diff options
Diffstat (limited to 'schemas')
-rw-r--r-- | schemas/acl-ip.xsd | 56 | ||||
-rw-r--r-- | schemas/acl-metadata.xsd | 87 | ||||
-rw-r--r-- | schemas/acl.xsd | 22 | ||||
-rw-r--r-- | schemas/authorizedkeys.xsd | 51 | ||||
-rw-r--r-- | schemas/bundle.xsd | 39 | ||||
-rw-r--r-- | schemas/decisions.xsd | 85 | ||||
-rw-r--r-- | schemas/defaults.xsd | 8 | ||||
-rw-r--r-- | schemas/fileprobes.xsd | 18 | ||||
-rw-r--r-- | schemas/info.xsd | 30 | ||||
-rw-r--r-- | schemas/nagiosgen.xsd | 19 | ||||
-rw-r--r-- | schemas/packages.xsd | 20 | ||||
-rw-r--r-- | schemas/pkgtype.xsd | 35 | ||||
-rw-r--r-- | schemas/privkey.xsd | 18 | ||||
-rw-r--r-- | schemas/pubkey.xsd | 6 | ||||
-rw-r--r-- | schemas/rules.xsd | 21 | ||||
-rw-r--r-- | schemas/sslca-cert.xsd | 49 | ||||
-rw-r--r-- | schemas/sslca-key.xsd | 56 | ||||
-rw-r--r-- | schemas/types.xsd | 15 |
18 files changed, 499 insertions, 136 deletions
diff --git a/schemas/acl-ip.xsd b/schemas/acl-ip.xsd new file mode 100644 index 000000000..1d6106c05 --- /dev/null +++ b/schemas/acl-ip.xsd @@ -0,0 +1,56 @@ +<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xml:lang="en"> + <xsd:annotation> + <xsd:documentation> + Schema for IP-based client ACLs: + :ref:`server-plugins-misc-acl` ``ip.xml`` + </xsd:documentation> + </xsd:annotation> + + <xsd:complexType name="IPACLType"> + <xsd:attribute type="xsd:string" name="method" use="required"> + <xsd:annotation> + <xsd:documentation> + The name of the XML-RPC method to allow or deny. Limited + wildcards are supported. + </xsd:documentation> + </xsd:annotation> + </xsd:attribute> + <xsd:attribute type="xsd:string" name="address"> + <xsd:annotation> + <xsd:documentation> + The IP address to match against. This is an exact match + unless :xml:attribute:`IPACLType:netmask` is defined. If + this is not defined, all addresses match the given rule. + </xsd:documentation> + </xsd:annotation> + </xsd:attribute> + <xsd:attribute type="xsd:string" name="netmask"> + <xsd:annotation> + <xsd:documentation> + If this is defined, then it is combined with + :xml:attribute:`IPACLType:address` to produce a CIDR range, + which is used for matching instead of exact matching based + only on IP address. This can be either an integer netmask + (e.g., ``netmask="24"``) or a dotted-quad (e.g., + ``netmask="255.255.255.0"``). + </xsd:documentation> + </xsd:annotation> + </xsd:attribute> + </xsd:complexType> + + <xsd:complexType name="IPACLContainerType"> + <xsd:annotation> + <xsd:documentation> + Top-level tag for describing metadata-based client ACLs. + </xsd:documentation> + </xsd:annotation> + <xsd:choice minOccurs="1" maxOccurs="unbounded"> + <xsd:element name="Allow" type="IPACLType"/> + <xsd:element name="Deny" type="IPACLType"/> + <xsd:element name="Defer" type="IPACLType"/> + <xsd:element name="ACL" type="IPACLContainerType"/> + </xsd:choice> + </xsd:complexType> + + <xsd:element name="ACL" type="IPACLContainerType"/> +</xsd:schema> diff --git a/schemas/acl-metadata.xsd b/schemas/acl-metadata.xsd new file mode 100644 index 000000000..643dfec7f --- /dev/null +++ b/schemas/acl-metadata.xsd @@ -0,0 +1,87 @@ +<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" + xmlns:py="http://genshi.edgewall.org/" xml:lang="en"> + <xsd:annotation> + <xsd:documentation> + Schema for metadata-based client ACLs: + :ref:`server-plugins-misc-acl` ``metadata.xml`` + </xsd:documentation> + </xsd:annotation> + + <xsd:import namespace="http://genshi.edgewall.org/" + schemaLocation="genshi.xsd"/> + + <xsd:complexType name="MetadataACLGroupType"> + <xsd:annotation> + <xsd:documentation> + An **MetadataACLGroupType** is a tag used to provide logic. + Child entries of a MetadataACLGroupType tag only apply to + machines that match the condition specified -- either + membership in a group, or a matching client name. + :xml:attribute:`MetadataACLGroupType:negate` can be set to + negate the sense of the match. + </xsd:documentation> + </xsd:annotation> + <xsd:group ref="MetadataACLElements" minOccurs="1" maxOccurs="unbounded"/> + <xsd:attribute name='name' type='xsd:string'> + <xsd:annotation> + <xsd:documentation> + The name of the client or group to match on. Child entries + will only apply to this client or group (unless + :xml:attribute:`MetadataACLGroupType:negate` is set). + </xsd:documentation> + </xsd:annotation> + </xsd:attribute> + <xsd:attribute name='negate' type='xsd:boolean'> + <xsd:annotation> + <xsd:documentation> + Negate the sense of the match, so that child entries only + apply to a client if it is not a member of the given group + or does not have the given name. + </xsd:documentation> + </xsd:annotation> + </xsd:attribute> + <xsd:attributeGroup ref="py:genshiAttrs"/> + </xsd:complexType> + + <xsd:complexType name="MetadataACLType"> + <xsd:attribute type="xsd:string" name="method" use="required"> + <xsd:annotation> + <xsd:documentation> + The name of the XML-RPC method to allow or deny. Limited + wildcards are supported. + </xsd:documentation> + </xsd:annotation> + </xsd:attribute> + <xsd:attributeGroup ref="py:genshiAttrs"/> + </xsd:complexType> + + <xsd:complexType name="MetadataACLContainerType"> + <xsd:annotation> + <xsd:documentation> + Top-level tag for describing metadata-based client ACLs. + </xsd:documentation> + </xsd:annotation> + <xsd:group ref="MetadataACLElements" minOccurs="1" maxOccurs="unbounded"/> + <xsd:attribute name="lax_decryption" type="xsd:boolean"> + <xsd:annotation> + <xsd:documentation> + Override the global lax_decryption setting in + ``bcfg2.conf``. + </xsd:documentation> + </xsd:annotation> + </xsd:attribute> + </xsd:complexType> + + <xsd:group name="MetadataACLElements"> + <xsd:choice> + <xsd:group ref="py:genshiElements"/> + <xsd:element name="Allow" type="MetadataACLType"/> + <xsd:element name="Deny" type="MetadataACLType"/> + <xsd:element name="Group" type="MetadataACLGroupType"/> + <xsd:element name="Client" type="MetadataACLGroupType"/> + <xsd:element name="ACL" type="MetadataACLContainerType"/> + </xsd:choice> + </xsd:group> + + <xsd:element name="ACL" type="MetadataACLContainerType"/> +</xsd:schema> diff --git a/schemas/acl.xsd b/schemas/acl.xsd new file mode 100644 index 000000000..0c3e3ecdd --- /dev/null +++ b/schemas/acl.xsd @@ -0,0 +1,22 @@ +<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xml:lang="en"> + + <xsd:annotation> + <xsd:documentation> + acl config schema for bcfg2 + Matt Schwager + </xsd:documentation> + </xsd:annotation> + + <xsd:import namespace="http://www.w3.org/XML/1998/namespace" + schemaLocation="xml.xsd"/> + + <xsd:complexType name="IPs"> + <xsd:choice minOccurs="1" maxOccurs="unbounded"> + <xsd:element name="IP" type="xsd:string" minOccurs="1" + maxOccurs="unbounded"/> + <xsd:element name="CIDR" type="xsd:string" minOccurs="0" + maxOccurs="unbounded"/> + </xsd:choice> + </xsd:complexType> + +</xsd:schema> diff --git a/schemas/authorizedkeys.xsd b/schemas/authorizedkeys.xsd index e59c964f6..c464017b4 100644 --- a/schemas/authorizedkeys.xsd +++ b/schemas/authorizedkeys.xsd @@ -1,4 +1,5 @@ -<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xml:lang="en"> +<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" + xmlns:py="http://genshi.edgewall.org/" xml:lang="en"> <xsd:annotation> <xsd:documentation> Schema for :ref:`server-plugins-generators-cfg-sshkeys` @@ -6,6 +7,9 @@ </xsd:documentation> </xsd:annotation> + <xsd:import namespace="http://genshi.edgewall.org/" + schemaLocation="genshi.xsd"/> + <xsd:complexType name="AuthorizedKeysGroupType"> <xsd:annotation> <xsd:documentation> @@ -18,9 +22,11 @@ </xsd:documentation> </xsd:annotation> <xsd:choice minOccurs="1" maxOccurs="unbounded"> + <xsd:group ref="py:genshiElements"/> <xsd:element name="Allow" type="AllowType"/> <xsd:element name="Group" type="AuthorizedKeysGroupType"/> <xsd:element name="Client" type="AuthorizedKeysGroupType"/> + <xsd:element name="AuthorizedKeys" type="AuthorizedKeysType"/> </xsd:choice> <xsd:attribute name='name' type='xsd:string'> <xsd:annotation> @@ -40,6 +46,7 @@ </xsd:documentation> </xsd:annotation> </xsd:attribute> + <xsd:attributeGroup ref="py:genshiAttrs"/> </xsd:complexType> <xsd:complexType name="OptionContainerType"> @@ -57,7 +64,6 @@ <xsd:element name="Group" type="OptionContainerType"/> <xsd:element name="Client" type="OptionContainerType"/> <xsd:element name="Option" type="AuthorizedKeysOptionType"/> - <xsd:element name="Params" type="AuthorizedKeysParamsType"/> </xsd:choice> <xsd:attribute name='name' type='xsd:string'> <xsd:annotation> @@ -87,10 +93,10 @@ </xsd:documentation> </xsd:annotation> <xsd:choice minOccurs="0" maxOccurs="unbounded"> + <xsd:group ref="py:genshiElements"/> <xsd:element name="Group" type="OptionContainerType"/> <xsd:element name="Client" type="OptionContainerType"/> <xsd:element name="Option" type="AuthorizedKeysOptionType"/> - <xsd:element name="Params" type="AuthorizedKeysParamsType"/> </xsd:choice> <xsd:attribute name="from" type="xsd:string"> <xsd:annotation> @@ -124,6 +130,7 @@ </xsd:documentation> </xsd:annotation> </xsd:attribute> + <xsd:attributeGroup ref="py:genshiAttrs"/> </xsd:complexType> <xsd:complexType name="AuthorizedKeysOptionType"> @@ -150,29 +157,29 @@ </xsd:attribute> </xsd:complexType> - <xsd:complexType name="AuthorizedKeysParamsType"> + <xsd:complexType name="AuthorizedKeysType"> <xsd:annotation> <xsd:documentation> - **Deprecated** way to specify options for public key - authentication and connection. See :manpage:`sshd(8)` for - details on allowable parameters. + Top-level tag for describing a generated SSH key pair. </xsd:documentation> </xsd:annotation> - <xsd:anyAttribute processContents="lax"/> + <xsd:choice minOccurs="1" maxOccurs="unbounded"> + <xsd:group ref="py:genshiElements"/> + <xsd:element name="Allow" type="AllowType"/> + <xsd:element name="Group" type="AuthorizedKeysGroupType"/> + <xsd:element name="Client" type="AuthorizedKeysGroupType"/> + <xsd:element name="AuthorizedKeys" type="AuthorizedKeysType"/> + </xsd:choice> + <xsd:attribute name="lax_decryption" type="xsd:boolean"> + <xsd:annotation> + <xsd:documentation> + Override the global lax_decryption setting in + ``bcfg2.conf``. + </xsd:documentation> + </xsd:annotation> + </xsd:attribute> + <xsd:attributeGroup ref="py:genshiAttrs"/> </xsd:complexType> - <xsd:element name="AuthorizedKeys"> - <xsd:annotation> - <xsd:documentation> - Top-level tag for describing a generated SSH key pair. - </xsd:documentation> - </xsd:annotation> - <xsd:complexType> - <xsd:choice minOccurs="1" maxOccurs="unbounded"> - <xsd:element name="Allow" type="AllowType"/> - <xsd:element name="Group" type="AuthorizedKeysGroupType"/> - <xsd:element name="Client" type="AuthorizedKeysGroupType"/> - </xsd:choice> - </xsd:complexType> - </xsd:element> + <xsd:element name="AuthorizedKeys" type="AuthorizedKeysType"/> </xsd:schema> diff --git a/schemas/bundle.xsd b/schemas/bundle.xsd index 337fc5ec7..aeacd0517 100644 --- a/schemas/bundle.xsd +++ b/schemas/bundle.xsd @@ -35,10 +35,7 @@ <xsd:annotation> <xsd:documentation> Abstract implementation of a Path entry. The entry will - either be handled by Cfg, TGenshi, or another - Generator plugin; or handled by Rules, in which case - the full specification of this entry will be included in - Rules. + be handled by a Generator plugin, like Cfg or Rules. </xsd:documentation> </xsd:annotation> </xsd:element> @@ -72,15 +69,6 @@ </xsd:documentation> </xsd:annotation> </xsd:element> - <xsd:element name='PostInstall' type='StructureEntry'> - <xsd:annotation> - <xsd:documentation> - PostInstall entries are deprecated in favor of Action - entries. Actions can do everything PostInstall entries can - do and more. - </xsd:documentation> - </xsd:annotation> - </xsd:element> <xsd:element name='SEBoolean' type='SELinuxStructure'> <xsd:annotation> <xsd:documentation> @@ -323,11 +311,22 @@ </xsd:documentation> </xsd:annotation> </xsd:attribute> - <xsd:attribute type='xsd:string' name='name' use='required'> + <xsd:attribute type='xsd:boolean' name='independent'> + <xsd:annotation> + <xsd:documentation> + If set to ``true``, indicates that the bundle is a + collection of independent entries, and that service restarts + and modified actions should not be performed. See + :ref:`server-plugins-structures-bundler-magic` for more. + </xsd:documentation> + </xsd:annotation> + </xsd:attribute> + <xsd:attribute type='xsd:string' name='name'> <xsd:annotation> <xsd:documentation> - The name of the bundle. This must match the bundle - filename, minus the extension. + **Deprecated.** The name of the bundle. If present, this + must match the bundle filename, minus the extension. + Specifying the name explicitly is deprecated. </xsd:documentation> </xsd:annotation> </xsd:attribute> @@ -352,6 +351,14 @@ </xsd:documentation> </xsd:annotation> </xsd:attribute> + <xsd:attribute name="lax_decryption" type="xsd:boolean"> + <xsd:annotation> + <xsd:documentation> + Override the global lax_decryption setting in + ``bcfg2.conf``. + </xsd:documentation> + </xsd:annotation> + </xsd:attribute> <xsd:attributeGroup ref="py:genshiAttrs"/> <xsd:attribute ref="xml:base"/> </xsd:complexType> diff --git a/schemas/decisions.xsd b/schemas/decisions.xsd index 30115b367..9df4b1215 100644 --- a/schemas/decisions.xsd +++ b/schemas/decisions.xsd @@ -1,5 +1,6 @@ -<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xml:lang="en"> - +<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" + xmlns:py="http://genshi.edgewall.org/" xml:lang="en"> + <xsd:annotation> <xsd:documentation> decision list schema for bcfg2 @@ -7,16 +8,72 @@ </xsd:documentation> </xsd:annotation> - <xsd:element name='Decisions'> - <xsd:complexType> - <xsd:choice minOccurs='0' maxOccurs='unbounded'> - <xsd:element name='Decision'> - <xsd:complexType> - <xsd:attribute name='type' type='xsd:string' use='required'/> - <xsd:attribute name='name' type='xsd:string' use='required'/> - </xsd:complexType> - </xsd:element> - </xsd:choice> - </xsd:complexType> - </xsd:element> + <xsd:import namespace="http://genshi.edgewall.org/" + schemaLocation="genshi.xsd"/> + + <xsd:complexType name="DecisionsGroupType"> + <xsd:annotation> + <xsd:documentation> + A **DecisionsGroupType** is a tag used to provide logic. + Child entries of a DecisionsGroupType tag only apply to + machines that match the condition specified -- either + membership in a group, or a matching client name. + :xml:attribute:`DecisionsGroupType:negate` can be set to + negate the sense of the match. + </xsd:documentation> + </xsd:annotation> + <xsd:choice minOccurs="1" maxOccurs="unbounded"> + <xsd:element name="Decisions" type="DecisionsType"/> + <xsd:element name="Decision" type="DecisionType"/> + <xsd:element name="Group" type="DecisionsGroupType"/> + <xsd:element name="Client" type="DecisionsGroupType"/> + <xsd:group ref="py:genshiElements"/> + </xsd:choice> + <xsd:attribute name='name' type='xsd:string'> + <xsd:annotation> + <xsd:documentation> + The name of the client or group to match on. Child entries + will only apply to this client or group (unless + :xml:attribute:`DecisionsGroupType:negate` is set). + </xsd:documentation> + </xsd:annotation> + </xsd:attribute> + <xsd:attribute name='negate' type='xsd:boolean'> + <xsd:annotation> + <xsd:documentation> + Negate the sense of the match, so that child entries only + apply to a client if it is not a member of the given group + or does not have the given name. + </xsd:documentation> + </xsd:annotation> + </xsd:attribute> + <xsd:attributeGroup ref="py:genshiAttrs"/> + </xsd:complexType> + + <xsd:complexType name="DecisionType"> + <xsd:attribute name='type' type='xsd:string' use='required'/> + <xsd:attribute name='name' type='xsd:string' use='required'/> + <xsd:attributeGroup ref="py:genshiAttrs"/> + </xsd:complexType> + + <xsd:complexType name="DecisionsType"> + <xsd:choice minOccurs='0' maxOccurs='unbounded'> + <xsd:element name="Decisions" type="DecisionsType"/> + <xsd:element name="Decision" type="DecisionType"/> + <xsd:element name="Group" type="DecisionsGroupType"/> + <xsd:element name="Client" type="DecisionsGroupType"/> + <xsd:group ref="py:genshiElements"/> + </xsd:choice> + <xsd:attribute name="lax_decryption" type="xsd:boolean"> + <xsd:annotation> + <xsd:documentation> + Override the global lax_decryption setting in + ``bcfg2.conf``. + </xsd:documentation> + </xsd:annotation> + </xsd:attribute> + <xsd:attributeGroup ref="py:genshiAttrs"/> + </xsd:complexType> + + <xsd:element name='Decisions' type="DecisionsType"/> </xsd:schema> diff --git a/schemas/defaults.xsd b/schemas/defaults.xsd index 17ae84366..f810a6269 100644 --- a/schemas/defaults.xsd +++ b/schemas/defaults.xsd @@ -35,6 +35,14 @@ <xsd:element name="Client" type="DContainerType"/> </xsd:choice> <xsd:attribute name="priority" type="xsd:integer" use="required"/> + <xsd:attribute name="lax_decryption" type="xsd:boolean"> + <xsd:annotation> + <xsd:documentation> + Override the global lax_decryption setting in + ``bcfg2.conf``. + </xsd:documentation> + </xsd:annotation> + </xsd:attribute> </xsd:complexType> </xsd:element> </xsd:schema> diff --git a/schemas/fileprobes.xsd b/schemas/fileprobes.xsd index 0dfb8cdd2..64f01bf8e 100644 --- a/schemas/fileprobes.xsd +++ b/schemas/fileprobes.xsd @@ -1,4 +1,5 @@ -<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xml:lang="en"> +<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" + xmlns:py="http://genshi.edgewall.org/" xml:lang="en"> <xsd:annotation> <xsd:documentation> FileProbes plugin config schema for bcfg2 @@ -6,29 +7,44 @@ </xsd:documentation> </xsd:annotation> + <xsd:import namespace="http://genshi.edgewall.org/" + schemaLocation="genshi.xsd"/> + <xsd:complexType name="FileProbesGroupType"> <xsd:choice minOccurs="1" maxOccurs="unbounded"> + <xsd:group ref="py:genshiElements"/> <xsd:element name="FileProbe" type="FileProbeType"/> <xsd:element name="Group" type="FileProbesGroupType"/> <xsd:element name="Client" type="FileProbesGroupType"/> </xsd:choice> <xsd:attribute type="xsd:string" name="name" use="required"/> <xsd:attribute type="xsd:string" name="negate"/> + <xsd:attributeGroup ref="py:genshiAttrs"/> </xsd:complexType> <xsd:complexType name="FileProbeType"> <xsd:attribute type="xsd:string" name="name" use="required"/> <xsd:attribute type="xsd:string" name="encoding"/> <xsd:attribute type="xsd:string" name="update"/> + <xsd:attributeGroup ref="py:genshiAttrs"/> </xsd:complexType> <xsd:element name="FileProbes"> <xsd:complexType> <xsd:choice minOccurs="1" maxOccurs="unbounded"> + <xsd:group ref="py:genshiElements"/> <xsd:element name="FileProbe" type="FileProbeType"/> <xsd:element name="Group" type="FileProbesGroupType"/> <xsd:element name="Client" type="FileProbesGroupType"/> </xsd:choice> + <xsd:attribute name="lax_decryption" type="xsd:boolean"> + <xsd:annotation> + <xsd:documentation> + Override the global lax_decryption setting in + ``bcfg2.conf``. + </xsd:documentation> + </xsd:annotation> + </xsd:attribute> </xsd:complexType> </xsd:element> </xsd:schema> diff --git a/schemas/info.xsd b/schemas/info.xsd index 24538ffe3..5291562c1 100644 --- a/schemas/info.xsd +++ b/schemas/info.xsd @@ -92,6 +92,7 @@ </xsd:documentation> </xsd:annotation> <xsd:choice minOccurs='1' maxOccurs='1'> + <xsd:element name='FileInfo' type="FileInfoType"/> <xsd:element name='Info' type='InfoType'/> <xsd:element name='Group' type='InfoGroupType' minOccurs='0' maxOccurs='unbounded'/> @@ -121,19 +122,28 @@ </xsd:attribute> </xsd:complexType> - <xsd:element name='FileInfo'> + <xsd:complexType name="FileInfoType"> <xsd:annotation> <xsd:documentation> Top-level tag for ``info.xml``. </xsd:documentation> </xsd:annotation> - <xsd:complexType> - <xsd:choice minOccurs='0' maxOccurs='unbounded'> - <xsd:element name='Group' type='InfoGroupType'/> - <xsd:element name='Client' type='InfoGroupType'/> - <xsd:element name='Path' type='InfoGroupType'/> - <xsd:element name='Info' type='InfoType'/> - </xsd:choice> - </xsd:complexType> - </xsd:element> + <xsd:choice minOccurs='0' maxOccurs='unbounded'> + <xsd:element name='FileInfo' type="FileInfoType"/> + <xsd:element name='Group' type='InfoGroupType'/> + <xsd:element name='Client' type='InfoGroupType'/> + <xsd:element name='Path' type='InfoGroupType'/> + <xsd:element name='Info' type='InfoType'/> + </xsd:choice> + <xsd:attribute name="lax_decryption" type="xsd:boolean"> + <xsd:annotation> + <xsd:documentation> + Override the global lax_decryption setting in + ``bcfg2.conf``. + </xsd:documentation> + </xsd:annotation> + </xsd:attribute> + </xsd:complexType> + + <xsd:element name='FileInfo' type="FileInfoType"/> </xsd:schema> diff --git a/schemas/nagiosgen.xsd b/schemas/nagiosgen.xsd index 99d6b91c6..24c298885 100644 --- a/schemas/nagiosgen.xsd +++ b/schemas/nagiosgen.xsd @@ -1,4 +1,5 @@ -<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xml:lang="en"> +<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" + xmlns:py="http://genshi.edgewall.org/" xml:lang="en"> <xsd:annotation> <xsd:documentation> NagiosGen config schema for bcfg2 @@ -6,26 +7,42 @@ </xsd:documentation> </xsd:annotation> + <xsd:import namespace="http://genshi.edgewall.org/" + schemaLocation="genshi.xsd"/> + <xsd:complexType name="NagiosGenGroupType"> <xsd:choice minOccurs="1" maxOccurs="unbounded"> + <xsd:group ref="py:genshiElements"/> <xsd:element name="Option" type="OptionType"/> <xsd:element name="Group" type="NagiosGenGroupType"/> <xsd:element name="Client" type="NagiosGenGroupType"/> </xsd:choice> <xsd:attribute type="xsd:string" name="name" use="required"/> <xsd:attribute type="xsd:string" name="negate"/> + <xsd:attributeGroup ref="py:genshiAttrs"/> </xsd:complexType> <xsd:complexType name="OptionType" mixed="true"> <xsd:attribute type="xsd:string" name="name" use="required"/> + <xsd:attributeGroup ref="py:genshiAttrs"/> </xsd:complexType> <xsd:element name="NagiosGen"> <xsd:complexType> <xsd:choice minOccurs="1" maxOccurs="unbounded"> + <xsd:group ref="py:genshiElements"/> + <xsd:element name="Option" type="OptionType"/> <xsd:element name="Group" type="NagiosGenGroupType"/> <xsd:element name="Client" type="NagiosGenGroupType"/> </xsd:choice> + <xsd:attribute name="lax_decryption" type="xsd:boolean"> + <xsd:annotation> + <xsd:documentation> + Override the global lax_decryption setting in + ``bcfg2.conf``. + </xsd:documentation> + </xsd:annotation> + </xsd:attribute> </xsd:complexType> </xsd:element> </xsd:schema> diff --git a/schemas/packages.xsd b/schemas/packages.xsd index e538bb0e7..e57280527 100644 --- a/schemas/packages.xsd +++ b/schemas/packages.xsd @@ -1,4 +1,5 @@ -<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xml:lang="en"> +<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" + xmlns:py="http://genshi.edgewall.org/" xml:lang="en"> <xsd:annotation> <xsd:documentation> packages config schema for bcfg2 @@ -8,6 +9,8 @@ <xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="xml.xsd"/> + <xsd:import namespace="http://genshi.edgewall.org/" + schemaLocation="genshi.xsd"/> <xsd:simpleType name="SourceTypeEnum"> <xsd:restriction base="xsd:string"> @@ -40,6 +43,7 @@ </xsd:documentation> </xsd:annotation> </xsd:attribute> + <xsd:attributeGroup ref="py:genshiAttrs"/> <xsd:anyAttribute processContents="lax"> <xsd:annotation> <xsd:documentation> @@ -58,6 +62,7 @@ </xsd:documentation> </xsd:annotation> <xsd:choice minOccurs="0" maxOccurs="unbounded"> + <xsd:group ref="py:genshiElements"/> <xsd:element name="Component" type="xsd:string"> <xsd:annotation> <xsd:documentation> @@ -211,10 +216,12 @@ </xsd:documentation> </xsd:annotation> </xsd:attribute> + <xsd:attributeGroup ref="py:genshiAttrs"/> </xsd:complexType> <xsd:complexType name="PackagesGroupType"> <xsd:choice minOccurs="1" maxOccurs="unbounded"> + <xsd:group ref="py:genshiElements"/> <xsd:element name="Group" type="PackagesGroupType"/> <xsd:element name="Client" type="PackagesGroupType"/> <xsd:element name="Sources" type="SourcesType"/> @@ -222,16 +229,27 @@ </xsd:choice> <xsd:attribute type="xsd:string" name="name" use="required"/> <xsd:attribute type="xsd:boolean" name="negate"/> + <xsd:attributeGroup ref="py:genshiAttrs"/> </xsd:complexType> <xsd:complexType name="SourcesType"> <xsd:choice minOccurs="1" maxOccurs="unbounded"> + <xsd:group ref="py:genshiElements"/> <xsd:element name="Group" type="PackagesGroupType"/> <xsd:element name="Client" type="PackagesGroupType"/> <xsd:element name="Source" type="SourceType"/> <xsd:element name="Sources" type="SourcesType"/> </xsd:choice> + <xsd:attribute name="lax_decryption" type="xsd:boolean"> + <xsd:annotation> + <xsd:documentation> + Override the global lax_decryption setting in + ``bcfg2.conf``. + </xsd:documentation> + </xsd:annotation> + </xsd:attribute> <xsd:attribute ref="xml:base"/> + <xsd:attributeGroup ref="py:genshiAttrs"/> </xsd:complexType> <xsd:element name="Sources" type="SourcesType"/> diff --git a/schemas/pkgtype.xsd b/schemas/pkgtype.xsd index 18eda88ab..c76c52824 100644 --- a/schemas/pkgtype.xsd +++ b/schemas/pkgtype.xsd @@ -146,38 +146,33 @@ </xsd:documentation> </xsd:annotation> </xsd:attribute> - <xsd:attribute name="installed_action" type="xsd:string" - default="install"> + <xsd:attribute name="install_missing" type="xsd:boolean" + default="true"> <xsd:annotation> <xsd:documentation> - If this is set to any value other than "install", - package installation will be suppressed with the - :ref:`YUM24 and RPM <client-tools-yum>` drivers. + Whether or not to install missing packages. This is + only honored by the the :ref:`RPM + <client-tools-yum>` driver. </xsd:documentation> </xsd:annotation> </xsd:attribute> - <xsd:attribute name="version_fail_action" type="xsd:string" - default="upgrade"> + <xsd:attribute name="fix_version" type="xsd:boolean" default="true"> <xsd:annotation> <xsd:documentation> - If this is set to any value other than "upgrade", a - package that has the incorrect version installed will - not be fixed with the :ref:`YUM24 and RPM - <client-tools-yum>` drivers. Note that - "upgrade" is misleading; if a package is installed - that is newer than the desired version, it will not be - downgraded if this attribute is set to anything other - than "upgrade". + Whether or not to upgrade or downgrade packages that + are installed, but have the wrong version. This is + only honored by the :ref:`RPM + <client-tools-yum>` driver. </xsd:documentation> </xsd:annotation> </xsd:attribute> - <xsd:attribute name="verify_fail_action" type="xsd:string"> + <xsd:attribute name="reinstall_broken" type="xsd:boolean" + default="true"> <xsd:annotation> <xsd:documentation> - If this is set to any value other than "reinstall", a - package that fails package verification will not be - reinstalled with the :ref:`YUM24 and RPM - <client-tools-yum>` drivers. + Whether or not to reinstall packages that fail + verification. This is only honored by the :ref:`RPM + <client-tools-yum>` driver. </xsd:documentation> </xsd:annotation> </xsd:attribute> diff --git a/schemas/privkey.xsd b/schemas/privkey.xsd index b78fda350..30bc8a1b3 100644 --- a/schemas/privkey.xsd +++ b/schemas/privkey.xsd @@ -1,16 +1,20 @@ -<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xml:lang="en"> +<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" + xmlns:py="http://genshi.edgewall.org/" xml:lang="en"> <xsd:annotation> <xsd:documentation> Schema for :ref:`server-plugins-generators-cfg-sshkeys` ``privkey.xml`` </xsd:documentation> </xsd:annotation> + <xsd:import namespace="http://genshi.edgewall.org/" + schemaLocation="genshi.xsd"/> + <xsd:include schemaLocation="types.xsd"/> <xsd:complexType name="PrivateKeyGroupType"> <xsd:annotation> <xsd:documentation> - An **PrivateKeyGroupType** is a tag used to provide logic. + A **PrivateKeyGroupType** is a tag used to provide logic. Child entries of a PrivateKeyGroupType tag only apply to machines that match the condition specified -- either membership in a group, or a matching client name. @@ -19,6 +23,7 @@ </xsd:documentation> </xsd:annotation> <xsd:choice minOccurs="1" maxOccurs="unbounded"> + <xsd:group ref="py:genshiElements"/> <xsd:element name="Passphrase" type="PassphraseType"/> <xsd:element name="Params" type="PrivateKeyParamsType"/> <xsd:element name="Group" type="PrivateKeyGroupType"/> @@ -42,6 +47,7 @@ </xsd:documentation> </xsd:annotation> </xsd:attribute> + <xsd:attributeGroup ref="py:genshiAttrs"/> </xsd:complexType> <xsd:simpleType name="PrivateKeyTypeEnum"> @@ -72,6 +78,7 @@ </xsd:documentation> </xsd:annotation> </xsd:attribute> + <xsd:attributeGroup ref="py:genshiAttrs"/> </xsd:extension> </xsd:simpleContent> </xsd:complexType> @@ -97,6 +104,7 @@ </xsd:documentation> </xsd:annotation> </xsd:attribute> + <xsd:attributeGroup ref="py:genshiAttrs"/> </xsd:complexType> <xsd:element name="PrivateKey"> @@ -107,6 +115,7 @@ </xsd:annotation> <xsd:complexType> <xsd:choice minOccurs="0" maxOccurs="unbounded"> + <xsd:group ref="py:genshiElements"/> <xsd:element name="Passphrase" type="PassphraseType"/> <xsd:element name="Params" type="PrivateKeyParamsType"/> <xsd:element name="Group" type="PrivateKeyGroupType"/> @@ -135,14 +144,15 @@ </xsd:documentation> </xsd:annotation> </xsd:attribute> - <xsd:attribute name="decrypt" type="EncryptStrictnessEnum"> + <xsd:attribute name="lax_decryption" type="xsd:boolean"> <xsd:annotation> <xsd:documentation> - Override the global strict/lax decryption setting in + Override the global lax_decryption setting in ``bcfg2.conf``. </xsd:documentation> </xsd:annotation> </xsd:attribute> + <xsd:attributeGroup ref="py:genshiAttrs"/> </xsd:complexType> </xsd:element> </xsd:schema> diff --git a/schemas/pubkey.xsd b/schemas/pubkey.xsd index 5671a818d..f3ffc7f44 100644 --- a/schemas/pubkey.xsd +++ b/schemas/pubkey.xsd @@ -1,10 +1,14 @@ -<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xml:lang="en"> +<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" + xmlns:py="http://genshi.edgewall.org/" xml:lang="en"> <xsd:annotation> <xsd:documentation> Schema for :ref:`server-plugins-generators-cfg-sshkeys` ``pubkey.xml`` </xsd:documentation> </xsd:annotation> + <xsd:import namespace="http://genshi.edgewall.org/" + schemaLocation="genshi.xsd"/> + <xsd:element name="PublicKey"> <xsd:annotation> <xsd:documentation> diff --git a/schemas/rules.xsd b/schemas/rules.xsd index ddfb7ad0d..fb41ad9d4 100644 --- a/schemas/rules.xsd +++ b/schemas/rules.xsd @@ -13,10 +13,6 @@ <xsd:import namespace="http://genshi.edgewall.org/" schemaLocation="genshi.xsd"/> - <xsd:complexType name='PostInstallType'> - <xsd:attribute type='xsd:string' name='name' use='required'/> - </xsd:complexType> - <xsd:group name="rulesElements"> <xsd:choice> <xsd:group ref="py:genshiElements"/> @@ -126,15 +122,6 @@ </xsd:documentation> </xsd:annotation> </xsd:element> - <xsd:element name='PostInstall' type='PostInstallType'> - <xsd:annotation> - <xsd:documentation> - PostInstall entries are deprecated in favor of Action - entries. Actions can do everything PostInstall entries can - do and more. - </xsd:documentation> - </xsd:annotation> - </xsd:element> <xsd:element name='Group' type='RContainerType'> <xsd:annotation> <xsd:documentation> @@ -211,6 +198,14 @@ </xsd:documentation> </xsd:annotation> </xsd:attribute> + <xsd:attribute name="lax_decryption" type="xsd:boolean"> + <xsd:annotation> + <xsd:documentation> + Override the global lax_decryption setting in + ``bcfg2.conf``. + </xsd:documentation> + </xsd:annotation> + </xsd:attribute> <xsd:attributeGroup ref="py:genshiAttrs"/> </xsd:complexType> </xsd:element> diff --git a/schemas/sslca-cert.xsd b/schemas/sslca-cert.xsd index a9c01fb29..7330ca0ff 100644 --- a/schemas/sslca-cert.xsd +++ b/schemas/sslca-cert.xsd @@ -1,10 +1,15 @@ -<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xml:lang="en"> +<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" + xmlns:py="http://genshi.edgewall.org/" xml:lang="en"> <xsd:annotation> <xsd:documentation> - Schema for :ref:`server-plugins-generators-sslca` ``cert.xml`` + Schema for :ref:`server-plugins-generators-cfg-ssl-certificates` + ``sslcert.xml`` </xsd:documentation> </xsd:annotation> + <xsd:import namespace="http://genshi.edgewall.org/" + schemaLocation="genshi.xsd"/> + <xsd:complexType name="SSLCACertGroupType"> <xsd:annotation> <xsd:documentation> @@ -17,10 +22,12 @@ </xsd:documentation> </xsd:annotation> <xsd:choice minOccurs="1" maxOccurs="unbounded"> + <xsd:group ref="py:genshiElements"/> <xsd:element name="Cert" type="CertType"/> <xsd:element name="Group" type="SSLCACertGroupType"/> <xsd:element name="Client" type="SSLCACertGroupType"/> <xsd:element name="subjectAltName" type="SubjectAltNameType"/> + <xsd:element name="CertInfo" type="CertInfoType"/> </xsd:choice> <xsd:attribute name='name' type='xsd:string'> <xsd:annotation> @@ -40,6 +47,7 @@ </xsd:documentation> </xsd:annotation> </xsd:attribute> + <xsd:attributeGroup ref="py:genshiAttrs"/> </xsd:complexType> <xsd:simpleType name="SSLCACertFormatEnum"> @@ -69,7 +77,7 @@ <xsd:documentation> The full path to the key entry to use for this certificate. This is the *client* path; e.g., for a key defined at - ``/var/lib/bcfg2/SSLCA/etc/pki/tls/private/foo.key/key.xml``, + ``/var/lib/bcfg2/SSLCA/etc/pki/tls/private/foo.key/sslkey.xml``, **key** should be ``/etc/pki/tls/private/foo.key``. </xsd:documentation> </xsd:annotation> @@ -85,8 +93,8 @@ <xsd:annotation> <xsd:documentation> The name of the CA (from :ref:`bcfg2.conf - <sslca-configuration>`) to use to generate this - certificate. + <server-plugins-generators-cfg-configuration>`) to use + to generate this certificate. </xsd:documentation> </xsd:annotation> </xsd:attribute> @@ -147,21 +155,32 @@ </xsd:documentation> </xsd:annotation> </xsd:attribute> + <xsd:attributeGroup ref="py:genshiAttrs"/> </xsd:complexType> - <xsd:element name="CertInfo"> + <xsd:complexType name="CertInfoType"> <xsd:annotation> <xsd:documentation> Top-level tag for describing an SSLCA generated certificate. </xsd:documentation> </xsd:annotation> - <xsd:complexType> - <xsd:choice minOccurs="1" maxOccurs="unbounded"> - <xsd:element name="Cert" type="CertType"/> - <xsd:element name="Group" type="SSLCACertGroupType"/> - <xsd:element name="Client" type="SSLCACertGroupType"/> - <xsd:element name="subjectAltName" type="SubjectAltNameType"/> - </xsd:choice> - </xsd:complexType> - </xsd:element> + <xsd:choice minOccurs="1" maxOccurs="unbounded"> + <xsd:group ref="py:genshiElements"/> + <xsd:element name="Cert" type="CertType"/> + <xsd:element name="Group" type="SSLCACertGroupType"/> + <xsd:element name="Client" type="SSLCACertGroupType"/> + <xsd:element name="subjectAltName" type="SubjectAltNameType"/> + <xsd:element name="CertInfo" type="CertInfoType"/> + </xsd:choice> + <xsd:attribute name="lax_decryption" type="xsd:boolean"> + <xsd:annotation> + <xsd:documentation> + Override the global lax_decryption setting in + ``bcfg2.conf``. + </xsd:documentation> + </xsd:annotation> + </xsd:attribute> + </xsd:complexType> + + <xsd:element name="CertInfo" type="CertInfoType"/> </xsd:schema> diff --git a/schemas/sslca-key.xsd b/schemas/sslca-key.xsd index efd4abd58..496da859f 100644 --- a/schemas/sslca-key.xsd +++ b/schemas/sslca-key.xsd @@ -1,10 +1,15 @@ -<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xml:lang="en"> +<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" + xmlns:py="http://genshi.edgewall.org/" xml:lang="en"> <xsd:annotation> <xsd:documentation> - Schema for :ref:`server-plugins-generators-sslca` ``key.xml`` + Schema for :ref:`server-plugins-generators-cfg-ssl-certificates` + ``sslkey.xml`` </xsd:documentation> </xsd:annotation> + <xsd:import namespace="http://genshi.edgewall.org/" + schemaLocation="genshi.xsd"/> + <xsd:complexType name="SSLCAKeyGroupType"> <xsd:annotation> <xsd:documentation> @@ -17,9 +22,11 @@ </xsd:documentation> </xsd:annotation> <xsd:choice minOccurs="1" maxOccurs="unbounded"> + <xsd:group ref="py:genshiElements"/> <xsd:element name="Key" type="KeyType"/> <xsd:element name="Group" type="SSLCAKeyGroupType"/> <xsd:element name="Client" type="SSLCAKeyGroupType"/> + <xsd:element name="KeyInfo" type="KeyInfoType"/> </xsd:choice> <xsd:attribute name='name' type='xsd:string'> <xsd:annotation> @@ -39,6 +46,7 @@ </xsd:documentation> </xsd:annotation> </xsd:attribute> + <xsd:attributeGroup ref="py:genshiAttrs"/> </xsd:complexType> <xsd:simpleType name="KeyTypeEnum"> @@ -68,20 +76,46 @@ </xsd:documentation> </xsd:annotation> </xsd:attribute> + <xsd:attributeGroup ref="py:genshiAttrs"/> </xsd:complexType> - <xsd:element name="KeyInfo"> + <xsd:complexType name="KeyInfoType"> <xsd:annotation> <xsd:documentation> Top-level tag for describing an SSLCA generated key. </xsd:documentation> </xsd:annotation> - <xsd:complexType> - <xsd:choice minOccurs="1" maxOccurs="unbounded"> - <xsd:element name="Key" type="KeyType"/> - <xsd:element name="Group" type="SSLCAKeyGroupType"/> - <xsd:element name="Client" type="SSLCAKeyGroupType"/> - </xsd:choice> - </xsd:complexType> - </xsd:element> + <xsd:choice minOccurs="1" maxOccurs="unbounded"> + <xsd:group ref="py:genshiElements"/> + <xsd:element name="Key" type="KeyType"/> + <xsd:element name="Group" type="SSLCAKeyGroupType"/> + <xsd:element name="Client" type="SSLCAKeyGroupType"/> + <xsd:element name="KeyInfo" type="KeyInfoType"/> + </xsd:choice> + <xsd:attribute name="perhost" type="xsd:boolean"> + <xsd:annotation> + <xsd:documentation> + Create keys on a per-host basis (rather than on a per-group + basis). + </xsd:documentation> + </xsd:annotation> + </xsd:attribute> + <xsd:attribute name="category" type="xsd:string"> + <xsd:annotation> + <xsd:documentation> + Create keys specific to the given category, instead of + specific to the category given in ``bcfg2.conf``. + </xsd:documentation> + </xsd:annotation> + </xsd:attribute> + <xsd:attribute name="priority" type="xsd:positiveInteger" default="50"> + <xsd:annotation> + <xsd:documentation> + Create group-specific keys with the given priority. + </xsd:documentation> + </xsd:annotation> + </xsd:attribute> + </xsd:complexType> + + <xsd:element name="KeyInfo" type="KeyInfoType"/> </xsd:schema> diff --git a/schemas/types.xsd b/schemas/types.xsd index 17b7f05f0..5abc35144 100644 --- a/schemas/types.xsd +++ b/schemas/types.xsd @@ -103,13 +103,6 @@ </xsd:restriction> </xsd:simpleType> - <xsd:simpleType name="EncryptStrictnessEnum"> - <xsd:restriction base="xsd:string"> - <xsd:enumeration value="strict"/> - <xsd:enumeration value="lax"/> - </xsd:restriction> - </xsd:simpleType> - <xsd:complexType name='ActionType'> <xsd:annotation> <xsd:documentation> @@ -387,6 +380,14 @@ </xsd:documentation> </xsd:annotation> </xsd:attribute> + <xsd:attribute type="xsd:string" name="encrypted"> + <xsd:annotation> + <xsd:documentation> + The name of the encryption passphrase that the text content + of this tag is encrypted with. + </xsd:documentation> + </xsd:annotation> + </xsd:attribute> <xsd:attributeGroup ref="py:genshiAttrs"/> </xsd:complexType> |