This file is indexed.

/usr/share/arc/schema/PDPServiceInvoker.xsd is in libarccommon1 1.1.1-1.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below.

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
<?xml version="1.0" encoding="UTF-8"?>
<xsd:schema
  xmlns:xsd="http://www.w3.org/2001/XMLSchema"
  xmlns="http://www.nordugrid.org/schemas/pdpserviceinvoker/2009/08"
  targetNamespace="http://www.nordugrid.org/schemas/pdperviceinvoker/2009/08"
  xmlns:pdp="http://www.nordugrid.org/schemas/pdperviceinvoker/2009/08"
  elementFormDefault="qualified">
 
    <xsd:complexType name="FilterType">
        <xsd:annotation>
            <xsd:documentation xml:lang="en">
              This element defines Security Attributes to select and reject.
              If there are no Select elements all Attributes are used except
              those listed in Reject elements.
            </xsd:documentation>
        </xsd:annotation>
        <xsd:sequence>
            <xsd:element name="Select" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/>
            <xsd:element name="Reject" type="xsd:string" minOccurs="0" maxOccurs="unbounded"/>
        </xsd:sequence>
    </xsd:complexType>
    <xsd:element name="Filter" type="pdp:FilterType"/>

    <xsd:element name="ServiceEndpoint" type="xsd:string">
        <xsd:annotation>
            <xsd:documentation xml:lang="en">
              This element is to specify endpoint about remote pdpservice.
              It will be configured under the <PDP name="pdpservice.invoker"/>
            </xsd:documentation>
        </xsd:annotation>
    </xsd:element>

    <xsd:element name="RequestFormat" type="xsd:string" default="arc">
        <xsd:annotation>
            <xsd:documentation xml:lang="en">
             This element is to specified the format of request. Two options
             are recognized: xacml, arc.
             Default is "arc".
            </xsd:documentation>
        </xsd:annotation> 
    </xsd:element>

    <xsd:element name="TransferProtocol" type="xsd:string" default="arc">
        <xsd:annotation>
            <xsd:documentation xml:lang="en">
              This element is to specified the protocol for transfering request.
              Default is the arc specific protocol; if "SAML" is specified, then
              the "SAML2.0 profile of the XACML v2.0" will be used for carrying
              request.
              If RequestFormat is specified to XACML, and Transfer is specified to SAML,
              then this pdpservice invoker is able to interact with third-party pdp
              service, such as the GLite authorization service.
              Two options are recognized: saml, arc.
             Default is "arc".
            </xsd:documentation>
        </xsd:annotation>
    </xsd:element>

    <!--The following information is about credential. Since the pdpserviceinvoker is 
    actually a client which will invoke the remote pdpservice, it should has its credential
    configuration, but it could also use the credential of the MCCTLS which is in the same 
    chain as this uplevel service (which is using the pdpserviceinvoker) configuration. 
    If the latter situation applies, the following element don't not need to be configured 
    under the <PDP name="pdpservice.invoker"/>.
    However, the credential of the MCCTLS in the main chain and the credential of the
    pdpservice.invoker should not be coupled, since pdpservice could use tls, but this normal
    service (which configures the pdpservice.invoker inside) could not use tls, and vice versa.-->


    <xsd:element name="KeyPath" type="xsd:string" default="$HOME/.globus/userkey.pem">
        <xsd:annotation>
            <xsd:documentation xml:lang="en">
               Location of private key.
               Default is $HOME/.globus/userkey.pem.
            </xsd:documentation>
        </xsd:annotation>
    </xsd:element>

    <xsd:element name="CertificatePath" type="xsd:string" default="$HOME/.globus/usercert.pem">
        <xsd:annotation>
            <xsd:documentation xml:lang="en">
             Location of public certificate.
             Default is $HOME/.globus/usercert.pem.
            </xsd:documentation>
        </xsd:annotation>
    </xsd:element>

    <xsd:element name="ProxyPath" type="xsd:string" default="/tmp/hash{userid}.0">
        <xsd:annotation>
            <xsd:documentation xml:lang="en">
             Location of proxy credentials - includes certificates,
             key and chain of involved certificates. Overwrites
             elements KeyPath and CertificatePath. Default is /tmp/hash{userid}.0
            </xsd:documentation>
        </xsd:annotation>
    </xsd:element>

    <xsd:element name="CACertificatePath" type="xsd:string">
        <xsd:annotation>
            <xsd:documentation xml:lang="en">
             Location of certificate of CA. Default is none.
            </xsd:documentation>
        </xsd:annotation>
    </xsd:element>

    <xsd:element name="CACertificatesDir" default="/etc/grid-security/certificates">
            <xsd:annotation>
                <xsd:documentation xml:lang="en">
                 Directory containing certificates of accepted CAs.
                 Default is /etc/grid-security/certificates
                </xsd:documentation>
            </xsd:annotation>
    </xsd:element>

</xsd:schema>