diff options
| -rw-r--r-- | schemas/types.xsd | 3 | ||||
| -rw-r--r-- | src/lib/Bcfg2/Server/Lint/RequiredAttrs.py | 11 |
2 files changed, 12 insertions, 2 deletions
diff --git a/schemas/types.xsd b/schemas/types.xsd index 439321e3d..1055bdf67 100644 --- a/schemas/types.xsd +++ b/schemas/types.xsd @@ -119,13 +119,12 @@ <xsd:restriction base="xsd:string"> <xsd:enumeration value="user"/> <xsd:enumeration value="group"/> - <xsd:enumeration value="mask"/> </xsd:restriction> </xsd:simpleType> <xsd:complexType name="ACLType"> <xsd:attribute type="ACLTypeEnum" name="type" use="required"/> - <xsd:attribute type="ACLScopeEnum" name="scope" use="required"/> + <xsd:attribute type="ACLScopeEnum" name="scope"/> <xsd:attribute type="xsd:string" name="perms" use="required"/> <xsd:attribute type="xsd:string" name="user"/> <xsd:attribute type="xsd:string" name="group"/> diff --git a/src/lib/Bcfg2/Server/Lint/RequiredAttrs.py b/src/lib/Bcfg2/Server/Lint/RequiredAttrs.py index 0976ed9dd..b9a6dc2dc 100644 --- a/src/lib/Bcfg2/Server/Lint/RequiredAttrs.py +++ b/src/lib/Bcfg2/Server/Lint/RequiredAttrs.py @@ -70,6 +70,14 @@ class RequiredAttrs(Bcfg2.Server.Lint.ServerPlugin): when=lambda v: v in ['modified', 'always'], status=lambda v: v in ['ignore', 'check'], command=None)}, + ACL=dict( + default=dict(scope=lambda v: v in ['user', 'group'], + perms=lambda v: re.match('^([0-7]|[rwx\-]{0,3}', + v)), + access=dict(scope=lambda v: v in ['user', 'group'], + perms=lambda v: re.match('^([0-7]|[rwx\-]{0,3}', + v)), + mask=dict(perms=lambda v: re.match('^([0-7]|[rwx\-]{0,3}', v))), Package={None: dict(name=None)}, SELinux=dict( boolean=dict(name=None, @@ -192,6 +200,9 @@ class RequiredAttrs(Bcfg2.Server.Lint.ServerPlugin): required_attrs['major'] = is_device_mode required_attrs['minor'] = is_device_mode + if tag == 'ACL' and 'scope' in required_attrs: + required_attrs[entry.get('scope')] = is_username + if '__text__' in required_attrs: del required_attrs['__text__'] if (not entry.text and |