iface naming tweaks

This commit is contained in:
brent s. 2020-05-13 13:42:44 -04:00
parent 0be3cfc386
commit 36991914d9
Signed by: bts
GPG Key ID: 8C004C2F93481F6B

View File

@ -3,449 +3,456 @@
elementFormDefault="qualified"
attributeFormDefault="unqualified">

<xs:include schemaLocation="./std.xsd"/>
<xs:include schemaLocation="./sys.xsd"/>
<xs:include schemaLocation="./unix.xsd"/>
<xs:include schemaLocation="./std.xsd"/>
<xs:include schemaLocation="./sys.xsd"/>
<xs:include schemaLocation="./unix.xsd"/>

<xs:simpleType name="t_linux_console_pageformats">
<xs:restriction base="xs:positiveInteger">
<xs:enumeration value="8"/>
<xs:enumeration value="14"/>
<xs:enumeration value="16"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="t_linux_console_pageformats">
<xs:restriction base="xs:positiveInteger">
<xs:enumeration value="8"/>
<xs:enumeration value="14"/>
<xs:enumeration value="16"/>
</xs:restriction>
</xs:simpleType>

<xs:simpleType name="t_linux_diskdev">
<xs:restriction base="xs:string">
<!-- TODO: is "auto" okay here? -->
<xs:pattern value="\s*(/dev/([A-Za-z0-9_]+/)?[A-Za-z0-9_]+[0-9]?|auto)\s*"/>
<xs:whiteSpace value="collapse"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="t_linux_diskdev">
<xs:restriction base="xs:string">
<!-- TODO: is "auto" okay here? -->
<xs:pattern value="\s*(/dev/([A-Za-z0-9_]+/)?[A-Za-z0-9_]+[0-9]?|auto)\s*"/>
<xs:whiteSpace value="collapse"/>
</xs:restriction>
</xs:simpleType>

<xs:simpleType name="t_linux_disksize">
<xs:restriction base="xs:string">
<xs:pattern value="\s*[-|+]?\s*([0-9]+)\s*(%|((k|Ki)|[MGTPEZY]i?)?B?|)\s*"/>
<xs:whiteSpace value="collapse"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType name="t_linux_disksize">
<xs:restriction base="xs:string">
<xs:pattern value="\s*[-|+]?\s*([0-9]+)\s*(%|((k|Ki)|[MGTPEZY]i?)?B?|)\s*"/>
<xs:whiteSpace value="collapse"/>
</xs:restriction>
</xs:simpleType>

<xs:simpleType name="t_linux_fstype">
<xs:union memberTypes="t_std_UUID4">
<xs:simpleType>
<!-- parted names -->
<!-- https://en.wikipedia.org/wiki/GUID_Partition_Table#Partition_type_GUIDs -->
<!-- ', '.join(sorted(list(dict(vars(parted.filesystem))['fileSystemType'].keys()))) -->
<xs:restriction base="xs:token">
<xs:enumeration value="affs0"/>
<xs:enumeration value="affs1"/>
<xs:enumeration value="affs2"/>
<xs:enumeration value="affs3"/>
<xs:enumeration value="affs4"/>
<xs:enumeration value="affs5"/>
<xs:enumeration value="affs6"/>
<xs:enumeration value="affs7"/>
<xs:enumeration value="amufs"/>
<xs:enumeration value="amufs0"/>
<xs:enumeration value="amufs1"/>
<xs:enumeration value="amufs2"/>
<xs:enumeration value="amufs3"/>
<xs:enumeration value="amufs4"/>
<xs:enumeration value="amufs5"/>
<xs:enumeration value="apfs1"/>
<xs:enumeration value="apfs2"/>
<xs:enumeration value="asfs"/>
<xs:enumeration value="btrfs"/>
<xs:enumeration value="ext2"/>
<xs:enumeration value="ext3"/>
<xs:enumeration value="ext4"/>
<xs:enumeration value="fat16"/>
<xs:enumeration value="fat32"/>
<xs:enumeration value="hfs"/>
<xs:enumeration value="hfs+"/>
<xs:enumeration value="hfsx"/>
<xs:enumeration value="hp-ufs"/>
<xs:enumeration value="jfs"/>
<xs:enumeration value="linux-swap(v0)"/>
<xs:enumeration value="linux-swap(v1)"/>
<xs:enumeration value="nilfs2"/>
<xs:enumeration value="ntfs"/>
<xs:enumeration value="reiserfs"/>
<xs:enumeration value="sun-ufs"/>
<xs:enumeration value="swsusp"/>
<xs:enumeration value="udf"/>
<xs:enumeration value="xfs"/>
<xs:whiteSpace value="collapse"/>
</xs:restriction>
</xs:simpleType>
</xs:union>
</xs:simpleType>

<xs:simpleType name="t_linux_iface_name">
<xs:simpleType name="t_linux_fstype">
<xs:union memberTypes="t_std_UUID4">
<xs:simpleType>
<!-- parted names -->
<!-- https://en.wikipedia.org/wiki/GUID_Partition_Table#Partition_type_GUIDs -->
<!-- ', '.join(sorted(list(dict(vars(parted.filesystem))['fileSystemType'].keys()))) -->
<xs:restriction base="xs:token">
<!-- I have no idea if this will work. TODO: simplify, validate in-code. -->
<!--
"New" predictable iface naming.
https://github.com/systemd/systemd/blob/master/src/udev/udev-builtin-net_id.c.
-->
<xs:pattern
value="((en|sl|wl|ww)(b[0-9]+|c[a-z0-9]|o[0-9]+(n.*(d.*)?)?|s[0-9]+(f.*)?([nd].*)?|x([A-Fa-f0-9]:){5}[A-Fa-f0-9]|(P.*)?p[0-9]+s[0-9]+(([fnd].*)|u.*)?))"/>
<!--
Legacy naming.
-->
<xs:pattern value="(eth|wl(an)?)[0-9]*"/>
<xs:whiteSpace value="collapse"/>
<xs:enumeration value="affs0"/>
<xs:enumeration value="affs1"/>
<xs:enumeration value="affs2"/>
<xs:enumeration value="affs3"/>
<xs:enumeration value="affs4"/>
<xs:enumeration value="affs5"/>
<xs:enumeration value="affs6"/>
<xs:enumeration value="affs7"/>
<xs:enumeration value="amufs"/>
<xs:enumeration value="amufs0"/>
<xs:enumeration value="amufs1"/>
<xs:enumeration value="amufs2"/>
<xs:enumeration value="amufs3"/>
<xs:enumeration value="amufs4"/>
<xs:enumeration value="amufs5"/>
<xs:enumeration value="apfs1"/>
<xs:enumeration value="apfs2"/>
<xs:enumeration value="asfs"/>
<xs:enumeration value="btrfs"/>
<xs:enumeration value="ext2"/>
<xs:enumeration value="ext3"/>
<xs:enumeration value="ext4"/>
<xs:enumeration value="fat16"/>
<xs:enumeration value="fat32"/>
<xs:enumeration value="hfs"/>
<xs:enumeration value="hfs+"/>
<xs:enumeration value="hfsx"/>
<xs:enumeration value="hp-ufs"/>
<xs:enumeration value="jfs"/>
<xs:enumeration value="linux-swap(v0)"/>
<xs:enumeration value="linux-swap(v1)"/>
<xs:enumeration value="nilfs2"/>
<xs:enumeration value="ntfs"/>
<xs:enumeration value="reiserfs"/>
<xs:enumeration value="sun-ufs"/>
<xs:enumeration value="swsusp"/>
<xs:enumeration value="udf"/>
<xs:enumeration value="xfs"/>
<xs:whiteSpace value="collapse"/>
</xs:restriction>
</xs:simpleType>
</xs:simpleType>
</xs:union>
</xs:simpleType>

<xs:complexType name="t_linux_luks">
<xs:sequence>
<!-- TODO: add support for custom flags/opts? -->
<xs:element name="luksDev" minOccurs="1" maxOccurs="unbounded">
<xs:complexType>
<xs:sequence>
<xs:element name="secrets" minOccurs="1" maxOccurs="10" type="t_linux_luks_secrets"/>
</xs:sequence>
<xs:attribute name="id" type="xs:ID" use="required"/>
<xs:attribute name="name" type="t_std_nonempty" use="required"/>
<xs:attribute name="source" type="xs:IDREF" use="required"/>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>
<xs:simpleType name="t_linux_iface_name">
<xs:union memberTypes="t_linux_iface_name_legacy t_linux_iface_name_predictable"/>
</xs:simpleType>

<xs:complexType name="t_linux_luks_secrets">
<xs:sequence minOccurs="1" maxOccurs="unbounded">
<xs:element name="passphrase" minOccurs="0" maxOccurs="unbounded" type="t_std_nonempty"/>
<!-- TODO: support URI to *read* bytes from? -->
<xs:element name="keyFile" minOccurs="0" maxOccurs="unbounded">
<xs:complexType>
<xs:simpleContent>
<xs:extension base="t_unix_filepath">
<xs:attribute name="size" type="xs:positiveInteger" use="optional"/>
</xs:extension>
</xs:simpleContent>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>
<xs:simpleType name="t_linux_iface_name_legacy">
<xs:restriction base="xs:token">
<xs:pattern value="(eth|wl(an)?)[0-9]*"/>
<xs:whiteSpace value="collapse"/>
</xs:restriction>
</xs:simpleType>

<xs:complexType name="t_linux_lvm">
<xs:sequence>
<xs:element name="volumeGroup" minOccurs="1" maxOccurs="unbounded">
<xs:complexType>
<xs:all>
<xs:element name="physicalVolumes" minOccurs="1" maxOccurs="1">
<xs:complexType>
<xs:sequence>
<xs:element name="pv" minOccurs="1" maxOccurs="unbounded" type="t_linux_lvm_pv"/>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="logicalVolumes" minOccurs="1" maxOccurs="1" type="t_linux_lvm_lv"/>
</xs:all>
<xs:attribute name="id" type="xs:ID" use="required"/>
<xs:attribute name="name" type="t_std_nonempty" use="required"/>
<xs:attribute name="extentSize" type="t_linux_pesize" use="optional" default="0"/>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>
<xs:simpleType name="t_linux_iface_name_predictable">
<!-- I have no idea if this will work. You'll probably want to validate in-code. -->
<!--
"New" predictable iface naming.
https://github.com/systemd/systemd/blob/master/src/udev/udev-builtin-net_id.c.
-->
<xs:restriction base="xs:token">
<xs:pattern
value="((en|sl|wl|ww)(b[0-9]+|c[a-z0-9]|o[0-9]+(n.*(d.*)?)?|s[0-9]+(f.*)?([nd].*)?|x([A-Fa-f0-9]:){5}[A-Fa-f0-9]|(P.*)?p[0-9]+s[0-9]+(([fnd].*)|u.*)?))"/>
<xs:whiteSpace value="collapse"/>
</xs:restriction>
</xs:simpleType>

<xs:complexType name="t_linux_lvm_lv">
<xs:sequence>
<xs:element name="lv" minOccurs="1" maxOccurs="unbounded">
<xs:complexType>
<xs:sequence minOccurs="0" maxOccurs="unbounded">
<xs:element name="pvMember" minOccurs="1" maxOccurs="unbounded">
<xs:complexType>
<xs:attribute name="source" use="required" type="xs:IDREF"/>
</xs:complexType>
</xs:element>
</xs:sequence>
<xs:attribute name="id" type="xs:ID" use="required"/>
<xs:attribute name="name" type="t_std_nonempty" use="required"/>
<xs:attribute name="size" type="t_linux_lvsize" use="required"/>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>
<xs:complexType name="t_linux_luks">
<xs:sequence>
<!-- TODO: add support for custom flags/opts? -->
<xs:element name="luksDev" minOccurs="1" maxOccurs="unbounded">
<xs:complexType>
<xs:sequence>
<xs:element name="secrets" minOccurs="1" maxOccurs="10" type="t_linux_luks_secrets"/>
</xs:sequence>
<xs:attribute name="id" type="xs:ID" use="required"/>
<xs:attribute name="name" type="t_std_nonempty" use="required"/>
<xs:attribute name="source" type="xs:IDREF" use="required"/>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>

<xs:complexType name="t_linux_lvm_pv">
<xs:attribute name="id" type="xs:ID" use="required"/>
<xs:attribute name="source" type="xs:IDREF" use="required"/>
</xs:complexType>

<xs:simpleType name="t_linux_lvsize">
<!-- If no suffix is provided, program should assume the size is in *extents*. -->
<xs:restriction base="xs:string">
<xs:pattern value="\s*([0-9]+)\s*(%|((k|Ki)|[MGTPEZY]i?)?B?|)\s*"/>
<xs:whiteSpace value="collapse"/>
</xs:restriction>
</xs:simpleType>

<xs:complexType name="t_linux_mdadm">
<xs:sequence minOccurs="1" maxOccurs="unbounded">
<xs:element name="array" minOccurs="1" maxOccurs="unbounded">
<xs:complexType>
<xs:sequence minOccurs="1" maxOccurs="unbounded">
<xs:element name="member" minOccurs="1" maxOccurs="unbounded">
<xs:complexType>
<xs:attribute name="source" type="xs:IDREF" use="required"/>
</xs:complexType>
</xs:element>
</xs:sequence>
<xs:attribute name="id" use="required" type="xs:ID"/>
<xs:attribute name="name" use="required" type="t_std_nonempty"/>
<xs:attribute name="meta" use="optional" default="1.2" type="t_linux_raid_meta"/>
<xs:attribute name="level" use="required" type="t_linux_raid_levels"/>
<!-- KB *only*. -->
<!-- Can be pretty important!
https://www.zdnet.com/article/chunks-the-hidden-key-to-raid-performance/ -->
<xs:attribute name="chunkSize" use="optional" type="xs:positiveInteger" default="512"/>
<xs:attribute name="layout" use="optional" type="t_linux_raid_layout" default="none"/>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>

<xs:simpleType name="t_linux_mountpath">
<xs:union memberTypes="t_unix_filepath">
<xs:simpleType>
<xs:restriction base="xs:string">
<xs:enumeration value="swap"/>
</xs:restriction>
</xs:simpleType>
</xs:union>
</xs:simpleType>

<xs:complexType name="t_linux_mounts">
<xs:sequence minOccurs="1" maxOccurs="unbounded">
<xs:element name="mount" minOccurs="1" maxOccurs="unbounded">
<xs:complexType>
<xs:sequence minOccurs="0" maxOccurs="unbounded">
<xs:element name="opt" minOccurs="1" maxOccurs="unbounded" type="t_std_cmdopts"/>
</xs:sequence>
<xs:attribute name="source" type="xs:IDREF" use="required"/>
<xs:attribute name="target" type="t_linux_mountpath" use="required"/>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>

<xs:complexType name="t_linux_nixpass">
<xs:choice minOccurs="1" maxOccurs="1">
<xs:element name="passwordPlain">
<xs:complexType>
<xs:simpleContent>
<xs:extension base="xs:string">
<xs:attribute name="hashType" use="optional" default="sha512"
type="t_linux_passwd_hashtypes"/>
<xs:attribute name="rounds" use="optional" default="5000" type="xs:positiveInteger"/>
</xs:extension>
</xs:simpleContent>
</xs:complexType>
</xs:element>
<xs:element name="passwordHash">
<xs:complexType>
<xs:simpleContent>
<xs:extension base="t_linux_shadowhash">
<xs:attribute name="hashType" use="optional" default="(detect)"
type="t_linux_passwd_hashtypes_detect"/>
</xs:extension>
</xs:simpleContent>
</xs:complexType>
</xs:element>
</xs:choice>
<xs:attribute name="locked" use="optional" default="false" type="xs:boolean"/>
</xs:complexType>

<xs:complexType name="t_linux_package">
<xs:simpleContent>
<xs:extension base="t_std_nonempty">
<xs:attribute name="repo" type="t_std_nonempty" use="optional"/>
<xs:complexType name="t_linux_luks_secrets">
<xs:sequence minOccurs="1" maxOccurs="unbounded">
<xs:element name="passphrase" minOccurs="0" maxOccurs="unbounded" type="t_std_nonempty"/>
<!-- TODO: support URI to *read* bytes from? -->
<xs:element name="keyFile" minOccurs="0" maxOccurs="unbounded">
<xs:complexType>
<xs:simpleContent>
<xs:extension base="t_unix_filepath">
<xs:attribute name="size" type="xs:positiveInteger" use="optional"/>
</xs:extension>
</xs:simpleContent>
</xs:complexType>
</xs:simpleContent>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>

<xs:simpleType name="t_linux_part_flags">
<xs:union>
<xs:simpleType>
<!-- parted.partition.partitionFlag -->
<xs:restriction base="xs:string">
<xs:enumeration value="atvrecv"/>
<xs:enumeration value="bios_grub"/>
<xs:enumeration value="boot"/>
<xs:enumeration value="diag"/>
<xs:enumeration value="esp"/>
<xs:enumeration value="hidden"/>
<xs:enumeration value="hp-service"/>
<xs:enumeration value="irst"/>
<xs:enumeration value="lba"/>
<xs:enumeration value="legacy_boot"/>
<xs:enumeration value="lvm"/>
<xs:enumeration value="msftdata"/>
<xs:enumeration value="msftres"/>
<xs:enumeration value="palo"/>
<xs:enumeration value="prep"/>
<xs:enumeration value="raid"/>
<xs:enumeration value="root"/>
<xs:enumeration value="swap"/>
<xs:whiteSpace value="collapse"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType>
<!-- These deviate from the parted flags (and in the case of the gpt_* ones, have no parted
equivalent it seems).
fdisk's "e(x)pert mode" has numerical GUID identifers for these ("Attrs").
Details on these are at:
https://en.wikipedia.org/wiki/GUID_Partition_Table#Partition_entries_(LBA_2%E2%80%9333)

BD_PART_FLAGS = BlockDev.PartFlag(-1)
BD_PART_FLAGS_FRIENDLY = dict(zip(BD_PART_FLAGS.value_nicks, BD_PART_FLAGS.value_names))
sorted(list(BD_PART_FLAGS_FRIENDLY.keys()))
-->
<xs:restriction base="xs:string">
<xs:enumeration value="apple_tv_recovery"/>
<xs:enumeration value="cpalo"/>
<xs:enumeration value="gpt_hidden"/><!-- No parted equivalent -->
<xs:enumeration value="gpt_no_automount"/><!-- No parted equivalent -->
<xs:enumeration value="gpt_read_only"/><!-- No parted equivalent -->
<xs:enumeration value="gpt_system_part"/><!-- No parted equivalent -->
<xs:enumeration value="hpservice"/>
<xs:enumeration value="msft_data"/>
<xs:enumeration value="msft_reserved"/>
<xs:whiteSpace value="collapse"/>
</xs:restriction>
</xs:simpleType>
</xs:union>
</xs:simpleType>

<xs:simpleType name="t_linux_passwd_hashtypes">
<xs:union memberTypes="t_unix_passwd_hashtypes">
<xs:simpleType>
<xs:restriction base="xs:string">
<!-- Unsupported in glibc. libxcrypt (https://github.com/besser82/libxcrypt/) has additional support. -->
<!-- bcrypt/blowfish are the same. -->
<!-- <xs:enumeration value="bcrypt"/> -->
<!-- <xs:enumeration value="blowfish"/> -->
<!-- <xs:enumeration value="scrypt"/> -->
<xs:enumeration value="sha256"/>
<xs:enumeration value="sha512"/>
</xs:restriction>
</xs:simpleType>
</xs:union>
</xs:simpleType>

<xs:simpleType name="t_linux_passwd_hashtypes_detect">
<xs:union memberTypes="t_unix_passwd_hashtypes">
<xs:simpleType>
<xs:restriction base="xs:string">
<xs:enumeration value="(detect)"/>
</xs:restriction>
</xs:simpleType>
</xs:union>
</xs:simpleType>

<xs:simpleType name="t_linux_pesize">
<!-- This is *basically* t_lvsize except we don't allow percentages. -->
<!-- If no suffix is provided, we assume the size is in sectors
UNLESS it's "0", which means use the default (which I *think* is dynamically generated). -->
<xs:restriction base="xs:string">
<xs:pattern value="\s*([0-9]+)\s*(((k|Ki)|[MGTPEZY]i?)?B?|)\s*"/>
<xs:whiteSpace value="collapse"/>
</xs:restriction>
</xs:simpleType>

<xs:simpleType name="t_linux_raid_layout">
<!-- mdadm(8), "layout=" option -->
<!-- We don't need to cook in the "faulty" levels. -->
<xs:restriction base="xs:token">
<xs:pattern
value="((left|right)-a?symmetric(-6)?|[lr][as]|parity-(fir|la)st|ddf-(zero|N)-restart|ddf-N-continue|parity-first-6|[nof][0-9]+|none)"/>
<xs:whiteSpace value="collapse"/>
</xs:restriction>
</xs:simpleType>

<xs:simpleType name="t_linux_raid_levels">
<xs:restriction base="xs:integer">
<xs:enumeration value="0"/>
<xs:enumeration value="1"/>
<xs:enumeration value="4"/>
<xs:enumeration value="5"/>
<xs:enumeration value="6"/>
<xs:enumeration value="10"/>
</xs:restriction>
</xs:simpleType>

<xs:simpleType name="t_linux_raid_meta">
<!-- Program should warn about 1.x used for non-aware bootloaders.
0.90 should be used in that case. -->
<xs:restriction base="xs:token">
<xs:enumeration value="0"/><!-- Same as 0.90 -->
<xs:enumeration value="0.90"/><!-- Same as 0 -->
<xs:enumeration value="1"/><!-- Same as 1.2, default -->
<xs:enumeration value="1.0"/>
<xs:enumeration value="1.1"/>
<xs:enumeration value="1.2"/><!-- Same as 1, default -->
<xs:enumeration value="default"/><!-- Same as 1, 1.2 -->
<xs:enumeration value="ddf"/>
<xs:enumeration value="imsm"/>
<xs:whiteSpace value="collapse"/>
</xs:restriction>
</xs:simpleType>

<xs:complexType name="t_linux_service">
<xs:simpleContent>
<xs:extension base="t_std_nonempty">
<xs:attribute name="status" type="xs:boolean" use="optional" default="true"/>
</xs:extension>
</xs:simpleContent>
</xs:complexType>

<xs:simpleType name="t_linux_shadowhash">
<xs:union memberTypes="t_unix_shadowhash">
<xs:simpleType>
<xs:restriction base="xs:string">
<xs:pattern value="\s*($5)?($[a-zA-Z0-9./]{1,16})$[a-zA-Z0-9./]{43}\s*"/><!-- sha256 -->
<xs:pattern value="\s*($6)?($[a-zA-Z0-9./]{1,16})$[a-zA-Z0-9./]{86}\s*"/><!-- sha512 -->
</xs:restriction>
</xs:simpleType>
</xs:union>
</xs:simpleType>

<xs:complexType name="t_linux_user">
<xs:sequence>
<xs:element name="password" minOccurs="0" maxOccurs="1" type="t_linux_nixpass"/>
<xs:element name="xGroup" minOccurs="0" maxOccurs="unbounded">
<xs:complexType>
<xs:attribute name="name" type="t_unix_posixUserGroup" use="required"/>
<xs:attribute name="create" type="xs:boolean" use="optional" default="false"/>
<xs:attribute name="gid" type="xs:positiveInteger" use="optional"/>
</xs:complexType>
<xs:unique name="uniq_linux_grp">
<xs:selector xpath="."/>
<xs:field xpath="@name"/>
</xs:unique>
<xs:complexType name="t_linux_lvm">
<xs:sequence>
<xs:element name="volumeGroup" minOccurs="1" maxOccurs="unbounded">
<xs:complexType>
<xs:all>
<xs:element name="physicalVolumes" minOccurs="1" maxOccurs="1">
<xs:complexType>
<xs:sequence>
<xs:element name="pv" minOccurs="1" maxOccurs="unbounded" type="t_linux_lvm_pv"/>
</xs:sequence>
</xs:complexType>
</xs:element>
</xs:sequence>
<xs:attribute name="name" type="t_unix_posixUserGroup" use="required"/>
<xs:attribute name="home" type="t_unix_filepath" use="optional"/>
<xs:attribute name="uid" type="xs:positiveInteger" use="optional"/>
<xs:attribute name="group" type="t_unix_posixUserGroup" use="optional"/>
<xs:attribute name="gid" type="xs:positiveInteger" use="optional"/>
<xs:attribute name="comment" type="t_std_nonempty" use="optional"/>
<xs:attribute name="sudo" type="xs:boolean" use="optional" default="false"/>
<xs:attribute name="sudoPassword" type="xs:boolean" use="optional" default="true"/>
<xs:attribute name="shell" type="t_unix_filepath" use="optional" default="/bin/bash"/>
<!-- TODO: change the positiveIntegers to xs:duration? or union? -->
<!-- Might be pointless since the smallest increment is 1 day in
shadow(5). -->
<xs:attribute name="minAge" type="xs:positiveInteger" use="optional"/>
<xs:attribute name="maxAge" type="xs:positiveInteger" use="optional"/>
<xs:attribute name="warnDays" type="xs:positiveInteger" use="optional"/>
<xs:attribute name="inactiveDays" type="xs:positiveInteger" use="optional"/>
<xs:attribute name="expireDate" type="t_std_epoch_or_iso" use="optional"/>
</xs:complexType>
<xs:element name="logicalVolumes" minOccurs="1" maxOccurs="1" type="t_linux_lvm_lv"/>
</xs:all>
<xs:attribute name="id" type="xs:ID" use="required"/>
<xs:attribute name="name" type="t_std_nonempty" use="required"/>
<xs:attribute name="extentSize" type="t_linux_pesize" use="optional" default="0"/>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>

<xs:complexType name="t_linux_lvm_lv">
<xs:sequence>
<xs:element name="lv" minOccurs="1" maxOccurs="unbounded">
<xs:complexType>
<xs:sequence minOccurs="0" maxOccurs="unbounded">
<xs:element name="pvMember" minOccurs="1" maxOccurs="unbounded">
<xs:complexType>
<xs:attribute name="source" use="required" type="xs:IDREF"/>
</xs:complexType>
</xs:element>
</xs:sequence>
<xs:attribute name="id" type="xs:ID" use="required"/>
<xs:attribute name="name" type="t_std_nonempty" use="required"/>
<xs:attribute name="size" type="t_linux_lvsize" use="required"/>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>

<xs:complexType name="t_linux_lvm_pv">
<xs:attribute name="id" type="xs:ID" use="required"/>
<xs:attribute name="source" type="xs:IDREF" use="required"/>
</xs:complexType>

<xs:simpleType name="t_linux_lvsize">
<!-- If no suffix is provided, program should assume the size is in *extents*. -->
<xs:restriction base="xs:string">
<xs:pattern value="\s*([0-9]+)\s*(%|((k|Ki)|[MGTPEZY]i?)?B?|)\s*"/>
<xs:whiteSpace value="collapse"/>
</xs:restriction>
</xs:simpleType>

<xs:complexType name="t_linux_mdadm">
<xs:sequence minOccurs="1" maxOccurs="unbounded">
<xs:element name="array" minOccurs="1" maxOccurs="unbounded">
<xs:complexType>
<xs:sequence minOccurs="1" maxOccurs="unbounded">
<xs:element name="member" minOccurs="1" maxOccurs="unbounded">
<xs:complexType>
<xs:attribute name="source" type="xs:IDREF" use="required"/>
</xs:complexType>
</xs:element>
</xs:sequence>
<xs:attribute name="id" use="required" type="xs:ID"/>
<xs:attribute name="name" use="required" type="t_std_nonempty"/>
<xs:attribute name="meta" use="optional" default="1.2" type="t_linux_raid_meta"/>
<xs:attribute name="level" use="required" type="t_linux_raid_levels"/>
<!-- KB *only*. -->
<!-- Can be pretty important!
https://www.zdnet.com/article/chunks-the-hidden-key-to-raid-performance/ -->
<xs:attribute name="chunkSize" use="optional" type="xs:positiveInteger" default="512"/>
<xs:attribute name="layout" use="optional" type="t_linux_raid_layout" default="none"/>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>

<xs:simpleType name="t_linux_mountpath">
<xs:union memberTypes="t_unix_filepath">
<xs:simpleType>
<xs:restriction base="xs:string">
<xs:enumeration value="swap"/>
</xs:restriction>
</xs:simpleType>
</xs:union>
</xs:simpleType>

<xs:complexType name="t_linux_mounts">
<xs:sequence minOccurs="1" maxOccurs="unbounded">
<xs:element name="mount" minOccurs="1" maxOccurs="unbounded">
<xs:complexType>
<xs:sequence minOccurs="0" maxOccurs="unbounded">
<xs:element name="opt" minOccurs="1" maxOccurs="unbounded" type="t_std_cmdopts"/>
</xs:sequence>
<xs:attribute name="source" type="xs:IDREF" use="required"/>
<xs:attribute name="target" type="t_linux_mountpath" use="required"/>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>

<xs:complexType name="t_linux_nixpass">
<xs:choice minOccurs="1" maxOccurs="1">
<xs:element name="passwordPlain">
<xs:complexType>
<xs:simpleContent>
<xs:extension base="xs:string">
<xs:attribute name="hashType" use="optional" default="sha512"
type="t_linux_passwd_hashtypes"/>
<xs:attribute name="rounds" use="optional" default="5000" type="xs:positiveInteger"/>
</xs:extension>
</xs:simpleContent>
</xs:complexType>
</xs:element>
<xs:element name="passwordHash">
<xs:complexType>
<xs:simpleContent>
<xs:extension base="t_linux_shadowhash">
<xs:attribute name="hashType" use="optional" default="(detect)"
type="t_linux_passwd_hashtypes_detect"/>
</xs:extension>
</xs:simpleContent>
</xs:complexType>
</xs:element>
</xs:choice>
<xs:attribute name="locked" use="optional" default="false" type="xs:boolean"/>
</xs:complexType>

<xs:complexType name="t_linux_package">
<xs:simpleContent>
<xs:extension base="t_std_nonempty">
<xs:attribute name="repo" type="t_std_nonempty" use="optional"/>
</xs:extension>
</xs:simpleContent>
</xs:complexType>

<xs:simpleType name="t_linux_part_flags">
<xs:union>
<xs:simpleType>
<!-- parted.partition.partitionFlag -->
<xs:restriction base="xs:string">
<xs:enumeration value="atvrecv"/>
<xs:enumeration value="bios_grub"/>
<xs:enumeration value="boot"/>
<xs:enumeration value="diag"/>
<xs:enumeration value="esp"/>
<xs:enumeration value="hidden"/>
<xs:enumeration value="hp-service"/>
<xs:enumeration value="irst"/>
<xs:enumeration value="lba"/>
<xs:enumeration value="legacy_boot"/>
<xs:enumeration value="lvm"/>
<xs:enumeration value="msftdata"/>
<xs:enumeration value="msftres"/>
<xs:enumeration value="palo"/>
<xs:enumeration value="prep"/>
<xs:enumeration value="raid"/>
<xs:enumeration value="root"/>
<xs:enumeration value="swap"/>
<xs:whiteSpace value="collapse"/>
</xs:restriction>
</xs:simpleType>
<xs:simpleType>
<!-- These deviate from the parted flags (and in the case of the gpt_* ones, have no parted
equivalent it seems).
fdisk's "e(x)pert mode" has numerical GUID identifers for these ("Attrs").
Details on these are at:
https://en.wikipedia.org/wiki/GUID_Partition_Table#Partition_entries_(LBA_2%E2%80%9333)

BD_PART_FLAGS = BlockDev.PartFlag(-1)
BD_PART_FLAGS_FRIENDLY = dict(zip(BD_PART_FLAGS.value_nicks, BD_PART_FLAGS.value_names))
sorted(list(BD_PART_FLAGS_FRIENDLY.keys()))
-->
<xs:restriction base="xs:string">
<xs:enumeration value="apple_tv_recovery"/>
<xs:enumeration value="cpalo"/>
<xs:enumeration value="gpt_hidden"/><!-- No parted equivalent -->
<xs:enumeration value="gpt_no_automount"/><!-- No parted equivalent -->
<xs:enumeration value="gpt_read_only"/><!-- No parted equivalent -->
<xs:enumeration value="gpt_system_part"/><!-- No parted equivalent -->
<xs:enumeration value="hpservice"/>
<xs:enumeration value="msft_data"/>
<xs:enumeration value="msft_reserved"/>
<xs:whiteSpace value="collapse"/>
</xs:restriction>
</xs:simpleType>
</xs:union>
</xs:simpleType>

<xs:simpleType name="t_linux_passwd_hashtypes">
<xs:union memberTypes="t_unix_passwd_hashtypes">
<xs:simpleType>
<xs:restriction base="xs:string">
<!-- Unsupported in glibc. libxcrypt (https://github.com/besser82/libxcrypt/) has additional support. -->
<!-- bcrypt/blowfish are the same. -->
<!-- <xs:enumeration value="bcrypt"/> -->
<!-- <xs:enumeration value="blowfish"/> -->
<!-- <xs:enumeration value="scrypt"/> -->
<xs:enumeration value="sha256"/>
<xs:enumeration value="sha512"/>
</xs:restriction>
</xs:simpleType>
</xs:union>
</xs:simpleType>

<xs:simpleType name="t_linux_passwd_hashtypes_detect">
<xs:union memberTypes="t_unix_passwd_hashtypes">
<xs:simpleType>
<xs:restriction base="xs:string">
<xs:enumeration value="(detect)"/>
</xs:restriction>
</xs:simpleType>
</xs:union>
</xs:simpleType>

<xs:simpleType name="t_linux_pesize">
<!-- This is *basically* t_lvsize except we don't allow percentages. -->
<!-- If no suffix is provided, we assume the size is in sectors
UNLESS it's "0", which means use the default (which I *think* is dynamically generated). -->
<xs:restriction base="xs:string">
<xs:pattern value="\s*([0-9]+)\s*(((k|Ki)|[MGTPEZY]i?)?B?|)\s*"/>
<xs:whiteSpace value="collapse"/>
</xs:restriction>
</xs:simpleType>

<xs:simpleType name="t_linux_raid_layout">
<!-- mdadm(8), "layout=" option -->
<!-- We don't need to cook in the "faulty" levels. -->
<xs:restriction base="xs:token">
<xs:pattern
value="((left|right)-a?symmetric(-6)?|[lr][as]|parity-(fir|la)st|ddf-(zero|N)-restart|ddf-N-continue|parity-first-6|[nof][0-9]+|none)"/>
<xs:whiteSpace value="collapse"/>
</xs:restriction>
</xs:simpleType>

<xs:simpleType name="t_linux_raid_levels">
<xs:restriction base="xs:integer">
<xs:enumeration value="0"/>
<xs:enumeration value="1"/>
<xs:enumeration value="4"/>
<xs:enumeration value="5"/>
<xs:enumeration value="6"/>
<xs:enumeration value="10"/>
</xs:restriction>
</xs:simpleType>

<xs:simpleType name="t_linux_raid_meta">
<!-- Program should warn about 1.x used for non-aware bootloaders.
0.90 should be used in that case. -->
<xs:restriction base="xs:token">
<xs:enumeration value="0"/><!-- Same as 0.90 -->
<xs:enumeration value="0.90"/><!-- Same as 0 -->
<xs:enumeration value="1"/><!-- Same as 1.2, default -->
<xs:enumeration value="1.0"/>
<xs:enumeration value="1.1"/>
<xs:enumeration value="1.2"/><!-- Same as 1, default -->
<xs:enumeration value="default"/><!-- Same as 1, 1.2 -->
<xs:enumeration value="ddf"/>
<xs:enumeration value="imsm"/>
<xs:whiteSpace value="collapse"/>
</xs:restriction>
</xs:simpleType>

<xs:complexType name="t_linux_service">
<xs:simpleContent>
<xs:extension base="t_std_nonempty">
<xs:attribute name="status" type="xs:boolean" use="optional" default="true"/>
</xs:extension>
</xs:simpleContent>
</xs:complexType>

<xs:simpleType name="t_linux_shadowhash">
<xs:union memberTypes="t_unix_shadowhash">
<xs:simpleType>
<xs:restriction base="xs:string">
<xs:pattern value="\s*($5)?($[a-zA-Z0-9./]{1,16})$[a-zA-Z0-9./]{43}\s*"/><!-- sha256 -->
<xs:pattern value="\s*($6)?($[a-zA-Z0-9./]{1,16})$[a-zA-Z0-9./]{86}\s*"/><!-- sha512 -->
</xs:restriction>
</xs:simpleType>
</xs:union>
</xs:simpleType>

<xs:complexType name="t_linux_user">
<xs:sequence>
<xs:element name="password" minOccurs="0" maxOccurs="1" type="t_linux_nixpass"/>
<xs:element name="xGroup" minOccurs="0" maxOccurs="unbounded">
<xs:complexType>
<xs:attribute name="name" type="t_unix_posixUserGroup" use="required"/>
<xs:attribute name="create" type="xs:boolean" use="optional" default="false"/>
<xs:attribute name="gid" type="xs:positiveInteger" use="optional"/>
</xs:complexType>
<xs:unique name="uniq_linux_grp">
<xs:selector xpath="."/>
<xs:field xpath="@name"/>
</xs:unique>
</xs:element>
</xs:sequence>
<xs:attribute name="name" type="t_unix_posixUserGroup" use="required"/>
<xs:attribute name="home" type="t_unix_filepath" use="optional"/>
<xs:attribute name="uid" type="xs:positiveInteger" use="optional"/>
<xs:attribute name="group" type="t_unix_posixUserGroup" use="optional"/>
<xs:attribute name="gid" type="xs:positiveInteger" use="optional"/>
<xs:attribute name="comment" type="t_std_nonempty" use="optional"/>
<xs:attribute name="sudo" type="xs:boolean" use="optional" default="false"/>
<xs:attribute name="sudoPassword" type="xs:boolean" use="optional" default="true"/>
<xs:attribute name="shell" type="t_unix_filepath" use="optional" default="/bin/bash"/>
<!-- TODO: change the positiveIntegers to xs:duration? or union? -->
<!-- Might be pointless since the smallest increment is 1 day in
shadow(5). -->
<xs:attribute name="minAge" type="xs:positiveInteger" use="optional"/>
<xs:attribute name="maxAge" type="xs:positiveInteger" use="optional"/>
<xs:attribute name="warnDays" type="xs:positiveInteger" use="optional"/>
<xs:attribute name="inactiveDays" type="xs:positiveInteger" use="optional"/>
<xs:attribute name="expireDate" type="t_std_epoch_or_iso" use="optional"/>
</xs:complexType>

</xs:schema>