blob: bb49d872d5e67ce02e43ce32b1965034fdfe485a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
|
<?xml version="1.0" encoding="utf-8"?>
<grammar ns="http://freeipa.org/xml/rng/ipaaction/1.0"
xmlns="http://relaxng.org/ns/structure/1.0"
datatypeLibrary="http://www.w3.org/2001/XMLSchema-datatypes"
xmlns:a="http://relaxng.org/ns/compatibility/annotations/1.0"
xmlns:s="http://purl.oclc.org/dsdl/schematron"
xmlns:pa="http://freeipa.org/xml/rng/ns/plugable_architecture/1.0">
<a:documentation>IPA Actions</a:documentation>
<a:documentation>The following section can be used to register the RNG schema file for the UI</a:documentation>
<a:name>ipaaction</a:name>
<a:description>Handles IPA action policies</a:description>
<a:author>sbose@redhat.com</a:author>
<a:xslt>ipaaction.xsl</a:xslt>
<a:version>0.1</a:version>
<define name="rng_filename"><value>ipaaction.rng</value></define>
<define name="xslt_filename"><value>ipaaction.xsl</value></define>
<define name="application_name"><value>ipaaction</value></define>
<include href="policy_metadata.rng"/>
<start ns="http://freeipa.org/xml/rng/ipaaction/1.0">
<element name="ipa">
<a:documentation>Doc test.</a:documentation>
<ref name="policy_metadata"/>
<element name="ipaaction">
<s:pattern name="Only allow one file and one run element">
<s:rule context="ipaaction">
<s:assert test="count(file)<=1">
too many files
</s:assert>
<s:assert test="count(run)<=1">
too many runs
</s:assert>
</s:rule>
</s:pattern>
<optional>
<element name="condition">
<element name="command">
<data type="string">
<param name="pattern">/.*</param>
</data>
</element>
<optional>
<element name="user">
<text/>
</element>
</optional>
<optional>
<element name="expected_output">
<text/>
</element>
</optional>
</element>
</optional>
<oneOrMore>
<choice>
<element name="file">
<choice>
<element name="data">
<data type="base64Binary"/>
</element>
<element name="url">
<data type="anyURI"/>
</element>
</choice>
<element name="path">
<data type="string">
<param name="pattern">/.*</param>
</data>
</element>
<element name="owner">
<text/>
</element>
<element name="group">
<text/>
</element>
<element name="access">
<text/>
</element>
<optional>
<element name="selinux_context">
<text/>
</element>
</optional>
<optional>
<oneOrMore>
<element name="acl">
<text/>
</element>
</oneOrMore>
</optional>
<optional>
<element name="cleanup">
<choice>
<value>yes</value>
<value>no</value>
</choice>
</element>
</optional>
</element> <!-- file -->
<element name="run">
<element name="command">
<data type="string">
<param name="pattern">/.*</param>
</data>
</element>
<optional>
<element name="user">
<text/>
</element>
</optional>
<optional>
<element name="schedule">
<text/>
</element>
</optional>
</element> <!-- run -->
</choice>
</oneOrMore>
</element> <!-- ipaaction -->
</element> <!-- ipa -->
</start>
</grammar>
|