r00t2/xml
1
0
Fork 0
Code Issues Pull Requests Projects Releases Activity

progress...

Browse Source
This commit is contained in:
brent s. 2019-12-08 01:42:33 -05:00
parent 495242a792
commit 134baa75c9
6 changed files with 482 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

230
schema/aif.xsd
View File

@ -2,6 +2,11 @@
<xs:schema targetNamespace="http://schema.xml.r00t2.io/aif.xsd" <xs:schema targetNamespace="http://schema.xml.r00t2.io/aif.xsd"
xmlns="http://schema.xml.r00t2.io/aif.xsd" xmlns="http://schema.xml.r00t2.io/aif.xsd"
xmlns:aif="http://schema.xml.r00t2.io/aif.xsd" xmlns:aif="http://schema.xml.r00t2.io/aif.xsd"
xmlns:linux="http://schema.xml.r00t2.io/linux.xsd"
xmlns:net="http://schema.xml.r00t2.io/net.xsd"
xmlns:std="http://schema.xml.r00t2.io/std.xsd"
xmlns:sys="http://schema.xml.r00t2.io/sys.xsd"
xmlns:unix="http://schema.xml.r00t2.io/unix.xsd"
xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xs="http://www.w3.org/2001/XMLSchema"
elementFormDefault="qualified" elementFormDefault="qualified"
attributeFormDefault="qualified"> attributeFormDefault="qualified">
@ -13,5 +18,230 @@
</xs:restriction> </xs:restriction>
</xs:simpleType> </xs:simpleType>


<xs:simpleType name="t_iface_name">
<xs:union memberTypes="linux:t_iface_name">
<xs:simpleType>
<xs:restriction>
<xs:enumeration value="auto"/>
</xs:restriction>
</xs:simpleType>
</xs:union>
</xs:simpleType>

<xs:simpleType name="t_auto_ip6">
<xs:union memberTypes="net:t_auto_ip6">
<xs:simpleType>
<xs:restriction>
<xs:enumeration value="false"/>
<xs:enumeration value="none"/>
<xs:enumeration value="0"/>
</xs:restriction>
</xs:simpleType>
</xs:union>
</xs:simpleType>

<xs:simpleType name="t_netproto">
<xs:union memberTypes="net:t_netproto">
<xs:simpleType>
<xs:restriction>
<xs:enumeration value="both"/>
</xs:restriction>
</xs:simpleType>
</xs:union>
</xs:simpleType>

<xs:simpleType name="t_dhcp_clients">
<!-- Only valid for netctl. AIF-NG uses the internal daemons for systemd-networkd and NM. -->
<xs:restriction base="xs:string">
<xs:enumeration value="dhcpcd"/>
<xs:enumeration value="dhclient"/>
</xs:restriction>
</xs:simpleType>

<xs:simpleType name="t_netprov">
<xs:restriction base="xs:token">
<xs:enumeration value="netctl"/>
<xs:enumeration value="nm"/>
<xs:enumeration value="networkd"/>
<xs:whiteSpace value="collapse"/>
</xs:restriction>
</xs:simpleType>

<xs:complexType name="t_iface">
<xs:sequence>
<xs:choice maxOccurs="unbounded">
<xs:element name="addresses" minOccurs="0" maxOccurs="1">
<xs:complexType>
<xs:sequence>
<xs:choice minOccurs="1" maxOccurs="unbounded">
<xs:element name="ipv4">
<xs:complexType>
<xs:sequence>
<xs:element name="address" minOccurs="0" maxOccurs="unbounded">
<xs:complexType>
<xs:simpleContent>
<xs:extension base="net:t_qualified_addr_ip4">
<xs:attribute name="gateway"
type="net:t_addr_ip4"
use="optional"/>
</xs:extension>
</xs:simpleContent>
</xs:complexType>
</xs:element>
</xs:sequence>
<xs:attribute name="auto" type="xs:boolean" use="optional" default="true"/>
</xs:complexType>
<xs:unique name="uniq_ipv4_addr">
<xs:selector xpath="aif:address"/>
<xs:field xpath="."/>
</xs:unique>
</xs:element>
<xs:element name="ipv6">
<xs:complexType>
<xs:sequence>
<xs:element name="address" minOccurs="0" maxOccurs="unbounded">
<xs:complexType>
<xs:simpleContent>
<xs:extension base="net:t_qualified_addr_ip6">
<xs:attribute name="gateway"
type="net:t_addr_ip6"
use="optional"/>
</xs:extension>
</xs:simpleContent>
</xs:complexType>
</xs:element>
</xs:sequence>
<xs:attribute name="auto" type="aif:t_auto_ip6"
use="optional" default="slaac"/>
</xs:complexType>
<xs:unique name="uniq_ipv6_addr">
<xs:selector xpath="aif:address"/>
<xs:field xpath="."/>
</xs:unique>
</xs:element>
</xs:choice>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="resolvers" minOccurs="0" maxOccurs="1">
<xs:complexType>
<xs:sequence minOccurs="1" maxOccurs="unbounded">
<xs:choice minOccurs="1" maxOccurs="unbounded">
<xs:element name="resolver" minOccurs="1" maxOccurs="unbounded"
type="net:t_both_addr"/>
<xs:element name="ipv4" minOccurs="0" maxOccurs="1">
<xs:complexType>
<xs:attribute name="auto" type="xs:boolean"
use="required"/>
</xs:complexType>
</xs:element>
<xs:element name="ipv6" minOccurs="0" maxOccurs="1">
<xs:complexType>
<xs:attribute name="auto" type="xs:boolean"
use="required"/>
</xs:complexType>
</xs:element>
</xs:choice>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="routes" minOccurs="0" maxOccurs="1">
<xs:complexType>
<xs:sequence minOccurs="1" maxOccurs="unbounded">
<xs:choice minOccurs="1" maxOccurs="unbounded">
<xs:element name="ipv4">
<xs:complexType>
<xs:sequence>
<xs:element name="route" minOccurs="0" maxOccurs="unbounded">
<xs:complexType>
<xs:simpleContent>
<xs:extension base="net:t_qualified_addr_ip4">
<xs:attribute name="gateway"
type="net:t_addr_ip4"
use="required"/>
</xs:extension>
</xs:simpleContent>
</xs:complexType>
</xs:element>
</xs:sequence>
<xs:attribute name="auto" type="xs:boolean" use="optional" default="true"/>
</xs:complexType>
<xs:unique name="uniq_ipv4_route">
<xs:selector xpath="aif:route"/>
<xs:field xpath="."/>
</xs:unique>
</xs:element>
<xs:element name="ipv6">
<xs:complexType>
<xs:sequence>
<xs:element name="address" minOccurs="0" maxOccurs="unbounded">
<xs:complexType>
<xs:simpleContent>
<xs:extension base="net:t_qualified_addr_ip6">
<xs:attribute name="gateway"
type="net:t_addr_ip6"
use="required"/>
</xs:extension>
</xs:simpleContent>
</xs:complexType>
</xs:element>
</xs:sequence>
<!-- DHCPv6 does not have an option to send routes,
so you need to use RAs. -->
<!-- See https://www.isc.org/blogs/routing-configuration-over-dhcpv6-2/
for more information. -->
<!-- https://datatracker.ietf.org/doc/draft-ietf-mif-dhcpv6-route-option/
expired. Shame, that. -->
<xs:attribute name="auto" type="xs:boolean" use="optional" default="true"/>
</xs:complexType>
<xs:unique name="uniq_ipv6_route">
<xs:selector xpath="aif:route"/>
<xs:field xpath="."/>
</xs:unique>
</xs:element>
</xs:choice>
</xs:sequence>
</xs:complexType>
</xs:element>
</xs:choice>
</xs:sequence>
<xs:attribute name="id" type="xs:ID" use="required"/>
<xs:attribute name="device" type="aif:t_iface_name" use="required"/>
<xs:attribute name="defroute" type="xs:boolean" use="optional" default="false"/>
<xs:attribute name="searchDomain" type="std:t_nonempty" use="optional"/>
</xs:complexType>

<xs:complexType name="t_iface_wifi">
<xs:complexContent>
<xs:extension base="aif:t_iface">
<xs:sequence>
<xs:element name="encryption" type="net:t_wifi_crypto" minOccurs="0" maxOccurs="1"/>
</xs:sequence>
<!-- TODO: SSID needs to support unicode chars in both XML(/XSD type=?) and program -->
<xs:attribute name="essid" type="xs:string" use="required"/>
<xs:attribute name="bssid" type="net:t_mac_addr" use="optional"/>
<xs:attribute name="hidden" type="xs:boolean" use="optional" default="false"/>
</xs:extension>
</xs:complexContent>
</xs:complexType>

<xs:simpleType name="t_pacuri">
<!-- xs:anyURI is too permissive. -->
<!-- <xs:restriction base="xs:anyURI"> -->
<xs:restriction base="xs:token">
<xs:pattern value="(file|https?)://.+"/>
<xs:whiteSpace value="collapse"/>
</xs:restriction>
</xs:simpleType>

<xs:simpleType name="t_passwd_hashtypes_detect">
<xs:union memberTypes="linux:t_passwd_hashtypes">
<xs:simpleType>
<xs:restriction>
<xs:enumeration value="(detect)"/>
</xs:restriction>
</xs:simpleType>
</xs:union>
</xs:simpleType>


</xs:schema> </xs:schema>

36
schema/bsd.xml Normal file
View File

@ -0,0 +1,36 @@
<?xml version="1.0" encoding="UTF-8" ?>
<xs:schema targetNamespace="http://schema.xml.r00t2.io/linux.xsd"
xmlns="http://schema.xml.r00t2.io/bsd.xsd"
xmlns:bsd="http://schema.xml.r00t2.io/bsd.xsd"
xmlns:linux="http://schema.xml.r00t2.io/linux.xsd"
xmlns:std="http://schema.xml.r00t2.io/std.xsd"
xmlns:unix="http://schema.xml.r00t2.io/unix.xsd"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
elementFormDefault="qualified"
attributeFormDefault="qualified">

<xs:simpleType name="t_passwd_hashtypes">
<xs:union memberTypes="linux:t_passwd_hashtypes">
<xs:simpleType>
<xs:restriction>
<!-- <xs:enumeration value="des"/> -->
<!-- bcrypt/blowfish are the same. -->
<xs:enumeration value="bcrypt"/>
<xs:enumeration value="blowfish"/>
</xs:restriction>
</xs:simpleType>
</xs:union>
</xs:simpleType>

<xs:simpleType name="t_shadowhash">
<xs:union memberTypes="linux:t_shadowhash">
<xs:simpleType>
<xs:restriction>
<!-- Blowfish/bcrypt -->
<xs:pattern value="($2[abxy]?)?($[0-9]+)$[a-zA-Z0-9./]{53}"/>
</xs:restriction>
</xs:simpleType>
</xs:union>
</xs:simpleType>

</xs:schema>

84
schema/linux.xsd
View File

@ -2,11 +2,20 @@
<xs:schema targetNamespace="http://schema.xml.r00t2.io/linux.xsd" <xs:schema targetNamespace="http://schema.xml.r00t2.io/linux.xsd"
xmlns="http://schema.xml.r00t2.io/linux.xsd" xmlns="http://schema.xml.r00t2.io/linux.xsd"
xmlns:linux="http://schema.xml.r00t2.io/linux.xsd" xmlns:linux="http://schema.xml.r00t2.io/linux.xsd"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:std="http://schema.xml.r00t2.io/std.xsd" xmlns:std="http://schema.xml.r00t2.io/std.xsd"
xmlns:unix="http://schema.xml.r00t2.io/unix.xsd"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
elementFormDefault="qualified" elementFormDefault="qualified"
attributeFormDefault="qualified"> attributeFormDefault="qualified">


<xs:simpleType name="t_console_pageformats">
<xs:restriction base="xs:positiveInteger">
<xs:enumeration value="8"/>
<xs:enumeration value="14"/>
<xs:enumeration value="16"/>
</xs:restriction>
</xs:simpleType>

<xs:simpleType name="t_diskdev"> <xs:simpleType name="t_diskdev">
<xs:restriction base="xs:string"> <xs:restriction base="xs:string">
<xs:pattern value="(/dev/([A-Za-z0-9_]+/)?[A-Za-z0-9_]+[0-9]?|auto)"/> <xs:pattern value="(/dev/([A-Za-z0-9_]+/)?[A-Za-z0-9_]+[0-9]?|auto)"/>
@ -14,24 +23,6 @@
</xs:restriction> </xs:restriction>
</xs:simpleType> </xs:simpleType>


<xs:simpleType name="t_lvsize">
<!-- If no suffix is provided, program should assume the size is in *extents*. -->
<xs:restriction base="xs:string">
<xs:pattern value="\s*([0-9]+)\s*(%|((k|Ki)|[MGTPEZY]i?)?B?|)\s*"/>
<xs:whiteSpace value="collapse"/>
</xs:restriction>
</xs:simpleType>

<xs:simpleType name="t_pesize">
<!-- This is *basically* t_lvsize except we don't allow percentages. -->
<!-- If no suffix is provided, we assume the size is in sectors
UNLESS it's "0", which means use the default (which I *think* is dynamically generated). -->
<xs:restriction base="xs:string">
<xs:pattern value="\s*([0-9]+)\s*(((k|Ki)|[MGTPEZY]i?)?B?|)\s*"/>
<xs:whiteSpace value="collapse"/>
</xs:restriction>
</xs:simpleType>

<xs:simpleType name="t_fstype"> <xs:simpleType name="t_fstype">
<xs:union memberTypes="std:t_UUID4"> <xs:union memberTypes="std:t_UUID4">
<xs:simpleType> <xs:simpleType>
@ -83,6 +74,24 @@
</xs:union> </xs:union>
</xs:simpleType> </xs:simpleType>


<xs:simpleType name="t_iface_name">
<xs:restriction base="xs:token">
<!-- https://github.com/systemd/systemd/blob/master/src/udev/udev-builtin-net_id.c.
I have no idea if this will work. TODO: simplify, validate in-code. -->
<xs:pattern
value="((en|sl|wl|ww)(b[0-9]+|c[a-z0-9]|o[0-9]+(n.*(d.*)?)?|s[0-9]+(f.*)?([nd].*)?|x([A-Fa-f0-9]:){5}[A-Fa-f0-9]|(P.*)?p[0-9]+s[0-9]+(([fnd].*)|u.*)?))"/>
<xs:whiteSpace value="collapse"/>
</xs:restriction>
</xs:simpleType>

<xs:simpleType name="t_lvsize">
<!-- If no suffix is provided, program should assume the size is in *extents*. -->
<xs:restriction base="xs:string">
<xs:pattern value="\s*([0-9]+)\s*(%|((k|Ki)|[MGTPEZY]i?)?B?|)\s*"/>
<xs:whiteSpace value="collapse"/>
</xs:restriction>
</xs:simpleType>

<xs:simpleType name="t_part_flags"> <xs:simpleType name="t_part_flags">
<xs:union> <xs:union>
<xs:simpleType> <xs:simpleType>
@ -136,4 +145,41 @@
</xs:union> </xs:union>
</xs:simpleType> </xs:simpleType>


<xs:simpleType name="t_passwd_hashtypes">
<xs:union memberTypes="unix:t_passwd_hashtypes">
<xs:simpleType>
<xs:restriction>
<!-- Unsupported in glibc. libxcrypt (https://github.com/besser82/libxcrypt/) has additional support. -->
<!-- bcrypt/blowfish are the same. -->
<!-- <xs:enumeration value="bcrypt"/> -->
<!-- <xs:enumeration value="blowfish"/> -->
<!-- <xs:enumeration value="scrypt"/> -->
<xs:enumeration value="sha256"/>
<xs:enumeration value="sha512"/>
</xs:restriction>
</xs:simpleType>
</xs:union>
</xs:simpleType>

<xs:simpleType name="t_pesize">
<!-- This is *basically* t_lvsize except we don't allow percentages. -->
<!-- If no suffix is provided, we assume the size is in sectors
UNLESS it's "0", which means use the default (which I *think* is dynamically generated). -->
<xs:restriction base="xs:string">
<xs:pattern value="\s*([0-9]+)\s*(((k|Ki)|[MGTPEZY]i?)?B?|)\s*"/>
<xs:whiteSpace value="collapse"/>
</xs:restriction>
</xs:simpleType>

<xs:simpleType name="t_shadowhash">
<xs:union memberTypes="unix:t_shadowhash">
<xs:simpleType>
<xs:restriction>
<xs:pattern value="($5)?($[a-zA-Z0-9./]{1,16})$[a-zA-Z0-9./]{43}"/><!-- sha256 -->
<xs:pattern value="($6)?($[a-zA-Z0-9./]{1,16})$[a-zA-Z0-9./]{86}"/><!-- sha512 -->
</xs:restriction>
</xs:simpleType>
</xs:union>
</xs:simpleType>

</xs:schema> </xs:schema>

113
schema/net.xsd
View File

@ -5,4 +5,117 @@
xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xs="http://www.w3.org/2001/XMLSchema"
elementFormDefault="qualified" elementFormDefault="qualified"
attributeFormDefault="qualified"> attributeFormDefault="qualified">

<xs:simpleType name="t_qualified_addr_ip4">
<!-- This is a REALLY LAZY regex. Matching IPv4 in regex is ugly as heck, so we do that in-code.
This is just a gatekeeper. -->
<xs:restriction base="xs:string">
<xs:pattern value="[0-9.]{7,15}/[0-9]{1,2}"/>
<xs:whiteSpace value="collapse"/>
</xs:restriction>
</xs:simpleType>

<xs:simpleType name="t_addr_ip4">
<xs:restriction base="xs:string">
<!-- This is a REALLY LAZY regex. Matching IPv4 in regex is ugly as heck, so we do that in-code.
This is just a gatekeeper. -->
<xs:pattern value="[0-9.]{7,15}"/>
<xs:whiteSpace value="collapse"/>
</xs:restriction>
</xs:simpleType>

<xs:simpleType name="t_qualified_addr_ip6">
<!-- This is a REALLY LAZY regex. Matching IPv6 in regex is ugly as heck, so we do that in-code.
This is just a gatekeeper. -->
<xs:restriction base="xs:string">
<xs:pattern value="[A-Za-z0-9:]+/[0-9]{1,3}"/>
<xs:whiteSpace value="collapse"/>
</xs:restriction>
</xs:simpleType>

<xs:simpleType name="t_addr_ip6">
<xs:restriction base="xs:string">
<!-- This is a REALLY LAZY regex. Matching IPv6 in regex is ugly as heck, so we do that in-code.
This is just a gatekeeper. -->
<xs:pattern value="[A-Za-z0-9:]+"/>
<xs:whiteSpace value="collapse"/>
</xs:restriction>
</xs:simpleType>

<xs:simpleType name="t_both_qualified_addr">
<xs:union memberTypes="net:t_qualified_addr_ip4 net:t_qualified_addr_ip6"/>
</xs:simpleType>

<xs:simpleType name="t_both_addr">
<xs:union memberTypes="net:t_addr_ip4 net:t_addr_ip6"/>
</xs:simpleType>

<xs:simpleType name="t_auto_ip6">
<xs:restriction base="xs:string">
<xs:enumeration value="slaac"/>
<xs:enumeration value="dhcp6"/>
</xs:restriction>
</xs:simpleType>

<xs:simpleType name="t_mac_addr">
<xs:restriction base="xs:token">
<!-- EUI48[RFC7043§3] (previously MAC48[RFC7042§2.1]) -->
<xs:pattern value="([A-Fa-f0-9]{2}[:-]?){5}[A-Fa-f0-9]{2}"/>
<!-- EUI64[RFC7043§4, RFC4291§2.5.1] -->
<xs:pattern value="([A-Fa-f0-9]{2}[:-]?){3}[Ff]{3}[FfEe][:-]?([A-Fa-f0-9]{2}[:-]?){2}[A-Fa-f0-9]{2}"/>
<xs:pattern value="([A-Fa-f0-9]{2}[:-]?){3}[A-Fa-f0-9]{4}[:-]?([A-Fa-f0-9]{2}[:-]?){2}[A-Fa-f0-9]{2}"/>
<xs:whiteSpace value="collapse"/>
</xs:restriction>
</xs:simpleType>

<!-- TODO: "enterprise" WPA2 (add'l details)?
WPA3?
EAP,
eduroam (https://github.com/rst0git/netctl-eduroam-config/blob/master/eduroam), etc. -->
<!-- wep64, wep128, wpa-psk:tkip, wpa-psk:aes, wpa2-psk:tkip, wpa2-psk:aes, wpa2-psk:tkip/aes -->
<xs:complexType name="t_wifi_crypto">
<xs:all>
<xs:element name="type" minOccurs="1" maxOccurs="1" default="wpa2">
<xs:simpleType>
<xs:restriction base="xs:token">
<!-- <xs:enumeration value="wep"/> -->
<xs:enumeration value="wpa"/>
<xs:enumeration value="wpa2"/>
<!-- <xs:enumeration value="wpa3"/> -->
<xs:whiteSpace value="collapse"/>
</xs:restriction>
</xs:simpleType>
</xs:element>
<!-- Only valid for WPA/WPA2 (and maybe WPA3 once supported?) -->
<xs:element name="creds" minOccurs="1" maxOccurs="1">
<xs:complexType>
<xs:choice minOccurs="1" maxOccurs="1">
<!-- "personal" -->
<xs:element name="psk">
<xs:complexType>
<xs:simpleContent>
<xs:extension base="xs:string">
<!-- A key can be generated via "wpa_passphrase <ssid> <passphrase>" -->
<!-- or via genPSK.py in extras/ -->
<xs:attribute name="isKey" type="xs:boolean" use="optional" default="false"/>
</xs:extension>
</xs:simpleContent>
</xs:complexType>
</xs:element>
<!-- TODO -->
<!-- <xs:element name="enterprise"></xs:element> -->
</xs:choice>
</xs:complexType>
</xs:element>
</xs:all>
</xs:complexType>

<xs:simpleType name="t_netproto">
<xs:restriction base="xs:token">
<xs:enumeration value="ipv4"/>
<xs:enumeration value="ipv6"/>
<xs:whiteSpace value="collapse"/>
</xs:restriction>
</xs:simpleType>

</xs:schema> </xs:schema>

13
schema/std.xsd
View File

@ -13,4 +13,17 @@
</xs:restriction> </xs:restriction>
</xs:simpleType> </xs:simpleType>


<xs:simpleType name="t_nonempty">
<xs:restriction base="xs:token">
<xs:minLength value="1"/>
</xs:restriction>
</xs:simpleType>

<xs:simpleType name="t_uri">
<xs:restriction base="xs:anyURI">
<xs:pattern value="(https?|ftps?|file)://.+"/>
<xs:whiteSpace value="collapse"/>
</xs:restriction>
</xs:simpleType>

</xs:schema> </xs:schema>

25
schema/unix.xsd
View File

@ -5,4 +5,29 @@
xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xs="http://www.w3.org/2001/XMLSchema"
elementFormDefault="qualified" elementFormDefault="qualified"
attributeFormDefault="qualified"> attributeFormDefault="qualified">

<xs:simpleType name="t_posixUserGroup">
<!-- https://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap03.html#tag_03_437
https://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap03.html#tag_03_282
https://unix.stackexchange.com/a/435120/284004 -->
<xs:restriction base="xs:token">
<xs:pattern value="[a-z_]([a-z0-9_-]{0,31}|[a-z0-9_-]{0,30}$)"/>
<xs:whiteSpace value="collapse"/>
</xs:restriction>
</xs:simpleType>

<xs:simpleType name="t_passwd_hashtypes">
<xs:restriction base="xs:string">
<xs:enumeration value="md5"/>
</xs:restriction>
</xs:simpleType>

<xs:simpleType name="t_shadowhash">
<!-- http://man7.org/linux/man-pages/man3/crypt.3.html#NOTES -->
<xs:restriction base="xs:token">
<xs:pattern value="($1)?($[a-zA-Z0-9./]{1,16})$[a-zA-Z0-9./]{22}"/><!-- md5 -->
<xs:whiteSpace value="collapse"/>
</xs:restriction>
</xs:simpleType>

</xs:schema> </xs:schema>