You should have received a copy of the GNU Lesser General Public License
+along with this program; see the file COPYING.LGPL.  If not, write to the
+Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
+MA 02111-1307, USA.
+-->
 <grammar ns="http://freeipa.org/xml/rng/selinux_booleans/1.0"
 xmlns="http://relaxng.org/ns/structure/1.0"
 datatypeLibrary="http://www.w3.org/2001/XMLSchema-datatypes"
diff --git a/selinux_booleans/selinux_booleans.xsl b/selinux_booleans/selinux_booleans.xsl
new file mode 100644
index 0000000..3963490
--- /dev/null
+++ b/selinux_booleans/selinux_booleans.xsl
@@ -0,0 +1,61 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+Author: Sumit Bose <sbose@redhat.com>
+
+Copyright (C) 2008  Red Hat
+see file 'COPYING' for use and warranty information
+
+This program is free software; you can redistribute it and/or modify it under
+the terms of the GNU Lesser General Public License as published by the Free
+Software Foundation; version 2 only
+
+This program is distributed in the hope that it will be useful, but WITHOUT
+ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+details.
+
+You should have received a copy of the GNU Lesser General Public License
+along with this program; see the file COPYING.LGPL.  If not, write to the
+Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
+MA 02111-1307, USA.
+-->
+<xsl:stylesheet version="1.0"
+  xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
+  xmlns:xs="http://www.w3.org/2001/XMLSchema"
+  xmlns:md="http://freeipa.org/xsl/metadata/1.0"
+  xmlns:seb="http://freeipa.org/xml/rng/selinux_booleans/1.0">
+
+  <md:output_handler>
+    <exec_with_args command_name="/usr/sbin/setsebool" user="root"/>
+  </md:output_handler>
+
+  <xsl:param name="output_selector"/>
+
+  <xsl:output method="text" indent="no"/>
+  <xsl:strip-space elements="*"/>
+
+  <xsl:template match="/">
+    <xsl:apply-templates select="seb:ipa"/>
+  </xsl:template>
+
+  <xsl:template match="seb:ipa">
+    <xsl:apply-templates>
+      <xsl:with-param name="seb:seb"/>
+    </xsl:apply-templates>
+  </xsl:template>
+
+  <xsl:template match="seb:metadata">
+  </xsl:template>
+
+  <xsl:template match="seb:ipaconfig">
+    <xsl:apply-templates select="seb:selinux_boolean"/>
+  </xsl:template>
+
+  <xsl:template match="seb:selinux_boolean">
+    <xsl:value-of select="seb:name"/>
+    <xsl:text>=</xsl:text>
+    <xsl:value-of select="seb:value"/>
+    <xsl:text>&#xa;</xsl:text>
+  </xsl:template>
+   
+</xsl:stylesheet>
diff --git a/sudoers/sudoers.rng b/sudoers/sudoers.rng
index e52a6f2..fa268ba 100644
--- a/sudoers/sudoers.rng
+++ b/sudoers/sudoers.rng
@@ -1,4 +1,24 @@
 <?xml version="1.0" encoding="utf-8"?>
+<!--
+Author: Sumit Bose <sbose@redhat.com>
+
+Copyright (C) 2008  Red Hat
+see file 'COPYING' for use and warranty information
+
+This program is free software; you can redistribute it and/or modify it under
+the terms of the GNU Lesser General Public License as published by the Free
+Software Foundation; version 2 only
+
+This program is distributed in the hope that it will be useful, but WITHOUT
+ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+details.
+
+You should have received a copy of the GNU Lesser General Public License
+along with this program; see the file COPYING.LGPL.  If not, write to the
+Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
+MA 02111-1307, USA.
+-->
 <grammar ns="http://freeipa.org/xml/rng/sudo/1.0"
 xmlns="http://relaxng.org/ns/structure/1.0"
 datatypeLibrary="http://www.w3.org/2001/XMLSchema-datatypes"
@@ -16,7 +36,7 @@ xmlns:pa="http://freeipa.org/xml/rng/ns/plugable_architecture/1.0">
 
   <define name="rng_filename"><value>sudoers.rng</value></define>
   <define name="xslt_filename"><value>sudoers.xsl</value></define>
-  <define name="application_name"><value>sudo</value></define>
+  <define name="application_name"><value>s<a/>udo</value></define>
   <include href="policy_metadata.rng"/>
 
   <start ns="http://freeipa.org/xml/rng/sudo/1.0">
diff --git a/sudoers/sudoers.xsl b/sudoers/sudoers.xsl
index 7fc4748..f0744d5 100644
--- a/sudoers/sudoers.xsl
+++ b/sudoers/sudoers.xsl
@@ -1,4 +1,24 @@
 <?xml version="1.0" encoding="UTF-8"?>
+<!--
+Author: Sumit Bose <sbose@redhat.com>
+
+Copyright (C) 2008  Red Hat
+see file 'COPYING' for use and warranty information
+
+This program is free software; you can redistribute it and/or modify it under
+the terms of the GNU Lesser General Public License as published by the Free
+Software Foundation; version 2 only
+
+This program is distributed in the hope that it will be useful, but WITHOUT
+ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+details.
+
+You should have received a copy of the GNU Lesser General Public License
+along with this program; see the file COPYING.LGPL.  If not, write to the
+Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
+MA 02111-1307, USA.
+-->
 <xsl:stylesheet version="1.0"
   xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
   xmlns:xs="http://www.w3.org/2001/XMLSchema"