<unix:file_test check="all" check_existence="all_exist" comment="/bin files owned by root" id="test_ownership_bin_files" version="1"> <unix:object object_ref="object_root_ownership_bin_files" /> <unix:state state_ref="state_root_ownership" /> </unix:file_test> <unix:file_object comment="/bin files" id="object_root_ownership_bin_files" version="1"> <unix:behaviors recurse="symlinks and directories" recurse_direction="down" max_depth="-1" recurse_file_system="all" /> <unix:path operation="equals">/bin</unix:path> <unix:filename operation="pattern match">^.*$</unix:filename> <filter action="exclude">state_symlink</filter> </unix:file_object>

<unix:file_state id="state_root_ownership" version="1"> <unix:user_id datatype="int">0</unix:user_id> </unix:file_state>

<unix:file_test check="all" check_existence="all_exist" comment="/bin files go-w" id="test_ownership_bin_files" version="1"> <unix:object object_ref="object_root_ownership_bin_files" /> </unix:file_test> <unix:file_object comment="/bin files" id="object_root_ownership_bin_files" version="1"> <unix:behaviors recurse="symlinks and directories" recurse_direction="down" max_depth="-1" recurse_file_system="all" /> <unix:path operation="equals">/bin</unix:path> <unix:filename operation="pattern match">^.*$</unix:filename> <filter action="exclude">state_symlink</filter> <filter action="exclude">state_root_ownership</filter> </unix:file_object>