From 65a9065538fd85e6ead925d344e6b421900eb8c2 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Wed, 1 Aug 2012 22:56:36 +0200 Subject: Update translations for 1.9.0 beta 6 release --- src/man/po/sssd-docs.pot | 1071 ++++++++++++++++++++++++++++++++-------------- 1 file changed, 739 insertions(+), 332 deletions(-) (limited to 'src/man/po/sssd-docs.pot') diff --git a/src/man/po/sssd-docs.pot b/src/man/po/sssd-docs.pot index 1a10b8d2..bd637029 100644 --- a/src/man/po/sssd-docs.pot +++ b/src/man/po/sssd-docs.pot @@ -6,9 +6,9 @@ #, fuzzy msgid "" msgstr "" -"Project-Id-Version: sssd-docs 1.8.95\n" +"Project-Id-Version: sssd-docs 1.8.96\n" "Report-Msgid-Bugs-To: sssd-devel@redhat.com\n" -"POT-Creation-Date: 2012-07-18 21:31+0300\n" +"POT-Creation-Date: 2012-08-01 22:52+0300\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" @@ -18,7 +18,7 @@ msgstr "" "Content-Transfer-Encoding: 8bit\n" #. type: Content of: -#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 sssd-ad.5.xml:5 sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 sss_groupshow.8.xml:5 sss_usermod.8.xml:5 sss_cache.8.xml:5 sss_debuglevel.8.xml:5 sss_ssh_authorizedkeys.1.xml:5 sss_ssh_knownhostsproxy.1.xml:5 +#: sss_groupmod.8.xml:5 sssd.conf.5.xml:5 sssd-ldap.5.xml:5 pam_sss.8.xml:5 sssd_krb5_locator_plugin.8.xml:5 sssd-simple.5.xml:5 sssd-ipa.5.xml:5 sssd-ad.5.xml:5 sssd-sudo.5.xml:5 sssd.8.xml:5 sss_obfuscate.8.xml:5 sss_useradd.8.xml:5 sssd-krb5.5.xml:5 sss_groupadd.8.xml:5 sss_userdel.8.xml:5 sss_groupdel.8.xml:5 sss_groupshow.8.xml:5 sss_usermod.8.xml:5 sss_cache.8.xml:5 sss_debuglevel.8.xml:5 sss_seed.8.xml:5 sss_ssh_authorizedkeys.1.xml:5 sss_ssh_knownhostsproxy.1.xml:5 msgid "SSSD Manual pages" msgstr "" @@ -28,7 +28,7 @@ msgid "sss_groupmod" msgstr "" #. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 sss_groupshow.8.xml:11 sss_usermod.8.xml:11 sss_cache.8.xml:11 sss_debuglevel.8.xml:11 +#: sss_groupmod.8.xml:11 pam_sss.8.xml:14 sssd_krb5_locator_plugin.8.xml:11 sssd.8.xml:11 sss_obfuscate.8.xml:11 sss_useradd.8.xml:11 sss_groupadd.8.xml:11 sss_userdel.8.xml:11 sss_groupdel.8.xml:11 sss_groupshow.8.xml:11 sss_usermod.8.xml:11 sss_cache.8.xml:11 sss_debuglevel.8.xml:11 sss_seed.8.xml:11 msgid "8" msgstr "" @@ -46,7 +46,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:44 sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21 sssd-ad.5.xml:21 sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 sss_cache.8.xml:29 sss_debuglevel.8.xml:30 sss_ssh_authorizedkeys.1.xml:30 sss_ssh_knownhostsproxy.1.xml:31 +#: sss_groupmod.8.xml:30 sssd-ldap.5.xml:21 pam_sss.8.xml:44 sssd_krb5_locator_plugin.8.xml:20 sssd-simple.5.xml:22 sssd-ipa.5.xml:21 sssd-ad.5.xml:21 sssd-sudo.5.xml:21 sssd.8.xml:29 sss_obfuscate.8.xml:30 sss_useradd.8.xml:30 sssd-krb5.5.xml:21 sss_groupadd.8.xml:30 sss_userdel.8.xml:30 sss_groupdel.8.xml:30 sss_groupshow.8.xml:30 sss_usermod.8.xml:30 sss_cache.8.xml:29 sss_debuglevel.8.xml:30 sss_seed.8.xml:31 sss_ssh_authorizedkeys.1.xml:30 sss_ssh_knownhostsproxy.1.xml:31 msgid "DESCRIPTION" msgstr "" @@ -58,7 +58,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58 sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 sss_cache.8.xml:38 sss_debuglevel.8.xml:38 sss_ssh_authorizedkeys.1.xml:78 sss_ssh_knownhostsproxy.1.xml:65 +#: sss_groupmod.8.xml:39 pam_sss.8.xml:51 sssd.8.xml:42 sss_obfuscate.8.xml:58 sss_useradd.8.xml:39 sss_groupadd.8.xml:39 sss_userdel.8.xml:39 sss_groupdel.8.xml:39 sss_groupshow.8.xml:39 sss_usermod.8.xml:39 sss_cache.8.xml:38 sss_debuglevel.8.xml:38 sss_seed.8.xml:42 sss_ssh_authorizedkeys.1.xml:78 sss_ssh_knownhostsproxy.1.xml:65 msgid "OPTIONS" msgstr "" @@ -98,17 +98,17 @@ msgid "sssd.conf" msgstr "" #. type: Content of: <reference><refentry><refmeta><manvolnum> -#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 sssd-ipa.5.xml:11 sssd-ad.5.xml:11 sssd-krb5.5.xml:11 +#: sssd.conf.5.xml:11 sssd-ldap.5.xml:11 sssd-simple.5.xml:11 sssd-ipa.5.xml:11 sssd-ad.5.xml:11 sssd-sudo.5.xml:11 sssd-krb5.5.xml:11 msgid "5" msgstr "" #. type: Content of: <reference><refentry><refmeta><refmiscinfo> -#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 sssd-ipa.5.xml:12 sssd-ad.5.xml:12 sssd-krb5.5.xml:12 +#: sssd.conf.5.xml:12 sssd-ldap.5.xml:12 sssd-simple.5.xml:12 sssd-ipa.5.xml:12 sssd-ad.5.xml:12 sssd-sudo.5.xml:12 sssd-krb5.5.xml:12 msgid "File Formats and Conventions" msgstr "" #. type: Content of: <reference><refentry><refnamediv><refpurpose> -#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16 sssd-ipa.5.xml:17 sssd-ad.5.xml:17 sssd-krb5.5.xml:17 +#: sssd.conf.5.xml:17 sssd-ldap.5.xml:17 sssd_krb5_locator_plugin.8.xml:16 sssd-ipa.5.xml:17 sssd-ad.5.xml:17 sssd-sudo.5.xml:17 sssd-krb5.5.xml:17 msgid "the configuration file for SSSD" msgstr "" @@ -177,7 +177,7 @@ msgid "The [sssd] section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><title> -#: sssd.conf.5.xml:71 sssd.conf.5.xml:1540 +#: sssd.conf.5.xml:71 sssd.conf.5.xml:1641 msgid "Section parameters" msgstr "" @@ -244,7 +244,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:124 sssd.conf.5.xml:1341 +#: sssd.conf.5.xml:124 sssd.conf.5.xml:1442 msgid "re_expression (string)" msgstr "" @@ -263,7 +263,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:137 sssd.conf.5.xml:1367 +#: sssd.conf.5.xml:137 sssd.conf.5.xml:1468 msgid "full_name_format (string)" msgstr "" @@ -360,7 +360,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:213 sssd.conf.5.xml:318 sssd.conf.5.xml:547 sssd.conf.5.xml:707 sssd-ldap.5.xml:1093 +#: sssd.conf.5.xml:213 sssd.conf.5.xml:318 sssd.conf.5.xml:577 sssd.conf.5.xml:737 sssd-ldap.5.xml:1093 msgid "Default: 60" msgstr "" @@ -415,7 +415,7 @@ msgid "Add a timestamp to the debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:249 sssd.conf.5.xml:413 sssd.conf.5.xml:785 sssd-ldap.5.xml:1458 sssd-ldap.5.xml:1584 sssd-ldap.5.xml:1972 sssd-ldap.5.xml:2037 sssd-ldap.5.xml:2055 sssd-ipa.5.xml:244 sssd-ipa.5.xml:279 +#: sssd.conf.5.xml:249 sssd.conf.5.xml:413 sssd.conf.5.xml:815 sssd-ldap.5.xml:1458 sssd-ldap.5.xml:1584 sssd-ldap.5.xml:1972 sssd-ldap.5.xml:2037 sssd-ldap.5.xml:2055 sssd-ipa.5.xml:244 sssd-ipa.5.xml:279 msgid "Default: true" msgstr "" @@ -430,7 +430,7 @@ msgid "Add microseconds to the timestamp in debug messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:260 sssd.conf.5.xml:732 sssd.conf.5.xml:1474 sssd-ldap.5.xml:620 sssd-ldap.5.xml:1371 sssd-ldap.5.xml:1390 sssd-ldap.5.xml:1527 sssd-ipa.5.xml:123 sssd-ipa.5.xml:339 sssd-krb5.5.xml:237 sssd-krb5.5.xml:271 sssd-krb5.5.xml:420 +#: sssd.conf.5.xml:260 sssd.conf.5.xml:762 sssd.conf.5.xml:1575 sssd-ldap.5.xml:620 sssd-ldap.5.xml:1371 sssd-ldap.5.xml:1390 sssd-ldap.5.xml:1527 sssd-ipa.5.xml:123 sssd-ipa.5.xml:339 sssd-krb5.5.xml:237 sssd-krb5.5.xml:271 sssd-krb5.5.xml:420 msgid "Default: false" msgstr "" @@ -564,7 +564,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:386 sssd.conf.5.xml:760 sssd-krb5.5.xml:225 +#: sssd.conf.5.xml:386 sssd.conf.5.xml:790 sssd-krb5.5.xml:225 msgid "Default: 15" msgstr "" @@ -597,272 +597,307 @@ msgstr "" msgid "If you want filtered user still be group members set this option to false." msgstr "" -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:418 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:418 sssd-ad.5.xml:132 msgid "override_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:427 sssd-krb5.5.xml:168 +#: sssd.conf.5.xml:427 sssd-ad.5.xml:141 sssd-krb5.5.xml:168 msgid "%u" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:428 sssd-krb5.5.xml:169 +#: sssd.conf.5.xml:428 sssd-ad.5.xml:142 sssd-krb5.5.xml:169 msgid "login name" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:431 sssd-krb5.5.xml:172 +#: sssd.conf.5.xml:431 sssd-ad.5.xml:145 sssd-krb5.5.xml:172 msgid "%U" msgstr "" -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:432 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:432 sssd-ad.5.xml:146 msgid "UID number" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:435 sssd-krb5.5.xml:190 +#: sssd.conf.5.xml:435 sssd-ad.5.xml:149 sssd-krb5.5.xml:190 msgid "%d" msgstr "" -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:436 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:436 sssd-ad.5.xml:150 msgid "domain name" msgstr "" -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:439 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:439 sssd-ad.5.xml:153 msgid "%f" msgstr "" -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:440 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:440 sssd-ad.5.xml:154 msgid "fully qualified user name (user@domain)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:443 sssd-krb5.5.xml:202 +#: sssd.conf.5.xml:443 sssd-ad.5.xml:157 sssd-krb5.5.xml:202 msgid "%%" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:444 sssd-krb5.5.xml:203 +#: sssd.conf.5.xml:444 sssd-ad.5.xml:158 sssd-krb5.5.xml:203 msgid "a literal '%'" msgstr "" -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:421 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:421 sssd-ad.5.xml:135 msgid "" "Override the user's home directory. You can either provide an absolute value " "or a template. In the template, the following sequences are substituted: " "<placeholder type=\"variablelist\" id=\"0\"/>" msgstr "" -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:450 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:450 sssd-ad.5.xml:164 msgid "This option can also be set per-domain." msgstr "" -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:455 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd.conf.5.xml:455 sssd.conf.5.xml:479 sssd-ad.5.xml:169 +#, no-wrap +msgid "" +"override_homedir = /home/%u\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:453 sssd.conf.5.xml:477 sssd-ad.5.xml:167 sssd-ad.5.xml:191 +msgid "example: <placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:459 sssd-ad.5.xml:173 +msgid "Default: Not set (SSSD will use the value retrieved from LDAP)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:465 sssd-ad.5.xml:179 msgid "fallback_homedir (string)" msgstr "" -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:458 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:468 sssd-ad.5.xml:182 msgid "" "Set a default template for a user's home directory if one is not specified " "explicitly by the domain's data provider." msgstr "" -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:463 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:473 sssd-ad.5.xml:187 msgid "The available values for this option are the same as for override_homedir." msgstr "" -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:467 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:483 sssd-ad.5.xml:197 msgid "Default: not set (no substitution for unset home directories)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:473 +#: sssd.conf.5.xml:489 +msgid "override_shell (string)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:492 +msgid "" +"Override the login shell for all users. This option can be specified " +"globally in the [nss] section or per-domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:497 +msgid "Default: not set (SSSD will use the value retrieved from LDAP)" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> +#: sssd.conf.5.xml:503 msgid "allowed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:476 +#: sssd.conf.5.xml:506 msgid "Restrict user shell to one of the listed values. The order of evaluation is:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:479 +#: sssd.conf.5.xml:509 msgid "1. If the shell is present in <quote>/etc/shells</quote>, it is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:483 +#: sssd.conf.5.xml:513 msgid "" "2. If the shell is in the allowed_shells list but not in " "<quote>/etc/shells</quote>, use the value of the shell_fallback parameter." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:488 +#: sssd.conf.5.xml:518 msgid "" "3. If the shell is not in the allowed_shells list and not in " "<quote>/etc/shells</quote>, a nologin shell is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:493 +#: sssd.conf.5.xml:523 msgid "An empty string for shell is passed as-is to libc." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:496 +#: sssd.conf.5.xml:526 msgid "" "The <quote>/etc/shells</quote> is only read on SSSD start up, which means " "that a restart of the SSSD is required in case a new shell is installed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:500 +#: sssd.conf.5.xml:530 msgid "Default: Not set. The user shell is automatically used." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:505 +#: sssd.conf.5.xml:535 msgid "vetoed_shells (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:508 +#: sssd.conf.5.xml:538 msgid "Replace any instance of these shells with the shell_fallback" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:513 +#: sssd.conf.5.xml:543 msgid "shell_fallback (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:516 +#: sssd.conf.5.xml:546 msgid "" "The default shell to use if an allowed shell is not installed on the " "machine." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:520 +#: sssd.conf.5.xml:550 msgid "Default: /bin/sh" msgstr "" -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:525 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> +#: sssd.conf.5.xml:555 sssd-ad.5.xml:203 msgid "default_shell" msgstr "" -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:528 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:558 sssd-ad.5.xml:206 msgid "" "The default shell to use if the provider does not return one during " "lookup. This option supersedes any other shell options if it takes effect." msgstr "" -#. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:533 +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:563 sssd-ad.5.xml:211 msgid "" "Default: not set (Return NULL if no shell is specified and rely on libc to " "substitute something sensible when necessary, usually /bin/sh)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:540 sssd.conf.5.xml:700 +#: sssd.conf.5.xml:570 sssd.conf.5.xml:730 msgid "get_domains_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:543 sssd.conf.5.xml:703 +#: sssd.conf.5.xml:573 sssd.conf.5.xml:733 msgid "" "Specifies time in seconds for which the list of subdomains will be " "considered valid." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:552 +#: sssd.conf.5.xml:582 msgid "memcache_timeout (int)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:555 +#: sssd.conf.5.xml:585 msgid "" "Specifies time in seconds for which records in the in-memory cache will be " "valid" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:559 sssd-ldap.5.xml:634 +#: sssd.conf.5.xml:589 sssd-ldap.5.xml:634 msgid "Default: 300" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:566 +#: sssd.conf.5.xml:596 msgid "PAM configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:568 +#: sssd.conf.5.xml:598 msgid "" "These options can be used to configure the Pluggable Authentication Module " "(PAM) service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:573 +#: sssd.conf.5.xml:603 msgid "offline_credentials_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:576 +#: sssd.conf.5.xml:606 msgid "" "If the authentication provider is offline, how long should we allow cached " "logins (in days since the last successful online login)." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:581 sssd.conf.5.xml:594 +#: sssd.conf.5.xml:611 sssd.conf.5.xml:624 msgid "Default: 0 (No limit)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:587 +#: sssd.conf.5.xml:617 msgid "offline_failed_login_attempts (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:590 +#: sssd.conf.5.xml:620 msgid "" "If the authentication provider is offline, how many failed login attempts " "are allowed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:600 +#: sssd.conf.5.xml:630 msgid "offline_failed_login_delay (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:603 +#: sssd.conf.5.xml:633 msgid "" "The time in minutes which has to pass after offline_failed_login_attempts " "has been reached before a new login attempt is possible." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:608 +#: sssd.conf.5.xml:638 msgid "" "If set to 0 the user cannot authenticate offline if " "offline_failed_login_attempts has been reached. Only a successful online " @@ -870,59 +905,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:614 sssd.conf.5.xml:667 sssd.conf.5.xml:1421 +#: sssd.conf.5.xml:644 sssd.conf.5.xml:697 sssd.conf.5.xml:1522 msgid "Default: 5" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:620 +#: sssd.conf.5.xml:650 msgid "pam_verbosity (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:623 +#: sssd.conf.5.xml:653 msgid "" "Controls what kind of messages are shown to the user during " "authentication. The higher the number to more messages are displayed." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:628 +#: sssd.conf.5.xml:658 msgid "Currently sssd supports the following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:631 +#: sssd.conf.5.xml:661 msgid "<emphasis>0</emphasis>: do not show any message" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:634 +#: sssd.conf.5.xml:664 msgid "<emphasis>1</emphasis>: show only important messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:638 +#: sssd.conf.5.xml:668 msgid "<emphasis>2</emphasis>: show informational messages" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:641 +#: sssd.conf.5.xml:671 msgid "<emphasis>3</emphasis>: show all messages and debug information" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:645 sssd.8.xml:63 +#: sssd.conf.5.xml:675 sssd.8.xml:63 msgid "Default: 1" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:650 +#: sssd.conf.5.xml:680 msgid "pam_id_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:653 +#: sssd.conf.5.xml:683 msgid "" "For any PAM request while SSSD is online, the SSSD will attempt to " "immediately update the cached identity information for the user in order to " @@ -930,7 +965,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:659 +#: sssd.conf.5.xml:689 msgid "" "A complete PAM conversation may perform multiple PAM requests, such as " "account management and session opening. This option controls (on a " @@ -940,17 +975,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:673 +#: sssd.conf.5.xml:703 msgid "pam_pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:676 sssd.conf.5.xml:1035 +#: sssd.conf.5.xml:706 sssd.conf.5.xml:1065 msgid "Display a warning N days before the password expires." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:679 +#: sssd.conf.5.xml:709 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -958,7 +993,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:685 sssd.conf.5.xml:1038 +#: sssd.conf.5.xml:715 sssd.conf.5.xml:1068 msgid "" "If zero is set, then this filter is not applied, i.e. if the expiration " "warning was received from backend server, it will automatically be " @@ -966,56 +1001,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:690 +#: sssd.conf.5.xml:720 msgid "" "This setting can be overridden by setting " "<emphasis>pwd_expiration_warning</emphasis> for a particular domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:695 sssd.8.xml:79 +#: sssd.conf.5.xml:725 sssd.8.xml:79 msgid "Default: 0" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:715 +#: sssd.conf.5.xml:745 msgid "SUDO configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:717 +#: sssd.conf.5.xml:747 msgid "These options can be used to configure the sudo service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:724 +#: sssd.conf.5.xml:754 msgid "sudo_timed (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:727 +#: sssd.conf.5.xml:757 msgid "" "Whether or not to evaluate the sudoNotBefore and sudoNotAfter attributes " "that implement time-dependent sudoers entries." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:740 +#: sssd.conf.5.xml:770 msgid "AUTOFS configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:742 +#: sssd.conf.5.xml:772 msgid "These options can be used to configure the autofs service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:750 +#: sssd.conf.5.xml:780 msgid "autofs_negative_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:753 +#: sssd.conf.5.xml:783 msgid "" "Specifies for how many seconds should the autofs responder negative cache " "hits (that is, queries for invalid map entries, like nonexistent ones) " @@ -1023,34 +1058,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:768 +#: sssd.conf.5.xml:798 msgid "SSH configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:770 +#: sssd.conf.5.xml:800 msgid "These options can be used to configure the SSH service." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:778 +#: sssd.conf.5.xml:808 msgid "ssh_hash_known_hosts (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:781 +#: sssd.conf.5.xml:811 msgid "" "Whether or not to hash host names and addresses in the managed known_hosts " "file." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:793 +#: sssd.conf.5.xml:823 msgid "PAC responder configuration options" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:799 +#: sssd.conf.5.xml:829 msgid "" "The PAC responder works together with the authorization data plugin for MIT " "Kerberos sssd_pac_plugin.so and a sub-domain provider. The plugin sends the " @@ -1062,7 +1097,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:808 +#: sssd.conf.5.xml:838 msgid "" "If the remote user does not exist in the cache, it is created. The uid is " "calculated based on the SID, trusted domains will have UPGs and the gid will " @@ -1073,24 +1108,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para><itemizedlist><listitem><para> -#: sssd.conf.5.xml:816 +#: sssd.conf.5.xml:846 msgid "" "If there are SIDs of groups from the domain the sssd client belongs to, the " "user will be added to those groups." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:822 +#: sssd.conf.5.xml:852 msgid "These options can be used to configure the PAC responder." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:826 +#: sssd.conf.5.xml:856 msgid "allowed_uids (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:829 +#: sssd.conf.5.xml:859 msgid "" "Specifies the comma-separated list of UID values or user names that are " "allowed to access the PAC responder. User names are resolved to UIDs at " @@ -1098,12 +1133,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:835 +#: sssd.conf.5.xml:865 msgid "Default: 0 (only the root user is allowed to access the PAC responder)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:839 +#: sssd.conf.5.xml:869 msgid "" "Please note that although the UID 0 is used as the default it will be " "overwritten with this option. If you still want to allow the root user to " @@ -1112,24 +1147,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:853 +#: sssd.conf.5.xml:883 msgid "DOMAIN SECTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:860 +#: sssd.conf.5.xml:890 msgid "min_id,max_id (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:863 +#: sssd.conf.5.xml:893 msgid "" "UID and GID limits for the domain. If a domain contains an entry that is " "outside these limits, it is ignored." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:868 +#: sssd.conf.5.xml:898 msgid "" "For users, this affects the primary GID limit. The user will not be returned " "to NSS if either the UID or the primary GID is outside the range. For " @@ -1138,39 +1173,39 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:875 +#: sssd.conf.5.xml:905 msgid "Default: 1 for min_id, 0 (no limit) for max_id" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:881 +#: sssd.conf.5.xml:911 msgid "enumerate (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:884 +#: sssd.conf.5.xml:914 msgid "" "Determines if a domain can be enumerated. This parameter can have one of the " "following values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:888 +#: sssd.conf.5.xml:918 msgid "TRUE = Users and groups are enumerated" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:891 +#: sssd.conf.5.xml:921 msgid "FALSE = No enumerations for this domain" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:894 sssd.conf.5.xml:1012 sssd.conf.5.xml:1094 +#: sssd.conf.5.xml:924 sssd.conf.5.xml:1042 sssd.conf.5.xml:1144 msgid "Default: FALSE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:897 +#: sssd.conf.5.xml:927 msgid "" "Note: Enabling enumeration has a moderate performance impact on SSSD while " "enumeration is running. It may take up to several minutes after SSSD startup " @@ -1180,14 +1215,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:907 +#: sssd.conf.5.xml:937 msgid "" "While the first enumeration is running, requests for the complete user or " "group lists may return no results until it completes." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:912 +#: sssd.conf.5.xml:942 msgid "" "Further, enabling enumeration may increase the time necessary to detect " "network disconnection, as longer timeouts are required to ensure that " @@ -1196,109 +1231,109 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:923 +#: sssd.conf.5.xml:953 msgid "entry_cache_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:926 +#: sssd.conf.5.xml:956 msgid "" "How many seconds should nss_sss consider entries valid before asking the " "backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:930 +#: sssd.conf.5.xml:960 msgid "Default: 5400" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:936 +#: sssd.conf.5.xml:966 msgid "entry_cache_user_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:939 +#: sssd.conf.5.xml:969 msgid "" "How many seconds should nss_sss consider user entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:943 sssd.conf.5.xml:956 sssd.conf.5.xml:969 sssd.conf.5.xml:982 sssd.conf.5.xml:995 +#: sssd.conf.5.xml:973 sssd.conf.5.xml:986 sssd.conf.5.xml:999 sssd.conf.5.xml:1012 sssd.conf.5.xml:1025 msgid "Default: entry_cache_timeout" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:949 +#: sssd.conf.5.xml:979 msgid "entry_cache_group_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:952 +#: sssd.conf.5.xml:982 msgid "" "How many seconds should nss_sss consider group entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:962 +#: sssd.conf.5.xml:992 msgid "entry_cache_netgroup_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:965 +#: sssd.conf.5.xml:995 msgid "" "How many seconds should nss_sss consider netgroup entries valid before " "asking the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:975 +#: sssd.conf.5.xml:1005 msgid "entry_cache_service_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:978 +#: sssd.conf.5.xml:1008 msgid "" "How many seconds should nss_sss consider service entries valid before asking " "the backend again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:988 +#: sssd.conf.5.xml:1018 msgid "entry_cache_sudo_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:991 +#: sssd.conf.5.xml:1021 msgid "" "How many seconds should sudo consider rules valid before asking the backend " "again" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1001 +#: sssd.conf.5.xml:1031 msgid "cache_credentials (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1004 +#: sssd.conf.5.xml:1034 msgid "Determines if user credentials are also cached in the local LDB cache" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1008 +#: sssd.conf.5.xml:1038 msgid "User credentials are stored in a SHA512 hash, not in plaintext" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1017 +#: sssd.conf.5.xml:1047 msgid "account_cache_expiration (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1020 +#: sssd.conf.5.xml:1050 msgid "" "Number of days entries are left in cache after last successful login before " "being removed during a cleanup of the cache. 0 means keep forever. The " @@ -1307,17 +1342,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1027 +#: sssd.conf.5.xml:1057 msgid "Default: 0 (unlimited)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1032 +#: sssd.conf.5.xml:1062 msgid "pwd_expiration_warning (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1043 +#: sssd.conf.5.xml:1073 msgid "" "Please note that the backend server has to provide information about the " "expiration time of the password. If this information is missing, sssd " @@ -1326,54 +1361,71 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1050 +#: sssd.conf.5.xml:1080 msgid "Default: 7 (Kerberos), 0 (LDAP)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1056 +#: sssd.conf.5.xml:1086 msgid "id_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1059 -msgid "The Data Provider identity backend to use for this domain." +#: sssd.conf.5.xml:1089 +msgid "" +"The identification provider used for the domain. Supported ID providers " +"are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1063 -msgid "Supported backends:" +#: sssd.conf.5.xml:1093 +msgid "proxy: Support a legacy NSS provider" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1066 -msgid "proxy: Support a legacy NSS provider" +#: sssd.conf.5.xml:1096 +msgid "<quote>local</quote>: SSSD internal provider for local users" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1100 +msgid "" +"<quote>ldap</quote>: LDAP provider. See <citerefentry> " +"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> for more information on configuring LDAP." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1069 -msgid "local: SSSD internal local provider" +#: sssd.conf.5.xml:1108 sssd.conf.5.xml:1170 sssd.conf.5.xml:1221 sssd.conf.5.xml:1274 +msgid "" +"<quote>ipa</quote>: FreeIPA and Red Hat Enterprise Identity Management " +"provider. See <citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> for more information on configuring " +"FreeIPA." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1072 -msgid "ldap: LDAP provider" +#: sssd.conf.5.xml:1117 +msgid "" +"<quote>ad</quote>: Active Directory provider. See <citerefentry> " +"<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> for more information on configuring Active Directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1078 +#: sssd.conf.5.xml:1128 msgid "use_fully_qualified_names (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1081 +#: sssd.conf.5.xml:1131 msgid "" "Use the full name and domain (as formatted by the domain's full_name_format) " "as the user's login name reported to NSS." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1086 +#: sssd.conf.5.xml:1136 msgid "" "If set to TRUE, all requests to this domain must use fully qualified " "names. For example, if used in LOCAL domain that contains a \"test\" user, " @@ -1382,19 +1434,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1099 +#: sssd.conf.5.xml:1149 msgid "auth_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1102 +#: sssd.conf.5.xml:1152 msgid "" "The authentication provider used for the domain. Supported auth providers " "are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1106 +#: sssd.conf.5.xml:1156 sssd.conf.5.xml:1214 msgid "" "<quote>ldap</quote> for native LDAP authentication. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " @@ -1402,7 +1454,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1113 +#: sssd.conf.5.xml:1163 msgid "" "<quote>krb5</quote> for Kerberos authentication. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> " @@ -1410,29 +1462,37 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1120 +#: sssd.conf.5.xml:1179 sssd.conf.5.xml:1230 sssd.conf.5.xml:1283 +msgid "" +"<quote>ad</quote>: Active Directory provider. See <citerefentry> " +"<refentrytitle>sssd-ad</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> for more information on configuring Active Directory." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> +#: sssd.conf.5.xml:1187 msgid "<quote>proxy</quote> for relaying authentication to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1123 +#: sssd.conf.5.xml:1190 msgid "<quote>none</quote> disables authentication explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1126 +#: sssd.conf.5.xml:1193 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " "authentication requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1132 +#: sssd.conf.5.xml:1199 msgid "access_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1135 +#: sssd.conf.5.xml:1202 msgid "" "The access control provider used for the domain. There are two built-in " "access providers (in addition to any included in installed backends) " @@ -1440,19 +1500,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1141 +#: sssd.conf.5.xml:1208 msgid "" "<quote>permit</quote> always allow access. It's the only permitted access " "provider for a local domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1144 +#: sssd.conf.5.xml:1211 msgid "<quote>deny</quote> always deny access." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1147 +#: sssd.conf.5.xml:1238 msgid "" "<quote>simple</quote> access control based on access or deny lists. See " "<citerefentry> <refentrytitle>sssd-simple</refentrytitle> " @@ -1461,33 +1521,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1154 +#: sssd.conf.5.xml:1245 msgid "Default: <quote>permit</quote>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1159 +#: sssd.conf.5.xml:1250 msgid "chpass_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1162 +#: sssd.conf.5.xml:1253 msgid "" "The provider which should handle change password operations for the domain. " "Supported change password providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1167 -msgid "" -"<quote>ipa</quote> to change a password stored in an IPA server. See " -"<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " -"<manvolnum>5</manvolnum> </citerefentry> for more information on configuring " -"IPA." -msgstr "" - -#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1175 +#: sssd.conf.5.xml:1258 msgid "" "<quote>ldap</quote> to change a password stored in a LDAP server. See " "<citerefentry> <refentrytitle>sssd-ldap</refentrytitle> " @@ -1496,7 +1547,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1183 +#: sssd.conf.5.xml:1266 msgid "" "<quote>krb5</quote> to change the Kerberos password. See <citerefentry> " "<refentrytitle>sssd-krb5</refentrytitle> <manvolnum>5</manvolnum> " @@ -1504,34 +1555,34 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1191 +#: sssd.conf.5.xml:1291 msgid "<quote>proxy</quote> for relaying password changes to some other PAM target." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1195 +#: sssd.conf.5.xml:1295 msgid "<quote>none</quote> disallows password changes explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1198 +#: sssd.conf.5.xml:1298 msgid "" "Default: <quote>auth_provider</quote> is used if it is set and can handle " "change password requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1205 +#: sssd.conf.5.xml:1305 msgid "sudo_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1211 +#: sssd.conf.5.xml:1311 msgid "The SUDO provider used for the domain. Supported SUDO providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1215 +#: sssd.conf.5.xml:1315 msgid "" "<quote>ldap</quote> for rules stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " @@ -1539,62 +1590,63 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1222 +#: sssd.conf.5.xml:1322 msgid "<quote>none</quote> disables SUDO explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1225 sssd.conf.5.xml:1309 sssd.conf.5.xml:1334 +#: sssd.conf.5.xml:1325 sssd.conf.5.xml:1410 sssd.conf.5.xml:1435 msgid "Default: The value of <quote>id_provider</quote> is used if it is set." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1231 -msgid "session_provider (string)" +#: sssd.conf.5.xml:1331 +msgid "selinux_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1234 +#: sssd.conf.5.xml:1334 msgid "" -"The provider which should handle loading of session settings. Supported " -"session providers are:" +"The provider which should handle loading of selinux settings. Note that this " +"provider will be called right after access provider ends. Supported selinux " +"providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1239 +#: sssd.conf.5.xml:1340 msgid "" -"<quote>ipa</quote> to load session settings from an IPA server. See " +"<quote>ipa</quote> to load selinux settings from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " "<manvolnum>5</manvolnum> </citerefentry> for more information on configuring " "IPA." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1247 -msgid "<quote>none</quote> disallows fetching session settings explicitly." +#: sssd.conf.5.xml:1348 +msgid "<quote>none</quote> disallows fetching selinux settings explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1250 +#: sssd.conf.5.xml:1351 msgid "" "Default: <quote>id_provider</quote> is used if it is set and can handle " -"session loading requests." +"selinux loading requests." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1256 +#: sssd.conf.5.xml:1357 msgid "subdomains_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1259 +#: sssd.conf.5.xml:1360 msgid "" "The provider which should handle fetching of subdomains. This value should " "be always the same as id_provider. Supported subdomain providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1264 +#: sssd.conf.5.xml:1365 msgid "" "<quote>ipa</quote> to load a list of subdomains from an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -1603,27 +1655,27 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1272 +#: sssd.conf.5.xml:1373 msgid "<quote>none</quote> disallows fetching subdomains explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1275 sssd-ldap.5.xml:1558 +#: sssd.conf.5.xml:1376 sssd-ldap.5.xml:1558 msgid "Default: none" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1281 +#: sssd.conf.5.xml:1382 msgid "autofs_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1287 +#: sssd.conf.5.xml:1388 msgid "The autofs provider used for the domain. Supported autofs providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1291 +#: sssd.conf.5.xml:1392 msgid "" "<quote>ldap</quote> to load maps stored in LDAP. See <citerefentry> " "<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " @@ -1631,7 +1683,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1298 +#: sssd.conf.5.xml:1399 msgid "" "<quote>ipa</quote> to load maps stored in an IPA server. See <citerefentry> " "<refentrytitle>sssd-ipa</refentrytitle> <manvolnum>5</manvolnum> " @@ -1639,24 +1691,24 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1306 +#: sssd.conf.5.xml:1407 msgid "<quote>none</quote> disables autofs explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1316 +#: sssd.conf.5.xml:1417 msgid "hostid_provider (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1319 +#: sssd.conf.5.xml:1420 msgid "" "The provider used for retrieving host identity information. Supported " "hostid providers are:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1323 +#: sssd.conf.5.xml:1424 msgid "" "<quote>ipa</quote> to load host identity stored in an IPA server. See " "<citerefentry> <refentrytitle>sssd-ipa</refentrytitle> " @@ -1665,19 +1717,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1331 +#: sssd.conf.5.xml:1432 msgid "<quote>none</quote> disables hostid explicitly." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1344 +#: sssd.conf.5.xml:1445 msgid "" "Regular expression for this domain that describes how to parse the string " "containing user name and domain into these components." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1348 +#: sssd.conf.5.xml:1449 msgid "" "Default: <quote>(?P<name>[^@]+)@?(?P<domain>[^@]*$)</quote> " "which translates to \"the name is everything up to the <quote>@</quote> " @@ -1685,7 +1737,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1353 +#: sssd.conf.5.xml:1454 msgid "" "PLEASE NOTE: the support for non-unique named subpatterns is not available " "on all platforms (e.g. RHEL5 and SLES10). Only platforms with libpcre " @@ -1693,14 +1745,14 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1360 +#: sssd.conf.5.xml:1461 msgid "" "PLEASE NOTE ALSO: older version of libpcre only support the Python syntax " "(?P<name>) to label subpatterns." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1370 +#: sssd.conf.5.xml:1471 msgid "" "A <citerefentry> <refentrytitle>printf</refentrytitle> " "<manvolnum>3</manvolnum> </citerefentry>-compatible format that describes " @@ -1709,59 +1761,59 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1378 +#: sssd.conf.5.xml:1479 msgid "Default: <quote>%1$s@%2$s</quote>." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1384 +#: sssd.conf.5.xml:1485 msgid "lookup_family_order (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1387 +#: sssd.conf.5.xml:1488 msgid "" "Provides the ability to select preferred address family to use when " "performing DNS lookups." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1391 +#: sssd.conf.5.xml:1492 msgid "Supported values:" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1394 +#: sssd.conf.5.xml:1495 msgid "ipv4_first: Try looking up IPv4 address, if that fails, try IPv6" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1397 +#: sssd.conf.5.xml:1498 msgid "ipv4_only: Only attempt to resolve hostnames to IPv4 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1400 +#: sssd.conf.5.xml:1501 msgid "ipv6_first: Try looking up IPv6 address, if that fails, try IPv4" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1403 +#: sssd.conf.5.xml:1504 msgid "ipv6_only: Only attempt to resolve hostnames to IPv6 addresses." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1406 +#: sssd.conf.5.xml:1507 msgid "Default: ipv4_first" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1412 +#: sssd.conf.5.xml:1513 msgid "dns_resolver_timeout (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1415 +#: sssd.conf.5.xml:1516 msgid "" "Defines the amount of time (in seconds) to wait for a reply from the DNS " "resolver before assuming that it is unreachable. If this timeout is reached, " @@ -1769,56 +1821,56 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1427 +#: sssd.conf.5.xml:1528 msgid "dns_discovery_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1430 +#: sssd.conf.5.xml:1531 msgid "" "If service discovery is used in the back end, specifies the domain part of " "the service discovery DNS query." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1434 +#: sssd.conf.5.xml:1535 msgid "Default: Use the domain part of machine's hostname" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1440 +#: sssd.conf.5.xml:1541 msgid "override_gid (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1443 +#: sssd.conf.5.xml:1544 msgid "Override the primary GID value with the one specified." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1449 +#: sssd.conf.5.xml:1550 msgid "case_sensitive (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1452 +#: sssd.conf.5.xml:1553 msgid "" "Treat user and group names as case sensitive. At the moment, this option is " "not supported in the local provider." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1457 sssd-ldap.5.xml:887 +#: sssd.conf.5.xml:1558 sssd-ldap.5.xml:887 msgid "Default: True" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1463 +#: sssd.conf.5.xml:1564 msgid "proxy_fast_alias (boolean)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1466 +#: sssd.conf.5.xml:1567 msgid "" "When a user or group is looked up by name in the proxy provider, a second " "lookup by ID is performed to \"canonicalize\" the name in case the requested " @@ -1827,29 +1879,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1480 +#: sssd.conf.5.xml:1581 msgid "subdomain_homedir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1483 +#: sssd.conf.5.xml:1584 msgid "" "Use this homedir as default value for all subdomains within this domain. See " "<emphasis>override_homedir</emphasis> for info about possible values." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1488 +#: sssd.conf.5.xml:1589 msgid "The value can be overridden by <emphasis>override_homedir</emphasis> option." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1492 +#: sssd.conf.5.xml:1593 msgid "Default: <filename>/home/%d/%u</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:855 +#: sssd.conf.5.xml:885 msgid "" "These configuration options can be present in a domain configuration " "section, that is, in a section called " @@ -1858,29 +1910,29 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1504 +#: sssd.conf.5.xml:1605 msgid "proxy_pam_target (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1507 +#: sssd.conf.5.xml:1608 msgid "The proxy target PAM proxies to." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1510 +#: sssd.conf.5.xml:1611 msgid "" "Default: not set by default, you have to take an existing pam configuration " "or create a new one and add the service name here." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1518 +#: sssd.conf.5.xml:1619 msgid "proxy_lib_name (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1521 +#: sssd.conf.5.xml:1622 msgid "" "The name of the NSS library to use in proxy domains. The NSS functions " "searched for in the library are in the form of _nss_$(libName)_$(function), " @@ -1888,19 +1940,19 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1500 +#: sssd.conf.5.xml:1601 msgid "" "Options valid for proxy domains. <placeholder type=\"variablelist\" " "id=\"0\"/>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><title> -#: sssd.conf.5.xml:1533 +#: sssd.conf.5.xml:1634 msgid "The local domain section" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><para> -#: sssd.conf.5.xml:1535 +#: sssd.conf.5.xml:1636 msgid "" "This section contains settings for domain that stores users and groups in " "SSSD native database, that is, a domain that uses " @@ -1908,73 +1960,73 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1542 +#: sssd.conf.5.xml:1643 msgid "default_shell (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1545 +#: sssd.conf.5.xml:1646 msgid "The default shell for users created with SSSD userspace tools." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1549 +#: sssd.conf.5.xml:1650 msgid "Default: <filename>/bin/bash</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1554 +#: sssd.conf.5.xml:1655 msgid "base_directory (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1557 +#: sssd.conf.5.xml:1658 msgid "" "The tools append the login name to <replaceable>base_directory</replaceable> " "and use that as the home directory." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1562 +#: sssd.conf.5.xml:1663 msgid "Default: <filename>/home</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1567 +#: sssd.conf.5.xml:1668 msgid "create_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1570 +#: sssd.conf.5.xml:1671 msgid "" "Indicate if a home directory should be created by default for new users. " "Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1574 sssd.conf.5.xml:1586 +#: sssd.conf.5.xml:1675 sssd.conf.5.xml:1687 msgid "Default: TRUE" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1579 +#: sssd.conf.5.xml:1680 msgid "remove_homedir (bool)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1582 +#: sssd.conf.5.xml:1683 msgid "" "Indicate if a home directory should be removed by default for deleted " "users. Can be overridden on command line." msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1591 +#: sssd.conf.5.xml:1692 msgid "homedir_umask (integer)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1594 +#: sssd.conf.5.xml:1695 msgid "" "Used by <citerefentry> <refentrytitle>sss_useradd</refentrytitle> " "<manvolnum>8</manvolnum> </citerefentry> to specify the default permissions " @@ -1982,17 +2034,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1602 +#: sssd.conf.5.xml:1703 msgid "Default: 077" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1607 +#: sssd.conf.5.xml:1708 msgid "skel_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1610 +#: sssd.conf.5.xml:1711 msgid "" "The skeleton directory, which contains files and directories to be copied in " "the user's home directory, when the home directory is created by " @@ -2001,17 +2053,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1620 +#: sssd.conf.5.xml:1721 msgid "Default: <filename>/etc/skel</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1625 +#: sssd.conf.5.xml:1726 msgid "mail_dir (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1628 +#: sssd.conf.5.xml:1729 msgid "" "The mail spool directory. This is needed to manipulate the mailbox when its " "corresponding user account is modified or deleted. If not specified, a " @@ -2019,17 +2071,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1635 +#: sssd.conf.5.xml:1736 msgid "Default: <filename>/var/mail</filename>" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><term> -#: sssd.conf.5.xml:1640 +#: sssd.conf.5.xml:1741 msgid "userdel_cmd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1643 +#: sssd.conf.5.xml:1744 msgid "" "The command that is run after a user is removed. The command us passed the " "username of the user being removed as the first and only parameter. The " @@ -2037,17 +2089,17 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><refsect2><variablelist><varlistentry><listitem><para> -#: sssd.conf.5.xml:1649 +#: sssd.conf.5.xml:1750 msgid "Default: None, no command is run" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd.conf.5.xml:1659 sssd-ldap.5.xml:2313 sssd-simple.5.xml:126 sssd-ipa.5.xml:582 sssd-ad.5.xml:130 sssd-krb5.5.xml:434 +#: sssd.conf.5.xml:1760 sssd-ldap.5.xml:2313 sssd-simple.5.xml:126 sssd-ipa.5.xml:582 sssd-ad.5.xml:228 sssd-krb5.5.xml:434 msgid "EXAMPLE" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd.conf.5.xml:1665 +#: sssd.conf.5.xml:1766 #, no-wrap msgid "" "[sssd]\n" @@ -2077,7 +2129,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd.conf.5.xml:1661 +#: sssd.conf.5.xml:1762 msgid "" "The following example shows a typical SSSD config. It does not describe " "configuration of the domains themselves - refer to documentation on " @@ -2119,13 +2171,13 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><title> -#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 sssd-ad.5.xml:65 sssd-krb5.5.xml:63 +#: sssd-ldap.5.xml:49 sssd-simple.5.xml:69 sssd-ipa.5.xml:64 sssd-ad.5.xml:75 sssd-krb5.5.xml:63 msgid "CONFIGURATION OPTIONS" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:60 -msgid "ldap_uri (string)" +msgid "ldap_uri, ldap_backup_uri (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> @@ -2134,8 +2186,9 @@ msgid "" "Specifies the comma-separated list of URIs of the LDAP servers to which SSSD " "should connect in the order of preference. Refer to the " "<quote>FAILOVER</quote> section for more information on failover and server " -"redundancy. If not specified, service discovery is enabled. For more " -"information, refer to the <quote>SERVICE DISCOVERY</quote> section." +"redundancy. If neither option is specified, service discovery is " +"enabled. For more information, refer to the <quote>SERVICE DISCOVERY</quote> " +"section." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> @@ -2160,7 +2213,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:85 -msgid "ldap_chpass_uri (string)" +msgid "ldap_chpass_uri, ldap_chpass_backup_uri (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> @@ -3644,7 +3697,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ldap.5.xml:1477 sssd-krb5.5.xml:74 -msgid "krb5_server (string)" +msgid "krb5_server, krb5_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> @@ -4252,8 +4305,8 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> #: sssd-ldap.5.xml:1986 msgid "" -"<emphasis>Note:</emphasis> autoconfiguration is not yet supported, therefore " -"if this option is left empty then hostname matching will be disabled." +"If this option is empty, SSSD will try to discover the hostname and the " +"fully qualified domain name automatically." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> @@ -4543,7 +4596,7 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: sssd-ldap.5.xml:2320 sssd-simple.5.xml:134 sssd-ipa.5.xml:590 sssd-ad.5.xml:138 sssd-krb5.5.xml:443 include/ldap_id_mapping.xml:63 +#: sssd-ldap.5.xml:2320 sssd-simple.5.xml:134 sssd-ipa.5.xml:590 sssd-ad.5.xml:236 sssd-sudo.5.xml:56 sssd-sudo.5.xml:78 sssd-sudo.5.xml:99 sssd-krb5.5.xml:443 include/ldap_id_mapping.xml:63 msgid "<placeholder type=\"programlisting\" id=\"0\"/>" msgstr "" @@ -4859,7 +4912,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 sssd-ad.5.xml:66 +#: sssd-simple.5.xml:70 sssd-ipa.5.xml:65 sssd-ad.5.xml:76 msgid "" "Refer to the section <quote>DOMAIN SECTIONS</quote> of the <citerefentry> " "<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> " @@ -4952,7 +5005,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-ipa.5.xml:83 -msgid "ipa_server (string)" +msgid "ipa_server, ipa_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> @@ -5533,32 +5586,50 @@ msgid "" "configuration of the access provider is required on the client side." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sssd-ad.5.xml:69 +#, no-wrap +msgid "" +"ldap_id_mapping = False\n" +" " +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-ad.5.xml:63 +msgid "" +"By default, the AD provider will map UID and GID values from the objectSID " +"parameter in Active Directory. For details on this, see the <quote>ID " +"MAPPING</quote> section below. If you want to disable ID mapping and instead " +"rely on POSIX attributes defined in Active Directory, you should set " +"<placeholder type=\"programlisting\" id=\"0\"/>" +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:73 +#: sssd-ad.5.xml:83 msgid "ad_domain (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:76 +#: sssd-ad.5.xml:86 msgid "" "Specifies the name of the Active Directory domain. This is optional. If not " "provided, the configuration domain name is used." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:81 +#: sssd-ad.5.xml:91 msgid "" "For proper operation, this option should be specified as the lower-case " "version of the long version of the Active Directory domain." msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:89 -msgid "ad_server (string)" +#: sssd-ad.5.xml:99 +msgid "ad_server, ad_backup_server (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:92 +#: sssd-ad.5.xml:102 msgid "" "The comma-separated list of IP addresses or hostnames of the AD servers to " "which SSSD should connect in order of preference. For more information on " @@ -5569,12 +5640,12 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> -#: sssd-ad.5.xml:105 +#: sssd-ad.5.xml:115 msgid "ad_hostname (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:108 +#: sssd-ad.5.xml:118 msgid "" "Optional. May be set on machines where the hostname(5) does not reflect the " "fully qualified name used in the Active Directory domain to identify this " @@ -5582,14 +5653,22 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> -#: sssd-ad.5.xml:114 +#: sssd-ad.5.xml:124 msgid "" "This field is used to determine the host principal in use in the keytab. It " "must match the hostname for which the keytab was issued." msgstr "" +#. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para><programlisting> +#: sssd-ad.5.xml:193 +#, no-wrap +msgid "" +"fallback_homedir = /home/%u\n" +" " +msgstr "" + #. type: Content of: <reference><refentry><refsect1><para> -#: sssd-ad.5.xml:132 +#: sssd-ad.5.xml:230 msgid "" "The following example assumes that SSSD is correctly configured and " "example.com is one of the domains in the <replaceable>[sssd]</replaceable> " @@ -5597,7 +5676,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><programlisting> -#: sssd-ad.5.xml:139 +#: sssd-ad.5.xml:237 #, no-wrap msgid "" "[domain/EXAMPLE]\n" @@ -5611,6 +5690,219 @@ msgid "" "ad_domain = example.com\n" msgstr "" +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sssd-sudo.5.xml:10 sssd-sudo.5.xml:16 +msgid "sssd-sudo" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-sudo.5.xml:23 +msgid "" +"This manual page describes how to configure <citerefentry> " +"<refentrytitle>sudo</refentrytitle> <manvolnum>8</manvolnum> </citerefentry> " +"to work with <citerefentry> <refentrytitle>sssd</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry> and how SSSD caches sudo rules." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-sudo.5.xml:36 +msgid "Configuring sudo to cooperate with SSSD" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-sudo.5.xml:38 +msgid "" +"To enable SSSD as a source for sudo rules, add <emphasis>sss</emphasis> to " +"the <emphasis>sudoers</emphasis> entry in <citerefentry> " +"<refentrytitle>nsswitch.conf</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-sudo.5.xml:47 +msgid "" +"For example, to configure sudo to first lookup rules in the standard " +"<citerefentry> <refentrytitle>sudoers</refentrytitle> " +"<manvolnum>5</manvolnum> </citerefentry> file (which should contain rules " +"that apply to local users) and then in SSSD, the nsswitch.conf file should " +"contain the following line:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sssd-sudo.5.xml:57 +#, no-wrap +msgid "sudoers: files sss\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-sudo.5.xml:61 +msgid "" +"More information about configuring the sudoers search order from the " +"nsswitch.conf file as well as information about the LDAP schema that is used " +"to store sudo rules in the directory can be found in <citerefentry> " +"<refentrytitle>sudoers.ldap</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-sudo.5.xml:72 +msgid "Configuring SSSD to fetch sudo rules" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-sudo.5.xml:74 +msgid "" +"The following example shows how to configure SSSD to download sudo rules " +"from an LDAP server." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sssd-sudo.5.xml:79 +#, no-wrap +msgid "" +"[sssd]\n" +"config_file_version = 2\n" +"services = nss, pam, sudo\n" +"domains = EXAMPLE\n" +"\n" +"[domain/EXAMPLE]\n" +"id_provider = ldap\n" +"sudo_provider = ldap\n" +"ldap_uri = ldap://example.com\n" +"ldap_sudo_search_base = ou=sudoers,dc=example,dc=com\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-sudo.5.xml:92 +msgid "" +"The following example illustrates setting up SSSD to download sudo rules " +"from an IPA server. It is necessary to use the LDAP provider and set " +"appropriate connection parameters to authenticate correctly against the IPA " +"server, because SSSD does not have native support of IPA provider for sudo " +"yet." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para><programlisting> +#: sssd-sudo.5.xml:100 +#, no-wrap +msgid "" +"[sssd]\n" +"config_file_version = 2\n" +"services = nss, pam, sudo\n" +"domains = EXAMPLE\n" +"\n" +"[domain/EXAMPLE]\n" +"id_provider = ipa\n" +"ipa_domain = example.com\n" +"ipa_server = ipa.example.com\n" +"ldap_tls_cacert = /etc/ipa/ca.crt\n" +"\n" +"sudo_provider = ldap\n" +"ldap_uri = ldap://ipa.example.com\n" +"ldap_sudo_search_base = ou=sudoers,dc=example,dc=com\n" +"ldap_sasl_mech = GSSAPI\n" +"ldap_sasl_authid = host/hostname.example.com\n" +"ldap_sasl_realm = EXAMPLE.COM\n" +"krb5_server = ipa.example.com\n" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><title> +#: sssd-sudo.5.xml:123 +msgid "The SUDO rule caching mechanism" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-sudo.5.xml:125 +msgid "" +"The biggest challenge, when developing sudo support in SSSD, was to ensure " +"that running sudo with SSSD as the data source provides the same user " +"experience and is as fast as sudo but keeps providing the most current set " +"of rules as possible. To satisfy these requirements, SSSD uses three kinds " +"of updates. They are referred to as full refresh, smart refresh and rules " +"refresh." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-sudo.5.xml:133 +msgid "" +"The <emphasis>smart refresh</emphasis> periodically downloads rules that are " +"new or were modified after the last update. Its primary goal is to keep the " +"database growing by fetching only small increments that do not generate " +"large amounts of network traffic." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-sudo.5.xml:139 +msgid "" +"The <emphasis>full refresh</emphasis> simply deletes all sudo rules stored " +"in the cache and replaces them with all rules that are stored on the " +"server. This is used to keep the cache consistent by removing every rule " +"which was deleted from the server. Hovewer, full refresh may produce a lot " +"of traffic and thus it should be run only occasionally depending on the size " +"and stability of the sudo rules." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-sudo.5.xml:147 +msgid "" +"The <emphasis>rules refresh</emphasis> ensures that we do not grant the user " +"more permission than defined. It is triggered each time the user runs " +"sudo. Rules refresh will find all rules that apply to this user, check their " +"expiration time and redownload them if expired. In the case that any of " +"these rules are missing on the server, the SSSD will do an out of band full " +"refresh because more rules (that apply to other users) may have been " +"deleted." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-sudo.5.xml:156 +msgid "" +"If enabled, SSSD will store only rules that can be applied to this " +"machine. This means rules that contain one of the following values in " +"<emphasis>sudoHost</emphasis> attribute:" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para> +#: sssd-sudo.5.xml:163 +msgid "keyword ALL" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para> +#: sssd-sudo.5.xml:168 +msgid "regular expression" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para> +#: sssd-sudo.5.xml:173 +msgid "netgroup (in the form \"+netgroup\")" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para> +#: sssd-sudo.5.xml:178 +msgid "hostname or fully qualified domain name of this machine" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para> +#: sssd-sudo.5.xml:183 +msgid "one of the IP addresses of this machine" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><itemizedlist><listitem><para> +#: sssd-sudo.5.xml:188 +msgid "one of the IP addresses of the network (in the form \"address/mask\")" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sssd-sudo.5.xml:194 +msgid "" +"There are many configuration options that can be used to adjust the " +"behaviour. Please refer to \"ldap_sudo_*\" in <citerefentry> " +"<refentrytitle>sssd-ldap</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry> and \"sudo_*\" in <citerefentry> " +"<refentrytitle>sssd.conf</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry>." +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sssd.8.xml:10 sssd.8.xml:15 msgid "sssd" @@ -5701,7 +5993,7 @@ msgid "Become a daemon after starting up." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sssd.8.xml:107 +#: sssd.8.xml:107 sss_seed.8.xml:136 msgid "<option>-i</option>,<option>--interactive</option>" msgstr "" @@ -5902,7 +6194,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:43 +#: sss_useradd.8.xml:43 sss_seed.8.xml:76 msgid "<option>-u</option>,<option>--uid</option> <replaceable>UID</replaceable>" msgstr "" @@ -5914,21 +6206,21 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:55 sss_usermod.8.xml:43 +#: sss_useradd.8.xml:55 sss_usermod.8.xml:43 sss_seed.8.xml:100 msgid "" "<option>-c</option>,<option>--gecos</option> " "<replaceable>COMMENT</replaceable>" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> -#: sss_useradd.8.xml:60 sss_usermod.8.xml:48 +#: sss_useradd.8.xml:60 sss_usermod.8.xml:48 sss_seed.8.xml:105 msgid "" "Any text string describing the user. Often used as the field for the user's " "full name." msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:67 sss_usermod.8.xml:55 +#: sss_useradd.8.xml:67 sss_usermod.8.xml:55 sss_seed.8.xml:112 msgid "" "<option>-h</option>,<option>--home</option> " "<replaceable>HOME_DIR</replaceable>" @@ -5945,7 +6237,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_useradd.8.xml:82 sss_usermod.8.xml:66 +#: sss_useradd.8.xml:82 sss_usermod.8.xml:66 sss_seed.8.xml:124 msgid "" "<option>-s</option>,<option>--shell</option> " "<replaceable>SHELL</replaceable>" @@ -6089,7 +6381,7 @@ msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><term> #: sssd-krb5.5.xml:113 -msgid "krb5_kpasswd (string)" +msgid "krb5_kpasswd, krb5_backup_kpasswd (string)" msgstr "" #. type: Content of: <reference><refentry><refsect1><para><variablelist><varlistentry><listitem><para> @@ -6472,7 +6764,7 @@ msgid "" msgstr "" #. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> -#: sss_groupadd.8.xml:43 +#: sss_groupadd.8.xml:43 sss_seed.8.xml:88 msgid "<option>-g</option>,<option>--gid</option> <replaceable>GID</replaceable>" msgstr "" @@ -6881,6 +7173,105 @@ msgstr "" msgid "<replaceable>NEW_DEBUG_LEVEL</replaceable>" msgstr "" +#. type: Content of: <reference><refentry><refnamediv><refname> +#: sss_seed.8.xml:10 sss_seed.8.xml:15 +msgid "sss_seed" +msgstr "" + +#. type: Content of: <reference><refentry><refnamediv><refpurpose> +#: sss_seed.8.xml:16 +msgid "seed the SSSD cache with a user" +msgstr "" + +#. type: Content of: <reference><refentry><refsynopsisdiv><cmdsynopsis> +#: sss_seed.8.xml:21 +msgid "" +"<command>sss_seed</command> <arg choice='opt'> " +"<replaceable>options</replaceable> </arg> <arg choice='plain'>-D " +"<replaceable>DOMAIN</replaceable></arg> <arg choice='plain'>-n " +"<replaceable>USER</replaceable></arg>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><para> +#: sss_seed.8.xml:33 +msgid "" +"<command>sss_seed</command> seeds the SSSD cache with a user entry and " +"temporary password. If a user entry is already present in the SSSD cache " +"then the entry is updated with the temporary password." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_seed.8.xml:46 +msgid "" +"<option>-D</option>,<option>--domain</option> " +"<replaceable>DOMAIN</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_seed.8.xml:51 +msgid "" +"Provide the name of the domain in which the user is a member of. The domain " +"is also used to retrieve user information. The domain must be configured in " +"sssd.conf. The <replaceable>DOMAIN</replaceable> option must be provided. " +"Information retrieved from the domain overrides what is provided in the " +"options." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_seed.8.xml:63 +msgid "" +"<option>-n</option>,<option>--username</option> " +"<replaceable>USER</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_seed.8.xml:68 +msgid "" +"The username of the entry to be created or modified in the cache. The " +"<replaceable>USER</replaceable> option must be provided." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_seed.8.xml:81 +msgid "Set the UID of the user to <replaceable>UID</replaceable>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_seed.8.xml:93 +msgid "Set the GID of the user to <replaceable>GID</replaceable>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_seed.8.xml:117 +msgid "Set the home directory of the user to <replaceable>HOME_DIR</replaceable>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_seed.8.xml:129 +msgid "Set the login shell of the user to <replaceable>SHELL</replaceable>." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_seed.8.xml:140 +msgid "" +"Interactive mode for entering user information. This option will only prompt " +"for information not provided in the options or retrieved from the domain." +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><term> +#: sss_seed.8.xml:148 +msgid "" +"<option>-p</option>,<option>--password-file</option> " +"<replaceable>PASS_FILE</replaceable>" +msgstr "" + +#. type: Content of: <reference><refentry><refsect1><variablelist><varlistentry><listitem><para> +#: sss_seed.8.xml:153 +msgid "" +"Specify file to read user's password from. (if not specified password is " +"prompted for)" +msgstr "" + #. type: Content of: <reference><refentry><refnamediv><refname> #: sss_ssh_authorizedkeys.1.xml:10 sss_ssh_authorizedkeys.1.xml:15 msgid "sss_ssh_authorizedkeys" @@ -7123,7 +7514,7 @@ msgstr "" #: include/failover.xml:4 msgid "" "The failover feature allows back ends to automatically switch to a different " -"server if the primary server fails." +"server if the current server fails." msgstr "" #. type: Content of: <refsect1><refsect2><title> @@ -7139,13 +7530,25 @@ msgid "" "preference. The list can contain any number of servers." msgstr "" +#. type: Content of: <refsect1><refsect2><para> +#: include/failover.xml:16 +msgid "" +"For each failover-enabled config option, two variants exist: " +"<emphasis>primary</emphasis> and <emphasis>backup</emphasis>. The idea is " +"that servers in the primary list are preferred and backup servers are only " +"searched if no primary servers can be reached. If a backup server is " +"selected, a timeout of 30 seconds is set. After this timeout SSSD will " +"periodically try to reconnect to one of the primary servers. If it succeeds, " +"it will replace the current active (backup) server." +msgstr "" + #. type: Content of: <refsect1><refsect2><title> -#: include/failover.xml:17 +#: include/failover.xml:27 msgid "The Failover Mechanism" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:19 +#: include/failover.xml:29 msgid "" "The failover mechanism distinguishes between a machine and a service. The " "back end first tries to resolve the hostname of a given machine; if this " @@ -7159,7 +7562,7 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:32 +#: include/failover.xml:42 msgid "" "Further connection attempts are made to machines or services marked as " "offline after a specified period of time; this is currently hard coded to 30 " @@ -7167,7 +7570,7 @@ msgid "" msgstr "" #. type: Content of: <refsect1><refsect2><para> -#: include/failover.xml:37 +#: include/failover.xml:47 msgid "" "If there are no more machines to try, the back end as a whole switches to " "offline mode, and then attempts to reconnect every 30 seconds." @@ -7564,7 +7967,9 @@ msgid "" "<refentrytitle>sssd-ipa</refentrytitle><manvolnum>5</manvolnum> " "</citerefentry>, <citerefentry> " "<refentrytitle>sssd-ad</refentrytitle><manvolnum>5</manvolnum> " -"</citerefentry>, <citerefentry> " +"</citerefentry>, <phrase condition=\"with_sudo\"> <citerefentry> " +"<refentrytitle>sssd-sudo</refentrytitle> <manvolnum>5</manvolnum> " +"</citerefentry>, </phrase> <citerefentry> " "<refentrytitle>sss_cache</refentrytitle><manvolnum>8</manvolnum> " "</citerefentry>, <citerefentry> " "<refentrytitle>sss_debuglevel</refentrytitle><manvolnum>8</manvolnum> " @@ -7585,12 +7990,14 @@ msgid "" "</citerefentry>, <citerefentry> " "<refentrytitle>sss_obfuscate</refentrytitle><manvolnum>8</manvolnum> " "</citerefentry>, <citerefentry> " -"<refentrytitle>sssd_krb5_locator_plugin</refentrytitle><manvolnum>8</manvolnum> " -"</citerefentry>, <citerefentry> " -"<refentrytitle>sss_ssh_authorizedkeys</refentrytitle><manvolnum>8</manvolnum> " -"</citerefentry>, <citerefentry> " -"<refentrytitle>sss_ssh_knowhostsproxy</refentrytitle><manvolnum>8</manvolnum> " +"<refentrytitle>sss_seed</refentrytitle><manvolnum>8</manvolnum> " "</citerefentry>, <citerefentry> " +"<refentrytitle>sssd_krb5_locator_plugin</refentrytitle><manvolnum>8</manvolnum> " +"</citerefentry>, <phrase condition=\"with_ssh\"> <citerefentry> " +"<refentrytitle>sss_ssh_authorizedkeys</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry>, <citerefentry> " +"<refentrytitle>sss_ssh_knowhostsproxy</refentrytitle> " +"<manvolnum>8</manvolnum> </citerefentry>, </phrase> <citerefentry> " "<refentrytitle>sss_obfuscate</refentrytitle><manvolnum>8</manvolnum> " "</citerefentry>, <citerefentry> " "<refentrytitle>pam_sss</refentrytitle><manvolnum>8</manvolnum> " -- cgit