This repository has been archived by the owner on Oct 2, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 36
/
unix-system-characteristics-schema.xsd
1600 lines (1599 loc) · 119 KB
/
unix-system-characteristics-schema.xsd
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
<?xml version="1.0" encoding="utf-8"?>
<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:oval-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" xmlns:oval="http://oval.mitre.org/XMLSchema/oval-common-5" xmlns:unix-sc="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#unix" xmlns:sch="http://purl.oclc.org/dsdl/schematron" targetNamespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#unix" elementFormDefault="qualified" version="5.10.1">
<xsd:import namespace="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5" schemaLocation="oval-system-characteristics-schema.xsd"/>
<xsd:annotation>
<xsd:documentation>The following is a description of the elements, types, and attributes that compose the UNIX specific system characteristic items found in Open Vulnerability and Assessment Language (OVAL). Each item is an extension of the standard item element defined in the Core System Characteristic Schema. Through extension, each item inherits a set of elements and attributes that are shared amongst all OVAL Items. Each item is described in detail and should provide the information necessary to understand what each element and attribute represents. This document is intended for developers and assumes some familiarity with XML. A high level description of the interaction between the different tests and their relationship to the Core System Characteristic Schema is not outlined here.</xsd:documentation>
<xsd:documentation>The OVAL Schema is maintained by The MITRE Corporation and developed by the public OVAL Community. For more information, including how to get involved in the project and how to submit change requests, please visit the OVAL website at http://oval.mitre.org.</xsd:documentation>
<xsd:appinfo>
<schema>UNIX System Characteristics</schema>
<version>5.10.1</version>
<date>1/27/2012 1:22:32 PM</date>
<terms_of_use>Copyright (c) 2002-2012, The MITRE Corporation. All rights reserved. The contents of this file are subject to the terms of the OVAL License located at http://oval.mitre.org/oval/about/termsofuse.html. See the OVAL License for the specific language governing permissions and limitations for use of this schema. When distributing copies of the OVAL Schema, this license header must be included.</terms_of_use>
<sch:ns prefix="oval-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5"/>
<sch:ns prefix="unix-sc" uri="http://oval.mitre.org/XMLSchema/oval-system-characteristics-5#unix"/>
<sch:ns prefix="xsi" uri="http://www.w3.org/2001/XMLSchema-instance"/>
</xsd:appinfo>
</xsd:annotation>
<!-- =============================================================================== -->
<!-- ============================= DNS CACHE ITEM ================================ -->
<!-- =============================================================================== -->
<xsd:element name="dnscache_item" substitutionGroup="oval-sc:item">
<xsd:annotation>
<xsd:documentation>The dnscache_item stores information retrieved from the DNS cache about a domain name, its time to live, and its corresponding IP addresses.</xsd:documentation>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval-sc:ItemType">
<xsd:sequence>
<xsd:element name="domain_name" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The domain_name element contains a string that represents a domain name that was collected from the DNS cache on the local system.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="ttl" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The ttl element contains an integer that represents the time to live in seconds of the DNS cache entry.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="ip_address" type="oval-sc:EntityItemIPAddressStringType" minOccurs="0" maxOccurs="unbounded">
<xsd:annotation>
<xsd:documentation>The ip_address element contains a string that represents an IP address associated with the specified domain name. Note that the IP address can be IPv4 or IPv6.</xsd:documentation>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- ================================= FILE ITEM ================================ -->
<!-- =============================================================================== -->
<xsd:element name="file_item" substitutionGroup="oval-sc:item">
<xsd:annotation>
<xsd:documentation>The file item holds information about the individual files found on a system. Each file item contains path and filename information as well as its type, associated user and group ids, relevant dates, and the privialeges granted. It extends the standard ItemType as defined in the oval-system-characteristics schema and one should refer to the ItemType description for more information.</xsd:documentation>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval-sc:ItemType">
<xsd:sequence>
<xsd:element name="filepath" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The filepath element specifies the absolute path for a file on the machine. A directory cannot be specified as a filepath.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="path" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The path element specifies the directory component of the absolute path to a file on the machine.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="filename" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1" nillable="true">
<xsd:annotation>
<xsd:documentation>The name of the file. If the xsi:nil attribute is set to true, then the item being represented is the higher directory represented by the path entity.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="type" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the file's type: regular file (regular), directory, named pipe (fifo), symbolic link, socket or block special.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="group_id" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the group owner of the file, by group number.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="user_id" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The numeric user id, or uid, is the third column of each user's entry in /etc/passwd. This element represents the owner of the file.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="a_time" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the time that the file was last accessed, in seconds since the UNIX epoch. The UNIX epoch is the time 00:00:00 UTC on January 1, 1970.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="c_time" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the time of the last change to the file's inode, in seconds since the UNIX epoch. The UNIX epoch is the time 00:00:00 UTC on January 1, 1970. An inode is a UNIX data structure that stores all of the information about a particular file.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="m_time" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the time of the last change to the file's contents, in seconds since the UNIX epoch. The UNIX epoch is the time 00:00:00 UTC on January 1, 1970.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="size" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the size of the file in bytes.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="suid" type="oval-sc:EntityItemBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Does the program run with the uid (thus privileges) of the file's owner, rather than the calling user?</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="sgid" type="oval-sc:EntityItemBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Does the program run with the gid (thus privileges) of the file's group owner, rather than the calling user's group?</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="sticky" type="oval-sc:EntityItemBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Can users delete each other's files in this directory, when said directory is writable by those users?</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="uread" type="oval-sc:EntityItemBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Can the owner (user owner) of the file read this file or, if a directory, read the directory contents?</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="uwrite" type="oval-sc:EntityItemBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Can the owner (user owner) of the file write to this file or, if a directory, write to the directory?</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="uexec" type="oval-sc:EntityItemBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Can the owner (user owner) of the file execute it or, if a directory, change into the directory?</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="gread" type="oval-sc:EntityItemBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Can the group owner of the file read this file or, if a directory, read the directory contents?</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="gwrite" type="oval-sc:EntityItemBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Can the group owner of the file write to this file, or if a directory, write to the directory?</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="gexec" type="oval-sc:EntityItemBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Can the group owner of the file execute it or, if a directory, change into the directory?</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="oread" type="oval-sc:EntityItemBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Can all other users read this file or, if a directory, read the directory contents?</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="owrite" type="oval-sc:EntityItemBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Can the other users write to this file, or if a directory, write to the directory?</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="oexec" type="oval-sc:EntityItemBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Can the other users execute this file or, if a directory, change into the directory?</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="has_extended_acl" type="oval-sc:EntityItemBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Does the file or directory have ACL permissions applied to it? If the file or directory doesn't have an ACL, or it matches the standard UNIX permissions, the value will be 'false'. Otherwise, if a file or directory has an ACL, the value will be 'true'. If the system does not support ACLs, the status will be 'does not exist' and if the system supports ACLs, the status will be 'exists'.</xsd:documentation>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- ========================= FILE EXTENDED ATTRIBUTE ITEM ===================== -->
<!-- =============================================================================== -->
<xsd:element name="fileextendedattribute_item" substitutionGroup="oval-sc:item">
<xsd:annotation>
<xsd:documentation>The file extended attribute item holds information about the individual file extended attributes found on a system. Each file extended attribute item contains path, filename, and attribute name information as well as the attribute's value. It extends the standard ItemType as defined in the oval-system-characteristics schema and one should refer to the ItemType description for more information.</xsd:documentation>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval-sc:ItemType">
<xsd:sequence>
<xsd:element name="filepath" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The filepath element specifies the absolute path for a file on the machine. A directory cannot be specified as a filepath.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="path" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The path element specifies the directory component of the absolute path to a file on the machine.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="filename" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1" nillable="true">
<xsd:annotation>
<xsd:documentation>The name of the file. If the xsi:nil attribute is set to true, then the item being represented is the higher directory represented by the path entity.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="attribute_name" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the extended attribute's name, identifier or key.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="value" type="oval-sc:EntityItemAnySimpleType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the extended attribute's value or contents.</xsd:documentation>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- ================================== GCONF ITEM ============================== -->
<!-- =============================================================================== -->
<xsd:element name="gconf_item" substitutionGroup="oval-sc:item">
<xsd:annotation>
<xsd:documentation>The gconf_item holds information about an individual GConf preference key found on a system. Each gconf_item contains a preference key, source, type, whether it's writable, the user who last modified it, the time it was last modified, whether it's the default value, as well as the preference key's value. It extends the standard ItemType as defined in the oval-system-characteristics schema and one should refer to the ItemType description for more information.</xsd:documentation>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval-sc:ItemType">
<xsd:sequence>
<xsd:element name="key" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The preference key to check.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="source" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1" nillable="true">
<xsd:annotation>
<xsd:documentation>The source used to look up the preference key.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="type" type="unix-sc:EntityItemGconfTypeType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The type of the preference key.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="is_writable" type="oval-sc:EntityItemBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Is the preference key writable? If true, the preference key is writable. If false, the preference key is not writable.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="mod_user" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The user who last modified the preference key.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="mod_time" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The time the preference key was last modified in seconds since the UNIX epoch. The UNIX epoch is the time 00:00:00 UTC on January 1, 1970.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="is_default" type="oval-sc:EntityItemBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Is the preference key value the default value. If true, the preference key value is the default value. If false, the preference key value is not the default value.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="value" type="oval-sc:EntityItemAnySimpleType" minOccurs="0" maxOccurs="unbounded">
<xsd:annotation>
<xsd:documentation>The value of the preference key.</xsd:documentation>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- ================================ INETD ITEM ================================= -->
<!-- =============================================================================== -->
<xsd:element name="inetd_item" substitutionGroup="oval-sc:item">
<xsd:annotation>
<xsd:documentation>The inetd item holds information associated with different Internet services. It extends the standard ItemType as defined in the oval-system-characteristics schema and one should refer to the ItemType description for more information.</xsd:documentation>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval-sc:ItemType">
<xsd:sequence>
<xsd:element name="protocol" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>A recognized protocol listed in the file /etc/inet/protocols.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="service_name" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The name of a valid service listed in the services file. For RPC services, the value of the service-name field consists of the RPC service name or program number, followed by a '/' (slash) and either a version number or a range of version numbers (for example, rstatd/2-4).</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="server_program" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Either the pathname of a server program to be invoked by inetd to perform the requested service, or the value internal if inetd itself provides the service.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="server_arguments" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation/>
</xsd:annotation>
</xsd:element>
<xsd:element name="endpoint_type" type="unix-sc:EntityItemEndpointType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation/>
</xsd:annotation>
</xsd:element>
<xsd:element name="exec_as_user" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation/>
</xsd:annotation>
</xsd:element>
<xsd:element name="wait_status" type="unix-sc:EntityItemWaitStatusType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This field has values wait or nowait. This entry specifies whether the server that is invoked by inetd will take over the listening socket associated with the service, and whether once launched, inetd will wait for that server to exit, if ever, before it resumes listening for new service requests.</xsd:documentation>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- ============================== INTERFACE ITEM =============================== -->
<!-- =============================================================================== -->
<xsd:element name="interface_item" substitutionGroup="oval-sc:item">
<xsd:annotation>
<xsd:documentation>The interface item holds information about the interfaces on a system. Each interface item contains name and address information as well as any associated flags. It extends the standard ItemType as defined in the oval-system-characteristics schema and one should refer to the ItemType description for more information.</xsd:documentation>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval-sc:ItemType">
<xsd:sequence>
<xsd:element name="name" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The name entity is the actual name of the specific interface. Examples might be eth0, eth1, fwo, etc.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="type" type="unix-sc:EntityItemInterfaceType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This element specifies the type of interface.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="hardware_addr" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The hardware_addr entity is the hardware or MAC address of the physical network card. MAC addresses should be formatted according to the IEEE 802-2001 standard which states that a MAC address is a sequence of six octet values, separated by hyphens, where each octet is represented by two hexadecimal digits. Uppercase letters should also be used to represent the hexadecimal digits A through F.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="inet_addr" type="oval-sc:EntityItemIPAddressStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The inet_addr entity is the IP address of the specific interface. Note that the IP address can be IPv4 or IPv6. If the IP address is an IPv6 address, this entity should be expressed as an IPv6 address prefix using CIDR notation and the netmask entity should not be collected.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="broadcast_addr" type="oval-sc:EntityItemIPAddressStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The broadcast_addr entity is the broadcast IP address for this interface's network. Note that the IP address can be IPv4 or IPv6.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="netmask" type="oval-sc:EntityItemIPAddressStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the bitmask used to calculate the interface's IP network. The network number is calculated by bitwise-ANDing this with the IP address. The host number on that network is calculated by bitwise-XORing this with the IP address. Note that if the inet_addr entity contains an IPv6 address prefix, this entity should not be collected.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="flag" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="unbounded">
<xsd:annotation>
<xsd:documentation>This is the interface flag line, which generally contains flags like "UP" to denote an active interface, "PROMISC" to note that the interface is listening for Ethernet frames not specifically addressed to it, and others.</xsd:documentation>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- =============================== PASSWORD ITEM =============================== -->
<!-- =============================================================================== -->
<xsd:element name="password_item" substitutionGroup="oval-sc:item">
<xsd:annotation>
<xsd:documentation>/etc/passwd. See passwd(4).</xsd:documentation>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval-sc:ItemType">
<xsd:sequence>
<xsd:element name="username" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the name of the user for which data was gathered.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="password" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the encrypted version of the user's password.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="user_id" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The numeric user id, or uid, is the third column of each user's entry in /etc/passwd.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="group_id" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The id of the primary UNIX group the user belongs to.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="gcos" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The GECOS (or GCOS) field from /etc/passwd; typically contains the user's full name.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="home_dir" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The user's home directory.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="login_shell" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The user's shell program.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="last_login" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The date and time when the last login occurred. This value is stored as the number of seconds that have elapsed since 00:00:00, January 1, 1970, UTC.</xsd:documentation>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- =============================== PROCESS ITEM ================================ -->
<!-- =============================================================================== -->
<xsd:element name="process_item" substitutionGroup="oval-sc:item">
<xsd:annotation>
<xsd:documentation>Output of /usr/bin/ps. See ps(1).</xsd:documentation>
<xsd:appinfo>
<oval:deprecated_info>
<oval:version>5.8</oval:version>
<oval:reason>The process_item has been deprecated and replaced by the process58_item. The entity 'command' was changed to 'command_line' in the process58_item to accurately describe what information is collected. Please see the process58_item for additional information.</oval:reason>
</oval:deprecated_info>
<sch:pattern id="unix-sc_processitem_dep">
<sch:rule context="unix-sc:process_item">
<sch:report test="true()">DEPRECATED ITEM: <sch:value-of select="name()"/> ID: <sch:value-of select="@id"/></sch:report>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval-sc:ItemType">
<xsd:sequence>
<xsd:element name="command" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This specifies the command/program name about which data has has been collected.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="exec_time" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the cumulative CPU time, formatted in [DD-]HH:MM:SS where DD is the number of days when execution time is 24 hours or more.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="pid" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the process ID of the process.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="ppid" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the process ID of the process's parent process.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="priority" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the scheduling priority with which the process runs. This can be adjusted with the nice command or nice() system call.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="ruid" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the real user id which represents the user who has created the process.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="scheduling_class" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>A platform specific characteristic maintained by the scheduler: RT (real-time), TS (timeshare), FF (fifo), SYS (system), etc.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="start_time" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the time of day the process started formatted in HH:MM:SS if the same day the process started or formatted as MMM_DD (Ex.: Feb_5) if process started the previous day or further in the past.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="tty" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the TTY on which the process was started, if applicable.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="user_id" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the effective user id which represents the actual privileges of the process.</xsd:documentation>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- ============================= PROCESS ITEM (58) ============================== -->
<!-- =============================================================================== -->
<xsd:element name="process58_item" substitutionGroup="oval-sc:item">
<xsd:annotation>
<xsd:documentation>Output of /usr/bin/ps. See ps(1).</xsd:documentation>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval-sc:ItemType">
<xsd:sequence>
<xsd:element name="command_line" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the string used to start the process. This includes any parameters that are part of the command line.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="exec_time" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the cumulative CPU time, formatted in [DD-]HH:MM:SS where DD is the number of days when execution time is 24 hours or more.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="pid" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the process ID of the process.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="ppid" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the process ID of the process's parent process.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="priority" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the scheduling priority with which the process runs. This can be adjusted with the nice command or nice() system call.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="ruid" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the real user id which represents the user who has created the process.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="scheduling_class" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>A platform specific characteristic maintained by the scheduler: RT (real-time), TS (timeshare), FF (fifo), SYS (system), etc.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="start_time" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the time of day the process started formatted in HH:MM:SS if the same day the process started or formatted as MMM_DD (Ex.: Feb_5) if process started the previous day or further in the past.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="tty" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the TTY on which the process was started, if applicable.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="user_id" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the effective user id which represents the actual privileges of the process.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="exec_shield" type="oval-sc:EntityItemBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>A boolean that when true would indicates that ExecShield is enabled for the process.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="loginuid" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The loginuid shows which account a user gained access to the system with. The /proc/XXXX/loginuid shows this value.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="posix_capability" type="unix-sc:EntityItemCapabilityType" minOccurs="0" maxOccurs="unbounded">
<xsd:annotation>
<xsd:documentation>An effective capability associated with the process. See linux/include/linux/capability.h for more information.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="selinux_domain_label" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="unbounded">
<xsd:annotation>
<xsd:documentation>An selinux domain label associated with the process.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="session_id" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The session ID of the process.</xsd:documentation>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- ============================== ROUTING TABLE ITEM ========================== -->
<!-- =============================================================================== -->
<xsd:element name="routingtable_item" substitutionGroup="oval-sc:item">
<xsd:annotation>
<xsd:documentation>The routingtable_item holds information about an individual routing table entry found in a system's primary routing table. Each routingtable_item contains a destination IP address, gateway, netmask, flags, and the name of the interface associated with it. It is important to note that only numerical addresses will be collected and that their symbolic representations will not be resolved. This equivalent to using the '-n' option with route(8) or netstat(8). It extends the standard ItemType as defined in the oval-system-characteristics schema and one should refer to the ItemType description for more information.</xsd:documentation>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval-sc:ItemType">
<xsd:sequence>
<xsd:element name="destination" type="oval-sc:EntityItemIPAddressType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The destination IP address prefix of the routing table entry. This is the destination IP address and netmask/prefix-length expressed using CIDR notation.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="gateway" type="oval-sc:EntityItemIPAddressType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The gateway of the specified routing table entry.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="flags" type="unix-sc:EntityItemRoutingTableFlagsType" minOccurs="0" maxOccurs="unbounded">
<xsd:annotation>
<xsd:documentation>The flags associated with the specified routing table entry.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="interface_name" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The name of the interface associated with the routing table entry.</xsd:documentation>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- =============================== RUNLEVEL ITEM =============================== -->
<!-- =============================================================================== -->
<xsd:element name="runlevel_item" substitutionGroup="oval-sc:item">
<xsd:annotation>
<xsd:documentation>The runlevel item holds information about the start or kill state of a specified service at a given runlevel. Each runlevel item contains service name and runlevel information as well as start and kill information. It extends the standard ItemType as defined in the oval-system-characteristics schema and one should refer to the ItemType description for more information.</xsd:documentation>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval-sc:ItemType">
<xsd:sequence>
<xsd:element name="service_name" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The service_name entity is the actual name of the specific service.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="runlevel" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The runlevel entity specifies the system runlevel associated with a service.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="start" type="oval-sc:EntityItemBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The start entity specifies whether the service is scheduled to start at the runlevel.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="kill" type="oval-sc:EntityItemBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The kill entity specifies whether the service is scheduled to be killed at the runlevel.</xsd:documentation>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- ================================= SCCS ITEM ================================= -->
<!-- =============================================================================== -->
<xsd:element name="sccs_item" substitutionGroup="oval-sc:item">
<xsd:annotation>
<xsd:documentation/>
<xsd:appinfo>
<oval:deprecated_info>
<oval:version>5.10</oval:version>
<oval:reason>The sccs_item has been deprecated because the Source Code Control System (SCCS) is obsolete. The sccs_item may be removed in a future version of the language.</oval:reason>
</oval:deprecated_info>
<sch:pattern id="unix-sc_sccsitem_dep">
<sch:rule context="unix-sc:sccs_item">
<sch:report test="true()">DEPRECATED ITEM: <sch:value-of select="name()"/> ID: <sch:value-of select="@id"/></sch:report>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval-sc:ItemType">
<xsd:sequence>
<xsd:element name="filepath" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Specifies the absolute path to an SCCS file. A directory cannot be specified as a filepath.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="path" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The path element specifies the directory component of the absolute path to an SCCS file.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="filename" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The name of an SCCS file.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="module_name" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation/>
</xsd:annotation>
</xsd:element>
<xsd:element name="module_type" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation/>
</xsd:annotation>
</xsd:element>
<xsd:element name="release" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation/>
</xsd:annotation>
</xsd:element>
<xsd:element name="level" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation/>
</xsd:annotation>
</xsd:element>
<xsd:element name="branch" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation/>
</xsd:annotation>
</xsd:element>
<xsd:element name="sequence" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation/>
</xsd:annotation>
</xsd:element>
<xsd:element name="what_string" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation/>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- ============================= SHADOW ITEM =================================== -->
<!-- =============================================================================== -->
<xsd:element name="shadow_item" substitutionGroup="oval-sc:item">
<xsd:annotation>
<xsd:documentation>/etc/shadow. See shadow(4).</xsd:documentation>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval-sc:ItemType">
<xsd:sequence>
<xsd:element name="username" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the name of the user for which data was gathered.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="password" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the encrypted version of the user's password.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="chg_lst" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is the date of the last password change in days since 1/1/1970.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="chg_allow" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This specifies how often in days a user may change their password. It can also be thought of as the minimum age of a password.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="chg_req" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This describes how long a user can keep a password before the system forces her to change it.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="exp_warn" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This describes how long before password expiration the system begins warning the user. The system will warn the user at each login.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="exp_inact" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This describes how many days of account inactivity the system will wait after a password expires before locking the account? This window, usually only set to a few days, gives users who are logging in very seldomly a bit of extra time to receive the password expiration warning and change their password.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="exp_date" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This specifies when will the account's password expire, in days since 1/1/1970.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="flag" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This is a reserved field that the shadow file may use in the future.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="encrypt_method" type="unix-sc:EntityItemEncryptMethodType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The encrypt_method entity describes method that is used for hashing passwords.</xsd:documentation>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- =============================== SYSCTL ITEM ================================= -->
<!-- =============================================================================== -->
<xsd:element name="sysctl_item" substitutionGroup="oval-sc:item">
<xsd:annotation>
<xsd:documentation>The sysctl_item stores information retrieved from the local system about a kernel parameter and its respective value(s).</xsd:documentation>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval-sc:ItemType">
<xsd:sequence>
<xsd:element name="name" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The name element contains a string that represents the name of a kernel parameter that was collected from the local system.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="value" type="oval-sc:EntityItemAnySimpleType" minOccurs="0" maxOccurs="unbounded">
<xsd:annotation>
<xsd:documentation>The value element contains a string that represents the current value(s) for the specified kernel parameter on the local system.</xsd:documentation>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- ============================= UNAME ITEM ==================================== -->
<!-- =============================================================================== -->
<xsd:element name="uname_item" substitutionGroup="oval-sc:item">
<xsd:annotation>
<xsd:documentation>Information about the hardware the machine is running on. This information is the parsed equivalent of uname -a.</xsd:documentation>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval-sc:ItemType">
<xsd:sequence>
<xsd:element name="machine_class" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This entity specifies the machine hardware name. This corresponds to the command uname -m.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="node_name" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This entity specifies the host name. This corresponds to the command uname -n.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="os_name" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This entity specifies the operating system name. This corresponds to the command uname -s.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="os_release" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This entity specifies the build version. This corresponds to the command uname -r.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="os_version" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This entity specifies the operating system version. This corresponds to the command uname -v.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="processor_type" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This entity specifies the processor type. This corresponds to the command uname -p.</xsd:documentation>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- ================================ XINETD ITEM ================================ -->
<!-- =============================================================================== -->
<xsd:element name="xinetd_item" substitutionGroup="oval-sc:item">
<xsd:annotation>
<xsd:documentation>The xinetd item holds information associated with different Internet services. It extends the standard ItemType as defined in the oval-system-characteristics schema and one should refer to the ItemType description for more information.</xsd:documentation>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval-sc:ItemType">
<xsd:sequence>
<xsd:element name="protocol" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The protocol entity specifies the protocol that is used by the service. The list of valid protocols can be found in /etc/protocols.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="service_name" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The service_name entity specifies the name of the service.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="flags" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="unbounded">
<xsd:annotation>
<xsd:documentation>The flags entity specifies miscellaneous settings associated with the service.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="no_access" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="unbounded">
<xsd:annotation>
<xsd:documentation>The no_access entity specifies the remote hosts to which the service is unavailable. Please see the xinetd.conf(5) man page for information on the different formats that can be used to describe a host.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="only_from" type="oval-sc:EntityItemIPAddressStringType" minOccurs="0" maxOccurs="unbounded">
<xsd:annotation>
<xsd:documentation>The only_from entity specifies the remote hosts to which the service is available. Please see the xinetd.conf(5) man page for information on the different formats that can be used to describe a host.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="port" type="oval-sc:EntityItemIntType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The port entity specifies the port used by the service.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="server" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The server entity specifies the executable that is used to launch the service.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="server_arguments" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The server_arguments entity specifies the arguments that are passed to the executable when launching the service.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="socket_type" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The socket_type entity specifies the type of socket that is used by the service. Possible values include: stream, dgram, raw, or seqpacket.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="type" type="unix-sc:EntityItemXinetdTypeStatusType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The type entity specifies the type of the service.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="user" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The user entity specifies the user identifier of the process that is running the service. The user identifier may be expressed as a numerical value or as a user name that exists in /etc/passwd.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="wait" type="oval-sc:EntityItemBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The wait entity specifies whether or not the service is single-threaded or multi-threaded and whether or not xinetd accepts the connection or the service accepts the connection. A value of 'true' indicates that the service is single-threaded and the service will accept the connection. A value of 'false' indicates that the service is multi-threaded and xinetd will accept the connection.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="disabled" type="oval-sc:EntityItemBoolType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The disabled entity specifies whether or not the service is disabled. A value of 'true' indicates that the service is disabled and will not start. A value of 'false' indicates that the service is not disabled.</xsd:documentation>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
<!-- =============================================================================== -->
<!-- =============================================================================== -->
<!-- =============================================================================== -->
<xsd:complexType name="EntityItemCapabilityType">
<xsd:annotation>
<xsd:documentation>The EntityItemCapabilityType complex type restricts a string value to a specific set of values that describe POSIX capability types associated with a process service. This list is based off the values defined in linux/include/linux/capability.h. Documentation on each allowed value can be found in capability.h. The empty string is also allowed to support empty elements associated with error conditions.</xsd:documentation>
</xsd:annotation>
<xsd:simpleContent>
<xsd:restriction base="oval-sc:EntityItemStringType">
<xsd:enumeration value="CAP_CHOWN">
<xsd:annotation>
<xsd:documentation></xsd:documentation>
</xsd:annotation>
</xsd:enumeration>
<xsd:enumeration value="CAP_DAC_OVERRIDE">
<xsd:annotation>
<xsd:documentation></xsd:documentation>
</xsd:annotation>
</xsd:enumeration>
<xsd:enumeration value="CAP_DAC_READ_SEARCH">
<xsd:annotation>
<xsd:documentation></xsd:documentation>
</xsd:annotation>
</xsd:enumeration>
<xsd:enumeration value="CAP_FOWNER">
<xsd:annotation>
<xsd:documentation></xsd:documentation>
</xsd:annotation>
</xsd:enumeration>
<xsd:enumeration value="CAP_FSETID">