diff --git a/oval-schemas/independent-definitions-schema.xsd b/oval-schemas/independent-definitions-schema.xsd
index 4e60f49..aacc754 100644
--- a/oval-schemas/independent-definitions-schema.xsd
+++ b/oval-schemas/independent-definitions-schema.xsd
@@ -974,6 +974,171 @@
+
+
+
+
+
+
+ The shellcommand_test is used to check the values produced by the running of the 'command' (or script, but not an external script file) found in the object 'command' element. It extends the standard TestType as defined in the oval-definitions-schema and one should refer to the TestType description for more information. The required object element references a shellcommand_object and the optional state element references a shellcommand_state that specifies the information to check.
+
+Since this test runs the command string supplied in the object command element, the content author should avoid writing command strings that may produce large amounts of output or that may be fragile causing errors and thus produce large amounts of error output.
+
+The command should produce well formed output that will result in one item stdout_line element for each line of output via STDOUT by the object evaluation. Similarly, in the item, for any output to STDERR, a stderr_line element will be created.
+
+IMPORTANT! - Since this test requires the running of code supplied by content and since OVAL interpreters commonly run with elevated privileges, significant responsibilty falls to the content author to DO NO HARM to the target system. This also requires that any content stream that employs this test MUST be from a known trusted source and be digitally signed. The use of any executables that are not supplied by the installed operating system is highly discouraged.
+
+
+ shellcommand_test
+ shellcommand_object
+ shellcommand_state
+ shellcommand_item
+
+
+
+
+
+ - the object child element of a shellcommand_test must reference a shellcommand_object
+
+
+ - the state child element of a shellcommand_test must reference a shellcommand_state
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ The shellcommand_object is used by a shellcommand_test to define a shell to use (e.g. sh, bash, ksh, etc.), a command (or shell script) to be run, and a pattern to filter result lines. The default shell is bash. Each object extends the standard ObjectType as defined in the oval-definitions-schema and one should refer to the ObjectType description for more information. The common set element allows complex objects to be created using filters and set logic.
+
+The evaluation of the object should always produce one item. If the command execution does not produce output, an item should still be created with the exit_status (AKA process exit code), a stdout entity with a status of 'does not exist', and any STDERR from the execution captured in stderr_line entities.
+
+
+
+
+
+
+
+
+
+
+ State referenced in filter for '' is of the wrong type.
+
+
+
+
+
+
+
+
+
+
+
+
+
+ The shell entity defines the specific shell to use (e.g. bash, csh, ksh, etc.). Any tool collecting information for this object will need to know the shell in order to use it properly.
+
+
+
+
+ The command element specifies the command string to be run on the target system. Since this command string will be executed on the target system and since OVAL interpreters commonly run with elevated privileges, significant responsibilty falls to the content author to DO NO HARM. This also requires that any content stream that employs this test MUST be from a known trusted source and be digitally signed. The use of executables that are not supplied by the installed operating system is highly discouraged.
+
+
+
+
+ The 'pattern' is a regular expression that identifies lines in 'command' results that are to produce OVAL items. Any result line via STDOUT that matches the pattern is kept as an item stdout_line element. Any that do not are discarded. If the pattern element is empty or does not exist, all results lines are kept.
+
+A subexpression (using parentheses) can call out a piece of the matched stdout_line to test. For example, the pattern abc(.*)xyz would look for a block of text in the output that starts with abc and ends with xyz, with the subexpression being all the characters that exist in between. The value of the subexpression can then be tested using the subexpression entity of a shellcommand_state. Note that if the pattern, starting at the same point in the line, matches more than one block of text, then it matches the longest. For example, given output with abcdefxyzxyzabc, then the pattern abc(.*)xyz would match the block abcdefxyzxyz. Subexpressions also match the longest possible substrings, subject to the constraint that the whole match be as long as possible, with subexpressions starting earlier in the pattern taking priority over ones starting later.
+
+
+ Note that when using regular expressions, OVAL supports a common subset of the regular expression character classes, operations, expressions and other lexical tokens defined within Perl 5's regular expression specification. For more information on the supported regular expression syntax in OVAL see: http://oval.mitre.org/language/about/re_support_5.6.html.
+
+
+
+ - operation attribute for the pattern entity of a shellcommand_object should be 'pattern match'
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ The shellcommand_state contains the entities that are used to check the values returned by the shellcommand_object. Note that the state entities shell, command, and pattern are echoed, verbatim, from the same elements in the associated shellcommand_object.
+
+
+
+
+
+
+
+ The 'shell' element contains the shell used to perform the command and must match the value in the associated object, verbatim.
+
+
+
+
+
+ The 'command' element specifies the command string to be run on the target system and must match the same element in the associated shellcommand_object, verbatim.
+
+
+
+
+ The 'pattern' is a regular expression that identifies lines in 'command' results that are to produce OVAL items and must match the same element in the associated shellcommand_object, verbatim.
+
+
+
+ - operation attribute for the pattern entity of a shellcommand_object should be 'pattern match'
+
+
+
+
+
+
+
+ The 'exit_status' entity represents the exist status returned by the system for the execution of the object command.
+
+
+
+
+ The 'stdout_line' entity represents a line from the STDOUT output of a successful run of the command string that matched the specified object pattern.
+
+
+
+
+ The subexpression entity represents a value to test against the subexpression in the specified pattern. If multiple subexpressions are specified in the pattern, this value is tested against all of them. For example, if the pattern abc(.*)mno(.*)xyp was supplied, and the state specifies a subexpression value of enabled, then the test would check that both (or at least one, none, etc. depending on the entity_check attribute) of the subexpressions have a value of enabled.
+
+
+
+
+ The 'stderr_line' element contains any and all output to STDERR from a run of the object command. Each line of STDERR should create an additional 'stderr_line' element.
+
+
+
+
+
+
+
+
+
@@ -2497,6 +2662,104 @@ SERVERPROPERTY('IsClustered') AS [is_clustered]
+
+
+ The EntityObjectShellType complex type defines a string entity value that is restricted to a set of command shells. The empty string is also allowed to support empty elements associated with variable references.
+
+
+
+
+
+ The borne shell (sh)
+
+
+
+
+ The gnu borne again shell (bash).
+
+
+
+
+ The C shell (csh).
+
+
+
+
+ The korn shell (ksh).
+
+
+
+
+ The Z shell (zsh).
+
+
+
+
+ The Microsoft Windows command prompt (cmd).
+
+
+
+
+ The Microsoft Powershell prompt (powershell).
+
+
+
+
+ The empty string value is permitted here to allow for empty elements associated with variable references.
+
+
+
+
+
+
+
+ The EntityStateShellType complex type defines a string entity value that is restricted to a set of command shells. The empty string is also allowed to support empty elements associated with variable references.
+
+
+
+
+
+ The borne shell (sh)
+
+
+
+
+ The gnu borne again shell (bash).
+
+
+
+
+ The C shell (csh).
+
+
+
+
+ The korn shell (ksh).
+
+
+
+
+ The Z shell (zsh).
+
+
+
+
+ The Microsoft Windows command prompt (cmd).
+
+
+
+
+ The Microsoft Powershell prompt (powershell).
+
+
+
+
+ The empty string value is permitted here to allow for empty elements associated with variable references.
+
+
+
+
+
The EntityObjectEngineType complex type defines a string entity value that is restricted to a set of enumerations. Each valid enumeration is a valid database engine. The empty string is also allowed to support empty elements associated with variable references.
diff --git a/oval-schemas/independent-system-characteristics-schema.xsd b/oval-schemas/independent-system-characteristics-schema.xsd
index eea8822..9a247b0 100644
--- a/oval-schemas/independent-system-characteristics-schema.xsd
+++ b/oval-schemas/independent-system-characteristics-schema.xsd
@@ -325,6 +325,64 @@
+
+
+
+
+
+
+
+ The shellcommand_item stores information retrieved from the local system that results from the running of the command or embedded script in the associated object command element.
+
+The evaluation of the object should always produce one item. If the object evaluation does not produce output via STDOUT that should result in an item, one should be created with a status of 'does not exist'. This facilitates that capture of the exit_status and stderr from the system call.
+
+
+
+
+
+
+
+ The shell element contains the shell used (e.g. bash or powershell) to perform the command and should be taken, verbatim, from the associated object 'shell' element.
+
+
+
+
+ The command element specifies the command string that was run on the target system and should be taken, verbatim, from the associated object 'command' element..
+
+
+
+
+
+ The pattern element is simply an echo of the same element in the OVAL object and is supplied in the item to aid in end user interpretation and should be taken, verbatim, from the associated object 'pattern' element..
+
+
+
+
+ The exit_status entity represents the exist status returned by the system for the execution of the object command. OVAL Item status should match the exit status of the system call.
+
+
+
+
+ The stdout_line entity contains a line from the STDOUT output of a successful run of the command string that matched the specified object pattern. Each line created by the execution of the object command should create an item 'stdout_line' element.
+
+
+
+
+ The subexpression entity represents the value of a subexpression in the specified pattern. If multiple subexpressions are specified in the pattern, then multiple entities are presented. Note that the textfilecontent_state in the definition schema only allows a single subexpression entity. This means that the test will check that all (or at least one, none, etc.) the subexpressions pass the same check. This means that the order of multiple subexpression entities in the item does not matter.
+
+
+
+
+ The 'stderr_line' element contains a single line of any output from STDERR.
+
+
+
+
+
+
+
+
+
@@ -704,6 +762,64 @@
+
+
+
+
+ The EntityItemShellType restricts a string value to a specific set of shell commands. The empty string is also allowed to support empty elements associated with error conditions.
+
+
+
+
+
+ The borne shell (sh)
+
+
+
+
+ The gnu borne again shell (bash).
+
+
+
+
+ The C shell (csh).
+
+
+
+
+ The korn shell (ksh).
+
+
+
+
+ The Z shell (zsh).
+
+
+
+
+ The Microsoft Windows command prompt (cmd).
+
+
+
+
+ The Microsoft Powershell prompt (powershell).
+
+
+
+
+ The empty string value is permitted here to allow for empty elements associated with variable references.
+
+
+
+
+ The empty string value is permitted here to allow for detailed error reporting.
+
+
+
+
+
+
+