From 4d0e739345fe3039db16e0ee613431e1aa92cf02 Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Fri, 4 Mar 2011 11:08:54 -0500 Subject: Fix style and grammatical issues in built-in command help. There is a rather large API.txt change but it is only due to changes in the doc string in parameters. ticket 729 --- API.txt | 118 ++++++++++++++++++++--------------------- ipalib/frontend.py | 4 +- ipalib/plugins/automount.py | 58 ++++++++++---------- ipalib/plugins/baseldap.py | 8 +-- ipalib/plugins/cert.py | 28 ++++++++-- ipalib/plugins/config.py | 44 +++++++-------- ipalib/plugins/dns.py | 10 ++-- ipalib/plugins/group.py | 8 +-- ipalib/plugins/hbacrule.py | 8 +-- ipalib/plugins/hbacsvcgroup.py | 24 ++++----- ipalib/plugins/host.py | 5 +- ipalib/plugins/internal.py | 2 +- ipalib/plugins/migration.py | 5 +- ipalib/plugins/misc.py | 2 +- ipalib/plugins/passwd.py | 6 +-- ipalib/plugins/permission.py | 11 ++-- ipalib/plugins/pkinit.py | 13 +++-- ipalib/plugins/selfservice.py | 28 +++++----- ipalib/plugins/service.py | 2 +- ipalib/plugins/sudocmdgroup.py | 15 +++--- ipalib/plugins/sudorule.py | 4 +- ipalib/plugins/user.py | 14 ++--- 22 files changed, 222 insertions(+), 195 deletions(-) diff --git a/API.txt b/API.txt index 76a25a87..3626f3c7 100644 --- a/API.txt +++ b/API.txt @@ -204,7 +204,7 @@ command: automountlocation_import args: 2,1,1 arg: Str('cn', attribute=True, cli_name='location', label=Gettext('Location', domain='ipa', localedir=None), multivalue=False, primary_key=True, query=True, required=True) arg: Str('masterfile', label=Gettext('Master file', domain='ipa', localedir=None)) -option: Flag('continue?', autofill=True, cli_name='continue', default=False,lag('continue?', autofill=True, cli_name='continue', default=False, doc=Gettext('Continuous operation mode. Errors are reported but the process continues', domain='ipa', localedir=None)) +option: Flag('continue?', autofill=True, cli_name='continue', default=False,lag('continue?', autofill=True, cli_name='continue', default=False, doc=Gettext('Continuous operation mode. Errors are reported but the process continues.', domain='ipa', localedir=None)) output: Output('result', None, None) command: automountlocation_show args: 1,4,3 @@ -328,11 +328,11 @@ arg: Str('request_id', flags=['no_create', 'no_update', 'no_search'], label=Gett output: Output('result', None, None) command: config_mod args: 0,19,3 -option: Int('ipamaxusernamelength', attribute=True, autofill=False, cli_name='maxusername', label=Gettext('Max username length', domain='ipa', localedir=None), minvalue=1, multivalue=False, required=False) +option: Int('ipamaxusernamelength', attribute=True, autofill=False, cli_name='maxusername', label=Gettext('Max. username length', domain='ipa', localedir=None), minvalue=1, multivalue=False, required=False) option: IA5Str('ipahomesrootdir', attribute=True, autofill=False, cli_name='homedirectory', label=Gettext('Home directory base', domain='ipa', localedir=None), multivalue=False, required=False) option: Str('ipadefaultloginshell', attribute=True, autofill=False, cli_name='defaultshell', label=Gettext('Default shell', domain='ipa', localedir=None), multivalue=False, required=False) option: Str('ipadefaultprimarygroup', attribute=True, autofill=False, cli_name='defaultgroup', label=Gettext('Default users group', domain='ipa', localedir=None), multivalue=False, required=False) -option: Str('ipadefaultemaildomain', attribute=True, autofill=False, cli_name='emaildomain', label=Gettext('Default e-mail domain', domain='ipa', localedir=None), multivalue=False, required=False) +option: Str('ipadefaultemaildomain', attribute=True, autofill=False, cli_name='emaildomain', label=Gettext('Default e-mail domain for new users', domain='ipa', localedir=None), multivalue=False, required=False) option: Int('ipasearchtimelimit', validate_searchtimelimit, attribute=True, autofill=False, cli_name='searchtimelimit', label=Gettext('Search time limit', domain='ipa', localedir=None), minvalue=-1, multivalue=False, required=False) option: Int('ipasearchrecordslimit', attribute=True, autofill=False, cli_name='searchrecordslimit', label=Gettext('Search size limit', domain='ipa', localedir=None), minvalue=-1, multivalue=False, required=False) option: IA5Str('ipausersearchfields', attribute=True, autofill=False, cli_name='usersearch', label=Gettext('User search fields', domain='ipa', localedir=None), multivalue=False, required=False) @@ -695,7 +695,7 @@ output: Output('value', , "The primary_key value of the entry, e command: dnszone_add args: 1,18,3 arg: Str('idnsname', attribute=True, cli_name='name', label=Gettext('Zone name', domain='ipa', localedir=None), multivalue=False, normalizer=, primary_key=True, required=True) -option: Str('idnssoamname', attribute=True, cli_name='name_server', label=Gettext('Authoritative name server', domain='ipa', localedir=None), multivalue=False, required=True) +option: Str('idnssoamname', attribute=True, cli_name='name_server', label=Gettext('Authoritative nameserver', domain='ipa', localedir=None), multivalue=False, required=True) option: Str('idnssoarname', attribute=True, cli_name='admin_email', default_from=DefaultFrom(, 'idnsname'), label=Gettext('Administrator e-mail address', domain='ipa', localedir=None), multivalue=False, normalizer=_rname_normalizer, required=True) option: Int('idnssoaserial', attribute=True, autofill=True, cli_name='serial', create_default=_create_zone_serial, label=Gettext('SOA serial', domain='ipa', localedir=None), minvalue=1, multivalue=False, required=False) option: Int('idnssoarefresh', attribute=True, autofill=True, cli_name='refresh', default=3600, label=Gettext('SOA refresh', domain='ipa', localedir=None), minvalue=0, multivalue=False, required=False) @@ -708,7 +708,7 @@ option: Str('idnsupdatepolicy', attribute=True, cli_name='update_policy', label= option: Flag('idnsallowdynupdate', attribute=True, autofill=True, cli_name='allow_dynupdate', default=False, label=Gettext('Dynamic update', domain='ipa', localedir=None), multivalue=False, required=True) option: Str('addattr*', validate_add_attribute, cli_name='addattr', exclude='webui') option: Str('setattr*', validate_set_attribute, cli_name='setattr', exclude='webui') -option: Flag('force', autofill=True, default=False,lag('force', autofill=True, default=False, doc=Gettext('force DNS zone creation even if name server not in DNS', domain='ipa', localedir=None)) +option: Flag('force', autofill=True, default=False,lag('force', autofill=True, default=False, doc=Gettext('Force DNS zone creation even if name server not in DNS.', domain='ipa', localedir=None)) option: Str('ip_address?', _validate_ipaddr,tr('ip_address?', _validate_ipaddr, doc=Gettext('Add the nameserver to DNS with this IP address', domain='ipa', localedir=None)) option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output']) option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui', flags=['no_output']) @@ -739,7 +739,7 @@ command: dnszone_find args: 1,18,4 arg: Str('criteria?') option: Str('idnsname', attribute=True, autofill=False, cli_name='name', label=Gettext('Zone name', domain='ipa', localedir=None), multivalue=False, normalizer=, primary_key=True, query=True, required=False) -option: Str('idnssoamname', attribute=True, autofill=False, cli_name='name_server', label=Gettext('Authoritative name server', domain='ipa', localedir=None), multivalue=False, query=True, required=False) +option: Str('idnssoamname', attribute=True, autofill=False, cli_name='name_server', label=Gettext('Authoritative nameserver', domain='ipa', localedir=None), multivalue=False, query=True, required=False) option: Str('idnssoarname', attribute=True, autofill=False, cli_name='admin_email', default_from=DefaultFrom(, 'idnsname'), label=Gettext('Administrator e-mail address', domain='ipa', localedir=None), multivalue=False, normalizer=_rname_normalizer, query=True, required=False) option: Int('idnssoaserial', attribute=True, autofill=False, cli_name='serial', create_default=_create_zone_serial, label=Gettext('SOA serial', domain='ipa', localedir=None), minvalue=1, multivalue=False, query=True, required=False) option: Int('idnssoarefresh', attribute=True, autofill=False, cli_name='refresh', default=3600, label=Gettext('SOA refresh', domain='ipa', localedir=None), minvalue=0, multivalue=False, query=True, required=False) @@ -763,7 +763,7 @@ output: Output('truncated', , 'True if not all results were returne command: dnszone_mod args: 1,17,3 arg: Str('idnsname', attribute=True, cli_name='name', label=Gettext('Zone name', domain='ipa', localedir=None), multivalue=False, normalizer=, primary_key=True, query=True, required=True) -option: Str('idnssoamname', attribute=True, autofill=False, cli_name='name_server', label=Gettext('Authoritative name server', domain='ipa', localedir=None), multivalue=False, required=False) +option: Str('idnssoamname', attribute=True, autofill=False, cli_name='name_server', label=Gettext('Authoritative nameserver', domain='ipa', localedir=None), multivalue=False, required=False) option: Str('idnssoarname', attribute=True, autofill=False, cli_name='admin_email', default_from=DefaultFrom(, 'idnsname'), label=Gettext('Administrator e-mail address', domain='ipa', localedir=None), multivalue=False, normalizer=_rname_normalizer, required=False) option: Int('idnssoaserial', attribute=True, autofill=False, cli_name='serial', create_default=_create_zone_serial, label=Gettext('SOA serial', domain='ipa', localedir=None), minvalue=1, multivalue=False, required=False) option: Int('idnssoarefresh', attribute=True, autofill=False, cli_name='refresh', default=3600, label=Gettext('SOA refresh', domain='ipa', localedir=None), minvalue=0, multivalue=False, required=False) @@ -872,7 +872,7 @@ option: Str('description', attribute=True, cli_name='desc', label=Gettext('Descr option: Int('gidnumber', attribute=True, cli_name='gid', label=Gettext('GID', domain='ipa', localedir=None), multivalue=False, required=False) option: Str('addattr*', validate_add_attribute, cli_name='addattr', exclude='webui') option: Str('setattr*', validate_set_attribute, cli_name='setattr', exclude='webui') -option: Flag('nonposix', autofill=True, cli_name='nonposix', default=False,lag('nonposix', autofill=True, cli_name='nonposix', default=False, doc=Gettext('Create as a non-POSIX group?', domain='ipa', localedir=None)) +option: Flag('nonposix', autofill=True, cli_name='nonposix', default=False,lag('nonposix', autofill=True, cli_name='nonposix', default=False, doc=Gettext('Create as a non-POSIX group', domain='ipa', localedir=None)) option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output']) option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui', flags=['no_output']) option: Str('version?', exclude='webui', flags=['no_option', 'no_output']) @@ -915,16 +915,16 @@ option: Flag('private', autofill=True, cli_name='private', default=False,lag('pr option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output']) option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui', flags=['no_output']) option: Str('version?', exclude='webui', flags=['no_option', 'no_output']) -option: List('user?', cli_name='users',ist('user?', cli_name='users', doc='only groups with member users', label='user', multivalue=True) -option: List('no_user?', cli_name='no_users',ist('no_user?', cli_name='no_users', doc='only groups with no member users', label='user', multivalue=True) -option: List('group?', cli_name='groups',ist('group?', cli_name='groups', doc='only groups with member groups', label='group', multivalue=True) -option: List('no_group?', cli_name='no_groups',ist('no_group?', cli_name='no_groups', doc='only groups with no member groups', label='group', multivalue=True) -option: List('in_group?', cli_name='in_groups',ist('in_group?', cli_name='in_groups', doc='only groups with member of groups', label='group', multivalue=True) -option: List('not_in_group?', cli_name='not_in_groups',ist('not_in_group?', cli_name='not_in_groups', doc='only groups with no member of groups', label='group', multivalue=True) -option: List('in_netgroup?', cli_name='in_netgroups',ist('in_netgroup?', cli_name='in_netgroups', doc='only groups with member of netgroups', label='netgroup', multivalue=True) -option: List('not_in_netgroup?', cli_name='not_in_netgroups',ist('not_in_netgroup?', cli_name='not_in_netgroups', doc='only groups with no member of netgroups', label='netgroup', multivalue=True) -option: List('in_role?', cli_name='in_roles',ist('in_role?', cli_name='in_roles', doc='only groups with member of roles', label='role', multivalue=True) -option: List('not_in_role?', cli_name='not_in_roles',ist('not_in_role?', cli_name='not_in_roles', doc='only groups with no member of roles', label='role', multivalue=True) +option: List('user?', cli_name='users',ist('user?', cli_name='users', doc='Search for groups with these member users.', label='user', multivalue=True) +option: List('no_user?', cli_name='no_users',ist('no_user?', cli_name='no_users', doc='Search for groups without these member users.', label='user', multivalue=True) +option: List('group?', cli_name='groups',ist('group?', cli_name='groups', doc='Search for groups with these member groups.', label='group', multivalue=True) +option: List('no_group?', cli_name='no_groups',ist('no_group?', cli_name='no_groups', doc='Search for groups without these member groups.', label='group', multivalue=True) +option: List('in_group?', cli_name='in_groups',ist('in_group?', cli_name='in_groups', doc='Search for groups with these member of groups.', label='group', multivalue=True) +option: List('not_in_group?', cli_name='not_in_groups',ist('not_in_group?', cli_name='not_in_groups', doc='Search for groups without these member of groups.', label='group', multivalue=True) +option: List('in_netgroup?', cli_name='in_netgroups',ist('in_netgroup?', cli_name='in_netgroups', doc='Search for groups with these member of netgroups.', label='netgroup', multivalue=True) +option: List('not_in_netgroup?', cli_name='not_in_netgroups',ist('not_in_netgroup?', cli_name='not_in_netgroups', doc='Search for groups without these member of netgroups.', label='netgroup', multivalue=True) +option: List('in_role?', cli_name='in_roles',ist('in_role?', cli_name='in_roles', doc='Search for groups with these member of roles.', label='role', multivalue=True) +option: List('not_in_role?', cli_name='not_in_roles',ist('not_in_role?', cli_name='not_in_roles', doc='Search for groups without these member of roles.', label='role', multivalue=True) output: Output('summary', (, ), 'User-friendly description of action performed') output: ListOfEntries('result', (, ), Gettext('A list of LDAP entries', domain='ipa', localedir=None)) output: Output('count', , 'Number of entries returned') @@ -1328,16 +1328,16 @@ option: Int('sizelimit?', autofill=False, flags=['no_display'], label=Gettext('S option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output']) option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui', flags=['no_output']) option: Str('version?', exclude='webui', flags=['no_option', 'no_output']) -option: List('in_hostgroup?', cli_name='in_hostgroups',ist('in_hostgroup?', cli_name='in_hostgroups', doc='only hosts with member of hostgroups', label='hostgroup', multivalue=True) -option: List('not_in_hostgroup?', cli_name='not_in_hostgroups',ist('not_in_hostgroup?', cli_name='not_in_hostgroups', doc='only hosts with no member of hostgroups', label='hostgroup', multivalue=True) -option: List('in_netgroup?', cli_name='in_netgroups',ist('in_netgroup?', cli_name='in_netgroups', doc='only hosts with member of netgroups', label='netgroup', multivalue=True) -option: List('not_in_netgroup?', cli_name='not_in_netgroups',ist('not_in_netgroup?', cli_name='not_in_netgroups', doc='only hosts with no member of netgroups', label='netgroup', multivalue=True) -option: List('in_role?', cli_name='in_roles',ist('in_role?', cli_name='in_roles', doc='only hosts with member of roles', label='role', multivalue=True) -option: List('not_in_role?', cli_name='not_in_roles',ist('not_in_role?', cli_name='not_in_roles', doc='only hosts with no member of roles', label='role', multivalue=True) -option: List('enroll_by_user?', cli_name='enroll_by_users',ist('enroll_by_user?', cli_name='enroll_by_users', doc='only hosts with enrolled by users', label='user', multivalue=True) -option: List('not_enroll_by_user?', cli_name='not_enroll_by_users',ist('not_enroll_by_user?', cli_name='not_enroll_by_users', doc='only hosts with no enrolled by users', label='user', multivalue=True) -option: List('man_by_host?', cli_name='man_by_hosts',ist('man_by_host?', cli_name='man_by_hosts', doc='only hosts with managed by hosts', label='host', multivalue=True) -option: List('not_man_by_host?', cli_name='not_man_by_hosts',ist('not_man_by_host?', cli_name='not_man_by_hosts', doc='only hosts with no managed by hosts', label='host', multivalue=True) +option: List('in_hostgroup?', cli_name='in_hostgroups',ist('in_hostgroup?', cli_name='in_hostgroups', doc='Search for hosts with these member of hostgroups.', label='hostgroup', multivalue=True) +option: List('not_in_hostgroup?', cli_name='not_in_hostgroups',ist('not_in_hostgroup?', cli_name='not_in_hostgroups', doc='Search for hosts without these member of hostgroups.', label='hostgroup', multivalue=True) +option: List('in_netgroup?', cli_name='in_netgroups',ist('in_netgroup?', cli_name='in_netgroups', doc='Search for hosts with these member of netgroups.', label='netgroup', multivalue=True) +option: List('not_in_netgroup?', cli_name='not_in_netgroups',ist('not_in_netgroup?', cli_name='not_in_netgroups', doc='Search for hosts without these member of netgroups.', label='netgroup', multivalue=True) +option: List('in_role?', cli_name='in_roles',ist('in_role?', cli_name='in_roles', doc='Search for hosts with these member of roles.', label='role', multivalue=True) +option: List('not_in_role?', cli_name='not_in_roles',ist('not_in_role?', cli_name='not_in_roles', doc='Search for hosts without these member of roles.', label='role', multivalue=True) +option: List('enroll_by_user?', cli_name='enroll_by_users',ist('enroll_by_user?', cli_name='enroll_by_users', doc='Search for hosts with these enrolled by users.', label='user', multivalue=True) +option: List('not_enroll_by_user?', cli_name='not_enroll_by_users',ist('not_enroll_by_user?', cli_name='not_enroll_by_users', doc='Search for hosts without these enrolled by users.', label='user', multivalue=True) +option: List('man_by_host?', cli_name='man_by_hosts',ist('man_by_host?', cli_name='man_by_hosts', doc='Search for hosts with these managed by hosts.', label='host', multivalue=True) +option: List('not_man_by_host?', cli_name='not_man_by_hosts',ist('not_man_by_host?', cli_name='not_man_by_hosts', doc='Search for hosts without these managed by hosts.', label='host', multivalue=True) output: Output('summary', (, ), 'User-friendly description of action performed') output: ListOfEntries('result', (, ), Gettext('A list of LDAP entries', domain='ipa', localedir=None)) output: Output('count', , 'Number of entries returned') @@ -1424,12 +1424,12 @@ option: Int('sizelimit?', autofill=False, flags=['no_display'], label=Gettext('S option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output']) option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui', flags=['no_output']) option: Str('version?', exclude='webui', flags=['no_option', 'no_output']) -option: List('host?', cli_name='hosts',ist('host?', cli_name='hosts', doc='only hostgroups with member hosts', label='host', multivalue=True) -option: List('no_host?', cli_name='no_hosts',ist('no_host?', cli_name='no_hosts', doc='only hostgroups with no member hosts', label='host', multivalue=True) -option: List('hostgroup?', cli_name='hostgroups',ist('hostgroup?', cli_name='hostgroups', doc='only hostgroups with member hostgroups', label='hostgroup', multivalue=True) -option: List('no_hostgroup?', cli_name='no_hostgroups',ist('no_hostgroup?', cli_name='no_hostgroups', doc='only hostgroups with no member hostgroups', label='hostgroup', multivalue=True) -option: List('in_hostgroup?', cli_name='in_hostgroups',ist('in_hostgroup?', cli_name='in_hostgroups', doc='only hostgroups with member of hostgroups', label='hostgroup', multivalue=True) -option: List('not_in_hostgroup?', cli_name='not_in_hostgroups',ist('not_in_hostgroup?', cli_name='not_in_hostgroups', doc='only hostgroups with no member of hostgroups', label='hostgroup', multivalue=True) +option: List('host?', cli_name='hosts',ist('host?', cli_name='hosts', doc='Search for hostgroups with these member hosts.', label='host', multivalue=True) +option: List('no_host?', cli_name='no_hosts',ist('no_host?', cli_name='no_hosts', doc='Search for hostgroups without these member hosts.', label='host', multivalue=True) +option: List('hostgroup?', cli_name='hostgroups',ist('hostgroup?', cli_name='hostgroups', doc='Search for hostgroups with these member hostgroups.', label='hostgroup', multivalue=True) +option: List('no_hostgroup?', cli_name='no_hostgroups',ist('no_hostgroup?', cli_name='no_hostgroups', doc='Search for hostgroups without these member hostgroups.', label='hostgroup', multivalue=True) +option: List('in_hostgroup?', cli_name='in_hostgroups',ist('in_hostgroup?', cli_name='in_hostgroups', doc='Search for hostgroups with these member of hostgroups.', label='hostgroup', multivalue=True) +option: List('not_in_hostgroup?', cli_name='not_in_hostgroups',ist('not_in_hostgroup?', cli_name='not_in_hostgroups', doc='Search for hostgroups without these member of hostgroups.', label='hostgroup', multivalue=True) output: Output('summary', (, ), 'User-friendly description of action performed') output: ListOfEntries('result', (, ), Gettext('A list of LDAP entries', domain='ipa', localedir=None)) output: Output('count', , 'Number of entries returned') @@ -1577,18 +1577,18 @@ option: Flag('private', autofill=True, cli_name='private', default=False,lag('pr option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output']) option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui', flags=['no_output']) option: Str('version?', exclude='webui', flags=['no_option', 'no_output']) -option: List('netgroup?', cli_name='netgroups',ist('netgroup?', cli_name='netgroups', doc='only netgroups with member netgroups', label='netgroup', multivalue=True) -option: List('no_netgroup?', cli_name='no_netgroups',ist('no_netgroup?', cli_name='no_netgroups', doc='only netgroups with no member netgroups', label='netgroup', multivalue=True) -option: List('user?', cli_name='users',ist('user?', cli_name='users', doc='only netgroups with member users', label='user', multivalue=True) -option: List('no_user?', cli_name='no_users',ist('no_user?', cli_name='no_users', doc='only netgroups with no member users', label='user', multivalue=True) -option: List('group?', cli_name='groups',ist('group?', cli_name='groups', doc='only netgroups with member groups', label='group', multivalue=True) -option: List('no_group?', cli_name='no_groups',ist('no_group?', cli_name='no_groups', doc='only netgroups with no member groups', label='group', multivalue=True) -option: List('host?', cli_name='hosts',ist('host?', cli_name='hosts', doc='only netgroups with member hosts', label='host', multivalue=True) -option: List('no_host?', cli_name='no_hosts',ist('no_host?', cli_name='no_hosts', doc='only netgroups with no member hosts', label='host', multivalue=True) -option: List('hostgroup?', cli_name='hostgroups',ist('hostgroup?', cli_name='hostgroups', doc='only netgroups with member hostgroups', label='hostgroup', multivalue=True) -option: List('no_hostgroup?', cli_name='no_hostgroups',ist('no_hostgroup?', cli_name='no_hostgroups', doc='only netgroups with no member hostgroups', label='hostgroup', multivalue=True) -option: List('in_netgroup?', cli_name='in_netgroups',ist('in_netgroup?', cli_name='in_netgroups', doc='only netgroups with member of netgroups', label='netgroup', multivalue=True) -option: List('not_in_netgroup?', cli_name='not_in_netgroups',ist('not_in_netgroup?', cli_name='not_in_netgroups', doc='only netgroups with no member of netgroups', label='netgroup', multivalue=True) +option: List('netgroup?', cli_name='netgroups',ist('netgroup?', cli_name='netgroups', doc='Search for netgroups with these member netgroups.', label='netgroup', multivalue=True) +option: List('no_netgroup?', cli_name='no_netgroups',ist('no_netgroup?', cli_name='no_netgroups', doc='Search for netgroups without these member netgroups.', label='netgroup', multivalue=True) +option: List('user?', cli_name='users',ist('user?', cli_name='users', doc='Search for netgroups with these member users.', label='user', multivalue=True) +option: List('no_user?', cli_name='no_users',ist('no_user?', cli_name='no_users', doc='Search for netgroups without these member users.', label='user', multivalue=True) +option: List('group?', cli_name='groups',ist('group?', cli_name='groups', doc='Search for netgroups with these member groups.', label='group', multivalue=True) +option: List('no_group?', cli_name='no_groups',ist('no_group?', cli_name='no_groups', doc='Search for netgroups without these member groups.', label='group', multivalue=True) +option: List('host?', cli_name='hosts',ist('host?', cli_name='hosts', doc='Search for netgroups with these member hosts.', label='host', multivalue=True) +option: List('no_host?', cli_name='no_hosts',ist('no_host?', cli_name='no_hosts', doc='Search for netgroups without these member hosts.', label='host', multivalue=True) +option: List('hostgroup?', cli_name='hostgroups',ist('hostgroup?', cli_name='hostgroups', doc='Search for netgroups with these member hostgroups.', label='hostgroup', multivalue=True) +option: List('no_hostgroup?', cli_name='no_hostgroups',ist('no_hostgroup?', cli_name='no_hostgroups', doc='Search for netgroups without these member hostgroups.', label='hostgroup', multivalue=True) +option: List('in_netgroup?', cli_name='in_netgroups',ist('in_netgroup?', cli_name='in_netgroups', doc='Search for netgroups with these member of netgroups.', label='netgroup', multivalue=True) +option: List('not_in_netgroup?', cli_name='not_in_netgroups',ist('not_in_netgroup?', cli_name='not_in_netgroups', doc='Search for netgroups without these member of netgroups.', label='netgroup', multivalue=True) output: Output('summary', (, ), 'User-friendly description of action performed') output: ListOfEntries('result', (, ), Gettext('A list of LDAP entries', domain='ipa', localedir=None)) output: Output('count', , 'Number of entries returned') @@ -2032,7 +2032,7 @@ output: Entry('result', , Gettext('A dictionary representing an LDA output: Output('value', , "The primary_key value of the entry, e.g. 'jdoe' for a user") command: selfservice_add args: 1,5,3 -arg: Str('aciname', attribute=True, cli_name='name', label=Gettext('Self-Service name', domain='ipa', localedir=None), multivalue=False, primary_key=True, required=True) +arg: Str('aciname', attribute=True, cli_name='name', label=Gettext('Self-service name', domain='ipa', localedir=None), multivalue=False, primary_key=True, required=True) option: List('permissions', attribute=True, cli_name='permissions', label=Gettext('Permissions', domain='ipa', localedir=None), multivalue=True, required=False) option: List('attrs', attribute=True, cli_name='attrs', label=Gettext('Attributes', domain='ipa', localedir=None), multivalue=True, normalizer=, required=True) option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output']) @@ -2043,14 +2043,14 @@ output: Entry('result', , Gettext('A dictionary representing an LDA output: Output('value', , "The primary_key value of the entry, e.g. 'jdoe' for a user") command: selfservice_del args: 1,0,3 -arg: Str('aciname', attribute=True, cli_name='name', label=Gettext('Self-Service name', domain='ipa', localedir=None), multivalue=False, primary_key=True, query=True, required=True) +arg: Str('aciname', attribute=True, cli_name='name', label=Gettext('Self-service name', domain='ipa', localedir=None), multivalue=False, primary_key=True, query=True, required=True) output: Output('summary', (, ), 'User-friendly description of action performed') output: Output('result', , 'True means the operation was successful') output: Output('value', , "The primary_key value of the entry, e.g. 'jdoe' for a user") command: selfservice_find args: 1,6,4 arg: Str('criteria?') -option: Str('aciname', attribute=True, autofill=False, cli_name='name', label=Gettext('Self-Service name', domain='ipa', localedir=None), multivalue=False, primary_key=True, query=True, required=False) +option: Str('aciname', attribute=True, autofill=False, cli_name='name', label=Gettext('Self-service name', domain='ipa', localedir=None), multivalue=False, primary_key=True, query=True, required=False) option: List('permissions', attribute=True, autofill=False, cli_name='permissions', label=Gettext('Permissions', domain='ipa', localedir=None), multivalue=True, query=True, required=False) option: List('attrs', attribute=True, autofill=False, cli_name='attrs', label=Gettext('Attributes', domain='ipa', localedir=None), multivalue=True, normalizer=, query=True, required=False) option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output']) @@ -2062,7 +2062,7 @@ output: Output('count', , 'Number of entries returned') output: Output('truncated', , 'True if not all results were returned') command: selfservice_mod args: 1,5,3 -arg: Str('aciname', attribute=True, cli_name='name', label=Gettext('Self-Service name', domain='ipa', localedir=None), multivalue=False, primary_key=True, query=True, required=True) +arg: Str('aciname', attribute=True, cli_name='name', label=Gettext('Self-service name', domain='ipa', localedir=None), multivalue=False, primary_key=True, query=True, required=True) option: List('permissions', attribute=True, autofill=False, cli_name='permissions', label=Gettext('Permissions', domain='ipa', localedir=None), multivalue=True, required=False) option: List('attrs', attribute=True, autofill=False, cli_name='attrs', label=Gettext('Attributes', domain='ipa', localedir=None), multivalue=True, normalizer=, required=False) option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output']) @@ -2073,7 +2073,7 @@ output: Entry('result', , Gettext('A dictionary representing an LDA output: Output('value', , "The primary_key value of the entry, e.g. 'jdoe' for a user") command: selfservice_show args: 1,3,3 -arg: Str('aciname', attribute=True, cli_name='name', label=Gettext('Self-Service name', domain='ipa', localedir=None), multivalue=False, primary_key=True, query=True, required=True) +arg: Str('aciname', attribute=True, cli_name='name', label=Gettext('Self-service name', domain='ipa', localedir=None), multivalue=False, primary_key=True, query=True, required=True) option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output']) option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui', flags=['no_output']) option: Str('version?', exclude='webui', flags=['no_option', 'no_output']) @@ -2123,8 +2123,8 @@ option: Int('sizelimit?', autofill=False, flags=['no_display'], label=Gettext('S option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output']) option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui', flags=['no_output']) option: Str('version?', exclude='webui', flags=['no_option', 'no_output']) -option: List('man_by_host?', cli_name='man_by_hosts',ist('man_by_host?', cli_name='man_by_hosts', doc='only services with managed by hosts', label='host', multivalue=True) -option: List('not_man_by_host?', cli_name='not_man_by_hosts',ist('not_man_by_host?', cli_name='not_man_by_hosts', doc='only services with no managed by hosts', label='host', multivalue=True) +option: List('man_by_host?', cli_name='man_by_hosts',ist('man_by_host?', cli_name='man_by_hosts', doc='Search for services with these managed by hosts.', label='host', multivalue=True) +option: List('not_man_by_host?', cli_name='not_man_by_hosts',ist('not_man_by_host?', cli_name='not_man_by_hosts', doc='Search for services without these managed by hosts.', label='host', multivalue=True) output: Output('summary', (, ), 'User-friendly description of action performed') output: ListOfEntries('result', (, ), Gettext('A list of LDAP entries', domain='ipa', localedir=None)) output: Output('count', , 'Number of entries returned') @@ -2613,12 +2613,12 @@ option: Flag('whoami', autofill=True, default=False, label=Gettext('Self', domai option: Flag('all', autofill=True, cli_name='all', default=False, exclude='webui', flags=['no_output']) option: Flag('raw', autofill=True, cli_name='raw', default=False, exclude='webui', flags=['no_output']) option: Str('version?', exclude='webui', flags=['no_option', 'no_output']) -option: List('in_group?', cli_name='in_groups',ist('in_group?', cli_name='in_groups', doc='only users with member of groups', label='group', multivalue=True) -option: List('not_in_group?', cli_name='not_in_groups',ist('not_in_group?', cli_name='not_in_groups', doc='only users with no member of groups', label='group', multivalue=True) -option: List('in_netgroup?', cli_name='in_netgroups',ist('in_netgroup?', cli_name='in_netgroups', doc='only users with member of netgroups', label='netgroup', multivalue=True) -option: List('not_in_netgroup?', cli_name='not_in_netgroups',ist('not_in_netgroup?', cli_name='not_in_netgroups', doc='only users with no member of netgroups', label='netgroup', multivalue=True) -option: List('in_role?', cli_name='in_roles',ist('in_role?', cli_name='in_roles', doc='only users with member of roles', label='role', multivalue=True) -option: List('not_in_role?', cli_name='not_in_roles',ist('not_in_role?', cli_name='not_in_roles', doc='only users with no member of roles', label='role', multivalue=True) +option: List('in_group?', cli_name='in_groups',ist('in_group?', cli_name='in_groups', doc='Search for users with these member of groups.', label='group', multivalue=True) +option: List('not_in_group?', cli_name='not_in_groups',ist('not_in_group?', cli_name='not_in_groups', doc='Search for users without these member of groups.', label='group', multivalue=True) +option: List('in_netgroup?', cli_name='in_netgroups',ist('in_netgroup?', cli_name='in_netgroups', doc='Search for users with these member of netgroups.', label='netgroup', multivalue=True) +option: List('not_in_netgroup?', cli_name='not_in_netgroups',ist('not_in_netgroup?', cli_name='not_in_netgroups', doc='Search for users without these member of netgroups.', label='netgroup', multivalue=True) +option: List('in_role?', cli_name='in_roles',ist('in_role?', cli_name='in_roles', doc='Search for users with these member of roles.', label='role', multivalue=True) +option: List('not_in_role?', cli_name='not_in_roles',ist('not_in_role?', cli_name='not_in_roles', doc='Search for users without these member of roles.', label='role', multivalue=True) output: Output('summary', (, ), 'User-friendly description of action performed') output: ListOfEntries('result', (, ), Gettext('A list of LDAP entries', domain='ipa', localedir=None)) output: Output('count', , 'Number of entries returned') diff --git a/ipalib/frontend.py b/ipalib/frontend.py index 45f5b74c..9c7b80ba 100644 --- a/ipalib/frontend.py +++ b/ipalib/frontend.py @@ -848,13 +848,13 @@ class Command(HasParam): if isinstance(o, (Entry, ListOfEntries)): yield Flag('all', cli_name='all', - doc=_('retrieve and print all attributes from the server. Affects command output.'), + doc=_('Retrieve and print all attributes from the server. Affects command output.'), exclude='webui', flags=['no_output'], ) yield Flag('raw', cli_name='raw', - doc=_('print entries as stored on the server. Only affects output format.'), + doc=_('Print entries as stored on the server. Only affects output format.'), exclude='webui', flags=['no_output'], ) diff --git a/ipalib/plugins/automount.py b/ipalib/plugins/automount.py index 2835204c..65d7322d 100644 --- a/ipalib/plugins/automount.py +++ b/ipalib/plugins/automount.py @@ -34,12 +34,12 @@ A location defines a set of maps anchored in auto.master. This allows you to store multiple automount configurations. A location in itself isn't very interesting, it is just a point to start a new automount map. -A map is roughly equivalent to discrete automount files. It is storage -location for keys. +A map is roughly equivalent to a discrete automount file and provides +storage for keys. -A key is a mount point associated to a map. +A key is a mount point associated with a map. -When a new location is created two maps are automatically created for +When a new location is created, two maps are automatically created for it: auto.master and auto.direct. auto.master is the root map for all automount maps for the location. auto.direct is the default map for direct mounts and is mounted on /-. @@ -51,7 +51,7 @@ Locations: Create a named location, "Baltimore": ipa automountlocation-add baltimore - Display the new locations: + Display the new location: ipa automountlocation-show baltimore Find available locations: @@ -67,7 +67,7 @@ Locations: ipa automountlocation-import baltimore /etc/auto.master The import will fail if any duplicate entries are found. For - continuous operation where errors are ignored use the --continue + continuous operation where errors are ignored, use the --continue option. Maps: @@ -193,7 +193,7 @@ class automountlocation(LDAPObject): Str('cn', cli_name='location', label=_('Location'), - doc=_('Automount location name'), + doc=_('Automount location name.'), primary_key=True, ), ) @@ -203,7 +203,7 @@ api.register(automountlocation) class automountlocation_add(LDAPCreate): """ - Create new automount location. + Create a new automount location. """ def post_callback(self, ldap, dn, entry_attrs, *keys, **options): # create auto.master for the new location @@ -218,7 +218,7 @@ api.register(automountlocation_add) class automountlocation_del(LDAPDelete): """ - Delete automount location. + Delete an automount location. """ api.register(automountlocation_del) @@ -226,7 +226,7 @@ api.register(automountlocation_del) class automountlocation_show(LDAPRetrieve): """ - Display automount location. + Display an automount location. """ api.register(automountlocation_show) @@ -234,7 +234,7 @@ api.register(automountlocation_show) class automountlocation_find(LDAPSearch): """ - Search for automount locations. + Search for an automount location. """ api.register(automountlocation_find) @@ -311,14 +311,14 @@ class automountlocation_import(LDAPQuery): takes_args = ( Str('masterfile', label=_('Master file'), - doc=_('Automount master file'), + doc=_('Automount master file.'), ), ) takes_options = ( Flag('continue?', cli_name='continue', - doc=_('Continuous operation mode. Errors are reported but the process continues'), + doc=_('Continuous operation mode. Errors are reported but the process continues.'), ), ) @@ -502,7 +502,7 @@ class automountmap(LDAPObject): IA5Str('automountmapname', cli_name='map', label=_('Map'), - doc=_('Automount map name'), + doc=_('Automount map name.'), primary_key=True, ), Str('description?', @@ -518,7 +518,7 @@ api.register(automountmap) class automountmap_add(LDAPCreate): """ - Create new automount map. + Create a new automount map. """ api.register(automountmap_add) @@ -526,7 +526,7 @@ api.register(automountmap_add) class automountmap_del(LDAPDelete): """ - Delete automount map. + Delete an automount map. """ def post_callback(self, ldap, dn, *keys, **options): # delete optional parental connection (direct maps may not have this) @@ -545,7 +545,7 @@ api.register(automountmap_del) class automountmap_mod(LDAPUpdate): """ - Modify automount map. + Modify an automount map. """ api.register(automountmap_mod) @@ -553,7 +553,7 @@ api.register(automountmap_mod) class automountmap_find(LDAPSearch): """ - Search for automount maps. + Search for an automount map. """ api.register(automountmap_find) @@ -561,7 +561,7 @@ api.register(automountmap_find) class automountmap_show(LDAPRetrieve): """ - Display automount map. + Display an automount map. """ api.register(automountmap_show) @@ -586,7 +586,7 @@ class automountkey(LDAPObject): IA5Str('automountkey', cli_name='key', label=_('Key'), - doc=_('Automount key name'), + doc=_('Automount key name.'), ), IA5Str('automountinformation', cli_name='info', @@ -665,7 +665,7 @@ api.register(automountkey) class automountkey_add(LDAPCreate): """ - Create new automount key. + Create a new automount key. """ def pre_callback(self, ldap, dn, entry_attrs, *keys, **options): self.obj.check_key_uniqueness(keys[-2], keys[-1], **options) @@ -686,7 +686,7 @@ api.register(automountkey_add) class automountmap_add_indirect(LDAPCreate): """ - Create new indirect mount point. + Create a new indirect mount point. """ takes_options = LDAPCreate.takes_options + ( Str('key', @@ -696,7 +696,7 @@ class automountmap_add_indirect(LDAPCreate): Str('parentmap?', cli_name='parentmap', label=_('Parent map'), - doc=_('Name of parent automount map (default: auto.master)'), + doc=_('Name of parent automount map (default: auto.master).'), default=u'auto.master', autofill=True, ), @@ -716,13 +716,13 @@ api.register(automountmap_add_indirect) class automountkey_del(LDAPDelete): """ - Delete automount key. + Delete an automount key. """ takes_options = LDAPDelete.takes_options + ( IA5Str('automountkey', cli_name='key', label=_('Key'), - doc=_('Automount key name'), + doc=_('Automount key name.'), ), IA5Str('automountinformation', cli_name='info', @@ -747,7 +747,7 @@ api.register(automountkey_del) class automountkey_mod(LDAPUpdate): """ - Modify automount key. + Modify an automount key. """ takes_options = LDAPUpdate.takes_options + ( IA5Str('newautomountinformation', @@ -780,7 +780,7 @@ api.register(automountkey_mod) class automountkey_find(LDAPSearch): """ - Modify automount key. + Search for an automount key. """ api.register(automountkey_find) @@ -788,13 +788,13 @@ api.register(automountkey_find) class automountkey_show(LDAPRetrieve): """ - Display automount key. + Display an automount key. """ takes_options = LDAPRetrieve.takes_options + ( IA5Str('automountkey', cli_name='key', label=_('Key'), - doc=_('Automount key name'), + doc=_('Automount key name.'), ), IA5Str('automountinformation', cli_name='info', diff --git a/ipalib/plugins/baseldap.py b/ipalib/plugins/baseldap.py index ff034c61..8053b278 100644 --- a/ipalib/plugins/baseldap.py +++ b/ipalib/plugins/baseldap.py @@ -411,8 +411,8 @@ _attr_options = ( ), Str('setattr*', validate_set_attribute, cli_name='setattr', - doc=_("""Set an attribute to an name/value pair. Format is attr=value. -For multivalued attributes, the command replaces the values already present."""), + doc=_("""Set an attribute to a name/value pair. Format is attr=value. +For multi-valued attributes, the command replaces the values already present."""), exclude='webui', ), ) @@ -1247,8 +1247,8 @@ class LDAPSearch(CallbackInterface, crud.Search): Retrieve all LDAP entries matching the given criteria. """ member_attributes = [] - member_param_incl_doc = 'only %s with %s %s' - member_param_excl_doc = 'only %s with no %s %s' + member_param_incl_doc = 'Search for %s with these %s %s.' + member_param_excl_doc = 'Search for %s without these %s %s.' takes_options = ( Int('timelimit?', diff --git a/ipalib/plugins/cert.py b/ipalib/plugins/cert.py index 19e0780d..0ddae7bb 100644 --- a/ipalib/plugins/cert.py +++ b/ipalib/plugins/cert.py @@ -24,10 +24,10 @@ IPA certificate operations Implements a set of commands for managing server SSL certificates. -Certificate request exist in the form of a Certificate Signing Request (CSR) +Certificate requests exist in the form of a Certificate Signing Request (CSR) in PEM format. -If using the selfsign backend then the subject in the CSR needs to match +If using the selfsign back end then the subject in the CSR needs to match the subject configured in the server. The dogtag CA uses just the CN value of the CSR and forces the rest of the subject. @@ -57,8 +57,26 @@ EXAMPLES: ipa cert-status 10 IPA currently immediately issues (or declines) all certificate requests so -the status of a request is not normally useful. This is for future-use +the status of a request is not normally useful. This is for future use or the case where a CA does not immediately issue a certificate. + +The following revocation reasons are supported: + + * 0 - unspecified + * 1 - keyCompromise + * 2 - cACompromise + * 3 - affiliationChanged + * 4 - superseded + * 5 - cessationOfOperation + * 6 - certificateHold + * 8 - removeFromCRL + * 9 - privilegeWithdrawn + * 10 - aACompromise + +Note that reason code 7 is not used. See RFC 5280 for more details: + +http://www.ietf.org/rfc/rfc5280.txt + """ from ipalib import api, SkipPluginModule @@ -377,7 +395,7 @@ api.register(cert_request) class cert_status(VirtualCommand): """ - Check status of a certificate signing request. + Check the status of a certificate signing request. """ takes_args = ( @@ -447,7 +465,7 @@ class cert_show(VirtualCommand): takes_options = ( Str('out?', label=_('Output filename'), - doc=_('file to store certificate in'), + doc=_('File to store the certificate in.'), exclude='webui', ), ) diff --git a/ipalib/plugins/config.py b/ipalib/plugins/config.py index 1b5fe869..9d55f95e 100644 --- a/ipalib/plugins/config.py +++ b/ipalib/plugins/config.py @@ -20,7 +20,7 @@ """ Manage the IPA configuration -Manage the default values tha IPA uses and some of its tuning parameters. +Manage the default values that IPA uses and some of its tuning parameters. To show the current configuration: ipa config-show @@ -32,12 +32,12 @@ The available options are: User management options: - --maxusername=INT Max username length when creating/modifing a user + --maxusername=INT Max. username length when creating/modifying a user --homedirectory=STR Default location of home directories (default /home) --defaultshell=STR Default shell for new users (default /bin/sh) --defaultgroup=STR Default group for new users (default ipausers). The - group must exist. Otherwise adding new users will fail. - --emaildomain=STR Default e-mail domain new users + group must exist, or adding new users will fail. + --emaildomain=STR Default e-mail domain for new users Search tuning options. These impact how much data is searched through and how many records may be returned on a given search. @@ -55,12 +55,12 @@ The password notification value is stored here so it will be replicated. It is not currently used to notify users in advance of an expiring password. -Some attributes are read-only, provided for information purposes. These +Some attributes are read-only, provided only for information purposes. These include: Certificate Subject base: the configured certificate subject base, e.g. O=EXAMPLE.COM. This is configurable only at install time. -Password plugin features: currently defines additional hashes that the +Password plug-in features: currently defines additional hashes that the password will generate (there may be other conditions). """ @@ -93,82 +93,82 @@ class config(LDAPObject): takes_params = ( Int('ipamaxusernamelength?', cli_name='maxusername', - label=_('Max username length'), + label=_('Max. username length'), minvalue=1, ), IA5Str('ipahomesrootdir?', cli_name='homedirectory', label=_('Home directory base'), - doc=_('Default location of home directories'), + doc=_('Default location of home directories.'), ), Str('ipadefaultloginshell?', cli_name='defaultshell', label=_('Default shell'), - doc=_('Default shell for new users'), + doc=_('Default shell for new users.'), ), Str('ipadefaultprimarygroup?', cli_name='defaultgroup', label=_('Default users group'), - doc=_('Default group for new users'), + doc=_('Default group for new users.'), ), Str('ipadefaultemaildomain?', cli_name='emaildomain', - label=_('Default e-mail domain'), - doc=_('Default e-mail domain new users'), + label=_('Default e-mail domain for new users'), + doc=_('Default e-mail domain new users.'), ), Int('ipasearchtimelimit?', validate_searchtimelimit, cli_name='searchtimelimit', label=_('Search time limit'), - doc=_('Max. amount of time (sec.) for a search (> 0, or -1 for unlimited)'), + doc=_('Max. amount of time (sec.) for a search (> 0, or -1 for unlimited).'), minvalue=-1, ), Int('ipasearchrecordslimit?', cli_name='searchrecordslimit', label=_('Search size limit'), - doc=_('Max. number of records to search (-1 is unlimited)'), + doc=_('Max. number of records to search (-1 is unlimited).'), minvalue=-1, ), IA5Str('ipausersearchfields?', cli_name='usersearch', label=_('User search fields'), - doc=_('A comma-separated list of fields to search when searching for users'), + doc=_('A comma-separated list of fields to search when searching for users.'), ), IA5Str('ipagroupsearchfields?', cli_name='groupsearch', label='Group search fields', - doc=_('A comma-separated list of fields to search when searching for groups'), + doc=_('A comma-separated list of fields to search when searching for groups.'), ), Bool('ipamigrationenabled?', cli_name='enable_migration', label=_('Migration mode'), - doc=_('Enable migration mode'), + doc=_('Enable migration mode.'), ), Str('ipacertificatesubjectbase?', cli_name='subject', label=_('Certificate Subject base'), - doc=_('Base for certificate subjects (OU=Test,O=Example)'), + doc=_('Base for certificate subjects (OU=Test,O=Example).'), flags=['no_update'], ), List('ipagroupobjectclasses?', cli_name='groupobjectclasses', label=_('Default group objectclasses'), - doc=_('Default group objectclassses (comma-separated list)'), + doc=_('Default group objectclassses (comma-separated list).'), ), List('ipauserobjectclasses?', cli_name='userobjectclasses', label=_('Default user objectclasses'), - doc=_('Default user objectclassses (comma-separated list)'), + doc=_('Default user objectclassses (comma-separated list).'), ), Int('ipapwdexpadvnotify?', cli_name='pwdexpnotify', label=_('Password Expiration Notification'), - doc=_('Password Expiration Notification (days)'), + doc=_('Number of days\'s notice of impending password expiration.'), minvalue=0, ), Str('ipaconfigstring?', cli_name='ipaconfigstring', label=_('Password plugin features'), - doc=_('Extra hashes to generate in password plugin'), + doc=_('Extra hashes to generate in password plug-in.'), flags=['no_update'], ), ) diff --git a/ipalib/plugins/dns.py b/ipalib/plugins/dns.py index 1c03b532..e45a8f92 100644 --- a/ipalib/plugins/dns.py +++ b/ipalib/plugins/dns.py @@ -52,7 +52,7 @@ EXAMPLES: Show zone example.com: ipa dnszone-show example.com - Find zone with "example" in it's domain name: + Find zone with "example" in its domain name: ipa dnszone-find example Find records for resources with "www" in their name in zone example.com: @@ -249,8 +249,8 @@ class dnszone(LDAPObject): ), Str('idnssoamname', cli_name='name_server', - label=_('Authoritative name server'), - doc=_('Authoritative name server'), + label=_('Authoritative nameserver'), + doc=_('Authoritative nameserver.'), ), Str('idnssoarname', cli_name='admin_email', @@ -326,7 +326,7 @@ class dnszone(LDAPObject): Flag('idnsallowdynupdate', cli_name='allow_dynupdate', label=_('Dynamic update'), - doc=_('Allow dynamic update?'), + doc=_('Allow dynamic updates.'), attribute=True, ), ) @@ -340,7 +340,7 @@ class dnszone_add(LDAPCreate): """ takes_options = LDAPCreate.takes_options + ( Flag('force', - doc=_('force DNS zone creation even if name server not in DNS'), + doc=_('Force DNS zone creation even if nameserver not in DNS.'), ), Str('ip_address?', _validate_ipaddr, doc=_('Add the nameserver to DNS with this IP address'), diff --git a/ipalib/plugins/group.py b/ipalib/plugins/group.py index 1c0161a9..d4d0715c 100644 --- a/ipalib/plugins/group.py +++ b/ipalib/plugins/group.py @@ -21,15 +21,15 @@ Groups of users Manage groups of users. By default, new groups are POSIX groups. You -can add the --nonposix to the group-add command to mark a new group +can add the --nonposix option to the group-add command to mark a new group as non-POSIX, and you can use the same argument to the group-mod command to convert a non-POSIX group to a POSIX group. POSIX groups cannot be converted to non-POSIX groups. Every group must have a description. -POSIX groups must have a Group ID number (GID). Changing a GID is -supported but can have impact on your file permissions. It is not necessary +POSIX groups must have a Group ID (GID) number. Changing a GID is +supported but can have an impact on your file permissions. It is not necessary to supply a GID when creating a group. IPA will generate one automatically if it is not provided. @@ -133,7 +133,7 @@ class group_add(LDAPCreate): takes_options = LDAPCreate.takes_options + ( Flag('nonposix', cli_name='nonposix', - doc=_('Create as a non-POSIX group?'), + doc=_('Create as a non-POSIX group'), default=False, ), ) diff --git a/ipalib/plugins/hbacrule.py b/ipalib/plugins/hbacrule.py index 6445199a..d6a0d607 100644 --- a/ipalib/plugins/hbacrule.py +++ b/ipalib/plugins/hbacrule.py @@ -49,7 +49,7 @@ EXAMPLES: ipa hbacrule-add-service --hbacsvcs=sshd john_sshd Create a rule for a new service group. This lets the user john access - the any FTP service on any machine from any machine: + the FTP service on any machine from any machine: ipa hbacsvcgroup-add ftpers ipa hbacsvc-add sftp ipa hbacsvcgroup-add-member --hbacsvcs=ftp,sftp ftpers @@ -85,7 +85,7 @@ from ipalib import AccessTime, Password, Str, StrEnum from ipalib.plugins.baseldap import * from ipalib import _, ngettext -topic = ('hbac', 'Host based access control commands') +topic = ('hbac', 'Host-based access control commands') def is_all(options, attribute): """ @@ -467,7 +467,7 @@ api.register(hbacrule_add_host) class hbacrule_remove_host(LDAPRemoveMember): """ - Remove target hosts and hostgroups from a HBAC rule. + Remove target hosts and hostgroups from an HBAC rule. """ member_attributes = ['memberhost'] member_count_out = ('%i object removed.', '%i objects removed.') @@ -521,7 +521,7 @@ api.register(hbacrule_add_service) class hbacrule_remove_service(LDAPRemoveMember): """ - Remove source hosts and hostgroups from an HBAC rule. + Remove service and service groups from an HBAC rule. """ member_attributes = ['memberservice'] member_count_out = ('%i object removed.', '%i objects removed.') diff --git a/ipalib/plugins/hbacsvcgroup.py b/ipalib/plugins/hbacsvcgroup.py index 0a66697d..f50a6c6e 100644 --- a/ipalib/plugins/hbacsvcgroup.py +++ b/ipalib/plugins/hbacsvcgroup.py @@ -24,20 +24,20 @@ or "members". Every group must have a description. EXAMPLES: - Add a new HBAC services group: + Add a new HBAC service group: ipa hbacsvcgroup-add --desc="login services" login - Add members to an HBAC services group: + Add members to an HBAC service group: ipa hbacsvcgroup-add-member --hbacsvcs=sshd,login login Display information about a named group: ipa hbacsvcgroup-show login Add a new group to the "login" group: - ipa hbacsvcgroup-add --desc="switch users" suers - ipa hbacsvcgroup-add-member --hbacsvcs=su,su-l suers + ipa hbacsvcgroup-add --desc="switch users" login + ipa hbacsvcgroup-add-member --hbacsvcs=su,su-l login - Delete an HBAC services group: + Delete an HBAC service group: ipa hbacsvcgroup-del login """ @@ -82,7 +82,7 @@ api.register(hbacsvcgroup) class hbacsvcgroup_add(LDAPCreate): """ - Add a new HBAC services group. + Add a new HBAC service group. """ msg_summary = _('Added HBAC service group "%(value)s"') @@ -91,7 +91,7 @@ api.register(hbacsvcgroup_add) class hbacsvcgroup_del(LDAPDelete): """ - Delete an HBAC services group. + Delete an HBAC service group. """ msg_summary = _('Deleted HBAC service group "%(value)s"') @@ -100,7 +100,7 @@ api.register(hbacsvcgroup_del) class hbacsvcgroup_mod(LDAPUpdate): """ - Modify an HBAC services group. + Modify an HBAC service group. """ msg_summary = _('Modified HBAC service group "%(value)s"') @@ -109,7 +109,7 @@ api.register(hbacsvcgroup_mod) class hbacsvcgroup_find(LDAPSearch): """ - Search for an HBAC services group. + Search for an HBAC service group. """ msg_summary = ngettext( '%(count)d HBAC service group matched', '%(count)d HBAC service groups matched', 0 @@ -120,7 +120,7 @@ api.register(hbacsvcgroup_find) class hbacsvcgroup_show(LDAPRetrieve): """ - Display information about an HBAC services group. + Display information about an HBAC service group. """ api.register(hbacsvcgroup_show) @@ -128,7 +128,7 @@ api.register(hbacsvcgroup_show) class hbacsvcgroup_add_member(LDAPAddMember): """ - Add members to an HBAC services group. + Add members to an HBAC service group. """ api.register(hbacsvcgroup_add_member) @@ -136,7 +136,7 @@ api.register(hbacsvcgroup_add_member) class hbacsvcgroup_remove_member(LDAPRemoveMember): """ - Remove members from an HBAC services group. + Remove members from an HBAC service group. """ api.register(hbacsvcgroup_remove_member) diff --git a/ipalib/plugins/host.py b/ipalib/plugins/host.py index 53846cd3..52830de1 100644 --- a/ipalib/plugins/host.py +++ b/ipalib/plugins/host.py @@ -23,7 +23,7 @@ Hosts/Machines A host represents a machine. It can be used in a number of contexts: - service entries are associated with a host - a host stores the host/ service principal -- a host can be used in Host-Based Access Control (HBAC) rules +- a host can be used in Host-based Access Control (HBAC) rules - every enrolled client generates a host entry ENROLLMENT: @@ -34,7 +34,8 @@ There are three enrollment scenarios when enrolling a new client: or not. A full administrator is a member of the hostadmin role or the admins group. 2. You are enrolling as a limited administrator. The host must already - exist. A limited administrator is a member of the enrollhost role. + exist. A limited administrator is a member a role with the + Host Enrollment privilege. 3. The host has been created with a one-time password. A host can only be enrolled once. If a client has enrolled and needs to diff --git a/ipalib/plugins/internal.py b/ipalib/plugins/internal.py index 32599319..30aa5eb0 100644 --- a/ipalib/plugins/internal.py +++ b/ipalib/plugins/internal.py @@ -377,7 +377,7 @@ class i18n_messages(Command): "validation_error":_("Text does not match field pattern"), }, "ajax":{ - "401":_("Your kerberos ticket is no longer valid. Please run kinit and then click 'Retry'. If this is your first time running the IPA Web UI follow these directions to configure your browser.") + "401":_("Your Kerberos ticket is no longer valid. Please run kinit and then click 'Retry'. If this is your first time running the IPA Web UI follow these directions to configure your browser.") }, } has_output = ( diff --git a/ipalib/plugins/migration.py b/ipalib/plugins/migration.py index 54e58273..fc2010f9 100644 --- a/ipalib/plugins/migration.py +++ b/ipalib/plugins/migration.py @@ -38,11 +38,12 @@ RFC2307bis. RFC2307bis uses member and uniquemember to specify group members, RFC2307 uses memberUid. The default schema is RFC2307bis. Migrated users do not have Kerberos credentials, they have only their -LDAP password. To complete the migration process users need to go +LDAP password. To complete the migration process, users need to go to http://ipa.example.com/ipa/migration and authenticate using their LDAP password in order to generate their Kerberos credentials. -Migration is disabled by default. To configure it use config-mod: +Migration is disabled by default. Use the command ipa config-mod to +enable it: ipa config-mod --enable-migration=TRUE diff --git a/ipalib/plugins/misc.py b/ipalib/plugins/misc.py index 32457ffb..ed504858 100644 --- a/ipalib/plugins/misc.py +++ b/ipalib/plugins/misc.py @@ -18,7 +18,7 @@ # along with this program. If not, see . """ -Misc plugins +Misc plug-ins """ import re diff --git a/ipalib/plugins/passwd.py b/ipalib/plugins/passwd.py index 44007b7a..4ecd224d 100644 --- a/ipalib/plugins/passwd.py +++ b/ipalib/plugins/passwd.py @@ -19,9 +19,9 @@ """ Set a user's password -If someone other than user changes their password (e.g., Helpdesk resets it) -then the password will need to be changed the first time it is used. -This is so the end-user is the only one that knows the password. +If someone other than a user changes that user's password (e.g., Helpdesk +resets it) then the password will need to be changed the first time it +is used. This is so the end-user is the only one who knows the password. The IPA password policy controls how often a password may be changed, what strength requirements exist, and the length of the password history. diff --git a/ipalib/plugins/permission.py b/ipalib/plugins/permission.py index af25f811..ac8b09b1 100644 --- a/ipalib/plugins/permission.py +++ b/ipalib/plugins/permission.py @@ -26,7 +26,7 @@ user, modifying a group, etc. A permission may not contain other permissions. -* A permissions grants access to read, write, add or delete. +* A permission grants access to read, write, add or delete. * A privilege combines similar permissions (for example all the permissions needed to add a user). * A role grants a set of privileges to users, groups, hosts or hostgroups. @@ -35,9 +35,10 @@ A permission is made up of a number of different parts: 1. The name of the permission. 2. The target of the permission. -3. The permissions granted by the permission. +3. The rights granted by the permission. -The permissions define what operations are allowed and are one or more of: +Rights define what operations are allowed, and may be one or more +of the following: 1. write - write one or more attributes 2. read - read one or more attributes 3. add - add a new entry to the tree @@ -49,14 +50,14 @@ permission is not expected to be used very often. Note the distinction between attributes and entries. The permissions are independent, so being able to add a user does not mean that the user will -be editabe. +be editable. There are a number of allowed targets: 1. type: a type of object (user, group, etc). 2. memberof: a member of a group or hostgroup 3. filter: an LDAP filter 4. subtree: an LDAP filter specifying part of the LDAP DIT. This is a - super-set of the type option. + super-set of the "type" target. 5. targetgroup: grant access to modify a specific group (such as granting the rights to manage group membership) diff --git a/ipalib/plugins/pkinit.py b/ipalib/plugins/pkinit.py index 76934f9e..55a06508 100644 --- a/ipalib/plugins/pkinit.py +++ b/ipalib/plugins/pkinit.py @@ -19,16 +19,21 @@ """ Kerberos pkinit options -Right now it enables only to control whether Anonymous PKINIT is enabled -or not based on whether the wellknown principal is active or not. +Enable or disable anonymous pkinit using the principal +WELLKNOWN/ANONYMOUS@REALM. The server must have been installed with +pkinit support. EXAMPLES: - Enable Anonymous pkinit: + Enable anonymous pkinit: ipa pkinit-anonymous enable - Disable Anonymous pkinit: + Disable anonymous pkinit: ipa pkinit-anonymous disable + +For more information on anonymous pkinit see: + +http://k5wiki.kerberos.org/wiki/Projects/Anonymous_pkinit """ from ipalib import api, errors diff --git a/ipalib/plugins/selfservice.py b/ipalib/plugins/selfservice.py index 53dd1f8d..666178cb 100644 --- a/ipalib/plugins/selfservice.py +++ b/ipalib/plugins/selfservice.py @@ -17,29 +17,29 @@ # You should have received a copy of the GNU General Public License # along with this program. If not, see . """ -Self-Service Permissions +Self-service Permissions A permission enables fine-grained delegation of permissions. Access Control Rules, or instructions (ACIs), grant permission to permissions to perform given tasks such as adding a user, modifying a group, etc. -A Self-Service permission defines what an object can change in its own entry. +A Self-service permission defines what an object can change in its own entry. EXAMPLES: Add a self-service rule to allow users to manage their address: - ipa selfservice-add --permissions=write --attrs=street,postalCode,l,c,st "User's manage their own address" + ipa selfservice-add --permissions=write --attrs=street,postalCode,l,c,st "Users manage their own address" When managing the list of attributes you need to include all attributes in the list, including existing ones. Add telephoneNumber to the list: - ipa selfservice-mod --attrs=street,postalCode,l,c,st,telephoneNumber "User's manage their own address" + ipa selfservice-mod --attrs=street,postalCode,l,c,st,telephoneNumber "Users manage their own address" Display our updated rule: - ipa selfservice-show "User's manage their own address" + ipa selfservice-show "Users manage their own address" Delete a rule: - ipa selfservice-del "User's manage their own address" + ipa selfservice-del "Users manage their own address" """ import copy @@ -54,7 +54,7 @@ ACI_PREFIX=u"selfservice" def is_selfservice(aciname): """ - Determine if the ACI is a Self-Service ACI and raise an exception if it + Determine if the ACI is a Self-service ACI and raise an exception if it isn't. Return the result if it is a self-service ACI. @@ -77,8 +77,8 @@ class selfservice(Object): takes_params = ( Str('aciname', cli_name='name', - label=_('Self-Service name'), - doc=_('Self-Service name'), + label=_('Self-service name'), + doc=_('Self-service name'), primary_key=True, ), List('permissions?', @@ -112,7 +112,7 @@ api.register(selfservice) class selfservice_add(crud.Create): """ - Add a new selfservice permission. + Add a new self-service permission. """ msg_summary = _('Added selfservice "%(value)s"') @@ -135,7 +135,7 @@ api.register(selfservice_add) class selfservice_del(crud.Delete): """ - Delete a selfservice. + Delete a self-service permission. """ has_output = output.standard_boolean @@ -156,7 +156,7 @@ api.register(selfservice_del) class selfservice_mod(crud.Update): """ - Modify a selfservice. + Modify a self-service permission. """ msg_summary = _('Modified selfservice "%(value)s"') @@ -179,7 +179,7 @@ api.register(selfservice_mod) class selfservice_find(crud.Search): """ - Search for selfservices. + Search for a self-service permission. """ msg_summary = ngettext( @@ -205,7 +205,7 @@ api.register(selfservice_find) class selfservice_show(crud.Retrieve): """ - Display information about a selfservice. + Display information about a self-service permission. """ has_output_params = ( Str('aci', diff --git a/ipalib/plugins/service.py b/ipalib/plugins/service.py index d39486c4..2f47e065 100644 --- a/ipalib/plugins/service.py +++ b/ipalib/plugins/service.py @@ -28,7 +28,7 @@ An IPA service can be managed directly from a machine, provided that machine has been given the correct permission. This is true even for machines other than the one the service is associated with. For example, requesting an SSL certificate using the host service principal credentials -of the host. To manage a services using a host credentials you need to +of the host. To manage a service using host credentials you need to kinit as the host: # kinit -kt /etc/krb5.keytab host/ipa.example.com@EXAMPLE.COM diff --git a/ipalib/plugins/sudocmdgroup.py b/ipalib/plugins/sudocmdgroup.py index e628a176..3931111f 100644 --- a/ipalib/plugins/sudocmdgroup.py +++ b/ipalib/plugins/sudocmdgroup.py @@ -17,26 +17,25 @@ # You should have received a copy of the GNU General Public License # along with this program. If not, see . """ -Groups of sudo commands +Groups of Sudo commands -Manage groups of sudo commands. -Every group must have a description. +Manage groups of Sudo commands. EXAMPLES: - Add a new sudo command group: + Add a new Sudo command group: ipa sudocmdgroup-add --desc='administrators commands' admincmds - Remove a sudo command group: + Remove a Sudo command group: ipa sudocmdgroup-del admincmds - Manage sudo command group membership, commands: + Manage Sudo command group membership, commands: ipa sudocmdgroup-add-member --sudocmds=/usr/bin/less,/usr/bin/vim admincmds - Manage sudo command group membership, commands: + Manage Sudo command group membership, commands: ipa group-remove-member --sudocmds=/usr/bin/less admincmds - Show a sudo command group: + Show a Sudo command group: ipa group-show localadmins """ diff --git a/ipalib/plugins/sudorule.py b/ipalib/plugins/sudorule.py index fa114a1f..75b39a04 100644 --- a/ipalib/plugins/sudorule.py +++ b/ipalib/plugins/sudorule.py @@ -38,11 +38,11 @@ from ipalib import Str, StrEnum from ipalib.plugins.baseldap import * from ipalib import _, ngettext -topic = ('sudo', 'commands for controlling sudo configuration') +topic = ('sudo', 'Commands for controlling sudo configuration') class sudorule(LDAPObject): """ - Sudo Rule. + Sudo Rule management """ container_dn = api.env.container_sudorule object_name = 'Sudo Rule' diff --git a/ipalib/plugins/user.py b/ipalib/plugins/user.py index 4a023ced..eaf24ce5 100644 --- a/ipalib/plugins/user.py +++ b/ipalib/plugins/user.py @@ -24,7 +24,7 @@ Manage user entries. All users are POSIX users. IPA supports a wide range of username formats, but you need to be aware of any restrictions that may apply to your particular environment. For example, -usernames that starts with a digit or usernames that exceed a certain length +usernames that start with a digit or usernames that exceed a certain length may cause problems for some UNIX systems. Use 'ipa config-mod' to change the username format allowed by IPA tools. @@ -401,7 +401,7 @@ api.register(user_show) class user_disable(LDAPQuery): """ - Disable user account. + Disable a user account. """ has_output = output.standard_value @@ -424,7 +424,7 @@ api.register(user_disable) class user_enable(LDAPQuery): """ - Enable user account. + Enable a user account. """ has_output = output.standard_value @@ -446,10 +446,12 @@ api.register(user_enable) class user_unlock(LDAPQuery): """ - Lock user account + Unlock a user account - - locked account can't log in against Kerberos and must be unlocked by admin - - account can be locked e.g. by inputting wrong password too many times + An account may become locked if the password is entered incorrectly too + many times within a specific time period as controlled by password + policy. A locked account is a temporary condition and may be unlocked by + an administrator. """ has_output = output.standard_value msg_summary = _('Unlocked account "%(value)s"') -- cgit