<xsd:schema targetNamespace="http://oval.mitre.org/XMLSchema/oval#macos" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval="http://oval.mitre.org/XMLSchema/oval" xmlns:macos="http://oval.mitre.org/XMLSchema/oval#macos" elementFormDefault="qualified" version="4.2">
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval" schemaLocation="oval-schema.xsd"/>
<xsd:annotation>
<xsd:documentation>The following is a description of the elements, types, and attributes that compose the Mac OS specific tests found in Open Vulnerability and Assessment Language (OVAL). Each test is an extension of the standard test element defined in the Core Definition Schema. Through extension, each test inherits a set of elements and attributes that are shared amongst all OVAL tests. Each test is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core Definition Schema is not outlined here.</xsd:documentation>
<xsd:documentation>The OVAL Schema is maintained by The Mitre Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
<xsd:appinfo>
<schema>Mac OS Definition</schema>
<version>4.2</version>
<date>2 December 2005</date>
</xsd:appinfo>
</xsd:annotation>
<!-- =============================================================================== -->
<!-- ========================= ACCOUNT INFO TEST (mat) =========================== -->
<!-- =============================================================================== -->
<xsd:element name="accountinfo_test" substitutionGroup="oval:test">
<xsd:annotation>
<xsd:documentation>User account information (username, uid, gid, etc.) See netinfo(5) for field information, niutil(1) for retrieving it. We may need/want to add in data elements for things like authentication_authority, generateduid, mcx_settings (restricted account settings).</xsd:documentation>
<xsd:appinfo>
<test_name>Account Info Test</test_name>
<extends>standardTestType</extends>
<valid_sections>notes, object, data</valid_sections>
<example></example>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:standardTestType">
<xsd:sequence>
<xsd:element name="object" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:objectType">
<xsd:sequence>
<xsd:element name="username" type="oval:subtestStringType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Specifies the user of the account to gather information from.</xsd:documentation>
<xsd:appinfo>
<parent_test>Account Info Test</parent_test>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<xsd:element name="data" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:dataType">
<xsd:sequence>
<xsd:element name="password" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Obfuscated (*****) or encrypted password for this user.</xsd:documentation>
<xsd:appinfo>
<parent_test>Account Info Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="uid" type="oval:subtestIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The numeric user id, or uid, is the third column of each user's entry in /etc/passwd. This element represents the owner of the file.</xsd:documentation>
<xsd:appinfo>
<parent_test>Account Info Test</parent_test>
<cardinality>0-1</cardinality>
<content>integer</content>
<valid_datatypes>integer</valid_datatypes>
<valid_operators>equals, not equal, greater than, less than, greater than or equal, less than or equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="gid" type="oval:subtestIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Group ID of this account.</xsd:documentation>
<xsd:appinfo>
<parent_test>Account Info Test</parent_test>
<cardinality>0-1</cardinality>
<content>integer</content>
<valid_datatypes>integer</valid_datatypes>
<valid_operators>equals, not equal, greater than, less than, greater than or equal, less than or equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="realname" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>User's real name, aka gecos field of /etc/passwd.</xsd:documentation>
<xsd:appinfo>
<parent_test>Account Info Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="home_dir" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation></xsd:documentation>
<xsd:appinfo>
<parent_test>Account Info Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="login_shell" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation></xsd:documentation>
<xsd:appinfo>
<parent_test>Account Info Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- ============================== FILE TEST (mft) ============================== -->
<!-- =============================================================================== -->
<xsd:element name="file_test" substitutionGroup="oval:test">
<xsd:annotation>
<xsd:documentation>This test has been deprecated in version 4.1 of the macos-schema and will be removed completely in version 5. It is recommended that all future OVAL Content use the file_test found in the unix-schema.</xsd:documentation>
<xsd:documentation>This test's purpose is to check a file's metadata, of the sort returned by either an ls command, stat command or stat() system call. The object being tested here is the full path to a file.</xsd:documentation>
<xsd:appinfo>
<test_name>File Test</test_name>
<extends>standardTestType</extends>
<valid_sections>notes, object, data</valid_sections>
<example></example>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:standardTestType">
<xsd:sequence>
<xsd:element name="object" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:objectType">
<xsd:sequence>
<xsd:element name="path" type="macos:componentType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Specifies the absolute path to a file on the machine. This path can be created from multiple components that are added together. When a pattern match operator is used, the corresponding regular expression is matched against the set of absolute path strings. These string would not include the '.' and '..' notations. This means that a '.*' component of a regular expression will not only match all files in the specified directories, but all subdirectories, their subdirectories, etc.</xsd:documentation>
<xsd:appinfo>
<parent_test>File Test</parent_test>
<cardinality>1</cardinality>
<content>none</content>
<valid_datatypes>component</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<xsd:element name="data" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:dataType">
<xsd:sequence>
<xsd:element name="type" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the file's type: regular file (regular), directory, named pipe (fifo), symbolic link, socket or block special.</xsd:documentation>
<xsd:appinfo>
<parent_test>File Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="group_id" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the group owner of the file, by group number.</xsd:documentation>
<xsd:appinfo>
<parent_test>File Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="user_id" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The numeric user id, or uid, is the third column of each user's entry in /etc/passwd or netinfo dump. This element represents the owner of the file.</xsd:documentation>
<xsd:appinfo>
<parent_test>File Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="a_time" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the time of the last access, in seconds since the last epoch.</xsd:documentation>
<xsd:appinfo>
<parent_test>File Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, greater than, less than, greater than or equal, less than or equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="c_time" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the time of the last change to the file's inode, which stores all.</xsd:documentation>
<xsd:appinfo>
<parent_test>File Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, greater than, less than, greater than or equal, less than or equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="m_time" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the time of the last change to the file's contents.</xsd:documentation>
<xsd:appinfo>
<parent_test>File Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, greater than, less than, greater than or equal, less than or equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="md5" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the MD5 hash of the file's contents, which serves as a kind of content integrity check.</xsd:documentation>
<xsd:appinfo>
<parent_test>File Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="size" type="oval:subtestIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the size of the file in bytes.</xsd:documentation>
<xsd:appinfo>
<parent_test>File Test</parent_test>
<cardinality>0-1</cardinality>
<content>integer</content>
<valid_datatypes>integer</valid_datatypes>
<valid_operators>equals, not equal, greater than, less than, greater than or equal, less than or equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- ===================== INET LISTENING SERVERS TEST (mlt) ===================== -->
<!-- =============================================================================== -->
<xsd:element name="inetlisteningservers_test" substitutionGroup="oval:test">
<xsd:annotation>
<xsd:documentation>This test's purpose is generally used to check if a program is listening on the network, either for a new connections or as part of an ongoing connection. It is generally speaking the parsed output of running the command netstat -tuwlnpe with root privilege.</xsd:documentation>
<xsd:appinfo>
<test_name>Inet Listening Servers Test</test_name>
<extends>standardTestType</extends>
<valid_sections>notes, object, data</valid_sections>
<example></example>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:standardTestType">
<xsd:sequence>
<xsd:element name="object" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:objectType">
<xsd:sequence>
<xsd:element name="program_name" type="oval:subtestStringType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the name of the communicating program.</xsd:documentation>
<xsd:appinfo>
<parent_test>Inet Listening Servers Test</parent_test>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<xsd:element name="data" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:dataType">
<xsd:sequence>
<xsd:element name="local_address" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the IP address of the network interface on which the program
listens.</xsd:documentation>
<xsd:appinfo>
<parent_test>Inet Listening Servers Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="local_full_address" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the IP address and network port on which the program listens, equivalent to local_address:local_port.</xsd:documentation>
<xsd:appinfo>
<parent_test>Inet Listening Servers Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="local_port" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the TCP or UDP port on which the program listens. Note that this is not a list -- if a program listens on multiple ports, or on a combination of TCP and UDP, each will have its own entry in the table data stored by this test.</xsd:documentation>
<xsd:appinfo>
<parent_test>Inet Listening Servers Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="foreign_address" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the IP address with which the program is communicating, or with which it will communicate, in the case of a listening server.</xsd:documentation>
<xsd:appinfo>
<parent_test>Inet Listening Servers Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="foreign_full_address" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the IP address and network port to which the program is communicating or will accept communications from, equivalent to foreign_address:foreign_port.</xsd:documentation>
<xsd:appinfo>
<parent_test>Inet Listening Servers Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="foreign_port" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the TCP or UDP port to which the program communicates. In the case of a listening program accepting new connections, this is usually a *.</xsd:documentation>
<xsd:appinfo>
<parent_test>Inet Listening Servers Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="pid" type="oval:subtestIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the process ID of the process. The process in question is that of the program communicating on the network.</xsd:documentation>
<xsd:appinfo>
<parent_test>Inet Listening Servers Test</parent_test>
<cardinality>0-1</cardinality>
<content>integer</content>
<valid_datatypes>integer</valid_datatypes>
<valid_operators>equals, not equal, greater than, less than, greater than or equal, less than or equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="protocol" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the transport-layer protocol, in lowercase: tcp or udp.</xsd:documentation>
<xsd:appinfo>
<parent_test>Inet Listening Servers Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="user_id" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The numeric user id, or uid, is the third column of each user's entry in /etc/passwd. It represents the owner, and thus privilege level, of the specified program.</xsd:documentation>
<xsd:appinfo>
<parent_test>Inet Listening Servers Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- ============================ INTERFACE TEST (mit) =========================== -->
<!-- =============================================================================== -->
<xsd:element name="interface_test" substitutionGroup="oval:test">
<xsd:annotation>
<xsd:documentation>This test has been deprecated in version 4.1 of the macos-schema and will be removed completely in version 5. It is recommended that all future OVAL Content use the interface_test found in the unix-schema.</xsd:documentation>
<xsd:documentation>This test presents information one would expect to acquire by running ifconfig to display information about a particular network interface.</xsd:documentation>
<xsd:appinfo>
<test_name>Interface Test</test_name>
<extends>standardTestType</extends>
<valid_sections>notes, object, data</valid_sections>
<example></example>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:standardTestType">
<xsd:sequence>
<xsd:element name="object" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:objectType">
<xsd:sequence>
<xsd:element name="name" type="oval:subtestStringType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the interface (en0, en1, fw0, etc.) name to check.</xsd:documentation>
<xsd:appinfo>
<parent_test>Interface Test</parent_test>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<xsd:element name="data" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:dataType">
<xsd:sequence>
<xsd:element name="hardware_addr" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the hardware or MAC address of the physical network card.</xsd:documentation>
<xsd:appinfo>
<parent_test>Interface Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="inet_addr" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the IP address of the interface.</xsd:documentation>
<xsd:appinfo>
<parent_test>Interface Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="broadcast_addr" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the broadcast IP address for this interface's network, like 192.168.255.255.</xsd:documentation>
<xsd:appinfo>
<parent_test>Interface Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="netmask" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the bitmask used to calculate the inteface's IP network. The network number is calculated by bitwise-ANDing this with the IP address. The host number on that network is calculated by bitwise-XORing this with the IP address.</xsd:documentation>
<xsd:appinfo>
<parent_test>Interface Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="flag" type="oval:subtestStringType" minOccurs="0" maxOccurs="unbounded">
<xsd:annotation>
<xsd:documentation>This is the interface flag line, which generally contains flags like "UP" to denote an active interface, "PROMISC" to note that the interface is listening for Ethernet frames not specifically addressed to it, and others.</xsd:documentation>
<xsd:appinfo>
<parent_test>Interface Test</parent_test>
<cardinality>0-n</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- =========================== NVRAM INFO TEST (mnt) =========================== -->
<!-- =============================================================================== -->
<xsd:element name="nvram_test" substitutionGroup="oval:test">
<xsd:annotation>
<xsd:documentation>This test pulls data from the 'nvram -p' output.</xsd:documentation>
<xsd:appinfo>
<test_name>Nvram Test</test_name>
<extends>standardTestType</extends>
<valid_sections>notes, object, data</valid_sections>
<example></example>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:standardTestType">
<xsd:sequence>
<xsd:element name="object" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:objectType">
<xsd:sequence>
<xsd:element name="nvram_var" type="oval:subtestStringType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This specifies the nvram variable to check.</xsd:documentation>
<xsd:appinfo>
<parent_test>Nvram Test</parent_test>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<xsd:element name="data" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:dataType">
<xsd:sequence>
<xsd:element name="nvram_value" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the value of the associated nvram variable.</xsd:documentation>
<xsd:appinfo>
<parent_test>Nvram Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- =========================== PERMISSION TEST (met) =========================== -->
<!-- =============================================================================== -->
<xsd:element name="permission_test" substitutionGroup="oval:test">
<xsd:annotation>
<xsd:documentation>This test has been deprecated in version 4.1 of the macos-schema and will be removed completely in version 5. It is recommended that all future OVAL Content use the permission_test found in the unix-schema.</xsd:documentation>
<xsd:documentation>This test checks the permission bits on a file, returning 1 or 0 based on the content of the named permission bit. The permission bits of a file are part of the octal "mode" of the file, a number that can be gathered via the stat command, stat() system call, or ls command. Each octal digit of the mode is a 3-bit number (0-7). In the first digit's bits are the Set-UID, Set-GID and Sticky bits. The remaining three digits are the user, group and other digits, corresponding to the user owner of the file, the group owner of the file, and then every other user on the system. Within these digits, the first bit is the read bit, the second bit is the write bit, and the third bit is the execute bit.</xsd:documentation>
<xsd:appinfo>
<test_name>Permission Test</test_name>
<extends>standardTestType</extends>
<valid_sections>notes, object, data</valid_sections>
<example></example>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:standardTestType">
<xsd:sequence>
<xsd:element name="object" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:objectType">
<xsd:sequence>
<xsd:element name="path" type="macos:componentType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Specifies the absolute path to a file on the machine. This path can be created from multiple components that are added together. When a pattern match operator is used, the corresponding regular expression is matched against the set of absolute path strings. These string would not include the '.' and '..' notations. This means that a '.*' component of a regular expression will not only match all files in the specified directories, but all subdirectories, their subdirectories, etc.</xsd:documentation>
<xsd:appinfo>
<parent_test>Permission Test</parent_test>
<cardinality>1</cardinality>
<content>none</content>
<valid_datatypes>component</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<xsd:element name="data" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:dataType">
<xsd:sequence>
<xsd:element name="gexec" type="oval:subtestBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Can members of the file's group execute it or, if a directory, change into the directory?</xsd:documentation>
<xsd:appinfo>
<parent_test>Permission Test</parent_test>
<cardinality>0-1</cardinality>
<content>boolean</content>
<valid_datatypes>boolean</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="gread" type="oval:subtestBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Can the members of the file's group read this file or, if a directory, read the directory contents?</xsd:documentation>
<xsd:appinfo>
<parent_test>Permission Test</parent_test>
<cardinality>0-1</cardinality>
<content>boolean</content>
<valid_datatypes>boolean</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="gwrite" type="oval:subtestBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Can the members of the file's group write to this file or directory?</xsd:documentation>
<xsd:appinfo>
<parent_test>Permission Test</parent_test>
<cardinality>0-1</cardinality>
<content>boolean</content>
<valid_datatypes>boolean</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="oexec" type="oval:subtestBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Can the other users execute this file or, if a directory, change into the directory?</xsd:documentation>
<xsd:appinfo>
<parent_test>Permission Test</parent_test>
<cardinality>0-1</cardinality>
<content>boolean</content>
<valid_datatypes>boolean</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="oread" type="oval:subtestBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Can all other users read this file or, if a directory, read the directory contents?</xsd:documentation>
<xsd:appinfo>
<parent_test>Permission Test</parent_test>
<cardinality>0-1</cardinality>
<content>boolean</content>
<valid_datatypes>boolean</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="owrite" type="oval:subtestBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Can the other users write to this file or directory?</xsd:documentation>
<xsd:appinfo>
<parent_test>Permission Test</parent_test>
<cardinality>0-1</cardinality>
<content>boolean</content>
<valid_datatypes>boolean</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="sgid" type="oval:subtestBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Does the program run with the gid (thus privileges) of the file's group owner, rather than the calling user's group?</xsd:documentation>
<xsd:appinfo>
<parent_test>Permission Test</parent_test>
<cardinality>0-1</cardinality>
<content>boolean</content>
<valid_datatypes>boolean</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="sticky" type="oval:subtestBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Can users delete each other's files in this directory, when said directory is writable by those users?</xsd:documentation>
<xsd:appinfo>
<parent_test>Permission Test</parent_test>
<cardinality>0-1</cardinality>
<content>boolean</content>
<valid_datatypes>boolean</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="suid" type="oval:subtestBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Does the program run with the uid (thus privileges) of the file's owner, rather than the calling user?</xsd:documentation>
<xsd:appinfo>
<parent_test>Permission Test</parent_test>
<cardinality>0-1</cardinality>
<content>boolean</content>
<valid_datatypes>boolean</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="uexec" type="oval:subtestBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Can the owner (user owner) of the file execute it or, if a directory, change into the directory?</xsd:documentation>
<xsd:appinfo>
<parent_test>Permission Test</parent_test>
<cardinality>0-1</cardinality>
<content>boolean</content>
<valid_datatypes>boolean</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="uread" type="oval:subtestBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Can the owner (user owner) of the file read this file or, if a directory, read the directory contents?</xsd:documentation>
<xsd:appinfo>
<parent_test>Permission Test</parent_test>
<cardinality>0-1</cardinality>
<content>boolean</content>
<valid_datatypes>boolean</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="uwrite" type="oval:subtestBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Can the owner (user owner) of the file read this file or, if a directory, read the directory contents?</xsd:documentation>
<xsd:appinfo>
<parent_test>Permission Test</parent_test>
<cardinality>0-1</cardinality>
<content>boolean</content>
<valid_datatypes>boolean</valid_datatypes>
<valid_operators>equals, not equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- ============================ PROCESS TEST (mct) ============================= -->
<!-- =============================================================================== -->
<xsd:element name="process_test" substitutionGroup="oval:test">
<xsd:annotation>
<xsd:documentation>This test has been deprecated in version 4.1 of the macos-schema and will be removed completely in version 5. It is recommended that all future OVAL Content use the process_test found in the unix-schema.</xsd:documentation>
<xsd:documentation>This test checks the process information for a given process. It is equivalent to parsing the output of the ps command.</xsd:documentation>
<xsd:appinfo>
<test_name>Process Test</test_name>
<extends>standardTestType</extends>
<valid_sections>notes, object, data</valid_sections>
<example></example>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:standardTestType">
<xsd:sequence>
<xsd:element name="object" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:objectType">
<xsd:sequence>
<xsd:element name="command" type="oval:subtestStringType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This specifies the command/program name to check.</xsd:documentation>
<xsd:appinfo>
<parent_test>Process Test</parent_test>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<xsd:element name="data" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:dataType">
<xsd:sequence>
<xsd:element name="exec_time" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the amount of CPU time (not clock time) that the process has consumed, formatted in HH:MM:SS or days.</xsd:documentation>
<xsd:appinfo>
<parent_test>Process Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="pid" type="oval:subtestIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the process ID of the process.</xsd:documentation>
<xsd:appinfo>
<parent_test>Process Test</parent_test>
<cardinality>0-1</cardinality>
<content>integer</content>
<valid_datatypes>integer</valid_datatypes>
<valid_operators>equals, not equal, greater than, less than, greater than or equal, less than or equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="ppid" type="oval:subtestIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the process ID of the process's parent process.</xsd:documentation>
<xsd:appinfo>
<parent_test>Process Test</parent_test>
<cardinality>0-1</cardinality>
<content>integer</content>
<valid_datatypes>integer</valid_datatypes>
<valid_operators>equals, not equal, greater than, less than, greater than or equal, less than or equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="priority" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the scheduling priority with which the process runs. This can be adjusted with the nice command or nice() system call.</xsd:documentation>
<xsd:appinfo>
<parent_test>Process Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="scheduling_class" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>A characteristic maintained by the scheduler: RT (real-time), TS (timeshare), B (batch), BC (batch critical), WL (weightless) and GN (gang scheduled).</xsd:documentation>
<xsd:appinfo>
<parent_test>Process Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="start_time" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the time of day in which the process was started in either HH:MM:SS or days.</xsd:documentation>
<xsd:appinfo>
<parent_test>Process Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="tty" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the TTY on which the process was started, if applicable.</xsd:documentation>
<xsd:appinfo>
<parent_test>Process Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="user_id" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The numeric user id, or uid, is the third column of each user's entry in /etc/passwd. It represents the owner, and thus privilege level, of the specified program.</xsd:documentation>
<xsd:appinfo>
<parent_test>Process Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- ============================ PWPOLICY TEST (mpt) ============================ -->
<!-- =============================================================================== -->
<xsd:element name="pwpolicy_test" substitutionGroup="oval:test">
<xsd:annotation>
<xsd:documentation>This test pulls data from the 'pwpolicy -getpolicy' output. The actual values get stored under /var/db/netinfo/local.nidb/ in a Store.# file. Is this test actually needed, or can the text file content test be used instead?</xsd:documentation>
<xsd:appinfo>
<test_name>Pw Policy Test</test_name>
<extends>standardTestType</extends>
<valid_sections>notes, object, data</valid_sections>
<example></example>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:standardTestType">
<xsd:sequence>
<xsd:element name="object" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:objectType">
<xsd:sequence>
<xsd:element name="username" type="oval:subtestStringType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation></xsd:documentation>
<xsd:appinfo>
<parent_test>Pw Policy Test</parent_test>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="userpass" type="oval:subtestStringType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation></xsd:documentation>
<xsd:appinfo>
<parent_test>Pw Policy Test</parent_test>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="directory_node" type="oval:subtestStringType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation></xsd:documentation>
<xsd:appinfo>
<parent_test>Pw Policy Test</parent_test>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<xsd:element name="data" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:dataType">
<xsd:sequence>
<xsd:element name="maxChars" type="oval:subtestIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Maximum number of characters allowed in a password.</xsd:documentation>
<xsd:appinfo>
<parent_test>Pw Policy Test</parent_test>
<cardinality>0-1</cardinality>
<content>integer</content>
<valid_datatypes>integer</valid_datatypes>
<valid_operators>equals, not equal, greater than, less than, greater than or equal, less than or equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="maxFailedLoginAttempts" type="oval:subtestIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Maximum number of failed logins before the account is locked.</xsd:documentation>
<xsd:appinfo>
<parent_test>Pw Policy Test</parent_test>
<cardinality>0-1</cardinality>
<content>integer</content>
<valid_datatypes>integer</valid_datatypes>
<valid_operators>exists, none exists, equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="minChars" type="oval:subtestIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Minimum number of characters allowed in a password.</xsd:documentation>
<xsd:appinfo>
<parent_test>Pw Policy Test</parent_test>
<cardinality>0-1</cardinality>
<content>integer</content>
<valid_datatypes>integer</valid_datatypes>
<valid_operators>equals, not equal, greater than, less than, greater than or equal, less than or equal</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="passwordCannotBeName" type="oval:subtestBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Defines if the password is allowed to be the same as the username or not</xsd:documentation>
<xsd:appinfo>
<parent_test>Pw Policy Test</parent_test>
<cardinality>0-1</cardinality>
<content>boolean</content>
<valid_datatypes>boolean</valid_datatypes>
<valid_operators>equals, not equals</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="requiresAlpha" type="oval:subtestBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Defines if the password must contain an alphabetical character or not</xsd:documentation>
<xsd:appinfo>
<parent_test>Pw Policy Test</parent_test>
<cardinality>0-1</cardinality>
<content>boolean</content>
<valid_datatypes>boolean</valid_datatypes>
<valid_operators>equals, not equals</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="requiresNumeric" type="oval:subtestBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Defines if the password must contain an numeric character or not</xsd:documentation>
<xsd:appinfo>
<parent_test>Pw Policy Test</parent_test>
<cardinality>0-1</cardinality>
<content>boolean</content>
<valid_datatypes>boolean</valid_datatypes>
<valid_operators>equals, not equals</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- ======================= TEXT FILE CONTENT TEST (mtt) ======================== -->
<!-- =============================================================================== -->
<xsd:element name="textfilecontent_test" substitutionGroup="oval:test">
<xsd:annotation>
<xsd:documentation>This test has been deprecated in version 4.1 of the macos-schema and will be removed completely in version 5. It is recommended that all future OVAL Content use the textfilecontent_test found in the independent-schema.</xsd:documentation>
<xsd:documentation>This test allows you to check a file's content, basically by serving as a flexible, regular-expression enabled 'grep'. grep checks for the existence of a line matching a given pattern in a file.</xsd:documentation>
<xsd:appinfo>
<test_name>Text File Content Test</test_name>
<extends>standardTestType</extends>
<valid_sections>notes, object, data</valid_sections>
<example></example>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:standardTestType">
<xsd:sequence>
<xsd:element name="object" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:objectType">
<xsd:sequence>
<xsd:element name="path" type="macos:componentType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Specifies the absolute path to a file on the machine. This path can be created from multiple components that are added together. When a pattern match operator is used, the corresponding regular expression is matched against the set of absolute path strings. These string would not include the '.' and '..' notations. This means that a '.*' component of a regular expression will not only match all files in the specified directories, but all subdirectories, their subdirectories, etc.</xsd:documentation>
<xsd:appinfo>
<parent_test>Text File Content Test</parent_test>
<cardinality>1</cardinality>
<content>none</content>
<valid_datatypes>component</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="line" type="oval:subtestStringType" minOccurs="1" maxOccurs="1" nillable="true">
<xsd:annotation>
<xsd:documentation>The line element represents a line in the file and is represented using a regular expression.</xsd:documentation>
<xsd:appinfo>
<parent_test>Text File Content Test</parent_test>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<xsd:element name="data" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:dataType">
<xsd:sequence>
<xsd:element name="subexpression" type="oval:subtestStringType" minOccurs="0" maxOccurs="unbounded">
<xsd:annotation>
<xsd:documentation>Each subexpression in the regular expression of the line element is then tested against the value specified in the subexpression element.</xsd:documentation>
<xsd:appinfo>
<parent_test>Text File Content Test</parent_test>
<cardinality>0-n</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- ============================= UNAME TEST (mut) ============================== -->
<!-- =============================================================================== -->
<xsd:element name="uname_test" substitutionGroup="oval:test">
<xsd:annotation>
<xsd:documentation>This test has been deprecated in version 4.1 of the macos-schema and will be removed completely in version 5. It is recommended that all future OVAL Content use the uname_test found in the unix-schema.</xsd:documentation>
<xsd:documentation>This test reveals information about the hardware the machine is running on. This information is the parsed equivalent of uname -a. For example: "Darwin TestHost 7.7.0 Darwin Kernel Version 7.7.0: Sun Nov 7 16:06:51 PST 2004; root:xnu/xnu-517.9.5.obj~1/RELEASE_PPC Power Macintosh powerpc"</xsd:documentation>
<xsd:appinfo>
<test_name>Uname Test</test_name>
<extends>standardTestType</extends>
<valid_sections>notes, data</valid_sections>
<example></example>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:standardTestType">
<xsd:sequence>
<xsd:element name="data" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:dataType">
<xsd:sequence>
<xsd:element name="machine_class" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the machine hardware name, 5th field from uname -a.</xsd:documentation>
<xsd:appinfo>
<parent_test>Uname Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="node_name" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the host name, the 2nd field from uname -a.</xsd:documentation>
<xsd:appinfo>
<parent_test>Uname Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="os_name" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the operating system name, the 1st field from uname -a.</xsd:documentation>
<xsd:appinfo>
<parent_test>Uname Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="os_release" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the build version, 4th field from uname -a. For example, from a running Mac OS X system: "Darwin Kernel Version 7.7.0: Sun Nov 7 16:06:51 PST 2004;"</xsd:documentation>
<xsd:appinfo>
<parent_test>Uname Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="os_version" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the operating system version, the 3rd field from uname -a.</xsd:documentation>
<xsd:appinfo>
<parent_test>Uname Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="processor_type" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the processor type, 6th field from uname -a.</xsd:documentation>
<xsd:appinfo>
<parent_test>Uname Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- ======================= XML FILE CONTENT TEST (mxt) ========================= -->
<!-- =============================================================================== -->
<xsd:element name="xmlfilecontent_test" substitutionGroup="oval:test">
<xsd:annotation>
<xsd:documentation>This test has been deprecated in version 4.1 of the macos-schema and will be removed completely in version 5. It is recommended that all future OVAL Content use the xmlfilecontent_test found in the independent-schema.</xsd:documentation>
<xsd:documentation>This test allows you to check an element in an XML file.</xsd:documentation>
<xsd:appinfo>
<test_name>XML File Content Test</test_name>
<extends>standardTestType</extends>
<valid_sections>notes, object, data</valid_sections>
<example></example>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:standardTestType">
<xsd:sequence>
<xsd:element name="object" minOccurs="1" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:objectType">
<xsd:sequence>
<xsd:element name="path" type="macos:componentType" minOccurs="1" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Specifies the absolute path to a file on the machine. This path can be created from multiple components that are added together. When a pattern match operator is used, the corresponding regular expression is matched against the set of absolute path strings. These string would not include the '.' and '..' notations. This means that a '.*' component of a regular expression will not only match all files in the specified directories, but all subdirectories, their subdirectories, etc.</xsd:documentation>
<xsd:appinfo>
<parent_test>XML File Content Test</parent_test>
<cardinality>1</cardinality>
<content>none</content>
<valid_datatypes>component</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="xpath" type="oval:subtestStringType" minOccurs="1" maxOccurs="1" nillable="true">
<xsd:annotation>
<xsd:documentation>Specifies an Xpath expression describing the nodes to look at.</xsd:documentation>
<xsd:appinfo>
<parent_test>XML File Content Test</parent_test>
<cardinality>1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<xsd:element name="data" minOccurs="0" maxOccurs="1">
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval:dataType">
<xsd:sequence>
<xsd:element name="value_of" type="oval:subtestStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The value element checks the value of the nodes found. How this is used is entirely controlled by operator attributes.</xsd:documentation>
<xsd:appinfo>
<parent_test>XML File Content Test</parent_test>
<cardinality>0-1</cardinality>
<content>string</content>
<valid_datatypes>string</valid_datatypes>
<valid_operators>equals, not equal, pattern match</valid_operators>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- =============================================================================== -->
<!-- =============================================================================== -->
<xsd:complexType name="componentType">
<xsd:annotation>
<xsd:documentation>The componentType allows a value to be obtained by combining pieces from different sources. Each string defined by the different component elements is concatenated together to form the final string used. Each child component element has an attribute called type. The value of this attribute determines where to get the string used to build the file path. A type of literal means to use the value of the child component element as is, and to just concatenated it to the other strings. If a pattern match operator has been specified with a componentType, then the final string should be thought of as the pattern to test. As of Version 4 of the OVAL schema, pattern match can not be specified for the idividual components.</xsd:documentation>
<xsd:appinfo>
<extends>oval:subtestBaseType</extends>
<attributes>(includes oval:subtestAttributes)</attributes>
<content>none</content>
<child_elements>component</child_elements>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexContent>
<xsd:extension base="oval:subtestBaseType">
<xsd:sequence>
<xsd:element name="component" minOccurs="1" maxOccurs="unbounded">
<xsd:complexType>
<xsd:simpleContent>
<xsd:extension base="xsd:string">
<xsd:attribute name="type" use="required">
<xsd:simpleType>
<xsd:restriction base="xsd:string">
<xsd:enumeration value="environment_variable"/>
<xsd:enumeration value="group_homedirs"/>
<xsd:enumeration value="literal"/>
<xsd:enumeration value="user_homedirs"/>
</xsd:restriction>
</xsd:simpleType>
</xsd:attribute>
</xsd:extension>
</xsd:simpleContent>
</xsd:complexType>
</xsd:element>
</xsd:sequence>
<xsd:attribute name="recurse" default="NONE">
<xsd:annotation>
<xsd:documentation>Defines how to recurse into the PATH element. Default is 'NONE' for no recursion, other options define if the recursion examines files only, directories only, or both.</xsd:documentation>
</xsd:annotation>
<xsd:simpleType>
<xsd:restriction base="xsd:string">
<xsd:enumeration value="NONE"/>
<xsd:enumeration value="FILES"/>
<xsd:enumeration value="DIRECTORIES"/>
<xsd:enumeration value="FILE_AND_DIRECTORIES"/>
</xsd:restriction>
</xsd:simpleType>
</xsd:attribute>
<xsd:attribute name="maxdepth" default="-1">
<xsd:annotation>
<xsd:documentation>
Defines the maximum depth to traverse to during recursion. Default is '-1', meaning 'no limitation'. A value of 0 is equivalent to no recursion, 1 means to step only one directory level down, and so on. These values (0+) are equivalent to the command line 'find' command.
</xsd:documentation>
</xsd:annotation>
<xsd:simpleType>
<xsd:restriction base="xsd:integer">
<xsd:fractionDigits value="0"></xsd:fractionDigits>
</xsd:restriction>
</xsd:simpleType>
</xsd:attribute>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
<!-- =============================================================================== -->
<!-- =============================================================================== -->
<!-- =============================================================================== -->
<xsd:element name="platform" substitutionGroup="oval:platformBase">
<xsd:annotation>
<xsd:documentation>The valid platforms for the Mac OS X family.</xsd:documentation>
</xsd:annotation>
<xsd:simpleType>
<xsd:restriction base="xsd:string">
<xsd:enumeration value="Apple Mac OS X 10.3"/>
</xsd:restriction>
</xsd:simpleType>
</xsd:element>
</xsd:schema>
|
XSD Schema Code: