From cbe7c54c2caf718bdea7ca6660ba8193d759d2d5 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Fri, 14 Jan 2011 15:11:40 -0500 Subject: Regenerate manpage po[t] files Fixed several typos --- src/man/po/sssd-docs.pot | 2793 ++++++++++++++++++++++++++-------------------- 1 file changed, 1580 insertions(+), 1213 deletions(-) (limited to 'src/man/po/sssd-docs.pot') diff --git a/src/man/po/sssd-docs.pot b/src/man/po/sssd-docs.pot index c9fcca5a6..24beddc92 100644 --- a/src/man/po/sssd-docs.pot +++ b/src/man/po/sssd-docs.pot @@ -6,37 +6,38 @@ #, fuzzy msgid "" msgstr "" -"Project-Id-Version: sssd-docs 1.5.0\n" +"Project-Id-Version: sssd-docs 1.5.1\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2010-11-29 15:33+0100\n" +"POT-Creation-Date: 2011-01-14 15:11-0500\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" +"Language: \n" "MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=utf-8\n" -"Content-Transfer-Encoding: ENCODING" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" -# type: Content of: -#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 sss_useradd.8.xml:5 sss_obfuscate.8.xml:5 sssd.8.xml:5 sssd-krb5.5.xml:5 sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 sss_groupshow.8.xml:5 sss_usermod.8.xml:5 +#. type: Content of: <reference><title> +#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 sss_groupshow.8.xml:5 sss_usermod.8.xml:5 msgid "SSSD Manual pages" msgstr "" -# type: Content of: <reference><refentry><refnamediv><refname> +#. type: Content of: <reference><refentry><refnamediv><refname> #: sss_groupmod.8.xml:10 sss_groupmod.8.xml:15 msgid "sss_groupmod" msgstr "" -# type: Content of: <reference><refentry><refmeta><manvolnum> -#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 sss_useradd.8.xml:11 sss_obfuscate.8.xml:11 sssd.8.xml:11 sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 sss_groupshow.8.xml:11 sss_usermod.8.xml:11 +#. type: Content of: <reference><refentry><refmeta><manvolnum> +#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 sss_groupshow.8.xml:11 sss_usermod.8.xml:11 msgid "8" msgstr "" -# type: Content of: <reference><refentry><refnamediv><refpurpose> +#. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_groupmod.8.xml:16 msgid "modify a group" msgstr "" -# type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_groupmod.8.xml:21 msgid "" "<command>sss_groupmod</command> <arg choice='opt'> " @@ -44,31 +45,31 @@ msgid "" "choice='plain'><replaceable>GROUP</replaceable></arg>" msgstr "" -# type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:41 sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21 sss_useradd.8.xml:30 sss_obfuscate.8.xml:30 sssd.8.xml:29 sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:41 sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21 sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 msgid "DESCRIPTION" msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: sss_groupmod.8.xml:32 msgid "" "<command>sss_groupmod</command> modifies the group to reflect the changes " "that are specified on the command line." msgstr "" -# type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:39 pam_sss.8.xml:48 sss_useradd.8.xml:39 sss_obfuscate.8.xml:59 sssd.8.xml:42 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_groupmod.8.xml:39 pam_sss.8.xml:48 sssd.8.xml:42 sss_obfuscate.8.xml:59 sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 msgid "OPTIONS" msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_groupmod.8.xml:43 sss_usermod.8.xml:77 msgid "" "<option>-a</option>,<option>--append-group</option> " "<replaceable>GROUPS</replaceable>" msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_groupmod.8.xml:48 msgid "" "Append this group to groups specified by the " @@ -77,26 +78,26 @@ msgid "" "group names." msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_groupmod.8.xml:57 sss_usermod.8.xml:91 msgid "" "<option>-r</option>,<option>--remove-group</option> " "<replaceable>GROUPS</replaceable>" msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_groupmod.8.xml:62 msgid "" "Remove this group from groups specified by the " "<replaceable>GROUPS</replaceable> parameter." msgstr "" -# type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:72 sssd.conf.5.xml:963 sssd-ldap.5.xml:1151 pam_sss.8.xml:128 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:113 sssd-ipa.5.xml:178 sss_useradd.8.xml:167 sss_obfuscate.8.xml:104 sssd.8.xml:166 sssd-krb5.5.xml:294 sss_groupadd.8.xml:58 sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 sss_usermod.8.xml:138 +#. type: Content of: <reference><refentry><refsect1><title> +#: sss_groupmod.8.xml:72 sssd.conf.5.xml:990 sssd-ldap.5.xml:1275 pam_sss.8.xml:128 sssd_krb5_locator_plugin.8.xml:75 sssd-simple.5.xml:143 sssd-ipa.5.xml:178 sssd.8.xml:166 sss_obfuscate.8.xml:104 sss_useradd.8.xml:167 sssd-krb5.5.xml:424 sss_groupadd.8.xml:58 sss_userdel.8.xml:93 sss_groupdel.8.xml:46 sss_groupshow.8.xml:58 sss_usermod.8.xml:138 msgid "SEE ALSO" msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: sss_groupmod.8.xml:74 msgid "" "<citerefentry> " @@ -114,32 +115,32 @@ msgid "" "</citerefentry>." msgstr "" -# type: Content of: <reference><refentry><refnamediv><refname> +#. type: Content of: <reference><refentry><refnamediv><refname> #: sssd.conf.5.xml:10 sssd.conf.5.xml:16 msgid "sssd.conf" msgstr "" -# type: Content of: <reference><refentry><refmeta><manvolnum> +#. type: Content of: <reference><refentry><refmeta><manvolnum> #: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 sssd-ipa.5.xml:11 sssd-krb5.5.xml:11 msgid "5" msgstr "" -# type: Content of: <reference><refentry><refmeta><refmiscinfo> +#. type: Content of: <reference><refentry><refmeta><refmiscinfo> #: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 sssd-ipa.5.xml:12 sssd-krb5.5.xml:12 msgid "File Formats and Conventions" msgstr "" -# type: Content of: <reference><refentry><refnamediv><refpurpose> +#. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16 sssd-ipa.5.xml:17 sssd-krb5.5.xml:17 msgid "the configuration file for SSSD" msgstr "" -# type: Content of: <reference><refentry><refsect1><title> +#. type: Content of: <reference><refentry><refsect1><title> #: sssd.conf.5.xml:21 msgid "FILE FORMAT" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><programlisting> +#. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd.conf.5.xml:29 #, no-wrap msgid "" @@ -151,108 +152,108 @@ msgid "" " " msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:24 msgid "" "The file has an ini-style syntax and consists of sections and parameters. A " "section begins with the name of the section in square brackets and continues " "until the next section begins. An example of section with single and " -"multi-valued parameters: <placeholder0>" +"multi-valued parameters: <placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:36 msgid "" "The data types used are string (no quotes needed), integer and bool (with " "values of <quote>TRUE/FALSE</quote>)." msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:41 msgid "" "A line comment starts with a hash sign (<quote>#</quote>) or a semicolon " "(<quote>;</quote>)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:46 msgid "" "All sections can have an optional <replaceable>description</replaceable> " "parameter. Its function is only as a label for the section." msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:52 msgid "" "<filename>sssd.conf</filename> must be a regular file, owned by root and " "only root may read from or write to the file." msgstr "" -# type: Content of: <reference><refentry><refsect1><title> +#. type: Content of: <reference><refentry><refsect1><title> #: sssd.conf.5.xml:58 msgid "SPECIAL SECTIONS" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><title> +#. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:61 msgid "The [sssd] section" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:70 sssd.conf.5.xml:809 +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> +#: sssd.conf.5.xml:70 sssd.conf.5.xml:836 msgid "Section parameters" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:72 msgid "config_file_version (integer)" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:75 msgid "" "Indicates what is the syntax of the config file. SSSD 0.6.0 and later use " "version 2." msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:81 msgid "services" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:84 msgid "Comma separated list of services that are started when sssd itself starts." msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:88 msgid "Supported services: nss, pam" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:93 sssd.conf.5.xml:234 msgid "reconnection_retries (integer)" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:96 sssd.conf.5.xml:237 msgid "" "Number of times services should attempt to reconnect in the event of a Data " "Provider crash or restart before they give up" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:101 sssd.conf.5.xml:242 msgid "Default: 3" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:106 msgid "domains" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:109 msgid "" "A domain is a database containing user information. SSSD can use more " @@ -261,19 +262,19 @@ msgid "" "them to be queried." msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:119 msgid "re_expression (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:122 msgid "" "Regular expression that describes how to parse the string containing user " "name and domain into these components." msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:126 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " @@ -281,27 +282,27 @@ msgid "" "sign, the domain everything after that\"" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:131 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " -"on all plattforms (e.g. RHEL5 and SLES10). Only plattforms with libpcre " +"on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " "version 7 or higher can support non-unique named subpatterns." msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:138 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax " "(?P<name>) to label subpatterns." msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:145 msgid "full_name_format (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:148 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> " @@ -309,17 +310,17 @@ msgid "" "how to translate a (name, domain) tuple into a fully qualified name." msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:156 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><term> #: sssd.conf.5.xml:161 msgid "try_inotify (boolean)" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:164 msgid "" "SSSD monitors the state of resolv.conf to identify when it needs to update " @@ -328,7 +329,7 @@ msgid "" "inotify cannot be used." msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:172 msgid "" "There are some limited situations where it is preferred that we should skip " @@ -336,36 +337,37 @@ msgid "" "to 'false'" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:178 msgid "" "Default: true on platforms where inotify is supported. False on other " "platforms." msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><para><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:182 msgid "" "Note: this option will have no effect on platforms where inotify is " "unavailable. On these platforms, polling will always be used." msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:63 msgid "" "Individual pieces of SSSD functionality are provided by special SSSD " "services that are started and stopped together with SSSD. The services are " "managed by a special service frequently called <quote>monitor</quote>. The " "<quote>[sssd]</quote> section is used to configure the monitor as well as " -"some other important options like the identity domains. <placeholder0>" +"some other important options like the identity domains. <placeholder " +"type=\"variablelist\" id=\"0\"/>" msgstr "" -# type: Content of: <reference><refentry><refsect1><title> +#. type: Content of: <reference><refentry><refsect1><title> #: sssd.conf.5.xml:195 msgid "SERVICES SECTIONS" msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: sssd.conf.5.xml:197 msgid "" "Settings that can be used to configure different services are described in " @@ -374,54 +376,54 @@ msgid "" "<quote>[nss]</quote>" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><title> +#. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:204 msgid "General service configuration options" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:206 msgid "These options can be used to configure any service." msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:210 msgid "debug_level (integer)" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:213 msgid "" "Sets the debug level for the service. The value can be in range from 0 (only " "critical messages) to 10 (very verbose)." msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:218 sssd.conf.5.xml:312 msgid "Default: 0" msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sssd.conf.5.xml:223 sssd.8.xml:58 msgid "debug_timestamps (bool)" msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:226 sssd.8.xml:61 msgid "Add a timestamp to the debug messages" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:229 sssd.conf.5.xml:353 sssd-ldap.5.xml:872 sssd-ldap.5.xml:966 sssd-ipa.5.xml:142 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:229 sssd.conf.5.xml:353 sssd-ldap.5.xml:914 sssd-ldap.5.xml:1019 sssd-ipa.5.xml:142 msgid "Default: true" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:247 msgid "command (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:250 msgid "" "By default, the executable representing this service is called " @@ -430,46 +432,46 @@ msgid "" "the default values should suffice." msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:258 msgid "Default: <command>sssd_${service_name}</command>" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><title> +#. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:266 msgid "NSS configuration options" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:268 msgid "" "These options can be used to configure the Name Service Switch (NSS) " "service." msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:273 msgid "enum_cache_timeout (integer)" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:276 msgid "" "How many seconds should nss_sss cache enumerations (requests for info about " "all users)" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:280 msgid "Default: 120" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:285 msgid "entry_cache_nowait_percentage (integer)" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:288 msgid "" "The entry cache can be set to automatically update entries in the background " @@ -477,7 +479,7 @@ msgid "" "for the domain." msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:294 msgid "" "For example, if the domain's entry_cache_timeout is set to 30s and " @@ -487,7 +489,7 @@ msgid "" "requests will not need to block waiting for a cache update." msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:304 msgid "" "Valid values for this option are 0-99 and represent a percentage of the " @@ -496,12 +498,12 @@ msgid "" "disables this feature)" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:317 msgid "entry_negative_timeout (integer)" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:320 msgid "" "Specifies for how many seconds nss_sss should cache negative cache hits " @@ -509,94 +511,94 @@ msgid "" "before asking the back end again." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:326 sssd-krb5.5.xml:218 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:326 sssd-krb5.5.xml:223 msgid "Default: 15" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:331 msgid "filter_users, filter_groups (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:334 msgid "" "Exclude certain users from being fetched from the sss NSS database. This is " -"particulary useful for system accounts. This option can also be set " +"particularly useful for system accounts. This option can also be set " "per-domain or include fully-qualified names to filter only users from the " "particular domain." msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:341 msgid "Default: root" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:346 msgid "filter_users_in_groups (bool)" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:349 msgid "If you want filtered user still be group members set this option to false." msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><title> +#. type: Content of: <reference><refentry><refsect1><refsect2><title> #: sssd.conf.5.xml:360 msgid "PAM configuration options" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><para> #: sssd.conf.5.xml:362 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:367 msgid "offline_credentials_expiration (integer)" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:370 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:375 sssd.conf.5.xml:388 msgid "Default: 0 (No limit)" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:381 msgid "offline_failed_login_attempts (integer)" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:384 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:394 msgid "offline_failed_login_delay (integer)" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:397 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:402 msgid "" "If set to 0 the user cannot authenticate offline if " @@ -604,72 +606,95 @@ msgid "" "authentication can enable enable offline authentication again." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:408 sssd.conf.5.xml:748 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:408 sssd.conf.5.xml:461 sssd.conf.5.xml:775 msgid "Default: 5" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> #: sssd.conf.5.xml:414 msgid "pam_verbosity (integer)" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:417 msgid "" "Controls what kind of messages are shown to the user during " "authentication. The higher the number to more messages are displayed." msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:422 msgid "Currently sssd supports the following values:" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:425 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:428 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:432 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:435 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> #: sssd.conf.5.xml:439 msgid "Default: 1" msgstr "" -# type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:448 +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:444 +msgid "pam_id_timeout (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:447 +msgid "" +"For any PAM request while SSSD is online, the SSSD will attempt to " +"immediately update the cached identity information for the user in order to " +"ensure that authentication takes place with the latest information." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:453 +msgid "" +"A complete PAM conversation may perform multiple PAM requests, such as " +"account management and session opening. This option controls (on a " +"per-client-application basis) how long (in seconds) we can cache the " +"identity information to avoid excessive round-trips to the identity " +"provider." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:470 msgid "DOMAIN SECTIONS" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:455 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:477 msgid "min_id,max_id (integer)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:458 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:480 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:463 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:485 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For " @@ -677,57 +702,57 @@ msgid "" "expected." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:470 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:492 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:476 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:498 msgid "timeout (integer)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:479 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:501 msgid "" "Timeout in seconds between heartbeats for this domain. This is used to " "ensure that the backend process is alive and capable of answering requests." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:484 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:506 msgid "Default: 10" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:490 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:512 msgid "enumerate (bool)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:493 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:515 msgid "" "Determines if a domain can be enumerated. This parameter can have one of the " "following values:" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:497 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:519 msgid "TRUE = Users and groups are enumerated" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:500 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:522 msgid "FALSE = No enumerations for this domain" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:503 sssd.conf.5.xml:546 sssd.conf.5.xml:600 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:525 sssd.conf.5.xml:573 sssd.conf.5.xml:627 msgid "Default: FALSE" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:506 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:528 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -736,8 +761,15 @@ msgid "" "heavy enumeration processing." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:516 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:538 +msgid "" +"While the first enumeration is running, requests for the complete user or " +"group lists may return no results until it completes." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:543 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -745,40 +777,40 @@ msgid "" "to the man pages for the specific id_provider in use." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:527 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:554 msgid "entry_cache_timeout (integer)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:530 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:557 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:534 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:561 msgid "Default: 5400" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:539 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:566 msgid "cache_credentials (bool)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:542 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:569 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:551 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:578 msgid "account_cache_expiration (integer)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:554 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:581 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -786,48 +818,48 @@ msgid "" "offline_credentials_expiration." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:561 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:588 msgid "Default: 0 (unlimited)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:567 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:594 msgid "id_provider (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:570 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:597 msgid "The Data Provider identity backend to use for this domain." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:574 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:601 msgid "Supported backends:" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:577 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:604 msgid "proxy: Support a legacy NSS provider" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:580 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:607 msgid "local: SSSD internal local provider" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:583 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:610 msgid "ldap: LDAP provider" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:589 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:616 msgid "use_fully_qualified_names (bool)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:592 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:619 msgid "" "If set to TRUE, all requests to this domain must use fully qualified " "names. For example, if used in LOCAL domain that contains a \"test\" user, " @@ -835,76 +867,76 @@ msgid "" "<command>getent passwd test@LOCAL</command> would." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:605 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:632 msgid "auth_provider (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:608 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:635 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:612 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:639 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " "</citerefentry> for more information on configuring LDAP." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:619 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:646 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> " "</citerefentry> for more information on configuring Kerberos." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:626 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:653 msgid "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:629 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:656 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:632 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:659 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:638 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:665 msgid "access_provider (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:641 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:668 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " "Internal special providers are:" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:647 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:674 msgid "<quote>permit</quote> always allow access." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:650 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:677 msgid "<quote>deny</quote> always deny access." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:653 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:680 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> " @@ -912,25 +944,25 @@ msgid "" "the simple access module." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:660 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:687 msgid "Default: <quote>permit</quote>" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:665 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:692 msgid "chpass_provider (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:668 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:695 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:673 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:700 msgid "" "<quote>ipa</quote> to change a password stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -938,8 +970,8 @@ msgid "" "IPA." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:681 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:708 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> " @@ -947,245 +979,248 @@ msgid "" "LDAP." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:689 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:716 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> " "</citerefentry> for more information on configuring Kerberos." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:697 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:724 msgid "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:701 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:728 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:704 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:731 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:711 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:738 msgid "lookup_family_order (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:714 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:741 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:718 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:745 msgid "Supported values:" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:721 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:748 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:724 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:751 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:727 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:754 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:730 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:757 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:733 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:760 msgid "Default: ipv4_first" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:739 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:766 msgid "dns_resolver_timeout (integer)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:742 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:769 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the DNS " "resolver before assuming that it is unreachable. If this timeout is reached, " "the domain will continue to operate in offline mode." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:754 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:781 msgid "dns_discovery_domain (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:757 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:784 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:761 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:788 msgid "Default: Use the domain part of machine's hostname" msgstr "" -# type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:450 +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:472 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called " -"<quote>[domain/<replaceable>NAME</replaceable>]</quote> <placeholder0>" +"<quote>[domain/<replaceable>NAME</replaceable>]</quote> <placeholder " +"type=\"variablelist\" id=\"0\"/>" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:773 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:800 msgid "proxy_pam_target (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:776 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:803 msgid "The proxy target PAM proxies to." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:779 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:806 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:787 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:814 msgid "proxy_lib_name (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:790 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:817 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " "for example _nss_files_getpwent." msgstr "" -# type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:769 -msgid "Options valid for proxy domains. <placeholder0>" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:796 +msgid "" +"Options valid for proxy domains. <placeholder type=\"variablelist\" " +"id=\"0\"/>" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:802 +#. type: Content of: <reference><refentry><refsect1><refsect2><title> +#: sssd.conf.5.xml:829 msgid "The local domain section" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:804 +#. type: Content of: <reference><refentry><refsect1><refsect2><para> +#: sssd.conf.5.xml:831 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " "<replaceable>id_provider=local</replaceable>." msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:811 +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:838 msgid "default_shell (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:814 +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:841 msgid "The default shell for users created with SSSD userspace tools." msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:818 +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:845 msgid "Default: <filename>/bin/bash</filename>" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:823 +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:850 msgid "base_directory (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:826 +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:853 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:831 +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:858 msgid "Default: <filename>/home</filename>" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:836 +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:863 msgid "create_homedir (bool)" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:839 +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:866 msgid "" "Indicate if a home directory should be created by default for new users. " -"Can be overriden on command line." +"Can be overridden on command line." msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:843 sssd.conf.5.xml:855 +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:870 sssd.conf.5.xml:882 msgid "Default: TRUE" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:848 +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:875 msgid "remove_homedir (bool)" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:851 +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:878 msgid "" "Indicate if a home directory should be removed by default for deleted " -"users. Can be overriden on command line." +"users. Can be overridden on command line." msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:860 +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:887 msgid "homedir_umask (integer)" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:890 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " "on a newly created home directory." msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:871 +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:898 msgid "Default: 077" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:876 +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:903 msgid "skel_dir (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:879 +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:906 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -1193,54 +1228,54 @@ msgid "" "<manvolnum>8</manvolnum> </citerefentry>" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:889 +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:916 msgid "Default: <filename>/etc/skel</filename>" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:894 +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:921 msgid "mail_dir (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:897 +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:924 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " "default value is used." msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:904 +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:931 msgid "Default: <filename>/var/mail</filename>" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:909 +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:936 msgid "userdel_cmd (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:912 +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:939 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " "return code of the command is not taken into account." msgstr "" -# type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:918 +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:945 msgid "Default: None, no command is run" msgstr "" -# type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:928 sssd-ldap.5.xml:1119 sssd-simple.5.xml:96 sssd-ipa.5.xml:160 sssd-krb5.5.xml:275 +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.conf.5.xml:955 sssd-ldap.5.xml:1243 sssd-simple.5.xml:126 sssd-ipa.5.xml:160 sssd-krb5.5.xml:405 msgid "EXAMPLE" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:934 +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sssd.conf.5.xml:961 #, no-wrap msgid "" "[sssd]\n" @@ -1269,16 +1304,17 @@ msgid "" "enumerate = False\n" msgstr "" -# type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:930 +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:957 msgid "" "The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " -"configuring domains for more details. <placeholder0>" +"configuring domains for more details. <placeholder type=\"programlisting\" " +"id=\"0\"/>" msgstr "" -# type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:965 +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.conf.5.xml:992 msgid "" "<citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle><manvolnum>5</manvolnum> " @@ -1301,12 +1337,12 @@ msgid "" "</citerefentry>." msgstr "" -# type: Content of: <reference><refentry><refnamediv><refname> +#. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-ldap.5.xml:10 sssd-ldap.5.xml:16 msgid "sssd-ldap" msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:23 msgid "" "This manual page describes the configuration of LDAP domains for " @@ -1317,12 +1353,12 @@ msgid "" "information." msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:35 msgid "You can configure SSSD to use more than one LDAP domain." msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:38 msgid "" "LDAP back end supports id, auth, access and chpass providers. If you want to " @@ -1334,17 +1370,17 @@ msgid "" "using LDAP as an access provider." msgstr "" -# type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:60 sssd-ipa.5.xml:61 sssd-krb5.5.xml:63 +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:61 sssd-krb5.5.xml:63 msgid "CONFIGURATION OPTIONS" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:60 msgid "ldap_uri (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:63 msgid "" "Specifies the list of URIs of the LDAP servers to which SSSD should connect " @@ -1354,18 +1390,42 @@ msgid "" "<quote>SERVICE DISCOVERY</quote> section." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:73 -msgid "ldap_search_base (string)" +msgid "ldap_chpass_uri (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:76 +msgid "" +"Specifies the list of URIs of the LDAP servers to which SSSD should connect " +"in the order of preference to change the password of a user. Refer to the " +"<quote>FAILOVER</quote> section for more information on failover and server " +"redundancy." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:83 +msgid "To enable service discovery ldap_chpass_dns_service_name must be set." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:87 +msgid "Default: empty, i.e. ldap_uri is used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:93 +msgid "ldap_search_base (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:96 msgid "The default base DN to use for performing LDAP user operations." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:80 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:100 msgid "" "Default: If not set the value of the defaultNamingContext or namingContexts " "attribute from the RootDSE of the LDAP server is used. If " @@ -1375,13 +1435,13 @@ msgid "" "are not supported." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:94 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:114 msgid "ldap_schema (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:97 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:117 msgid "" "Specifies the Schema Type in use on the target LDAP server. Depending on " "the selected schema, the default attribute names retrieved from the servers " @@ -1394,202 +1454,202 @@ msgid "" "attribute." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:116 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:136 msgid "Default: rfc2307" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:122 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:142 msgid "ldap_default_bind_dn (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:125 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:145 msgid "The default bind DN to use for performing LDAP operations." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:132 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:152 msgid "ldap_default_authtok_type (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:135 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:155 msgid "The type of the authentication token of the default bind DN." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:139 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:159 msgid "The two mechanisms currently supported are:" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:142 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:162 msgid "password" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:145 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:165 msgid "obfuscated_password" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:151 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:171 msgid "ldap_default_authtok (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:154 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:174 msgid "" "The authentication token of the default bind DN. Only clear text passwords " "are currently supported." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:161 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:181 msgid "ldap_user_object_class (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:164 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:184 msgid "The object class of a user entry in LDAP." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:167 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:187 msgid "Default: posixAccount" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:173 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:193 msgid "ldap_user_name (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:176 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:196 msgid "The LDAP attribute that corresponds to the user's login name." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:180 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:200 msgid "Default: uid" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:186 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:206 msgid "ldap_user_uid_number (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:189 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:209 msgid "The LDAP attribute that corresponds to the user's id." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:193 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:213 msgid "Default: uidNumber" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:199 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:219 msgid "ldap_user_gid_number (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:202 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:222 msgid "The LDAP attribute that corresponds to the user's primary group id." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:206 sssd-ldap.5.xml:538 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:226 sssd-ldap.5.xml:580 msgid "Default: gidNumber" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:212 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:232 msgid "ldap_user_gecos (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:215 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:235 msgid "The LDAP attribute that corresponds to the user's gecos field." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:219 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:239 msgid "Default: gecos" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:225 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:245 msgid "ldap_user_home_directory (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:228 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:248 msgid "The LDAP attribute that contains the name of the user's home directory." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:232 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:252 msgid "Default: homeDirectory" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:238 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:258 msgid "ldap_user_shell (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:241 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:261 msgid "The LDAP attribute that contains the path to the user's default shell." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:245 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:265 msgid "Default: loginShell" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:251 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:271 msgid "ldap_user_uuid (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:254 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:274 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP user object." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:258 sssd-ldap.5.xml:564 sssd-ldap.5.xml:657 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:278 sssd-ldap.5.xml:606 sssd-ldap.5.xml:699 msgid "Default: nsUniqueId" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:264 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:284 msgid "ldap_user_modify_timestamp (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:267 sssd-ldap.5.xml:573 sssd-ldap.5.xml:666 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:287 sssd-ldap.5.xml:615 sssd-ldap.5.xml:708 msgid "" "The LDAP attribute that contains timestamp of the last modification of the " "parent object." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:271 sssd-ldap.5.xml:577 sssd-ldap.5.xml:670 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:291 sssd-ldap.5.xml:619 sssd-ldap.5.xml:712 msgid "Default: modifyTimestamp" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:277 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:297 msgid "ldap_user_shadow_last_change (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:280 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:300 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> " @@ -1597,18 +1657,18 @@ msgid "" "</citerefentry> counterpart (date of the last password change)." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:290 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:310 msgid "Default: shadowLastChange" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:296 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:316 msgid "ldap_user_shadow_min (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:299 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:319 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> " @@ -1616,18 +1676,18 @@ msgid "" "</citerefentry> counterpart (minimum password age)." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:308 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:328 msgid "Default: shadowMin" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:314 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:334 msgid "ldap_user_shadow_max (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:317 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:337 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> " @@ -1635,18 +1695,18 @@ msgid "" "</citerefentry> counterpart (maximum password age)." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:326 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:346 msgid "Default: shadowMax" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:332 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:352 msgid "ldap_user_shadow_warning (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:335 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:355 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> " @@ -1654,18 +1714,18 @@ msgid "" "</citerefentry> counterpart (password warning period)." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:345 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:365 msgid "Default: shadowWarning" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:351 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:371 msgid "ldap_user_shadow_inactive (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:354 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:374 msgid "" "When using ldap_pwd_policy=shadow, this parameter contains the name of an " "LDAP attribute corresponding to its <citerefentry> " @@ -1673,89 +1733,90 @@ msgid "" "</citerefentry> counterpart (password inactivity period)." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:364 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:384 msgid "Default: shadowInactive" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:370 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:390 msgid "ldap_user_shadow_expire (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:373 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:393 msgid "" -"When using ldap_pwd_policy=shadow, this parameter contains the name of an " -"LDAP attribute corresponding to its <citerefentry> " -"<refentrytitle>shadow</refentrytitle> <manvolnum>5</manvolnum> " -"</citerefentry> counterpart (account expiration date)." +"When using ldap_pwd_policy=shadow or ldap_account_expire_policy=shadow, this " +"parameter contains the name of an LDAP attribute corresponding to its " +"<citerefentry> <refentrytitle>shadow</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> counterpart (account expiration " +"date)." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:382 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:403 msgid "Default: shadowExpire" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:388 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:409 msgid "ldap_user_krb_last_pwd_change (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:391 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:412 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time of last password change in " "kerberos." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:397 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:418 msgid "Default: krbLastPwdChange" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:403 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:424 msgid "ldap_user_krb_password_expiration (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:406 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:427 msgid "" "When using ldap_pwd_policy=mit_kerberos, this parameter contains the name of " "an LDAP attribute storing the date and time when current password expires." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:412 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:433 msgid "Default: krbPasswordExpiration" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:418 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:439 msgid "ldap_user_principal (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:421 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:442 msgid "" "The LDAP attribute that contains the user's Kerberos User Principal Name " "(UPN)." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:425 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:446 msgid "Default: krbPrincipalName" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:431 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:452 msgid "ldap_force_upper_case_realm (boolean)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:434 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:455 msgid "" "Some directory servers, for example Active Directory, might deliver the " "realm part of the UPN in lower case, which might cause the authentication to " @@ -1763,241 +1824,266 @@ msgid "" "realm." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:441 sssd-ldap.5.xml:818 sssd-ipa.5.xml:115 sssd.8.xml:64 sssd-krb5.5.xml:230 sssd-krb5.5.xml:261 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:462 sssd-ldap.5.xml:860 sssd-ipa.5.xml:115 sssd.8.xml:64 sssd-krb5.5.xml:235 sssd-krb5.5.xml:266 msgid "Default: false" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:447 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:468 msgid "ldap_enumeration_refresh_timeout (integer)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:450 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:471 msgid "" "The LDAP attribute that contains how many seconds SSSD has to wait before " "refreshing its cache of enumerated records." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:455 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:476 msgid "Default: 300" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:461 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:482 msgid "ldap_purge_cache_timeout" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:464 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:485 msgid "" "Determine how often to check the cache for inactive entries (such as groups " "with no members and users who have never logged in) and remove them to save " "space." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:470 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:491 msgid "Setting this option to zero will disable the cache cleanup operation." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:474 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:495 msgid "Default: 10800 (12 hours)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:480 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:501 msgid "ldap_user_fullname (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:483 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:504 msgid "The LDAP attribute that corresponds to the user's full name." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:487 sssd-ldap.5.xml:525 sssd-ldap.5.xml:618 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:508 sssd-ldap.5.xml:567 sssd-ldap.5.xml:660 msgid "Default: cn" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:493 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:514 msgid "ldap_user_member_of (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:496 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:517 msgid "The LDAP attribute that lists the user's group memberships." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:500 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:521 msgid "Default: memberOf" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:506 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:527 +msgid "ldap_user_authorized_service (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:530 +msgid "" +"If access_provider=ldap and ldap_access_order=authorized_service, SSSD will " +"use the presence of the authorizedService attribute in the user's LDAP entry " +"to determine access privilege." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:537 +msgid "" +"An explicit deny (!svc) is resolved first. Second, SSSD searches for " +"explicit allow (svc) and finally for allow_all (*)." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:542 +msgid "Default: authorizedService" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:548 msgid "ldap_group_object_class (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:509 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:551 msgid "The object class of a group entry in LDAP." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:512 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:554 msgid "Default: posixGroup" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:518 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:560 msgid "ldap_group_name (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:521 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:563 msgid "The LDAP attribute that corresponds to the group name." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:531 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:573 msgid "ldap_group_gid_number (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:534 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:576 msgid "The LDAP attribute that corresponds to the group's id." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:544 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:586 msgid "ldap_group_member (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:547 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:589 msgid "The LDAP attribute that contains the names of the group's members." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:551 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:593 msgid "Default: memberuid (rfc2307) / member (rfc2307bis)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:557 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:599 msgid "ldap_group_uuid (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:560 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:602 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP group object." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:570 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:612 msgid "ldap_group_modify_timestamp (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:583 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:625 msgid "ldap_group_nesting_level (integer)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:586 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:628 msgid "" "If ldap_schema is set to a schema format that supports nested groups " "(e.g. RFC2307bis), then this option controls how many levels of nesting SSSD " "will follow. This option has no effect on the RFC2307 schema." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:593 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:635 msgid "Default: 2" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:599 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:641 msgid "ldap_netgroup_object_class (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:602 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:644 msgid "The object class of a netgroup entry in LDAP." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:605 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:647 msgid "Default: nisNetgroup" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:611 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:653 msgid "ldap_netgroup_name (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:614 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:656 msgid "The LDAP attribute that corresponds to the netgroup name." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:624 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:666 msgid "ldap_netgroup_member (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:627 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:669 msgid "The LDAP attribute that contains the names of the netgroup's members." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:631 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:673 msgid "Default: memberNisNetgroup" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:637 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:679 msgid "ldap_netgroup_triple (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:640 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:682 msgid "The LDAP attribute that contains the (host, user, domain) netgroup triples." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:644 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:686 msgid "Default: nisNetgroupTriple" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:650 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:692 msgid "ldap_netgroup_uuid (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:653 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:695 msgid "The LDAP attribute that contains the UUID/GUID of an LDAP netgroup object." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:663 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:705 msgid "ldap_netgroup_modify_timestamp (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:676 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:718 msgid "ldap_search_timeout (integer)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:679 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:721 msgid "" "Specifies the timeout (in seconds) that ldap searches are allowed to run " "before they are cancelled and cached results are returned (and offline mode " @@ -2006,18 +2092,18 @@ msgid "" "for specific lookup types." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:689 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:731 msgid "Default: 60" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:695 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:737 msgid "ldap_network_timeout (integer)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:698 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:740 msgid "" "Specifies the timeout (in seconds) after which the <citerefentry> " "<refentrytitle>poll</refentrytitle> <manvolnum>2</manvolnum> " @@ -2027,103 +2113,103 @@ msgid "" "</citerefentry> returns in case of no activity." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:715 sssd-ldap.5.xml:730 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:757 sssd-ldap.5.xml:772 msgid "Default: 6" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:721 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:763 msgid "ldap_opt_timeout (integer)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:724 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:766 msgid "" "Specifies a timeout (in seconds) after which calls to synchronous LDAP APIs " "will abort if no response is received. Also controls the timeout when " "communicating with the KDC in case of SASL bind." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:736 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:778 msgid "ldap_tls_reqcert (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:739 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:781 msgid "" "Specifies what checks to perform on server certificates in a TLS session, if " "any. It can be specified as one of the following values:" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:745 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:787 msgid "" "<emphasis>never</emphasis> = The client will not request or check any server " "certificate." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:749 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:791 msgid "" "<emphasis>allow</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " "is provided, it will be ignored and the session proceeds normally." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:756 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:798 msgid "" "<emphasis>try</emphasis> = The server certificate is requested. If no " "certificate is provided, the session proceeds normally. If a bad certificate " "is provided, the session is immediately terminated." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:762 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:804 msgid "" "<emphasis>demand</emphasis> = The server certificate is requested. If no " "certificate is provided, or a bad certificate is provided, the session is " "immediately terminated." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:768 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:810 msgid "<emphasis>hard</emphasis> = Same as <quote>demand</quote>" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:772 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:814 msgid "Default: hard" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:778 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:820 msgid "ldap_tls_cacert (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:781 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:823 msgid "" "Specifies the file that contains certificates for all of the Certificate " "Authorities that <command>sssd</command> will recognize." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:786 sssd-ldap.5.xml:804 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:828 sssd-ldap.5.xml:846 msgid "" "Default: use OpenLDAP defaults, typically in " "<filename>/etc/openldap/ldap.conf</filename>" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:793 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:835 msgid "ldap_tls_cacertdir (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:796 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:838 msgid "" "Specifies the path of a directory that contains Certificate Authority " "certificates in separate individual files. Typically the file names need to " @@ -2131,102 +2217,102 @@ msgid "" "<command>cacertdir_rehash</command> can be used to create the correct names." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:811 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:853 msgid "ldap_id_use_start_tls (boolean)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:814 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:856 msgid "" "Specifies that the id_provider connection must also use <systemitem " "class=\"protocol\">tls</systemitem> to protect the channel." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:824 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:866 msgid "ldap_sasl_mech (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:827 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:869 msgid "" "Specify the SASL mechanism to use. Currently only GSSAPI is tested and " "supported." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:831 sssd-ldap.5.xml:948 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:873 sssd-ldap.5.xml:1001 msgid "Default: none" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:837 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:879 msgid "ldap_sasl_authid (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:840 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:882 msgid "" "Specify the SASL authorization id to use. When GSSAPI is used, this " "represents the Kerberos principal used for authentication to the directory." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:845 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:887 msgid "Default: host/machine.fqdn@REALM" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:851 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:893 msgid "ldap_krb5_keytab (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:854 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:896 msgid "Specify the keytab to use when using SASL/GSSAPI." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:857 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:899 msgid "Default: System keytab, normally <filename>/etc/krb5.keytab</filename>" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:863 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:905 msgid "ldap_krb5_init_creds (boolean)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:866 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:908 msgid "" "Specifies that the id_provider should init Kerberos credentials (TGT). This " "action is performed only if SASL is used and the mechanism selected is " "GSSAPI." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:878 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:920 msgid "ldap_krb5_ticket_lifetime (integer)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:881 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:923 msgid "Specifies the lifetime in seconds of the TGT if GSSAPI is used." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:885 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:927 msgid "Default: 86400 (24 hours)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:891 -msgid "krb5_kdcip (string)" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:933 sssd-krb5.5.xml:74 +msgid "krb5_server (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:894 sssd-krb5.5.xml:77 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:936 sssd-krb5.5.xml:77 msgid "" "Specifies the list of IP addresses or hostnames of the Kerberos servers to " "which SSSD should connect in the order of preference. For more information " @@ -2236,42 +2322,59 @@ msgid "" "more information, refer to the <quote>SERVICE DISCOVERY</quote> section." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:909 sssd-krb5.5.xml:98 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:948 sssd-krb5.5.xml:89 +msgid "" +"When using service discovery for KDC or kpasswd servers, SSSD first searches " +"for DNS entries that specify _udp as the protocol and falls back to _tcp if " +"none are found." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:953 sssd-krb5.5.xml:94 +msgid "" +"This option was named <quote>krb5_kdcip</quote> in earlier releases of " +"SSSD. While the legacy name is recognized for the time being, users are " +"advised to migrate their config files to use <quote>krb5_server</quote> " +"instead." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:962 sssd-krb5.5.xml:103 msgid "krb5_realm (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:912 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:965 msgid "Specify the Kerberos REALM (for SASL/GSSAPI auth)." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:915 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:968 msgid "Default: System defaults, see <filename>/etc/krb5.conf</filename>" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:921 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:974 msgid "ldap_pwd_policy (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:924 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:977 msgid "" "Select the policy to evaluate the password expiration on the client " "side. The following values are allowed:" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:929 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:982 msgid "" "<emphasis>none</emphasis> - No evaluation on the client side. This option " "cannot disable server-side password policies." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:934 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:987 msgid "" "<emphasis>shadow</emphasis> - Use " "<citerefentry><refentrytitle>shadow</refentrytitle> " @@ -2280,53 +2383,70 @@ msgid "" "this attribute during a password change." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:942 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:995 msgid "" "<emphasis>mit_kerberos</emphasis> - Use the attributes used by MIT Kerberos " "to determine if the password has expired. Use chpass_provider=krb5 to update " "these attributes when the password is changed." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:954 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1007 msgid "ldap_referrals (boolean)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:957 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1010 msgid "Specifies whether automatic referral chasing should be enabled." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:961 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1014 msgid "" "Please note that sssd only supports referral chasing when it is compiled " "with OpenLDAP version 2.4.13 or higher." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:972 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1025 msgid "ldap_dns_service_name (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:975 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1028 msgid "Specifies the service name to use when service discovery is enabled." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:979 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1032 msgid "Default: ldap" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:985 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1038 +msgid "ldap_chpass_dns_service_name (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1041 +msgid "" +"Specifies the service name to use to find an LDAP server which allows " +"password changes when service discovery is enabled." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1046 +msgid "Default: not set, i.e. service discovery is disabled" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1052 msgid "ldap_access_filter (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:988 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1055 msgid "" "If using access_provider = ldap, this option is mandatory. It specifies an " "LDAP search filter criteria that must be met for the user to be granted " @@ -2335,13 +2455,13 @@ msgid "" "to change this default behavior." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:998 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1065 msgid "Example:" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> -#: sssd-ldap.5.xml:1001 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><programlisting> +#: sssd-ldap.5.xml:1068 #, no-wrap msgid "" "access_provider = ldap\n" @@ -2349,15 +2469,15 @@ msgid "" " " msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1005 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1072 msgid "" "This example means that access to this host is restricted to members of the " "\"allowedusers\" group in ldap." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1010 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1077 msgid "" "Offline caching for this feature is limited to determining whether the " "user's last online login was granted access permission. If they were granted " @@ -2365,124 +2485,195 @@ msgid "" "while offline and vice-versa." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1018 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1085 sssd-ldap.5.xml:1113 msgid "Default: Empty" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1024 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1091 +msgid "ldap_account_expire_policy (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1094 +msgid "" +"With this option a client side evaluation of access control attributes can " +"be enabled." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1098 +msgid "" +"Please note that it is always recommended to use server side access control, " +"i.e. the LDAP server should deny the bind request with a suitable error code " +"even if the password is correct." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1105 +msgid "The following values are allowed:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1108 +msgid "" +"<emphasis>shadow</emphasis>: use the value of ldap_user_shadow_expire to " +"determine if the account is expired." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1119 +msgid "ldap_access_order (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1122 +msgid "Comma separated list of access control options. Allowed values are:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1126 +msgid "<emphasis>filter</emphasis>: use ldap_access_filter" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1129 +msgid "<emphasis>expire</emphasis>: use ldap_account_expire_policy" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1133 +msgid "" +"<emphasis>authorized_service</emphasis>: use the authorizedService attribute " +"to determine access" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1138 +msgid "Default: filter" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1141 +msgid "" +"Please note that it is a configuration error if a value is used more than " +"once." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1148 msgid "ldap_deref (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1027 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1151 msgid "" "Specifies how alias dereferencing is done when performing a search. The " "following options are allowed:" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1032 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1156 msgid "<emphasis>never</emphasis>: Aliases are never dereferenced." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1036 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1160 msgid "" "<emphasis>searching</emphasis>: Aliases are dereferenced in subordinates of " "the base object, but not in locating the base object of the search." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1041 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1165 msgid "" "<emphasis>finding</emphasis>: Aliases are only dereferenced when locating " "the base object of the search." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1046 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1170 msgid "" "<emphasis>always</emphasis>: Aliases are dereferenced both in searching and " "in locating the base object of the search." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1051 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1175 msgid "" "Default: Empty (this is handled as <emphasis>never</emphasis> by the LDAP " "client libraries)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: sssd-ldap.5.xml:51 msgid "" "All of the common configuration options that apply to SSSD domains also " "apply to LDAP domains. Refer to the <quote>DOMAIN SECTIONS</quote> section " "of the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry> manual page for full details. " -"<placeholder0>" +"<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" -# type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1063 +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap.5.xml:1187 msgid "ADVANCED OPTIONS" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1070 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1194 msgid "ldap_netgroup_search_base (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1073 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1197 msgid "An optional base DN to restrict netgroup searches to a specific subtree." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1077 sssd-ldap.5.xml:1091 sssd-ldap.5.xml:1105 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1201 sssd-ldap.5.xml:1215 sssd-ldap.5.xml:1229 msgid "Default: the value of <emphasis>ldap_search_base</emphasis>" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1084 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1208 msgid "ldap_user_search_base (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1087 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1211 msgid "An optional base DN to restrict user searches to a specific subtree." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ldap.5.xml:1098 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ldap.5.xml:1222 msgid "ldap_group_search_base (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ldap.5.xml:1101 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ldap.5.xml:1225 msgid "An optional base DN to restrict group searches to a specific subtree." msgstr "" -# type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1065 +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:1189 msgid "" "These options are supported by LDAP domains, but they should be used with " "caution. Please include them in your configuration only if you know what you " -"are doing. <placeholder0>" +"are doing. <placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" -# type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1121 +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:1245 msgid "" "The following example assumes that SSSD is correctly configured and LDAP is " "set to one of the domains in the <replaceable>[domains]</replaceable> " "section." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ldap.5.xml:1127 +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sssd-ldap.5.xml:1251 #, no-wrap msgid "" " [domain/LDAP]\n" @@ -2495,18 +2686,18 @@ msgid "" " enumerate = true\n" msgstr "" -# type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1126 sssd-simple.5.xml:104 sssd-ipa.5.xml:168 sssd-krb5.5.xml:284 -msgid "<placeholder0>" +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:1250 sssd-simple.5.xml:134 sssd-ipa.5.xml:168 sssd-krb5.5.xml:414 +msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" -# type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:1140 sssd_krb5_locator_plugin.8.xml:61 +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-ldap.5.xml:1264 sssd_krb5_locator_plugin.8.xml:61 msgid "NOTES" msgstr "" -# type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1142 +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:1266 msgid "" "The descriptions of some of the configuration options in this manual page " "are based on the <citerefentry> <refentrytitle>ldap.conf</refentrytitle> " @@ -2514,8 +2705,8 @@ msgid "" "distribution." msgstr "" -# type: Content of: <reference><refentry><refsect1><para> -#: sssd-ldap.5.xml:1153 +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ldap.5.xml:1277 msgid "" "<citerefentry> " "<refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> " @@ -2525,24 +2716,24 @@ msgid "" "<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" msgstr "" -# type: Content of: <refentryinfo> +#. type: Content of: <refentryinfo> #: pam_sss.8.xml:8 include/upstream.xml:2 msgid "" "<productname>SSSD</productname> <orgname>The SSSD upstream - " "http://fedorahosted.org/sssd</orgname>" msgstr "" -# type: Content of: <reference><refentry><refnamediv><refname> +#. type: Content of: <reference><refentry><refnamediv><refname> #: pam_sss.8.xml:13 pam_sss.8.xml:18 msgid "pam_sss" msgstr "" -# type: Content of: <reference><refentry><refnamediv><refpurpose> +#. type: Content of: <reference><refentry><refnamediv><refpurpose> #: pam_sss.8.xml:19 msgid "PAM module for SSSD" msgstr "" -# type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: pam_sss.8.xml:24 msgid "" "<command>pam_sss.so</command> <arg choice='opt'> " @@ -2552,7 +2743,7 @@ msgid "" "<replaceable>retry=N</replaceable> </arg>" msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: pam_sss.8.xml:42 msgid "" "<command>pam_sss.so</command> is the PAM interface to the System Security " @@ -2560,24 +2751,24 @@ msgid "" "<command>syslog(3)</command> with the LOG_AUTHPRIV facility." msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:52 msgid "<option>forward_pass</option>" msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:55 msgid "" "If <option>forward_pass</option> is set the entered password is put on the " "stack for other PAM modules to use." msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:62 msgid "<option>use_first_pass</option>" msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:65 msgid "" "The argument use_first_pass forces the module to use a previous stacked " @@ -2586,31 +2777,31 @@ msgid "" "access." msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:73 msgid "<option>use_authtok</option>" msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:76 msgid "" "When password changing enforce the module to set the new password to the one " "provided by a previously stacked password module." msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: pam_sss.8.xml:83 msgid "<option>retry=N</option>" msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:86 msgid "" "If specified the user is asked another N times for a password if " "authentication fails. Default is 0." msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: pam_sss.8.xml:88 msgid "" "Please note that this option might not work as expected if the application " @@ -2618,24 +2809,24 @@ msgid "" "<command>sshd</command> with <option>PasswordAuthentication</option>." msgstr "" -# type: Content of: <reference><refentry><refsect1><title> +#. type: Content of: <reference><refentry><refsect1><title> #: pam_sss.8.xml:99 msgid "MODULE TYPES PROVIDED" msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: pam_sss.8.xml:100 msgid "" "All module types (<option>account</option>, <option>auth</option>, " "<option>password</option> and <option>session</option>) are provided." msgstr "" -# type: Content of: <reference><refentry><refsect1><title> +#. type: Content of: <reference><refentry><refsect1><title> #: pam_sss.8.xml:106 msgid "FILES" msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: pam_sss.8.xml:107 msgid "" "If a password reset by root fails, because the corresponding SSSD provider " @@ -2644,7 +2835,7 @@ msgid "" "password." msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: pam_sss.8.xml:112 msgid "" "The message is read from the file " @@ -2657,7 +2848,7 @@ msgid "" "while all other users must have only read permisssions." msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: pam_sss.8.xml:122 msgid "" "These files are searched in the directory " @@ -2665,7 +2856,7 @@ msgid "" "is present a generic message is displayed." msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: pam_sss.8.xml:130 msgid "" "<citerefentry> " @@ -2673,12 +2864,12 @@ msgid "" "</citerefentry>" msgstr "" -# type: Content of: <reference><refentry><refnamediv><refname> +#. type: Content of: <reference><refentry><refnamediv><refname> #: sssd_krb5_locator_plugin.8.xml:10 sssd_krb5_locator_plugin.8.xml:15 msgid "sssd_krb5_locator_plugin" msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: sssd_krb5_locator_plugin.8.xml:22 msgid "" "The Kerberos locator plugin <command>sssd_krb5_locator_plugin</command> is " @@ -2694,18 +2885,18 @@ msgid "" "</citerefentry>" msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: sssd_krb5_locator_plugin.8.xml:48 msgid "" "<citerefentry> <refentrytitle>sssd</refentrytitle> <manvolnum>8</manvolnum> " "</citerefentry> puts the Realm and the name or IP address of the KDC into " -"the enviroment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " +"the environment variables SSSD_KRB5_REALM and SSSD_KRB5_KDC respectively. " "When <command>sssd_krb5_locator_plugin</command> is called by the kerberos " "libraries it reads and evaluates these variable and returns them to the " "libraries." msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: sssd_krb5_locator_plugin.8.xml:63 msgid "" "Not all Kerberos implementations support the use of plugins. If " @@ -2713,14 +2904,14 @@ msgid "" "you have to edit /etc/krb5.conf to reflect your Kerberos setup." msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: sssd_krb5_locator_plugin.8.xml:69 msgid "" -"If the enviroment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value debug " -"messages will be sent to stderr." +"If the environment variable SSSD_KRB5_LOCATOR_DEBUG is set to any value " +"debug messages will be sent to stderr." msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: sssd_krb5_locator_plugin.8.xml:77 msgid "" "<citerefentry> " @@ -2731,17 +2922,17 @@ msgid "" "<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" msgstr "" -# type: Content of: <reference><refentry><refnamediv><refname> +#. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-simple.5.xml:10 sssd-simple.5.xml:16 msgid "sssd-simple" msgstr "" -# type: Content of: <reference><refentry><refnamediv><refpurpose> +#. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sssd-simple.5.xml:17 msgid "the configuration file for SSSD's 'simple' access-control provider" msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: sssd-simple.5.xml:24 msgid "" "This manual page describes the configuration of the simple access-control " @@ -2752,77 +2943,102 @@ msgid "" "</citerefentry> manual page." msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: sssd-simple.5.xml:38 msgid "" "The simple access provider grants or denies access based on an access or " -"deny list of user names. Here to following rules apply:" +"deny list of user or group names. The following rules apply:" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:42 -msgid "If both lists are empty, access is granted" +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd-simple.5.xml:43 +msgid "If all lists are empty, access is granted" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:45 -msgid "If simple_allow_users is set, only users from this list are allowed access." +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd-simple.5.xml:47 +msgid "" +"If any list is provided, the order of evaluation is allow,deny. This means " +"that any matching deny rule will supersede any matched allow rule." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:47 +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd-simple.5.xml:54 msgid "" -"This setting supersedes the simple_deny_users list (which would be " -"redundant)." +"If either or both \"allow\" lists are provided, all users are denied unless " +"they appear in the list." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> -#: sssd-simple.5.xml:51 +#. type: Content of: <reference><refentry><refsect1><para><itemizedlist><listitem><para> +#: sssd-simple.5.xml:60 msgid "" -"If the simple_allow_users list is empty, users are allowed access unless " -"they appear in the simple_deny_users list" +"If only \"deny\" lists are provided, all users are granted access unless " +"they appear in the list." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:69 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-simple.5.xml:78 msgid "simple_allow_users (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:72 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-simple.5.xml:81 msgid "Comma separated list of users who are allowed to log in." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-simple.5.xml:79 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-simple.5.xml:88 msgid "simple_deny_users (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-simple.5.xml:82 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-simple.5.xml:91 +msgid "Comma separated list of users who are explicitly denied access." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-simple.5.xml:97 +msgid "simple_allow_groups (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-simple.5.xml:100 +msgid "" +"Comma separated list of groups that are allowed to log in. This applies only " +"to groups within this SSSD domain. Local groups are not evaluated." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-simple.5.xml:108 +msgid "simple_deny_groups (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-simple.5.xml:111 msgid "" -"Comma separated list of users who are rejected if simple_allow_users is not " -"set." +"Comma separated list of groups that are explicitly denied access. This " +"applies only to groups within this SSSD domain. Local groups are not " +"evaluated." msgstr "" -# type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:61 sssd-ipa.5.xml:62 +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:70 sssd-ipa.5.xml:62 msgid "" "Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> " "</citerefentry> manual page for details on the configuration of an SSSD " -"domain. <placeholder0>" +"domain. <placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" -# type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:90 +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:120 msgid "" "Please note that it is an configuration error if both, simple_allow_users " "and simple_deny_users, are defined." msgstr "" -# type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:98 +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:128 msgid "" "The following example assumes that SSSD is correctly configured and " "example.com is one of the domains in the <replaceable>[sssd]</replaceable> " @@ -2830,8 +3046,8 @@ msgid "" "options." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-simple.5.xml:105 +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sssd-simple.5.xml:135 #, no-wrap msgid "" " [domain/example.com]\n" @@ -2839,8 +3055,8 @@ msgid "" " simple_allow_users = user1, user2\n" msgstr "" -# type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:115 +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-simple.5.xml:145 msgid "" "<citerefentry> " "<refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> " @@ -2848,12 +3064,12 @@ msgid "" "<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" msgstr "" -# type: Content of: <reference><refentry><refnamediv><refname> +#. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-ipa.5.xml:10 sssd-ipa.5.xml:16 msgid "sssd-ipa" msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:23 msgid "" "This manual page describes the configuration of the IPA provider for " @@ -2864,7 +3080,7 @@ msgid "" "</citerefentry> manual page." msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:36 msgid "" "The IPA provider is a back end used to connect to an IPA server. (Refer to " @@ -2873,7 +3089,7 @@ msgid "" "almost entirely self-discovered and obtained directly from the server." msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:43 msgid "" "The IPA provider accepts the same options used by the <citerefentry> " @@ -2888,24 +3104,24 @@ msgid "" "side." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:69 msgid "ipa_domain (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:72 msgid "" "Specifies the name of the IPA domain. This is optional. If not provided, " "the configuration domain name is used." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:80 msgid "ipa_server (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:83 msgid "" "The list of IP addresses or hostnames of the IPA servers to which SSSD " @@ -2915,67 +3131,67 @@ msgid "" "discovery, refer to the the <quote>SERVICE DISCOVERY</quote> section." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:96 msgid "ipa_hostname (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:99 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the IPA domain to identify this host." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:107 msgid "ipa_dyndns_update (boolean)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:110 msgid "" "Optional. This option tells SSSD to automatically update the DNS server " "built into FreeIPA v2 with the IP address of this client." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:121 msgid "ipa_dyndns_iface (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:124 msgid "" "Optional. Applicable only when ipa_dyndns_update is true. Choose the " "interface whose IP address should be used for dynamic DNS updates." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:129 msgid "Default: Use the IP address of the IPA LDAP connection" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ipa.5.xml:135 sssd-krb5.5.xml:224 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-ipa.5.xml:135 sssd-krb5.5.xml:229 msgid "krb5_validate (boolean)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ipa.5.xml:138 sssd-krb5.5.xml:227 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-ipa.5.xml:138 sssd-krb5.5.xml:232 msgid "" "Verify with the help of krb5_keytab that the TGT obtained has not been " "spoofed." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ipa.5.xml:145 msgid "" "Note that this default differs from the traditional Kerberos provider back " "end." msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:162 msgid "" "The following example assumes that SSSD is correctly configured and " @@ -2983,7 +3199,7 @@ msgid "" "section. This examples shows only the ipa provider-specific options." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><programlisting> +#. type: Content of: <reference><refentry><refsect1><para><programlisting> #: sssd-ipa.5.xml:169 #, no-wrap msgid "" @@ -2993,7 +3209,7 @@ msgid "" " ipa_hostname = myhost.example.com\n" msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: sssd-ipa.5.xml:180 msgid "" "<citerefentry> " @@ -3006,190 +3222,183 @@ msgid "" "<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" msgstr "" -# type: Content of: <reference><refentry><refnamediv><refname> -#: sss_useradd.8.xml:10 sss_useradd.8.xml:15 -msgid "sss_useradd" +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sssd.8.xml:10 sssd.8.xml:15 +msgid "sssd" msgstr "" -# type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sss_useradd.8.xml:16 -msgid "create a new user" +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sssd.8.xml:16 +msgid "System Security Services Daemon" msgstr "" -# type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sss_useradd.8.xml:21 +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sssd.8.xml:21 msgid "" -"<command>sss_useradd</command> <arg choice='opt'> " -"<replaceable>options</replaceable> </arg> <arg " -"choice='plain'><replaceable>LOGIN</replaceable></arg>" +"<command>sssd</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg>" msgstr "" -# type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:32 +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.8.xml:31 msgid "" -"<command>sss_useradd</command> creates a new user account using the values " -"specified on the command line plus the default values from the system." +"<command>SSSD</command> provides a set of daemons to manage access to remote " +"directories and authentication mechanisms. It provides an NSS and PAM " +"interface toward the system and a pluggable backend system to connect to " +"multiple different account sources as well as D-Bus interface. It is also " +"the basis to provide client auditing and policy services for projects like " +"FreeIPA. It provides a more robust database to store local users as well as " +"extended user data." msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:43 -msgid "<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:46 +msgid "" +"<option>-d</option>,<option>--debug-level</option> " +"<replaceable>LEVEL</replaceable>" msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:48 +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:51 msgid "" -"Set the UID of the user to the value of <replaceable>UID</replaceable>. If " -"not given, it is chosen automatically." +"Debug level to run the daemon with. 0 is the default as well as the lowest " +"allowed value, 10 is the most verbose mode. This setting overrides the " +"settings from config file. This parameter implies <option>-i</option>." msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:55 sss_usermod.8.xml:43 -msgid "" -"<option>-c</option>,<option>--gecos</option> " -"<replaceable>COMMENT</replaceable>" +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:70 +msgid "<option>-f</option>,<option>--debug-to-files</option>" msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:60 sss_usermod.8.xml:48 +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:74 msgid "" -"Any text string describing the user. Often used as the field for the user's " -"full name." +"Send the debug output to files instead of stderr. By default, the log files " +"are stored in <filename>/var/log/sssd</filename> and there are separate log " +"files for every SSSD service and domain." msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:67 sss_usermod.8.xml:55 -msgid "" -"<option>-h</option>,<option>--home</option> " -"<replaceable>HOME_DIR</replaceable>" +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:82 +msgid "<option>-D</option>,<option>--daemon</option>" msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:72 -msgid "" -"The home directory of the user account. The default is to append the " -"<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use " -"that as the home directory. The base that is prepended before " -"<replaceable>LOGIN</replaceable> is tunable with " -"<quote>user_defaults/baseDirectory</quote> setting in sssd.conf." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:86 +msgid "Become a daemon after starting up." msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:82 sss_usermod.8.xml:66 -msgid "" -"<option>-s</option>,<option>--shell</option> " -"<replaceable>SHELL</replaceable>" +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:92 +msgid "<option>-i</option>,<option>--interactive</option>" msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:87 -msgid "" -"The user's login shell. The default is currently " -"<filename>/bin/bash</filename>. The default can be changed with " -"<quote>user_defaults/defaultShell</quote> setting in sssd.conf." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:96 +msgid "Run in the foreground, don't become a daemon." msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:96 -msgid "" -"<option>-G</option>,<option>--groups</option> " -"<replaceable>GROUPS</replaceable>" +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:102 +msgid "<option>-c</option>,<option>--config</option>" msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:101 -msgid "A list of existing groups this user is also a member of." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:106 +msgid "" +"Specify a non-default config file. The default is " +"<filename>/etc/sssd/sssd.conf</filename>. For reference on the config file " +"syntax and options, consult the <citerefentry> " +"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> manual page." msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:107 -msgid "<option>-m</option>,<option>--create-home</option>" +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd.8.xml:122 +msgid "Signals" msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:111 -msgid "" -"Create the user's home directory if it does not exist. The files and " -"directories contained in the skeleton directory (which can be defined with " -"the -k option or in the config file) will be copied to the home directory." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:125 +msgid "SIGTERM/SIGINT" msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:121 -msgid "<option>-M</option>,<option>--no-create-home</option>" +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:128 +msgid "" +"Informs the SSSD to gracefully terminate all of its child processes and then " +"shut down the monitor." msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:125 -msgid "Do not create the user's home directory. Overrides configuration settings." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:134 +msgid "SIGHUP" msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:132 +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:137 msgid "" -"<option>-k</option>,<option>--skel</option> " -"<replaceable>SKELDIR</replaceable>" +"Tells the SSSD to stop writing to its current debug file descriptors and to " +"close and reopen them. This is meant to facilitate log rolling with programs " +"like logrotate." msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:137 -msgid "" -"The skeleton directory, which contains files and directories to be copied in " -"the user's home directory, when the home directory is created by " -"<command>sss_useradd</command>." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:145 +msgid "SIGUSR1" msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:143 +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:148 msgid "" -"This option is only valid if the <option>-m</option> (or " -"<option>--create-home</option>) option is specified, or creation of home " -"directories is set to TRUE in the configuration." +"Tells the SSSD to simulate offline operation for one minute. This is mostly " +"useful for testing purposes." msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:152 sss_usermod.8.xml:124 -msgid "" -"<option>-Z</option>,<option>--selinux-user</option> " -"<replaceable>SELINUX_USER</replaceable>" +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sssd.8.xml:154 +msgid "SIGUSR2" msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:157 +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sssd.8.xml:157 msgid "" -"The SELinux user for the user's login. If not specified, the system default " -"will be used." +"Tells the SSSD to go online immediately. This is mostly useful for testing " +"purposes." msgstr "" -# type: Content of: <reference><refentry><refsect1><para> -#: sss_useradd.8.xml:169 +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd.8.xml:168 msgid "" "<citerefentry> " +"<refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> " +"</citerefentry>, <citerefentry> " "<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> " "</citerefentry>, <citerefentry> " "<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> " "</citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> " -"</citerefentry>, <citerefentry> " "<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> " "</citerefentry>, <citerefentry> " +"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <citerefentry> " "<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> " "</citerefentry>, <citerefentry> " "<refentrytitle>sss_usermod</refentrytitle><manvolnum>8</manvolnum> " "</citerefentry>." msgstr "" -# type: Content of: <reference><refentry><refnamediv><refname> +#. type: Content of: <reference><refentry><refnamediv><refname> #: sss_obfuscate.8.xml:10 sss_obfuscate.8.xml:15 msgid "sss_obfuscate" msgstr "" -# type: Content of: <reference><refentry><refnamediv><refpurpose> +#. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_obfuscate.8.xml:16 msgid "obfuscate a clear text password" msgstr "" -# type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_obfuscate.8.xml:21 msgid "" "<command>sss_obfuscate</command> <arg choice='opt'> " @@ -3197,7 +3406,7 @@ msgid "" "choice='plain'><replaceable>[PASSWORD]</replaceable></arg>" msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: sss_obfuscate.8.xml:32 msgid "" "<command>sss_obfuscate</command> converts a given password into " @@ -3205,7 +3414,7 @@ msgid "" "SSSD config file." msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: sss_obfuscate.8.xml:37 msgid "" "The cleartext password can be specified as an extra argument to the program " @@ -3217,7 +3426,7 @@ msgid "" "</citerefentry> for more details on these parameters." msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: sss_obfuscate.8.xml:50 msgid "" "Please note that obfuscating the password provides <emphasis>no real " @@ -3227,211 +3436,218 @@ msgid "" "advised." msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_obfuscate.8.xml:64 msgid "<option>-s</option>,<option>--stdin</option>" msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_obfuscate.8.xml:68 msgid "The password to obfuscate will be read from standard input." msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_obfuscate.8.xml:75 msgid "" "<option>-d</option>,<option>--domain</option> " "<replaceable>DOMAIN</replaceable>" msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_obfuscate.8.xml:80 msgid "" "The SSSD domain to use the password in. The default name is " "<quote>default</quote>." msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_obfuscate.8.xml:87 msgid "<option>-f</option>,<option>--file</option> <replaceable>FILE</replaceable>" msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_obfuscate.8.xml:92 msgid "Read the config file specified by the positional parameter." msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_obfuscate.8.xml:96 msgid "Default: <filename>/etc/sssd/sssd.conf</filename>" msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: sss_obfuscate.8.xml:106 msgid "" "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry>" msgstr "" -# type: Content of: <reference><refentry><refnamediv><refname> -#: sssd.8.xml:10 sssd.8.xml:15 -msgid "sssd" +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_useradd.8.xml:10 sss_useradd.8.xml:15 +msgid "sss_useradd" msgstr "" -# type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.8.xml:16 -msgid "System Security Services Daemon" +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_useradd.8.xml:16 +msgid "create a new user" msgstr "" -# type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> -#: sssd.8.xml:21 +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_useradd.8.xml:21 msgid "" -"<command>sssd</command> <arg choice='opt'> " -"<replaceable>options</replaceable> </arg>" +"<command>sss_useradd</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg " +"choice='plain'><replaceable>LOGIN</replaceable></arg>" msgstr "" -# type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:31 +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_useradd.8.xml:32 msgid "" -"<command>SSSD</command> provides a set of daemons to manage access to remote " -"directories and authentication mechanisms. It provides an NSS and PAM " -"interface toward the system and a pluggable backend system to connect to " -"multiple different account sources as well as D-Bus interface. It is also " -"the basis to provide client auditing and policy services for projects like " -"FreeIPA. It provides a more robust database to store local users as well as " -"extended user data." +"<command>sss_useradd</command> creates a new user account using the values " +"specified on the command line plus the default values from the system." msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:46 -msgid "" -"<option>-d</option>,<option>--debug-level</option> " -"<replaceable>LEVEL</replaceable>" +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:43 +msgid "<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:51 +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:48 msgid "" -"Debug level to run the daemon with. 0 is the default as well as the lowest " -"allowed value, 10 is the most verbose mode. This setting overrides the " -"settings from config file. This parameter implies <option>-i</option>." -msgstr "" - -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:70 -msgid "<option>-f</option>,<option>--debug-to-files</option>" +"Set the UID of the user to the value of <replaceable>UID</replaceable>. If " +"not given, it is chosen automatically." msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:74 +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:55 sss_usermod.8.xml:43 msgid "" -"Send the debug output to files instead of stderr. By default, the log files " -"are stored in <filename>/var/log/sssd</filename> and there are separate log " -"files for every SSSD service and domain." +"<option>-c</option>,<option>--gecos</option> " +"<replaceable>COMMENT</replaceable>" msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:82 -msgid "<option>-D</option>,<option>--daemon</option>" +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:60 sss_usermod.8.xml:48 +msgid "" +"Any text string describing the user. Often used as the field for the user's " +"full name." msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:86 -msgid "Become a daemon after starting up." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:67 sss_usermod.8.xml:55 +msgid "" +"<option>-h</option>,<option>--home</option> " +"<replaceable>HOME_DIR</replaceable>" msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:92 -msgid "<option>-i</option>,<option>--interactive</option>" +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:72 +msgid "" +"The home directory of the user account. The default is to append the " +"<replaceable>LOGIN</replaceable> name to <filename>/home</filename> and use " +"that as the home directory. The base that is prepended before " +"<replaceable>LOGIN</replaceable> is tunable with " +"<quote>user_defaults/baseDirectory</quote> setting in sssd.conf." msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:96 -msgid "Run in the foreground, don't become a daemon." +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:82 sss_usermod.8.xml:66 +msgid "" +"<option>-s</option>,<option>--shell</option> " +"<replaceable>SHELL</replaceable>" msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:102 -msgid "<option>-c</option>,<option>--config</option>" +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:87 +msgid "" +"The user's login shell. The default is currently " +"<filename>/bin/bash</filename>. The default can be changed with " +"<quote>user_defaults/defaultShell</quote> setting in sssd.conf." msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:106 +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:96 msgid "" -"Specify a non-default config file. The default is " -"<filename>/etc/sssd/sssd.conf</filename>. For reference on the config file " -"syntax and options, consult the <citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> " -"</citerefentry> manual page." +"<option>-G</option>,<option>--groups</option> " +"<replaceable>GROUPS</replaceable>" msgstr "" -# type: Content of: <reference><refentry><refsect1><title> -#: sssd.8.xml:122 -msgid "Signals" +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:101 +msgid "A list of existing groups this user is also a member of." msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:125 -msgid "SIGTERM/SIGINT" +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:107 +msgid "<option>-m</option>,<option>--create-home</option>" msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:128 +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:111 msgid "" -"Informs the SSSD to gracefully terminate all of its child processes and then " -"shut down the monitor." +"Create the user's home directory if it does not exist. The files and " +"directories contained in the skeleton directory (which can be defined with " +"the -k option or in the config file) will be copied to the home directory." msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:134 -msgid "SIGHUP" +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:121 +msgid "<option>-M</option>,<option>--no-create-home</option>" msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:137 +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:125 +msgid "Do not create the user's home directory. Overrides configuration settings." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:132 msgid "" -"Tells the SSSD to stop writing to its current debug file descriptors and to " -"close and reopen them. This is meant to facilitate log rolling with programs " -"like logrotate." +"<option>-k</option>,<option>--skel</option> " +"<replaceable>SKELDIR</replaceable>" msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:145 -msgid "SIGUSR1" +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:137 +msgid "" +"The skeleton directory, which contains files and directories to be copied in " +"the user's home directory, when the home directory is created by " +"<command>sss_useradd</command>." msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:148 +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:143 msgid "" -"Tells the SSSD to simulate offline operation for one minute. This is mostly " -"useful for testing purposes." +"This option is only valid if the <option>-m</option> (or " +"<option>--create-home</option>) option is specified, or creation of home " +"directories is set to TRUE in the configuration." msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:154 -msgid "SIGUSR2" +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_useradd.8.xml:152 sss_usermod.8.xml:124 +msgid "" +"<option>-Z</option>,<option>--selinux-user</option> " +"<replaceable>SELINUX_USER</replaceable>" msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.8.xml:157 +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_useradd.8.xml:157 msgid "" -"Tells the SSSD to go online immediately. This is mostly useful for testing " -"purposes." +"The SELinux user for the user's login. If not specified, the system default " +"will be used." msgstr "" -# type: Content of: <reference><refentry><refsect1><para> -#: sssd.8.xml:168 +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_useradd.8.xml:169 msgid "" "<citerefentry> " -"<refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> " -"</citerefentry>, <citerefentry> " "<refentrytitle>sss_groupadd</refentrytitle><manvolnum>8</manvolnum> " "</citerefentry>, <citerefentry> " "<refentrytitle>sss_groupdel</refentrytitle><manvolnum>8</manvolnum> " "</citerefentry>, <citerefentry> " -"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> " +"<refentrytitle>sss_groupshow</refentrytitle><manvolnum>8</manvolnum> " "</citerefentry>, <citerefentry> " -"<refentrytitle>sss_useradd</refentrytitle><manvolnum>8</manvolnum> " +"<refentrytitle>sss_groupmod</refentrytitle><manvolnum>8</manvolnum> " "</citerefentry>, <citerefentry> " "<refentrytitle>sss_userdel</refentrytitle><manvolnum>8</manvolnum> " "</citerefentry>, <citerefentry> " @@ -3439,12 +3655,12 @@ msgid "" "</citerefentry>." msgstr "" -# type: Content of: <reference><refentry><refnamediv><refname> +#. type: Content of: <reference><refentry><refnamediv><refname> #: sssd-krb5.5.xml:10 sssd-krb5.5.xml:16 msgid "sssd-krb5" msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: sssd-krb5.5.xml:23 msgid "" "This manual page describes the configuration of the Kerberos 5 " @@ -3456,7 +3672,7 @@ msgid "" "</citerefentry> manual page" msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: sssd-krb5.5.xml:36 msgid "" "The Kerberos 5 authentication backend contains auth and chpass providers. It " @@ -3469,7 +3685,7 @@ msgid "" "this." msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: sssd-krb5.5.xml:47 msgid "" "This backend also provides access control based on the .k5login file in the " @@ -3480,7 +3696,7 @@ msgid "" "'access_provider = krb5' in your sssd configuration." msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: sssd-krb5.5.xml:55 msgid "" "In the case where the UPN is not available in the identity backend " @@ -3488,42 +3704,28 @@ msgid "" "<replaceable>username</replaceable>@<replaceable>krb5_realm</replaceable>." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:74 -msgid "krb5_server (string)" -msgstr "" - -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:89 -msgid "" -"This option was named <quote>krb5_kdcip</quote> in earlier releases of " -"SSSD. While the legacy name is recognized for the time being, users are " -"advised to migrate their config files to use <quote>krb5_server</quote> " -"instead." -msgstr "" - -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:101 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:106 msgid "" "The name of the Kerberos realm. This option is required and must be " "specified." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:108 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:113 msgid "krb5_kpasswd (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:111 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:116 msgid "" "If the change password service is not running on the KDC alternative servers " "can be defined here. An optional port number (preceded by a colon) may be " "appended to the addresses or hostnames." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:117 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:122 msgid "" "For more information on failover and server redundancy, see the " "<quote>FAILOVER</quote> section. Please note that even if there are no more " @@ -3531,18 +3733,18 @@ msgid "" "authentication against the KDC is still possible." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:124 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:129 msgid "Default: Use the KDC" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:130 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:135 msgid "krb5_ccachedir (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:133 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:138 msgid "" "Directory to store credential caches. All the substitution sequences of " "krb5_ccname_template can be used here, too, except %d and %P. If the " @@ -3553,168 +3755,316 @@ msgid "" "</citerefentry> for details) is created." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:146 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:151 msgid "Default: /tmp" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:152 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:157 msgid "krb5_ccname_template (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:161 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:166 msgid "%u" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:162 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:167 msgid "login name" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:165 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:170 msgid "%U" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:166 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:171 msgid "login UID" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:169 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:174 msgid "%p" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:170 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:175 msgid "principal name" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:174 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:179 msgid "%r" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:175 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:180 msgid "realm name" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:178 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:183 msgid "%h" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:179 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:184 msgid "home directory" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:183 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:188 msgid "%d" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:184 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:189 msgid "value of krb5ccache_dir" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:189 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:194 msgid "%P" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:190 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:195 msgid "the process ID of the sssd client" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:195 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:200 msgid "%%" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:196 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:201 msgid "a literal '%'" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:155 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:160 msgid "" "Location of the user's credential cache. Currently only file based " "credential caches are supported. In the template the following sequences are " -"substituted: <placeholder0> If the template ends with 'XXXXXX' mkstemp(3) is " -"used to create a unique filename in a safe way." +"substituted: <placeholder type=\"variablelist\" id=\"0\"/> If the template " +"ends with 'XXXXXX' mkstemp(3) is used to create a unique filename in a safe " +"way." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:204 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:209 msgid "Default: FILE:%d/krb5cc_%U_XXXXXX" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:210 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:215 msgid "krb5_auth_timeout (integer)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:213 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:218 msgid "" "Timeout in seconds after an online authentication or change password request " "is aborted. If possible the authentication request is continued offline." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:236 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:241 msgid "krb5_keytab (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:239 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:244 msgid "" "The location of the keytab to use when validating credentials obtained from " "KDCs." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:243 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:248 msgid "Default: /etc/krb5.keytab" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-krb5.5.xml:249 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:254 msgid "krb5_store_password_if_offline (boolean)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:252 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:257 msgid "" "Store the password of the user if the provider is offline and use it to " "request a TGT when the provider gets online again." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-krb5.5.xml:257 -msgid "Please note that this feature currently only available on a Linux plattform." +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:262 +msgid "Please note that this feature currently only available on a Linux platform." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:272 +msgid "krb5_renewable_lifetime (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:275 +msgid "" +"Request a renewable ticket with a total lifetime given by an integer " +"immediately followed by one of the following delimiters:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:280 sssd-krb5.5.xml:316 +msgid "<emphasis>s</emphasis> seconds" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:283 sssd-krb5.5.xml:319 +msgid "<emphasis>m</emphasis> minutes" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:286 sssd-krb5.5.xml:322 +msgid "<emphasis>h</emphasis> hours" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:289 sssd-krb5.5.xml:325 +msgid "<emphasis>d</emphasis> days." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:292 sssd-krb5.5.xml:328 +msgid "If there is no delimiter <emphasis>s</emphasis> is assumed." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:296 +msgid "" +"Please note that it is not possible to mix units. If you want to set the " +"renewable lifetime to one and a half hours please use '90m' instead of " +"'1h30m'." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:302 +msgid "Default: not set, i.e. the TGT is not renewable" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:308 +msgid "krb5_lifetime (string)" msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:311 +msgid "" +"Request ticket with a with a lifetime given by an integer immediately " +"followed by one of the following delimiters:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:332 +msgid "" +"Please note that it is not possible to mix units. If you want to set the " +"lifetime to one and a half hours please use '90m' instead of '1h30m'." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:337 +msgid "Default: not set, i.e. the default ticket lifetime configured on the KDC." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:344 +msgid "krb5_renew_interval (integer)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:347 +msgid "" +"The time in seconds between two checks if the TGT should be renewed. TGTs " +"are renewed if about half of their lifetime is exceeded." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:352 +msgid "If this option is not set or 0 the automatic renewal is disabled." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:356 +msgid "Default: not set" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd-krb5.5.xml:362 +msgid "krb5_use_fast (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:365 +msgid "" +"Enables flexible authentication secure tunneling (FAST) for Kerberos " +"pre-authentication. The following options are supported:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:370 +msgid "" +"<emphasis>never</emphasis> use FAST, this is equivalent to not set this " +"option at all." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:374 +msgid "" +"<emphasis>try</emphasis> to use FAST, if the server does not support fast " +"continue without." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:378 +msgid "" +"<emphasis>demand</emphasis> to use FAST, fail if the server does not require " +"fast." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:382 +msgid "Default: not set, i.e. FAST is not used." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:385 +msgid "Please note that a keytab is required to use fast." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd-krb5.5.xml:388 +msgid "" +"Please note also that sssd supports fast only with MIT Kerberos version 1.8 " +"and above. If sssd used used with an older version using this option is a " +"configuration error." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> #: sssd-krb5.5.xml:65 msgid "" "If the auth-module krb5 is used in a SSSD domain, the following options must " "be used. See the <citerefentry> <refentrytitle>sssd.conf</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry> manual page, section <quote>DOMAIN " "SECTIONS</quote> for details on the configuration of a SSSD domain. " -"<placeholder0>" +"<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" -# type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:277 +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-krb5.5.xml:407 msgid "" "The following example assumes that SSSD is correctly configured and FOO is " "one of the domains in the <replaceable>[sssd]</replaceable> section. This " @@ -3722,8 +4072,8 @@ msgid "" "include any identity provider." msgstr "" -# type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-krb5.5.xml:285 +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sssd-krb5.5.xml:415 #, no-wrap msgid "" " [domain/FOO]\n" @@ -3732,8 +4082,8 @@ msgid "" " krb5_realm = EXAMPLE.COM\n" msgstr "" -# type: Content of: <reference><refentry><refsect1><para> -#: sssd-krb5.5.xml:296 +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-krb5.5.xml:426 msgid "" "<citerefentry> " "<refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> " @@ -3743,17 +4093,17 @@ msgid "" "<refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> </citerefentry>" msgstr "" -# type: Content of: <reference><refentry><refnamediv><refname> +#. type: Content of: <reference><refentry><refnamediv><refname> #: sss_groupadd.8.xml:10 sss_groupadd.8.xml:15 msgid "sss_groupadd" msgstr "" -# type: Content of: <reference><refentry><refnamediv><refpurpose> +#. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_groupadd.8.xml:16 msgid "create a new group" msgstr "" -# type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_groupadd.8.xml:21 msgid "" "<command>sss_groupadd</command> <arg choice='opt'> " @@ -3761,7 +4111,7 @@ msgid "" "choice='plain'><replaceable>GROUP</replaceable></arg>" msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: sss_groupadd.8.xml:32 msgid "" "<command>sss_groupadd</command> creates a new group. These groups are " @@ -3769,19 +4119,19 @@ msgid "" "contain other groups as members." msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_groupadd.8.xml:43 msgid "<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>" msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_groupadd.8.xml:48 msgid "" "Set the GID of the group to the value of <replaceable>GID</replaceable>. If " "not given, it is chosen automatically." msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: sss_groupadd.8.xml:60 msgid "" "<citerefentry> " @@ -3799,17 +4149,17 @@ msgid "" "</citerefentry>." msgstr "" -# type: Content of: <reference><refentry><refnamediv><refname> +#. type: Content of: <reference><refentry><refnamediv><refname> #: sss_userdel.8.xml:10 sss_userdel.8.xml:15 msgid "sss_userdel" msgstr "" -# type: Content of: <reference><refentry><refnamediv><refpurpose> +#. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_userdel.8.xml:16 msgid "delete a user account" msgstr "" -# type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_userdel.8.xml:21 msgid "" "<command>sss_userdel</command> <arg choice='opt'> " @@ -3817,60 +4167,60 @@ msgid "" "choice='plain'><replaceable>LOGIN</replaceable></arg>" msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: sss_userdel.8.xml:32 msgid "" "<command>sss_userdel</command> deletes a user identified by login name " "<replaceable>LOGIN</replaceable> from the system." msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_userdel.8.xml:44 msgid "<option>-r</option>,<option>--remove</option>" msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_userdel.8.xml:48 msgid "" "Files in the user's home directory will be removed along with the home " "directory itself and the user's mail spool. Overrides the configuration." msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_userdel.8.xml:56 msgid "<option>-R</option>,<option>--no-remove</option>" msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_userdel.8.xml:60 msgid "" "Files in the user's home directory will NOT be removed along with the home " "directory itself and the user's mail spool. Overrides the configuration." msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_userdel.8.xml:68 msgid "<option>-f</option>,<option>--force</option>" msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_userdel.8.xml:72 msgid "" "This option forces <command>sss_userdel</command> to remove the user's home " "directory and mail spool, even if they are not owned by the specified user." msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_userdel.8.xml:80 msgid "<option>-k</option>,<option>--kick</option>" msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_userdel.8.xml:84 msgid "Before actually deleting the user, terminate all his processes." msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: sss_userdel.8.xml:95 msgid "" "<citerefentry> " @@ -3888,17 +4238,17 @@ msgid "" "</citerefentry>." msgstr "" -# type: Content of: <reference><refentry><refnamediv><refname> +#. type: Content of: <reference><refentry><refnamediv><refname> #: sss_groupdel.8.xml:10 sss_groupdel.8.xml:15 msgid "sss_groupdel" msgstr "" -# type: Content of: <reference><refentry><refnamediv><refpurpose> +#. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_groupdel.8.xml:16 msgid "delete a group" msgstr "" -# type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_groupdel.8.xml:21 msgid "" "<command>sss_groupdel</command> <arg choice='opt'> " @@ -3906,14 +4256,14 @@ msgid "" "choice='plain'><replaceable>GROUP</replaceable></arg>" msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: sss_groupdel.8.xml:32 msgid "" "<command>sss_groupdel</command> deletes a group identified by its name " "<replaceable>GROUP</replaceable> from the system." msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: sss_groupdel.8.xml:48 msgid "" "<citerefentry> " @@ -3931,17 +4281,17 @@ msgid "" "</citerefentry>." msgstr "" -# type: Content of: <reference><refentry><refnamediv><refname> +#. type: Content of: <reference><refentry><refnamediv><refname> #: sss_groupshow.8.xml:10 sss_groupshow.8.xml:15 msgid "sss_groupshow" msgstr "" -# type: Content of: <reference><refentry><refnamediv><refpurpose> +#. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_groupshow.8.xml:16 msgid "print properties of a group" msgstr "" -# type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_groupshow.8.xml:21 msgid "" "<command>sss_groupshow</command> <arg choice='opt'> " @@ -3949,7 +4299,7 @@ msgid "" "choice='plain'><replaceable>GROUP</replaceable></arg>" msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: sss_groupshow.8.xml:32 msgid "" "<command>sss_groupshow</command> displays information about a group " @@ -3957,12 +4307,12 @@ msgid "" "includes the group ID number, members of the group and the parent group." msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_groupshow.8.xml:43 msgid "<option>-R</option>,<option>--recursive</option>" msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_groupshow.8.xml:47 msgid "" "Also print indirect group members in a tree-like hierarchy. Note that this " @@ -3970,7 +4320,7 @@ msgid "" "direct parent will be printed." msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: sss_groupshow.8.xml:60 msgid "" "<citerefentry> " @@ -3986,17 +4336,17 @@ msgid "" "</citerefentry>." msgstr "" -# type: Content of: <reference><refentry><refnamediv><refname> +#. type: Content of: <reference><refentry><refnamediv><refname> #: sss_usermod.8.xml:10 sss_usermod.8.xml:15 msgid "sss_usermod" msgstr "" -# type: Content of: <reference><refentry><refnamediv><refpurpose> +#. type: Content of: <reference><refentry><refnamediv><refpurpose> #: sss_usermod.8.xml:16 msgid "modify a user account" msgstr "" -# type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> #: sss_usermod.8.xml:21 msgid "" "<command>sss_usermod</command> <arg choice='opt'> " @@ -4004,7 +4354,7 @@ msgid "" "choice='plain'><replaceable>LOGIN</replaceable></arg>" msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: sss_usermod.8.xml:32 msgid "" "<command>sss_usermod</command> modifies the account specified by " @@ -4012,17 +4362,17 @@ msgid "" "on the command line." msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_usermod.8.xml:60 msgid "The home directory of the user account." msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_usermod.8.xml:71 msgid "The user's login shell." msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_usermod.8.xml:82 msgid "" "Append this user to groups specified by the " @@ -4031,39 +4381,39 @@ msgid "" "group names." msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_usermod.8.xml:96 msgid "" "Remove this user from groups specified by the " "<replaceable>GROUPS</replaceable> parameter." msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_usermod.8.xml:103 msgid "<option>-l</option>,<option>--lock</option>" msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_usermod.8.xml:107 msgid "Lock the user account. The user won't be able to log in." msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> #: sss_usermod.8.xml:114 msgid "<option>-u</option>,<option>--unlock</option>" msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_usermod.8.xml:118 msgid "Unlock the user account." msgstr "" -# type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> #: sss_usermod.8.xml:129 msgid "The SELinux user for the user's login." msgstr "" -# type: Content of: <reference><refentry><refsect1><para> +#. type: Content of: <reference><refentry><refsect1><para> #: sss_usermod.8.xml:140 msgid "" "<citerefentry> " @@ -4081,24 +4431,24 @@ msgid "" "</citerefentry>." msgstr "" -# type: Content of: <refsect1><title> +#. type: Content of: <refsect1><title> #: include/service_discovery.xml:2 msgid "SERVICE DISCOVERY" msgstr "" -# type: Content of: <refsect1><para> +#. type: Content of: <refsect1><para> #: include/service_discovery.xml:4 msgid "" "The service discovery feature allows back ends to automatically find the " "appropriate servers to connect to using a special DNS query." msgstr "" -# type: Content of: <refsect1><refsect2><title> +#. type: Content of: <refsect1><refsect2><title> #: include/service_discovery.xml:9 msgid "Configuration" msgstr "" -# type: Content of: <refsect1><refsect2><para> +#. type: Content of: <refsect1><refsect2><para> #: include/service_discovery.xml:11 msgid "" "If no servers are specified, the back end automatically uses service " @@ -4110,47 +4460,64 @@ msgid "" "specific server when no servers can be discovered using DNS." msgstr "" -# type: Content of: <refsect1><refsect2><title> +#. type: Content of: <refsect1><refsect2><title> #: include/service_discovery.xml:23 msgid "The domain name" msgstr "" -# type: Content of: <refsect1><refsect2><para> +#. type: Content of: <refsect1><refsect2><para> #: include/service_discovery.xml:25 msgid "" "Please refer to the <quote>dns_discovery_domain</quote> parameter in the " "<citerefentry> <refentrytitle>sssd.conf</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> manual page for more defails." +"<manvolnum>5</manvolnum> </citerefentry> manual page for more details." msgstr "" -# type: Content of: <refsect1><refsect2><title> +#. type: Content of: <refsect1><refsect2><title> #: include/service_discovery.xml:35 -msgid "See Also" +msgid "The protocol" msgstr "" -# type: Content of: <refsect1><refsect2><para> +#. type: Content of: <refsect1><refsect2><para> #: include/service_discovery.xml:37 +msgid "" +"The queries usually specify _tcp as the protocol. Exceptions are documented " +"in respective option description." +msgstr "" + +#. type: Content of: <refsect1><refsect2><title> +#: include/service_discovery.xml:42 +msgid "See Also" +msgstr "" + +#. type: Content of: <refsect1><refsect2><para> +#: include/service_discovery.xml:44 msgid "For more information on the service discovery mechanism, refer to RFC 2782." msgstr "" -# type: Content of: <refsect1><title> +#. type: Content of: outside any tag (error?) +#: include/upstream.xml:1 +msgid "<placeholder type=\"refentryinfo\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <refsect1><title> #: include/failover.xml:2 msgid "FAILOVER" msgstr "" -# type: Content of: <refsect1><para> +#. type: Content of: <refsect1><para> #: include/failover.xml:4 msgid "" "The failover feature allows back ends to automatically switch to a different " "server if the primary server fails." msgstr "" -# type: Content of: <refsect1><refsect2><title> +#. type: Content of: <refsect1><refsect2><title> #: include/failover.xml:8 msgid "Failover Syntax" msgstr "" -# type: Content of: <refsect1><refsect2><para> +#. type: Content of: <refsect1><refsect2><para> #: include/failover.xml:10 msgid "" "The list of servers is given as a comma-separated list; any number of spaces " @@ -4158,12 +4525,12 @@ msgid "" "preference. The list can contain any number of servers." msgstr "" -# type: Content of: <refsect1><refsect2><title> +#. type: Content of: <refsect1><refsect2><title> #: include/failover.xml:17 msgid "The Failover Mechanism" msgstr "" -# type: Content of: <refsect1><refsect2><para> +#. type: Content of: <refsect1><refsect2><para> #: include/failover.xml:19 msgid "" "The failover mechanism distinguishes between a machine and a service. The " @@ -4177,7 +4544,7 @@ msgid "" "and might still be tried for another service." msgstr "" -# type: Content of: <refsect1><refsect2><para> +#. type: Content of: <refsect1><refsect2><para> #: include/failover.xml:32 msgid "" "Further connection attempts are made to machines or services marked as " @@ -4185,19 +4552,19 @@ msgid "" "seconds." msgstr "" -# type: Content of: <refsect1><refsect2><para> +#. type: Content of: <refsect1><refsect2><para> #: include/failover.xml:37 msgid "" "If there are no more machines to try, the back end as a whole switches to " "offline mode, and then attempts to reconnect every 30 seconds." msgstr "" -# type: Content of: <varlistentry><term> +#. type: Content of: <varlistentry><term> #: include/param_help.xml:3 msgid "<option>-h</option>,<option>--help</option>" msgstr "" -# type: Content of: <varlistentry><listitem><para> +#. type: Content of: <varlistentry><listitem><para> #: include/param_help.xml:7 msgid "Display help message and exit." msgstr "" -- cgit