<xsd:schema targetNamespace="http://oval.mitre.org/XMLSchema/oval#debian" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval="http://oval.mitre.org/XMLSchema/oval" xmlns:debian="http://oval.mitre.org/XMLSchema/oval#debian" elementFormDefault="qualified" version="4.2">
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval" schemaLocation="oval-schema.xsd"/>
<xsd:annotation>
<xsd:documentation>The following is a description of the elements, types, and attributes that compose the Debian specific tests found in Open Vulnerability and Assessment Language (OVAL). Each test is an extension of the standard test element defined in the Core Definition Schema. Through extension, each test inherits a set of elements and attributes that are shared amongst all OVAL tests. Each test is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core Definition Schema is not outlined here.</xsd:documentation>
<xsd:documentation>The OVAL Schema is maintained by The Mitre Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
<xsd:appinfo>
<schema>Debian Definition</schema>
<version>4.2</version>
<date>2 December 2005</date>
</xsd:appinfo>
</xsd:annotation>
<!-- =============================================================================== -->
<!-- ============================== FILE TEST (dft) ============================== -->
<!-- =============================================================================== -->
<xsd:element name="file_test" substitutionGroup="oval:test">
<xsd:annotation>
<xsd:documentation>This test has been deprecated in version 4.1 of the debian-schema and will be removed completely in version 5. It is recommended that all future OVAL Content use the file_test found in the unix-schema.</xsd:documentation>
<xsd:documentation>This test's purpose is to check a file's metadata, of the sort returned by either an ls command, stat command or stat() system call. The object being tested here is specified by an absolute path to a file. Remember that the default operator is EXISTS, so if no operator attribute is present for the path element and file specified is not found, then the test should fail.</xsd:documentation>
<xsd:appinfo>
<test_name>File Test</test_name>
<extends>standardTestType</extends>
<valid_sections>notes, object, data</valid_sections>
<example></example>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:standardTestType">
<xsd:sequence>
<xsd:element name="object" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:objectType">
<xsd:sequence>
<xsd:element name="path" type="debian:componentType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Specifies the absolute path to a file on the machine. This path can be created from multiple components that are added together. When a pattern match operator is used, the corresponding regular expression is matched against the set of absolute path strings. These string would not include the '.' and '..' notations. This means that a '.*' component of a regular expression will not only match all files in the specified directories, but all subdirectories, their subdirectories, etc.</xsd:documentation>
<xsd:appinfo>
<parent_test>File Test</parent_test>
<cardinality>1</cardinality>
<content>none</content>
<valid_datatypes>component</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<xsd:element name="data" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:dataType">
<xsd:sequence>
<xsd:element name="type" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the file's type: regular file (regular), directory, named pipe (fifo), symbolic link, socket or block special.</xsd:documentation>
<xsd:appinfo>
<parent_test>File Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="group_id" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the group owner of the file, by group number.</xsd:documentation>
<xsd:appinfo>
<parent_test>File Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="user_id" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The numeric user id, or uid, is the third column of each user's entry in /etc/passwd. This element represents the owner of the file.</xsd:documentation>
<xsd:appinfo>
<parent_test>File Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="a_time" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the time of the last access, in seconds since the last epoch.</xsd:documentation>
<xsd:appinfo>
<parent_test>File Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, greater than, less than, greater than or equal, less than or equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="c_time" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the time of the last change to the file's inode, which stores all.</xsd:documentation>
<xsd:appinfo>
<parent_test>File Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, greater than, less than, greater than or equal, less than or equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="m_time" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the time of the last change to the file's contents.</xsd:documentation>
<xsd:appinfo>
<parent_test>File Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, greater than, less than, greater than or equal, less than or equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="md5" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the MD5 hash of the file's contents, which serves as a kind of content
integrity check.</xsd:documentation>
<xsd:appinfo>
<parent_test>File Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- ===================== INET LISTENING SERVERS TEST (dlt) ===================== -->
<!-- =============================================================================== -->
<xsd:element name="inetlisteningservers_test" substitutionGroup="oval:test">
<xsd:annotation>
<xsd:documentation>An inet listening server test checks for network servers currently active on a system.</xsd:documentation>
<xsd:appinfo>
<test_name>Inet Listening Servers Test</test_name>
<extends>standardTestType</extends>
<valid_sections>notes, object, data</valid_sections>
<example></example>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:standardTestType">
<xsd:sequence>
<xsd:element name="object" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:objectType">
<xsd:sequence>
<xsd:element name="program_name" type="oval:subtestStringType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the name of the communicating program.</xsd:documentation>
<xsd:appinfo>
<parent_test>Inet Listening Servers Test</parent_test>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<xsd:element name="data" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:dataType">
<xsd:sequence>
<xsd:element name="local_address" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the IP address of the network interface on which the program
listens.</xsd:documentation>
<xsd:appinfo>
<parent_test>Inet Listening Servers Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="local_full_address" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the IP address and network port on which the program listens, equivalent to local_address:local_port.</xsd:documentation>
<xsd:appinfo>
<parent_test>Inet Listening Servers Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="local_port" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the TCP or UDP port on which the program listens. Note that this is not a list -- if a program listens on multiple ports, or on a combination of TCP and UDP, each will have its own entry in the table data stored by this test.</xsd:documentation>
<xsd:appinfo>
<parent_test>Inet Listening Servers Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="foreign_address" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the IP address with which the program is communicating, or with which it will communicate, in the case of a listening server.</xsd:documentation>
<xsd:appinfo>
<parent_test>Inet Listening Servers Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="foreign_full_address" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the IP address and network port to which the program is communicating or will accept communications from, equivalent to foreign_address:foreign_port.</xsd:documentation>
<xsd:appinfo>
<parent_test>Inet Listening Servers Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="foreign_port" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the TCP or UDP port to which the program communicates. In the case of a listening program accepting new connections, this is usually a *.</xsd:documentation>
<xsd:appinfo>
<parent_test>Inet Listening Servers Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="pid" type="oval:subtestIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the process ID of the process. The process in question is that of the program communicating on the network.</xsd:documentation>
<xsd:appinfo>
<parent_test>Inet Listening Servers Test, process_test</parent_test>
<cardinality>0-1</cardinality>
<content>integer</content>
<valid_datatypes>integer</valid_datatypes>
<valid_operators>equals, not equal, greater than, less than, greater than or equal, less than or equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="protocol" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the transport-layer protocol, in lowercase: tcp or udp.</xsd:documentation>
<xsd:appinfo>
<parent_test>Inet Listening Servers Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="user_id" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The numeric user id, or uid, is the third column of each user's entry in /etc/passwd. It represents the owner, and thus privilege level, of the specified program.</xsd:documentation>
<xsd:appinfo>
<parent_test>Inet Listening Servers Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- =========================== INTERFACE TEST (dit) ============================ -->
<!-- =============================================================================== -->
<xsd:element name="interface_test" substitutionGroup="oval:test">
<xsd:annotation>
<xsd:documentation>This test has been deprecated in version 4.1 of the debian-schema and will be removed completely in version 5. It is recommended that all future OVAL Content use the interface_test found in the unix-schema.</xsd:documentation>
<xsd:documentation>Enumerate various attributes about the interfaces on a system.</xsd:documentation>
<xsd:appinfo>
<test_name>Interface Test</test_name>
<extends>standardTestType</extends>
<valid_sections>notes, object, data</valid_sections>
<example></example>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:standardTestType">
<xsd:sequence>
<xsd:element name="object" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:objectType">
<xsd:sequence>
<xsd:element name="name" type="oval:subtestStringType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the interface (eth0, eth1, etc.) name to check.</xsd:documentation>
<xsd:appinfo>
<parent_test>Interface Test</parent_test>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<xsd:element name="data" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:dataType">
<xsd:sequence>
<xsd:element name="hardware_addr" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the hardware or MAC address of the physical network card.</xsd:documentation>
<xsd:appinfo>
<parent_test>Interface Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="inet_addr" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the IP address of the interface.</xsd:documentation>
<xsd:appinfo>
<parent_test>Interface Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="broadcast_addr" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the broadcast IP address for this interface's network, like 192.168.255.255.</xsd:documentation>
<xsd:appinfo>
<parent_test>Interface Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="netmask" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the bitmask used to calculate the inteface's IP network. The network number is calculated by bitwise-ANDing this with the IP address. The host number on that network is calculated by bitwise-XORing this with the IP address.</xsd:documentation>
<xsd:appinfo>
<parent_test>Interface Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="flag" type="oval:subtestStringType" minOccurs="0" maxOccurs="unbounded">
<xsd:annotation>
<xsd:documentation>This is the interface flag line, which generally contains flags like "UP" to denote an active interface, "PROMISC" to note that the interface is listening for Ethernet frames not specifically addressed to it, and others.</xsd:documentation>
<xsd:appinfo>
<parent_test>Interface Test</parent_test>
<cardinality>0-n</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- ========================== PACKAGE INFO TEST (drt) ========================== -->
<!-- =============================================================================== -->
<xsd:element name="pkginfo_test" substitutionGroup="oval:test">
<xsd:annotation>
<xsd:documentation>This test checks Debian package info.</xsd:documentation>
<xsd:appinfo>
<test_name>Package Info Test</test_name>
<extends>standardTestType</extends>
<valid_sections>notes, object, data</valid_sections>
<example></example>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:standardTestType">
<xsd:sequence>
<xsd:element name="object" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:objectType">
<xsd:sequence>
<xsd:element name="name" type="oval:subtestStringType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the package name to check.</xsd:documentation>
<xsd:appinfo>
<parent_test>Package Info Test</parent_test>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<xsd:element name="data" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:dataType">
<xsd:sequence>
<xsd:element name="arch" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the architecture for which the package was built, like : i386, ppc, sparc, noarch.</xsd:documentation>
<xsd:appinfo>
<parent_test>Package Info Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="epoch" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the epoch number of the package, this is used as a kludge for version-release comparisons where the vendor has done some kind of re-numbering or version forking.</xsd:documentation>
<xsd:appinfo>
<parent_test>Package Info Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="release" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the version number of the build, changed by the vendor/builder.</xsd:documentation>
<xsd:appinfo>
<parent_test>Package Info Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="version" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the version number of the software built in this package.</xsd:documentation>
<xsd:appinfo>
<parent_test>Package Info Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- ==================== PACKAGE VERSION COMPARE TEST (dvt) ===================== -->
<!-- =============================================================================== -->
<xsd:element name="pkgversioncompare_test" substitutionGroup="oval:test">
<xsd:annotation>
<xsd:documentation>This test compares Debian package version info.</xsd:documentation>
<xsd:appinfo>
<test_name>Package Version Compare Test</test_name>
<extends>standardTestType</extends>
<valid_sections>notes, object, data</valid_sections>
<example></example>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:standardTestType">
<xsd:sequence>
<xsd:element name="object" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:objectType">
<xsd:sequence>
<xsd:element name="name" type="oval:subtestStringType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the package name to check.</xsd:documentation>
<xsd:appinfo>
<parent_test>Package Version Compare Test</parent_test>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="tested_epoch" type="oval:subtestStringType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the epoch number to test against. The epoch is used as a kludge for version-release comparisons where the vendor has done some kind of re-numbering or version forking.</xsd:documentation>
<xsd:appinfo>
<parent_test>Package Version Compare Test</parent_test>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="tested_version" type="oval:subtestStringType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the version number of the software that we want to test against.</xsd:documentation>
<xsd:appinfo>
<parent_test>Package Version Compare Test</parent_test>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="tested_release" type="oval:subtestStringType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the version number of the build, changed by the vendor/builder.</xsd:documentation>
<xsd:appinfo>
<parent_test>Package Version Compare Test</parent_test>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<xsd:element name="data" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:dataType">
<xsd:sequence>
<xsd:element name="installed_version" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the result of the comparison: earlier, equal, later or not installed.</xsd:documentation>
<xsd:appinfo>
<parent_test>Package Version Compare Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:simpleContent>
<xsd:restriction base="oval:subtestStringType">
<xsd:enumeration value="earlier"/>
<xsd:enumeration value="equal"/>
<xsd:enumeration value="later"/>
</xsd:restriction>
</xsd:simpleContent>
</xsd:complexType>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- =========================== PERMISSION TEST (det) =========================== -->
<!-- =============================================================================== -->
<xsd:element name="permission_test" substitutionGroup="oval:test">
<xsd:annotation>
<xsd:documentation>This test has been deprecated in version 4.1 of the debian-schema and will be removed completely in version 5. It is recommended that all future OVAL Content use the permission_test found in the unix-schema.</xsd:documentation>
<xsd:documentation>This test checks the permission bits on a file, returning 1 or 0 based on the content of the named permission bit. The permission bits of a file are part of the octal "mode" of the file, a number that can be gathered via the stat command, stat() system call, or ls command. Each octal digit of the mode is a 3-bit number (0-7). In the first digit's bits are the Set-UID, Set-GID and Sticky bits. The remaining three digits are the user, group and other digits, corresponding to the user owner of the file, the group owner of the file, and then every other user on the system. Within these digits, the first bit is the read bit, the second bit is the write bit, and the third bit is the execute bit.</xsd:documentation>
<xsd:appinfo>
<test_name>Permission Test</test_name>
<extends>standardTestType</extends>
<valid_sections>notes, object, data</valid_sections>
<example></example>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:standardTestType">
<xsd:sequence>
<xsd:element name="object" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:objectType">
<xsd:sequence>
<xsd:element name="path" type="debian:componentType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Specifies the absolute path to a file on the machine. This path can be created from multiple components that are added together. When a pattern match operator is used, the corresponding regular expression is matched against the set of absolute path strings. These string would not include the '.' and '..' notations. This means that a '.*' component of a regular expression will not only match all files in the specified directories, but all subdirectories, their subdirectories, etc.</xsd:documentation>
<xsd:appinfo>
<parent_test>Permission Test</parent_test>
<cardinality>1</cardinality>
<content>none</content>
<valid_datatypes>component</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<xsd:element name="data" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:dataType">
<xsd:sequence>
<xsd:element name="gexec" type="oval:subtestBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Can the group owner of the file execute it or, if a directory, change into the directory?</xsd:documentation>
<xsd:appinfo>
<parent_test>Permission Test</parent_test>
<cardinality>0-1</cardinality>
<content>boolean</content>
<valid_datatypes>boolean</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="gread" type="oval:subtestBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Can the group owner of the file read this file or, if a directory, read the directory contents?</xsd:documentation>
<xsd:appinfo>
<parent_test>Permission Test</parent_test>
<cardinality>0-1</cardinality>
<content>boolean</content>
<valid_datatypes>boolean</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="gwrite" type="oval:subtestBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Can the group owner of the file write to this file or directory?</xsd:documentation>
<xsd:appinfo>
<parent_test>Permission Test</parent_test>
<cardinality>0-1</cardinality>
<content>boolean</content>
<valid_datatypes>boolean</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="oexec" type="oval:subtestBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Can the other users execute this file or, if a directory, change into the directory?</xsd:documentation>
<xsd:appinfo>
<parent_test>Permission Test</parent_test>
<cardinality>0-1</cardinality>
<content>boolean</content>
<valid_datatypes>boolean</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="oread" type="oval:subtestBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Can all other users read this file or, if a directory, read the directory contents?</xsd:documentation>
<xsd:appinfo>
<parent_test>Permission Test</parent_test>
<cardinality>0-1</cardinality>
<content>boolean</content>
<valid_datatypes>boolean</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="owrite" type="oval:subtestBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Can the other users write to this file or directory?</xsd:documentation>
<xsd:appinfo>
<parent_test>Permission Test</parent_test>
<cardinality>0-1</cardinality>
<content>boolean</content>
<valid_datatypes>boolean</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="sgid" type="oval:subtestBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Does the program run with the gid (thus privileges) of the file's group owner, rather than the calling user's group?</xsd:documentation>
<xsd:appinfo>
<parent_test>Permission Test</parent_test>
<cardinality>0-1</cardinality>
<content>boolean</content>
<valid_datatypes>boolean</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="sticky" type="oval:subtestBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Can users delete each other's files in this directory, when said directory is writable by those users?</xsd:documentation>
<xsd:appinfo>
<parent_test>Permission Test</parent_test>
<cardinality>0-1</cardinality>
<content>boolean</content>
<valid_datatypes>boolean</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="suid" type="oval:subtestBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Does the program run with the uid (thus privileges) of the file's owner, rather than the calling user?</xsd:documentation>
<xsd:appinfo>
<parent_test>Permission Test</parent_test>
<cardinality>0-1</cardinality>
<content>boolean</content>
<valid_datatypes>boolean</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="uexec" type="oval:subtestBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Can the owner (user owner) of the file execute it or, if a directory, change into the directory?</xsd:documentation>
<xsd:appinfo>
<parent_test>Permission Test</parent_test>
<cardinality>0-1</cardinality>
<content>boolean</content>
<valid_datatypes>boolean</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="uread" type="oval:subtestBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Can the owner (user owner) of the file read this file or, if a directory, read the directory contents?</xsd:documentation>
<xsd:appinfo>
<parent_test>Permission Test</parent_test>
<cardinality>0-1</cardinality>
<content>boolean</content>
<valid_datatypes>boolean</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="uwrite" type="oval:subtestBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Can the owner (user owner) of the file read this file or, if a directory, read the directory contents?</xsd:documentation>
<xsd:appinfo>
<parent_test>Permission Test</parent_test>
<cardinality>0-1</cardinality>
<content>boolean</content>
<valid_datatypes>boolean</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- ============================ PROCESS TEST (dct) ============================= -->
<!-- =============================================================================== -->
<xsd:element name="process_test" substitutionGroup="oval:test">
<xsd:annotation>
<xsd:documentation>This test has been deprecated in version 4.1 of the debian-schema and will be removed completely in version 5. It is recommended that all future OVAL Content use the process_test found in the unix-schema.</xsd:documentation>
<xsd:documentation>This test checks the process information for a given process. It is equivalent to parsing the output of ps -ecf.</xsd:documentation>
<xsd:appinfo>
<test_name>Process Test</test_name>
<extends>standardTestType</extends>
<valid_sections>notes, object, data</valid_sections>
<example></example>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:standardTestType">
<xsd:sequence>
<xsd:element name="object" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:objectType">
<xsd:sequence>
<xsd:element name="command" type="oval:subtestStringType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This specifies the command/program name to check.</xsd:documentation>
<xsd:appinfo>
<parent_test>Process Test</parent_test>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<xsd:element name="data" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:dataType">
<xsd:sequence>
<xsd:element name="exec_time" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the amount of CPU time (not clock time) that the process has consumed, formatted in HH:MM:SS or days.</xsd:documentation>
<xsd:appinfo>
<parent_test>Process Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="pid" type="oval:subtestIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the process ID of the process.</xsd:documentation>
<xsd:appinfo>
<parent_test>Process Test</parent_test>
<cardinality>0-1</cardinality>
<content>integer</content>
<valid_datatypes>integer</valid_datatypes>
<valid_operators>equals, not equal, greater than, less than, greater than or equal, less than or equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="ppid" type="oval:subtestIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the process ID of the process's parent process.</xsd:documentation>
<xsd:appinfo>
<parent_test>Process Test</parent_test>
<cardinality>0-1</cardinality>
<content>integer</content>
<valid_datatypes>integer</valid_datatypes>
<valid_operators>equals, not equal, greater than, less than, greater than or equal, less than or equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="priority" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the scheduling priority with which the process runs. This can be adjusted with the nice command or nice() system call.</xsd:documentation>
<xsd:appinfo>
<parent_test>Process Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="scheduling_class" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>A characteristic maintained by the scheduler: RT (real-time), TS (timeshare), B (batch), BC (batch critical), WL (weightless) and GN (gang scheduled).</xsd:documentation>
<xsd:appinfo>
<parent_test>Process Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="start_time" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the time of day in which the process was started in either HH:MM:SS or days.</xsd:documentation>
<xsd:appinfo>
<parent_test>Process Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="tty" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the TTY on which the process was started, if applicable.</xsd:documentation>
<xsd:appinfo>
<parent_test>Process Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="user_id" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The numeric user id, or uid, is the third column of each user's entry in /etc/passwd. It represents the owner, and thus privilege level, of the specified program.</xsd:documentation>
<xsd:appinfo>
<parent_test>Process Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- ============================= SHADOW TEST (dst) ============================= -->
<!-- =============================================================================== -->
<xsd:element name="shadow_test" substitutionGroup="oval:test">
<xsd:annotation>
<xsd:documentation>/etc/shadow. See shadow(4).</xsd:documentation>
<xsd:appinfo>
<test_name>Shadow Test</test_name>
<extends>standardTestType</extends>
<valid_sections>notes, object, data</valid_sections>
<example></example>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:standardTestType">
<xsd:sequence>
<xsd:element name="object" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:objectType">
<xsd:sequence>
<xsd:element name="username" type="oval:subtestStringType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the name of the user being checked.</xsd:documentation>
<xsd:appinfo>
<parent_test>Shadow Test</parent_test>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<xsd:element name="data" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:dataType">
<xsd:sequence>
<xsd:element name="password" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the encrypted version of the user's password.</xsd:documentation>
<xsd:appinfo>
<parent_test>Shadow Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="chg_lst" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the date of the last password change in days since 1/1/1970.</xsd:documentation>
<xsd:appinfo>
<parent_test>Shadow Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="chg_allow" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This specifies how often in days a user may change their password. It can also be thought of as the minimum age of a password.</xsd:documentation>
<xsd:appinfo>
<parent_test>Shadow Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="chg_req" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This describes how long a user can keep a password before the system forces her to change it.</xsd:documentation>
<xsd:appinfo>
<parent_test>Shadow Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="exp_warn" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This describes how long before password expiration the system begins warning the user. The system will warn the user at each login.</xsd:documentation>
<xsd:appinfo>
<parent_test>Shadow Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="exp_inact" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This describes how many days of account inactivity the system will wait after a password expires before locking the account? This window, usually only set to a few days, gives users who are logging in very seldomly a bit of extra time to receive the password expiration warning and change their password.</xsd:documentation>
<xsd:appinfo>
<parent_test>Shadow Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="exp_date" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This speicifies when will the account's password expire, in days since 1/1/1970.</xsd:documentation>
<xsd:appinfo>
<parent_test>Shadow Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="flag" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is a reserved field that the shadow file may use in the future.</xsd:documentation>
<xsd:appinfo>
<parent_test>Shadow Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- ======================= TEXT FILE CONTENT TEST (dtt) ======================== -->
<!-- =============================================================================== -->
<xsd:element name="textfilecontent_test" substitutionGroup="oval:test">
<xsd:annotation>
<xsd:documentation>This test has been deprecated in version 4.1 of the debian-schema and will be removed completely in version 5. It is recommended that all future OVAL Content use the textfilecontent_test found in the independent-schema.</xsd:documentation>
<xsd:documentation>This test checks the contents of a text file.</xsd:documentation>
<xsd:appinfo>
<test_name>Text File Content Test</test_name>
<extends>standardTestType</extends>
<valid_sections>notes, object, data</valid_sections>
<example></example>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:standardTestType">
<xsd:sequence>
<xsd:element name="object" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:objectType">
<xsd:sequence>
<xsd:element name="path" type="debian:componentType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Specifies the absolute path to a file on the machine. This path can be created from multiple components that are added together. When a pattern match operator is used, the corresponding regular expression is matched against the set of absolute path strings. These string would not include the '.' and '..' notations. This means that a '.*' component of a regular expression will not only match all files in the specified directories, but all subdirectories, their subdirectories, etc.</xsd:documentation>
<xsd:appinfo>
<parent_test>Text File Content Test</parent_test>
<cardinality>1</cardinality>
<content>none</content>
<valid_datatypes>component</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="line" type="oval:subtestStringType" minOccurs="1" maxOccurs="1" nillable="true">
<xsd:annotation>
<xsd:documentation>The line element represents a line in the file and is represented using a regular expression.</xsd:documentation>
<xsd:appinfo>
<parent_test>Text File Content Test</parent_test>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<xsd:element name="data" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:dataType">
<xsd:sequence>
<xsd:element name="subexpression" type="oval:subtestStringType" minOccurs="0" maxOccurs="unbounded">
<xsd:annotation>
<xsd:documentation>Each subexpression in the regular expression of the line element is then tested against the value specified in the subexpression element.</xsd:documentation>
<xsd:appinfo>
<parent_test>Text File Content Test</parent_test>
<cardinality>0-n</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- ============================= UNAME TEST (dut) ============================== -->
<!-- =============================================================================== -->
<xsd:element name="uname_test" substitutionGroup="oval:test">
<xsd:annotation>
<xsd:documentation>This test has been deprecated in version 4.1 of the debian-schema and will be removed completely in version 5. It is recommended that all future OVAL Content use the uname_test found in the unix-schema.</xsd:documentation>
<xsd:documentation>This test reveals information about the hardware the machine is running on. This information is the parsed equivalent of uname -a.</xsd:documentation>
<xsd:appinfo>
<test_name>Uname Test</test_name>
<extends>standardTestType</extends>
<valid_sections>notes, data</valid_sections>
<example></example>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:standardTestType">
<xsd:sequence>
<xsd:element name="data" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:dataType">
<xsd:sequence>
<xsd:element name="machine_class" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the machine hardware name, 5th field from uname -a.</xsd:documentation>
<xsd:appinfo>
<parent_test>Uname Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="node_name" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the host name, the 2nd field from uname -a.</xsd:documentation>
<xsd:appinfo>
<parent_test>Uname Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="os_name" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the operating system name, the 1st field from uname -a.</xsd:documentation>
<xsd:appinfo>
<parent_test>Uname Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="os_release" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the build version, 4th field from uname -a. For example, from a running Linux system: "#1 Wed Aug 25 13:34:40 UTC 2004"</xsd:documentation>
<xsd:appinfo>
<parent_test>Uname Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="os_version" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the operating system version, the 3rd field from uname -a.</xsd:documentation>
<xsd:appinfo>
<parent_test>Uname Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="processor_type" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the processor type, 6th field from uname -a.</xsd:documentation>
<xsd:appinfo>
<parent_test>Uname Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- ======================= XML FILE CONTENT TEST (dxt) ========================= -->
<!-- =============================================================================== -->
<xsd:element name="xmlfilecontent_test" substitutionGroup="oval:test">
<xsd:annotation>
<xsd:documentation>This test has been deprecated in version 4.1 of the debian-schema and will be removed completely in version 5. It is recommended that all future OVAL Content use the xmlfilecontent_test found in the independent-schema.</xsd:documentation>
<xsd:documentation>This test checks the contents of an xml file.</xsd:documentation>
<xsd:appinfo>
<test_name>XML File Content Test</test_name>
<extends>standardTestType</extends>
<valid_sections>notes, object, data</valid_sections>
<example></example>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:standardTestType">
<xsd:sequence>
<xsd:element name="object" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:objectType">
<xsd:sequence>
<xsd:element name="path" type="debian:componentType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Specifies the absolute path to a file on the machine. This path can be created from multiple components that are added together. When a pattern match operator is used, the corresponding regular expression is matched against the set of absolute path strings. These string would not include the '.' and '..' notations. This means that a '.*' component of a regular expression will not only match all files in the specified directories, but all subdirectories, their subdirectories, etc.</xsd:documentation>
<xsd:appinfo>
<parent_test>XML File Content Test</parent_test>
<cardinality>1</cardinality>
<content>none</content>
<valid_datatypes>component</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="xpath" type="oval:subtestStringType" minOccurs="1" maxOccurs="1" nillable="true">
<xsd:annotation>
<xsd:documentation>Specifies an Xpath expression describing the nodes to look at.</xsd:documentation>
<xsd:appinfo>
<parent_test>XML File Content Test</parent_test>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<xsd:element name="data" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:dataType">
<xsd:sequence>
<xsd:element name="value_of" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The value element checks the value of the nodes found. How this is used is entirely controlled by operator attributes.</xsd:documentation>
<xsd:appinfo>
<parent_test>XML File Content Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- =============================================================================== -->
<!-- =============================================================================== -->
<xsd:complexType name="componentType">
<xsd:annotation>
<xsd:documentation>The componentType allows a value to be obtained by combining pieces from different sources. Each string defined by the different component elements is concatenated together to form the final string used. Each child component element has an attribute called type. The value of this attribute determines where to get the string used to build the file path. A type of literal means to use the value of the child component element as is, and to just concatenated it to the other strings. If a pattern match operator has been specified with a componentType, then the final string should be thought of as the pattern to test. As of Version 4 of the OVAL schema, pattern match can not be specified for the idividual components.</xsd:documentation>
</xsd:annotation>
<xsd:complexContent>
<xsd:extension base="oval:subtestBaseType">
<xsd:sequence>
<xsd:element name="component" minOccurs="1" maxOccurs="unbounded">
<xsd:complexType>
<xsd:simpleContent>
<xsd:extension base="xsd:string">
<xsd:attribute name="type" use="required">
<xsd:simpleType>
<xsd:restriction base="xsd:string">
<xsd:enumeration value="literal"/>
</xsd:restriction>
</xsd:simpleType>
</xsd:attribute>
</xsd:extension>
</xsd:simpleContent>
</xsd:complexType>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
<!-- =============================================================================== -->
<!-- =============================================================================== -->
<!-- =============================================================================== -->
<xsd:element name="platform" substitutionGroup="oval:platformBase">
<xsd:annotation>
<xsd:documentation>The valid platforms for the Debian GNU/Linux family.</xsd:documentation>
</xsd:annotation>
<xsd:simpleType>
<xsd:restriction base="xsd:string">
<xsd:enumeration value="Debian 3.0"/>
</xsd:restriction>
</xsd:simpleType>
</xsd:element>
</xsd:schema>
|
XSD Schema Code: