111 lines
5.2 KiB
XML
111 lines
5.2 KiB
XML
<?xml version="1.0" encoding="UTF-8" ?>
|
|
<xs:schema targetNamespace="http://schema.xml.r00t2.io/unix.xsd"
|
|
xmlns="http://schema.xml.r00t2.io/unix.xsd"
|
|
xmlns:unix="http://schema.xml.r00t2.io/unix.xsd"
|
|
xmlns:xs="http://www.w3.org/2001/XMLSchema"
|
|
elementFormDefault="qualified"
|
|
attributeFormDefault="qualified">
|
|
|
|
<xs:import schemaLocation="http://schema.xml.r00t2.io/std.xsd"/>
|
|
|
|
<xs:simpleType name="t_filepath">
|
|
<xs:restriction base="xs:string">
|
|
<xs:pattern value="(/[^/]+)+/?"/>
|
|
</xs:restriction>
|
|
</xs:simpleType>
|
|
|
|
<xs:complexType name="t_nixpass">
|
|
<xs:choice minOccurs="1" maxOccurs="1">
|
|
<xs:element name="passwordPlain">
|
|
<xs:complexType>
|
|
<xs:simpleContent>
|
|
<xs:extension base="xs:string">
|
|
<xs:attribute name="hashType" use="optional" default="sha512"
|
|
type="linux:t_passwd_hashtypes"/>
|
|
<xs:attribute name="rounds" use="optional" default="5000" type="xs:positiveInteger"/>
|
|
</xs:extension>
|
|
</xs:simpleContent>
|
|
</xs:complexType>
|
|
</xs:element>
|
|
<xs:element name="passwordHash">
|
|
<xs:complexType>
|
|
<xs:simpleContent>
|
|
<xs:extension base="unix:t_shadowhash">
|
|
<xs:attribute name="hashType" use="optional" default="md5" type="unix:t_passwd_hashtypes"/>
|
|
</xs:extension>
|
|
</xs:simpleContent>
|
|
</xs:complexType>
|
|
</xs:element>
|
|
</xs:choice>
|
|
<xs:attribute name="locked" use="optional" default="false" type="xs:boolean"/>
|
|
</xs:complexType>
|
|
|
|
<xs:simpleType name="t_passwd_hashtypes">
|
|
<xs:restriction base="xs:string">
|
|
<xs:enumeration value="md5"/>
|
|
</xs:restriction>
|
|
</xs:simpleType>
|
|
|
|
<xs:simpleType name="t_posixUserGroup">
|
|
<!-- https://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap03.html#tag_03_437
|
|
https://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap03.html#tag_03_282
|
|
https://unix.stackexchange.com/a/435120/284004 -->
|
|
<xs:restriction base="xs:token">
|
|
<xs:pattern value="[a-z_]([a-z0-9_-]{0,31}|[a-z0-9_-]{0,30}$)"/>
|
|
<xs:whiteSpace value="collapse"/>
|
|
</xs:restriction>
|
|
</xs:simpleType>
|
|
|
|
<xs:simpleType name="t_shadowhash">
|
|
<!-- http://man7.org/linux/man-pages/man3/crypt.3.html#NOTES -->
|
|
<xs:restriction base="xs:token">
|
|
<xs:pattern value="($1)?($[a-zA-Z0-9./]{1,16})$[a-zA-Z0-9./]{22}"/><!-- md5 -->
|
|
<xs:whiteSpace value="collapse"/>
|
|
</xs:restriction>
|
|
</xs:simpleType>
|
|
|
|
<xs:complexType name="t_user">
|
|
<xs:sequence>
|
|
<xs:element name="password" minOccurs="0" maxOccurs="1" type="unix:t_nixpass"/>
|
|
<xs:element name="xGroup" minOccurs="0" maxOccurs="unbounded">
|
|
<xs:complexType>
|
|
<xs:attribute name="name" type="unix:t_posixUserGroup"
|
|
use="required"/>
|
|
<xs:attribute name="create" type="xs:boolean" use="optional"
|
|
default="false"/>
|
|
<xs:attribute name="gid" type="xs:positiveInteger"
|
|
use="optional"/>
|
|
</xs:complexType>
|
|
<xs:unique name="uniq_grp">
|
|
<xs:selector xpath="unix:xGroup"/>
|
|
<xs:field xpath="@name"/>
|
|
</xs:unique>
|
|
</xs:element>
|
|
</xs:sequence>
|
|
<xs:attribute name="name" type="unix:t_posixUserGroup" use="required"/>
|
|
<xs:attribute name="home" type="unix:t_filepath" use="optional"/>
|
|
<xs:attribute name="uid" type="xs:positiveInteger" use="optional"/>
|
|
<xs:attribute name="group" type="unix:t_posixUserGroup" use="optional"/>
|
|
<xs:attribute name="gid" type="xs:positiveInteger" use="optional"/>
|
|
<xs:attribute name="comment" type="std:t_nonempty" use="optional"/>
|
|
<xs:attribute name="sudo" type="xs:boolean" use="optional"
|
|
default="false"/>
|
|
<xs:attribute name="sudoPassword" type="xs:boolean" use="optional"
|
|
default="true"/>
|
|
<xs:attribute name="shell" type="unix:t_filepath" use="optional"
|
|
default="/bin/bash"/>
|
|
<!-- TODO: change the positiveIntegers to xs:duration? or union? -->
|
|
<!-- Might be pointless since the smallest increment is 1 day in
|
|
shadow(5). -->
|
|
<xs:attribute name="minAge" type="xs:positiveInteger" use="optional"/>
|
|
<xs:attribute name="maxAge" type="xs:positiveInteger" use="optional"/>
|
|
<xs:attribute name="warnDays" type="xs:positiveInteger"
|
|
use="optional"/>
|
|
<xs:attribute name="inactiveDays" type="xs:positiveInteger"
|
|
use="optional"/>
|
|
<xs:attribute name="expireDate" type="std:t_epoch_or_iso"
|
|
use="optional"/>
|
|
</xs:complexType>
|
|
|
|
</xs:schema>
|